CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In May 2000

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2000-0335 2000-05-03 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.
102 CVE-2000-0332 2000-05-03 2008-09-10
5.0
None Remote Low Not required Partial None None
UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows remote attackers to read arbitrary files via a pathname string that includes a dot dot (..) and ends with a null byte.
103 CVE-2000-0305 399 DoS 2000-05-19 2018-10-12
7.8
None Remote Low Not required None None Complete
Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.
104 CVE-2000-0304 DoS 2000-05-10 2018-10-30
5.0
None Remote Low Not required None None Partial
Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability.
105 CVE-2000-0303 2000-05-03 2008-09-10
6.4
None Remote Low Not required Partial Partial None
Quake3 Arena allows malicious server operators to read or modify files on a client via a dot dot (..) attack.
106 CVE-2000-0293 2000-05-02 2008-09-10
2.1
None Local Low Not required None Partial None
aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory.
107 CVE-2000-0138 DoS 2000-05-02 2016-10-17
5.0
None Remote Low Not required None None Partial
A system has a distributed denial of service (DDOS) attack master, agent, or zombie installed, such as (1) Trinoo, (2) Tribe Flood Network (TFN), (3) Tribe Flood Network 2000 (TFN2K), (4) stacheldraht, (5) mstream, or (6) shaft.
108 CVE-1999-1008 2000-05-17 2016-10-17
7.2
Admin Local Low Not required Complete Complete Complete
xsoldier program allows local users to gain root access via a long argument.
109 CVE-1999-0980 DoS 2000-05-16 2018-10-12
5.0
None Remote Low Not required None None Partial
Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request.
110 CVE-1999-0427 DoS 2000-05-01 2008-09-09
7.5
User Remote Low Not required Partial Partial Partial
Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long file names.
Total number of vulnerabilities : 110   Page : 1 2 3 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.