Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-07-02 | CVE-2001-0395 | Improper Restriction of Excessive Authentication Attempts vulnerability in Lightwavemo Consoleserver 3200 Firmware Lightwave ConsoleServer 3200 does not disconnect users after unsuccessful login attempts, which could allow remote attackers to conduct brute force password guessing. | 9.8 |
| 2001-07-01 | CVE-2001-1386 | Link Following vulnerability in Texasimperialsoftware Wftpd 3.00 WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension. | 7.5 |
| 2001-07-01 | CVE-2001-1043 | Link Following vulnerability in Argosoft FTP Server 1.2.2.2 ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | 7.5 |
| 2001-06-27 | CVE-2001-0334 | Incorrect Calculation of Buffer Size vulnerability in Microsoft Internet Information Server FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. | 7.5 |
| 2001-06-18 | CVE-2001-0249 | Incorrect Calculation of Buffer Size vulnerability in multiple products Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings. | 9.8 |
| 2001-06-18 | CVE-2001-0248 | Incorrect Calculation of Buffer Size vulnerability in multiple products Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. | 9.8 |
| 2001-05-24 | CVE-2001-1339 | Improper Restriction of Excessive Authentication Attempts vulnerability in Anybus Ipc@Chip Firmware Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect users from the service when bad passwords are entered, which makes it easier for remote attackers to conduct brute force password guessing attacks. | 9.8 |
| 2001-04-17 | CVE-2001-1391 | Off-by-one Error vulnerability in Linux Kernel Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory. | 5.5 |
| 2001-03-26 | CVE-2001-0195 | Improper Preservation of Permissions vulnerability in Debian Linux 2.2 sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking. | 7.8 |
| 2001-02-12 | CVE-2001-0006 | Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft Windows NT 4.0 The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex" vulnerability. | 7.1 |