Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0511 1 Microsoft 2 Windows 2000, Windows Nt 2025-04-03 N/A
IP forwarding is enabled on a machine which is not a router or firewall.
CVE-1999-0519 1 Microsoft 4 Outlook, Windows 2000, Windows 95 and 1 more 2025-04-03 N/A
A NETBIOS/SMB share password is the default, null, or missing.
CVE-1999-0535 1 Microsoft 2 Windows 2000, Windows Nt 2025-04-03 N/A
A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.
CVE-1999-0715 1 Microsoft 2 Windows 2000, Windows Nt 2025-04-03 N/A
Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.
CVE-1999-0795 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.
CVE-1999-0819 1 Microsoft 2 Windows 2000, Windows Nt 2025-04-03 N/A
NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it.
CVE-2001-0003 1 Microsoft 4 Office, Windows 2000, Windows Me and 1 more 2025-04-03 N/A
Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.
CVE-2001-0108 3 Mandrakesoft, Php, Redhat 3 Mandrake Linux, Php, Linux 2025-04-03 N/A
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
CVE-2001-0151 1 Microsoft 1 Internet Information Services 2025-04-03 N/A
IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.
CVE-2001-0237 1 Microsoft 1 Windows 2000 2025-04-03 N/A
Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data.
CVE-2001-0324 1 Microsoft 2 Windows 2000, Windows 98 2025-04-03 N/A
Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash.
CVE-2001-0373 1 Microsoft 2 Windows 2000, Windows Nt 2025-04-03 N/A
The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.
CVE-2001-0504 1 Microsoft 1 Windows 2000 2025-04-03 N/A
Vulnerability in authentication process for SMTP service in Microsoft Windows 2000 allows remote attackers to use incorrect credentials to gain privileges and conduct activities such as mail relaying.
CVE-2001-0544 1 Microsoft 1 Internet Information Services 2025-04-03 N/A
IIS 5.0 allows local users to cause a denial of service (hang) via by installing content that produces a certain invalid MIME Content-Type header, which corrupts the File Type table.
CVE-2001-0659 1 Microsoft 1 Windows 2000 2025-04-03 N/A
Buffer overflow in IrDA driver providing infrared data exchange on Windows 2000 allows attackers who are physically close to the machine to cause a denial of service (reboot) via a malformed IrDA packet.
CVE-2001-0663 1 Microsoft 2 Windows 2000, Windows Nt 2025-04-03 N/A
Terminal Server in Windows NT and Windows 2000 allows remote attackers to cause a denial of service via a sequence of invalid Remote Desktop Protocol (RDP) packets.
CVE-2001-0713 1 Sendmail 1 Sendmail 2025-04-03 N/A
Sendmail before 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the configuration file whose names contain characters with the high bit set, such as (1) macro names that are one character long, (2) a variable setting which is processed by the setoption function, or (3) a Modifiers setting which is processed by the getmodifiers function.
CVE-2001-0714 1 Sendmail 1 Sendmail 2025-04-03 N/A
Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service (data loss) by (1) setting a high initial message hop count option (-h), which causes Sendmail to drop queue entries, (2) via the -qR option, or (3) via the -qS option.
CVE-2001-0731 2 Apache, Redhat 3 Http Server, Linux, Secure Web Server 2025-04-03 N/A
Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.
CVE-2001-0860 1 Microsoft 2 Windows 2000, Windows Xp 2025-04-03 N/A
Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT).