CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 3 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
4501 CVE-2002-1692 Exec Code Overflow 2002-12-31 2017-07-10
3.6
None Local Low Not required None Partial Partial
Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up.
4502 CVE-2002-1673 Exec Code 2002-12-31 2017-07-10
3.6
None Local Low Not required Partial Partial None
The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to execute script and possibly steal cookies by inserting the script into certain files or fields, such as a real user name entry in the passwd file.
4503 CVE-2002-1518 2003-04-02 2008-09-05
3.6
None Local Low Not required Partial Partial None
mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories.
4504 CVE-2002-1509 2003-03-03 2008-09-10
3.6
None Local Low Not required Partial Partial None
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.
4505 CVE-2002-0430 Bypass 2002-08-12 2008-09-10
3.7
User Local High Not required Partial Partial Partial
MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php.
4506 CVE-2002-0429 2002-08-12 2016-10-17
3.6
None Local Low Not required None Partial Partial
The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall).
4507 CVE-2002-0202 2002-05-16 2008-09-10
3.6
None Local Low Not required Partial Partial None
PaintBBS 1.2 installs certain files and directories with insecure permissions, which allows local users to (1) obtain the encrypted server password via the world-readable oekakibbs.conf file, or (2) modify the server configuration via the world-writeable /oekaki/ folder.
4508 CVE-2002-0044 2002-01-31 2017-10-09
3.6
None Local Low Not required Partial Partial None
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
4509 CVE-2001-1519 2001-12-31 2008-09-05
3.6
None Local Low Not required Partial Partial None
** DISPUTED ** RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named pipe when the service is stopped, then capture cleartext usernames and passwords when clients connect to the service. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it.
4510 CVE-2001-1409 2003-07-24 2010-05-25
3.6
None Local Low Not required Partial Partial None
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.
4511 CVE-2001-1396 2001-04-17 2016-12-07
3.6
None Local Low Not required Partial Partial None
Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact.
4512 CVE-2001-1395 2001-04-17 2016-12-07
3.6
None Local Low Not required Partial Partial None
Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 related to "boundary cases," with unknown impact.
4513 CVE-2001-1349 DoS +Priv 2001-05-28 2008-09-05
3.7
User Local High Not required Partial Partial Partial
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.
4514 CVE-2001-1322 2001-07-10 2008-09-10
3.6
None Local Low Not required Partial Partial None
xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.
4515 CVE-2001-1258 2001-07-21 2008-09-05
3.6
None Local Low Not required Partial Partial None
Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
4516 CVE-2001-1085 2001-07-05 2017-10-09
3.7
User Local High Not required Partial Partial Partial
Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
4517 CVE-2001-1079 DoS 2002-02-13 2017-10-09
3.6
None Local Low Not required None Partial Partial
create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service.
4518 CVE-2001-1059 2001-07-30 2017-10-09
3.6
None Local Low Not required Partial Partial None
VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local users to read or modify license information.
4519 CVE-2001-0946 DoS 2001-12-04 2017-10-09
3.6
None Local Low Not required None Partial Partial
apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins.
4520 CVE-2001-0806 2001-12-06 2017-10-09
3.6
None Local Low Not required Partial Partial None
Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages.
4521 CVE-2001-0627 2001-08-22 2017-10-09
3.7
User Local High Not required Partial Partial Partial
vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack.
4522 CVE-2001-0430 2001-07-02 2017-10-09
3.6
None Local Low Not required Partial Partial None
Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates temporary files.
4523 CVE-2001-0317 +Priv 2001-05-03 2017-10-09
3.7
None Local High Not required Partial Partial Partial
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process.
4524 CVE-2001-0259 2001-06-02 2017-10-09
3.6
None Local Low Not required Partial Partial None
ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file.
4525 CVE-2000-1246 119 DoS Overflow 2010-04-05 2010-04-05
3.5
None Remote Medium Single system None None Partial
NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command.
4526 CVE-2000-1162 2001-01-09 2017-10-09
3.7
None Local High Not required Partial Partial Partial
ghostscript before 5.10-16 allows local users to overwrite files of other users via a symlink attack.
4527 CVE-2000-1156 2001-01-09 2017-12-18
3.6
None Local Low Not required Partial Partial None
StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice.
4528 CVE-2000-1127 2001-01-09 2008-09-05
3.6
None Local Low Not required Partial Partial None
registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable.
4529 CVE-2000-1096 Exec Code 2001-01-09 2018-05-02
3.7
None Local High Not required Partial Partial Partial
crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating world-writeable temporary files and modifying them while the victim is editing the file.
4530 CVE-2000-0880 2000-11-14 2017-12-18
3.6
None Local Low Not required None Partial Partial
LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file.
4531 CVE-2000-0802 2000-10-20 2016-10-17
3.6
None Local Low Not required Partial Partial None
The BAIR program does not properly restrict access to the Internet Explorer Internet options menu, which allows local users to obtain access to the menu by modifying the registry key that starts BAIR.
4532 CVE-2000-0799 +Priv 2000-10-20 2017-10-09
3.7
User Local High Not required Partial Partial Partial
inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file.
4533 CVE-2000-0667 DoS 2000-07-27 2008-09-10
3.6
None Local Low Not required None Partial Partial
Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service.
4534 CVE-2000-0579 2000-06-21 2008-09-10
3.7
User Local High Not required Partial Partial Partial
IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited.
4535 CVE-2000-0578 2000-06-21 2008-09-10
3.7
User Local High Not required Partial Partial Partial
SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled by another user.
4536 CVE-2000-0487 2000-06-01 2018-10-12
3.6
None Local Low Not required Partial Partial None
The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability.
4537 CVE-2000-0472 Exec Code Overflow 2000-02-06 2017-10-09
3.6
None Local Low Not required Partial Partial None
Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID.
4538 CVE-2000-0409 2000-05-10 2008-09-10
3.7
User Local High Not required Partial Partial Partial
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
4539 CVE-2000-0379 2000-05-16 2008-09-10
3.6
None Local Low Not required Partial Partial None
The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so.
4540 CVE-2000-0270 2000-04-18 2008-09-10
3.6
None Local Low Not required Partial Partial None
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.
4541 CVE-2000-0121 2000-02-01 2018-10-12
3.6
None Local Low Not required Partial Partial None
The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the "Recycle Bin Creation" vulnerability.
4542 CVE-2000-0090 DoS 2000-01-17 2008-09-10
3.6
None Local Low Not required None Partial Partial
VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack.
4543 CVE-1999-1590 Dir. Trav. 1999-12-31 2008-09-05
3.5
None Remote Medium Single system Partial None None
Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021.
4544 CVE-1999-1530 1999-11-08 2016-10-17
3.6
None Local Low Not required Partial Partial None
cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system.
4545 CVE-1999-1498 1998-04-06 2008-09-05
3.6
None Local Low Not required Partial Partial None
Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.
4546 CVE-1999-1366 1999-05-15 2016-10-17
3.6
None Local Low Not required Partial Partial None
Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to easily decrypt the passwords and read e-mail.
4547 CVE-1999-1300 1999-12-31 2008-09-05
3.6
None Local Low Not required Partial Partial None
Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users to read arbitrary files and modify system accounting configuration.
4548 CVE-1999-1224 1997-10-08 2017-12-18
3.6
None Local Low Not required Partial None Partial
IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
4549 CVE-1999-0885 Exec Code 1999-11-03 2008-09-09
3.6
None Local Low Not required Partial Partial None
Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.
4550 CVE-1999-0850 1999-12-02 2008-09-09
3.6
None Local Low Not required Partial Partial None
The default permissions for Endymion MailMan allow local users to read email or modify files.
Total number of vulnerabilities : 4556   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 (This Page)92
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.