CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
21551 CVE-2001-0486 DoS 2001-07-02 2017-10-09
5.0
None Remote Low Not required None None Partial
Remote attackers can cause a denial of service in Novell BorderManager 3.6 and earlier by sending TCP SYN flood to port 353.
21552 CVE-2001-0480 Dir. Trav. 2001-06-27 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the (1) GET or (2) CD commands.
21553 CVE-2001-0472 DoS 2001-06-27 2017-12-18
5.0
None Remote Low Not required None None Partial
Hursley Software Laboratories Consumer Transaction Framework (HSLCTF) HTTP object allows remote attackers to cause a denial of service (crash) via an extremely long HTTP request.
21554 CVE-2001-0469 DoS 2001-06-27 2017-10-09
5.0
None Remote Low Not required None None Partial
rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service via malformed packets with a short length.
21555 CVE-2001-0467 Dir. Trav. 2001-06-27 2017-10-09
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a \... (modified dot dot) in an HTTP URL request.
21556 CVE-2001-0466 Dir. Trav. 2001-06-18 2016-10-17
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in ustorekeeper 1.61 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
21557 CVE-2001-0463 Dir. Trav. 2001-06-27 2017-10-09
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in cal_make.pl in PerlCal allows remote attackers to read arbitrary files via a .. (dot dot) in the p0 parameter.
21558 CVE-2001-0462 Dir. Trav. 2001-06-27 2017-10-09
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Perl web server 0.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
21559 CVE-2001-0460 DoS 2001-06-27 2017-12-18
5.0
None Remote Low Not required None None Partial
Websweeper 4.0 does not limit the length of certain HTTP headers, which allows remote attackers to cause a denial of service (memory exhaustion) via an extremely large HTTP Referrer: header.
21560 CVE-2001-0457 DoS 2001-06-27 2017-10-09
5.0
None Remote Low Not required None None Partial
man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion).
21561 CVE-2001-0454 Dir. Trav. 2001-06-27 2017-12-18
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... (modified dot dot) in the HTTP request.
21562 CVE-2001-0453 Dir. Trav. 2001-06-27 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.
21563 CVE-2001-0452 2001-06-27 2008-09-05
5.0
None Remote Low Not required Partial None None
BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.
21564 CVE-2001-0448 DoS 2001-06-18 2008-09-05
5.0
None Remote Low Not required None None Partial
Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service via an HTTP GET HTTP request to the aux directory, and possibly other directories with legacy DOS device names.
21565 CVE-2001-0446 2001-06-18 2016-10-17
5.0
None Remote Low Not required Partial None None
IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL.
21566 CVE-2001-0437 2001-07-02 2017-12-18
5.0
None Remote Low Not required None Partial None
upload_file.pl in DCForum 2000 1.0 allows remote attackers to upload arbitrary files without authentication by setting the az parameter to upload_file.
21567 CVE-2001-0429 DoS 2001-07-02 2017-10-09
5.0
None Remote Low Not required None None Partial
Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service.
21568 CVE-2001-0428 DoS 2001-07-02 2018-10-30
5.0
None Remote Low Not required None None Partial
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option.
21569 CVE-2001-0420 Dir. Trav. 2001-06-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in talkback.cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the article parameter.
21570 CVE-2001-0418 2001-07-02 2008-09-05
5.0
None Remote Low Not required Partial None None
content.pl script in NCM Content Management System allows remote attackers to read arbitrary contents of the content database by inserting SQL characters into the id parameter.
21571 CVE-2001-0413 DoS 2001-06-18 2017-10-09
5.0
None Remote Low Not required None None Partial
BinTec X4000 Access router, and possibly other versions, allows remote attackers to cause a denial of service via a SYN port scan, which causes the router to hang.
21572 CVE-2001-0411 DoS 2001-06-18 2016-10-17
5.0
None Remote Low Not required None None Partial
Reliant Unix 5.44 and earlier allows remote attackers to cause a denial of service via an ICMP port unreachable packet, which causes Reliant to drop all connections to the source address of the packet.
21573 CVE-2001-0408 Exec Code 2001-06-18 2017-10-09
5.1
User Remote High Not required Partial Partial Partial
vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary commands when another user opens a file containing malicious VIM control codes.
21574 CVE-2001-0404 Dir. Trav. 2001-06-18 2016-10-17
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request to the WEB-INF directory.
21575 CVE-2001-0399 2001-06-18 2016-10-17
5.0
None Remote Low Not required Partial None None
Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request.
21576 CVE-2001-0396 +Info 2001-07-02 2008-09-05
5.0
None Remote Low Not required Partial None None
The pre-login mode in the System Administrator interface of Lightwave ConsoleServer 3200 allows remote attackers to obtain sensitive information such as system status, configuration, and users.
21577 CVE-2001-0394 DoS 2001-08-22 2017-10-09
5.0
None Remote Low Not required None None Partial
Remote manager service in Website Pro 3.0.37 allows remote attackers to cause a denial of service via a series of malformed HTTP requests to the /dyn directory.
21578 CVE-2001-0393 DoS 2001-06-18 2016-10-17
5.0
None Remote Low Not required None None Partial
Navision Financials Server 2.0 allows remote attackers to cause a denial of service via a series of connections to the server without providing a username/password combination, which consumes the license limits.
21579 CVE-2001-0392 DoS 2001-06-18 2016-10-17
5.0
None Remote Low Not required None None Partial
Navision Financials Server 2.60 and earlier allows remote attackers to cause a denial of service by sending a null character and a long string to the server port (2407), which causes the server to crash.
21580 CVE-2001-0391 2001-07-02 2008-09-10
5.0
None Remote Low Not required None None Partial
Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory.
21581 CVE-2001-0390 DoS 2001-07-02 2008-09-05
5.0
None Remote Low Not required None None Partial
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a denial of service by directly calling the macro.d2w macro with a long string of %0a characters.
21582 CVE-2001-0389 2001-07-02 2008-09-05
5.0
None Remote Low Not required Partial None None
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK argument.
21583 CVE-2001-0386 DoS 2001-07-02 2017-10-09
5.0
None Remote Low Not required None None Partial
AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.
21584 CVE-2001-0385 DoS 2001-07-02 2017-12-19
5.0
None Remote Low Not required None None Partial
GoAhead webserver 2.1 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.
21585 CVE-2001-0383 2001-06-18 2017-10-09
5.0
None Remote Low Not required None Partial None
banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to modify banner ad URLs by directly calling the Change operation, which does not require authentication.
21586 CVE-2001-0377 DoS 2001-06-18 2017-10-09
5.0
None Remote Low Not required None None Partial
Infradig Inframail prior to 3.98a allows a remote attacker to create a denial of service via a malformed POST request which includes a space followed by a large string.
21587 CVE-2001-0375 DoS 2001-06-18 2017-10-09
5.0
None Remote Low Not required None None Partial
Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests.
21588 CVE-2001-0368 Dir. Trav. 2001-06-27 2017-10-09
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in BearShare 2.2.2 and earlier allows a remote attacker to read certain files via a URL containing a series of . characters, a variation of the .. (dot dot) attack.
21589 CVE-2001-0367 DoS 2001-06-27 2016-10-17
5.0
None Remote Low Not required None None Partial
Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters.
21590 CVE-2001-0364 DoS 2001-06-27 2017-10-09
5.0
None Remote Low Not required None None Partial
SSH Communications Security sshd 2.4 for Windows allows remote attackers to create a denial of service via a large number of simultaneous connections.
21591 CVE-2001-0360 Dir. Trav. 2001-06-27 2017-12-18
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and earlier allows a remote attacker to read arbitrary files via a .. (dot dot) attack in the helpon parameter.
21592 CVE-2001-0355 2001-06-27 2016-10-17
5.0
None Remote Low Not required Partial None None
Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access arbitrary files via an implementation error in Groupwise system policies.
21593 CVE-2001-0354 DoS 2001-07-02 2008-09-05
5.0
None Remote Low Not required None None Partial
TheNet CheckBO 1.56 allows remote attackers to cause a denial of service via a flood of characters to the TCP ports which it is listening on.
21594 CVE-2001-0352 2001-07-21 2008-09-10
5.0
None Remote Low Not required Partial None None
SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point allow remote attackers to obtain the WEP encryption key by reading it from a MIB when the value should be write-only, via (1) dot11WEPDefaultKeyValue in the dot11WEPDefaultKeysTable of the IEEE 802.11b MIB, or (2) ap128bWepKeyValue in the ap128bWEPKeyTable in the Symbol MIB.
21595 CVE-2001-0348 DoS 2001-07-21 2018-10-12
5.0
None Remote Low Not required None None Partial
Microsoft Windows 2000 telnet service allows attackers to cause a denial of service (crash) via a long logon command that contains a backspace.
21596 CVE-2001-0346 DoS 2001-07-21 2018-10-12
5.0
None Remote Low Not required None None Partial
Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them.
21597 CVE-2001-0345 DoS 2001-07-21 2018-10-12
5.0
None Remote Low Not required None None Partial
Microsoft Windows 2000 telnet service allows attackers to prevent idle Telnet sessions from timing out, causing a denial of service by creating a large number of idle sessions.
21598 CVE-2001-0338 2001-06-27 2018-10-12
5.1
None Remote High Not required Partial Partial Partial
Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."
21599 CVE-2001-0337 DoS 2001-06-27 2018-10-12
5.0
None Remote Low Not required None None Partial
The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests.
21600 CVE-2001-0336 DoS 2001-06-27 2018-10-12
5.0
None Remote Low Not required None None Partial
The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request.
Total number of vulnerabilities : 22537   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 (This Page)433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.