Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-08-04 | CVE-2001-1356 | Weak Password Encryption vulnerability in SurgeFTP NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021. | 10.0 |
| 2001-08-02 | CVE-2001-0609 | Off-by-one Error vulnerability in Infodrom Cfingerd Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function. | 9.8 |
| 2001-07-25 | CVE-2001-1011 | Unspecified vulnerability in Mambo Site Server index2.php in Mambo Site Server 3.0.0 through 3.0.5 allows remote attackers to gain Mambo administrator privileges by setting the PHPSESSID parameter and providing the appropriate administrator information in other parameters. | 10.0 |
| 2001-07-21 | CVE-2001-1370 | Remote Script Execution vulnerability in Multiple Vendor PHPLIB prepend.php3 in PHPLib before 7.2d, when register_globals is enabled for PHP, allows remote attackers to execute arbitrary scripts via an HTTP request that modifies $_PHPLIB[libdir] to point to malicious code on another server, as seen in Horde 1.2.5 and earlier, IMP before 2.2.6, and other packages that use PHPLib. | 10.0 |
| 2001-07-21 | CVE-2001-0534 | Remote Buffer Overflow vulnerability in Lucent RADIUS Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b and (2) Lucent 2.1-2 RADIUS allow remote attackers to cause a denial of service or execute arbitrary commands. | 10.0 |
| 2001-07-21 | CVE-2001-0500 | Buffer Overflow vulnerability in Microsoft products Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red. | 10.0 |
| 2001-07-21 | CVE-2001-0499 | Buffer Overflow vulnerability in Oracle 8i TNS Listener Buffer overflow in Transparent Network Substrate (TNS) Listener in Oracle 8i 8.1.7 and earlier allows remote attackers to gain privileges via a long argument to the commands (1) STATUS, (2) PING, (3) SERVICES, (4) TRC_FILE, (5) SAVE_CONFIG, or (6) RELOAD. | 10.0 |
| 2001-07-21 | CVE-2001-0353 | Remote Buffer Overflow vulnerability in Multiple Vendor lpd Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine. | 10.0 |
| 2001-07-20 | CVE-2001-1355 | Buffer Overflow vulnerability in Netwin NWAuth Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command. | 10.0 |
| 2001-07-19 | CVE-2001-1363 | Remote Security vulnerability in Phpwebsite Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, which may allow attackers to gain administrative privileges. | 10.0 |