Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-07-04 | CVE-2001-1075 | Unspecified vulnerability in SUN Cobalt RAQ 3I poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attackers to bypass authentication for relaying by causing a "POP login by user" string that includes the attacker's IP address to be injected into the maillog log file. | 5.0 |
| 2001-07-03 | CVE-2001-1266 | Directory Traversal vulnerability in Doug Neal Dnhttpd 0.4.1 Directory traversal vulnerability in Doug Neal's HTTPD Daemon (DNHTTPD) before 0.4.1 allows remote attackers to view arbitrary files via a .. | 5.0 |
| 2001-07-02 | CVE-2001-1441 | Cross-Site Scripting vulnerability in IBM Visualage for Java 3.5 Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Professional allows remote attackers to execute JavaScript on other clients via the URL, which injects the script in the resulting error message. network ibm | 6.8 |
| 2001-07-02 | CVE-2001-1161 | Cross-Site Scripting vulnerability in Lotus Domino R5 Server 5.0.6 Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script. | 7.5 |
| 2001-07-02 | CVE-2001-1159 | Remote Command Execution vulnerability in Squirrelmail 1.0.4/1.0.5 load_prefs.php and supporting include files in SquirrelMail 1.0.4 and earlier do not properly initialize certain PHP variables, which allows remote attackers to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary code by using options_order.php to upload a message that could be interpreted as PHP. | 7.5 |
| 2001-07-02 | CVE-2001-1084 | Cross-Site Scripting vulnerability in Macromedia Jrun 2.3.3/3.0 Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to embed Javascript in a request for a .JSP, .shtml, .jsp10, .jrun, or .thtml file that does not exist, which causes the Javascript to be inserted into an error message. | 7.5 |
| 2001-07-02 | CVE-2001-1042 | Link Following vulnerability in Transsoft Broker FTP Server 5.9.5.0 Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | 7.5 |
| 2001-07-02 | CVE-2001-0486 | Remote DoS vulnerability in Novell Bordermanager 3.0/3.5/3.6 Remote attackers can cause a denial of service in Novell BorderManager 3.6 and earlier by sending TCP SYN flood to port 353. | 5.0 |
| 2001-07-02 | CVE-2001-0464 | Remote Buffer Overflow vulnerability in Crosswind Cyberscheduler 2.1 Buffer overflow in websync.exe in Cyberscheduler allows remote attackers to execute arbitrary commands via a long tzs (timezone) parameter. | 10.0 |
| 2001-07-02 | CVE-2001-0444 | Unspecified vulnerability in Cisco Cbos 2.3.053/2.4.1 Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. | 2.1 |