| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
20251 |
CVE-2001-0790 |
|
|
DoS |
2001-10-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a denial of service (CPU exhaustion) via a port scan, which causes the server to consume CPU while preparing alerts. |
|
20252 |
CVE-2001-0788 |
|
|
|
2001-10-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header. |
|
20253 |
CVE-2001-0786 |
|
|
|
2001-10-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file. |
|
20254 |
CVE-2001-0785 |
|
|
Dir. Trav. |
2001-10-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal in Webpaging interface in Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
|
20255 |
CVE-2001-0784 |
|
|
Dir. Trav. |
2001-10-18 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters. |
|
20256 |
CVE-2001-0783 |
|
|
|
2001-10-18 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command. |
|
20257 |
CVE-2001-0780 |
22 |
|
Dir. Trav. |
2001-10-18 |
2016-05-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter. |
|
20258 |
CVE-2001-0778 |
|
|
|
2001-10-18 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space (%20). |
|
20259 |
CVE-2001-0777 |
|
|
DoS |
2001-10-18 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests for PHP scripts. |
|
20260 |
CVE-2001-0776 |
|
|
DoS Overflow |
2001-10-18 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in DynFX MailServer version 2.10 allows remote attackers to conduct a denial of service via a long username to the POP3 service. |
|
20261 |
CVE-2001-0773 |
|
|
DoS |
2001-10-18 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cayman 3220-H DSL Router 1.0 allows remote attacker to cause a denial of service (crash) via a series of SYN or TCP connect requests. |
|
20262 |
CVE-2001-0769 |
|
|
DoS |
2001-10-18 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause a denial of service via a request containing a null character. |
|
20263 |
CVE-2001-0767 |
|
|
Dir. Trav. |
2001-10-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET. |
|
20264 |
CVE-2001-0760 |
|
|
|
2001-10-18 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Citrix Nfuse 1.51 allows remote attackers to obtain the absolute path of the web root via a malformed request to launch.asp that does not provide the session field. |
|
20265 |
CVE-2001-0754 |
|
|
DoS |
2001-10-18 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets. |
|
20266 |
CVE-2001-0752 |
|
|
DoS |
2001-10-18 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set. |
|
20267 |
CVE-2001-0750 |
|
|
DoS |
2001-10-18 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999. |
|
20268 |
CVE-2001-0748 |
20 |
|
|
2001-10-18 |
2017-07-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI. |
|
20269 |
CVE-2001-0745 |
|
|
+Info |
2001-10-18 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property. |
|
20270 |
CVE-2001-0743 |
|
|
DoS |
2001-10-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Paging function in O'Reilly WebBoard Pager 4.10 allows remote attackers to cause a denial of service via a message with an escaped ' character followed by JavaScript commands. |
|
20271 |
CVE-2001-0740 |
|
|
DoS |
2001-10-18 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%s" strings, possibly triggering a format string vulnerability. |
|
20272 |
CVE-2001-0738 |
|
|
DoS |
2001-10-18 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages. |
|
20273 |
CVE-2001-0731 |
|
|
Bypass |
2001-10-01 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string. |
|
20274 |
CVE-2001-0730 |
|
|
|
2001-10-30 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header. |
|
20275 |
CVE-2001-0729 |
|
|
Bypass |
2001-10-30 |
2012-10-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters. |
|
20276 |
CVE-2001-0721 |
|
|
DoS |
2001-12-06 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service (memory consumption or crash) via a malformed UPnP request. |
|
20277 |
CVE-2001-0716 |
|
|
DoS |
2001-12-06 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service (crash) via a large number of incomplete connections to the server. |
|
20278 |
CVE-2001-0711 |
|
|
DoS |
2001-08-31 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string. |
|
20279 |
CVE-2001-0710 |
|
|
DoS |
2001-09-20 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool. |
|
20280 |
CVE-2001-0709 |
|
|
|
2001-09-20 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode. |
|
20281 |
CVE-2001-0708 |
|
|
DoS |
2001-09-20 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a denial of service (crash) via a long string. |
|
20282 |
CVE-2001-0707 |
|
|
DoS |
2001-09-20 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a denial of service (crash) via a long string to port 514. |
|
20283 |
CVE-2001-0705 |
|
|
Dir. Trav. |
2001-09-20 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template argument. |
|
20284 |
CVE-2001-0703 |
|
|
DoS |
2001-09-20 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to cause a denial of service via a URL request with an MS-DOS device name in the template parameter. |
|
20285 |
CVE-2001-0698 |
|
|
Dir. Trav. |
2001-09-20 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to list arbitrary files and directories via the 'nlist ...' command. |
|
20286 |
CVE-2001-0697 |
|
|
DoS |
2001-09-20 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
NetWin SurgeFTP prior to 1.1h allows a remote attacker to cause a denial of service (crash) via an 'ls ..' command. |
|
20287 |
CVE-2001-0696 |
|
|
DoS |
2001-09-20 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
NetWin SurgeFTP 2.0a and 1.0b allows a remote attacker to cause a denial of service (crash) via a CD command to a directory with an MS-DOS device name such as con. |
|
20288 |
CVE-2001-0695 |
|
|
DoS |
2001-09-20 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by making repeated requests to cd to the floppy drive (A:\). |
|
20289 |
CVE-2001-0693 |
|
|
|
2001-09-20 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space (%20). |
|
20290 |
CVE-2001-0688 |
|
|
DoS |
2001-09-20 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command. |
|
20291 |
CVE-2001-0687 |
|
|
|
2001-09-20 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format (\\computername\sharename). |
|
20292 |
CVE-2001-0684 |
|
|
DoS |
2001-09-20 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239. |
|
20293 |
CVE-2001-0683 |
|
|
DoS |
2001-09-20 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238. |
|
20294 |
CVE-2001-0681 |
|
|
DoS Overflow |
2001-09-20 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a remote attacker to cause a denial of service via a long (1) username or (2) password. |
|
20295 |
CVE-2001-0680 |
|
|
Dir. Trav. |
2001-09-20 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and AVT/Term 5.0 allows a remote attacker to traverse directories on the web server via a "dot dot" attack in a LIST (ls) command. |
|
20296 |
CVE-2001-0677 |
|
|
|
2001-09-20 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Eudora 5.0.2 allows a remote attacker to read arbitrary files via an email with the path of the target file in the "Attachment Converted" MIME header, which sends the file when the email is forwarded to the attacker by the user. |
|
20297 |
CVE-2001-0676 |
|
|
Dir. Trav. |
2001-09-20 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Directory traversal vulnerability in Rit Research Labs The Bat! 1.48f and earlier allows a remote attacker to create arbitrary files via a "dot dot" attack in the filename for an attachment. |
|
20298 |
CVE-2001-0675 |
|
|
DoS |
2001-09-20 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Rit Research Labs The Bat! 1.51 for Windows allows a remote attacker to cause a denial of service by sending an email to a user's account containing a carriage return <CR> that is not followed by a line feed <LF>. |
|
20299 |
CVE-2001-0674 |
|
|
Dir. Trav. |
2001-09-20 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request. |
|
20300 |
CVE-2001-0663 |
|
|
DoS |
2001-12-06 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets. |
