Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-12-19 | CVE-2000-0964 | Unspecified vulnerability in Siemens Hinet LP 5100.0 Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. | 10.0 |
| 2000-12-19 | CVE-2000-0961 | Unspecified vulnerability in Netscape products Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command. | 10.0 |
| 2000-12-19 | CVE-2000-0954 | Unspecified vulnerability in Evolvable Corporation Shambala Server 4.5 Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server. | 10.0 |
| 2000-12-19 | CVE-2000-0952 | Unspecified vulnerability in Shigio Yamaguchi Global 3.55 global.cgi CGI program in Global 3.55 and earlier on NetBSD allows remote attackers to execute arbitrary commands via shell metacharacters. | 10.0 |
| 2000-12-19 | CVE-2000-0947 | Unspecified vulnerability in GNU Cfengine 1.5/1.5.34/1.6 Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command. | 10.0 |
| 2000-12-19 | CVE-2000-0945 | Unspecified vulnerability in Cisco Catalyst 3500 XL The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory. | 10.0 |
| 2000-12-19 | CVE-2000-0944 | Insufficiently Protected Credentials vulnerability in CGI Script Center News Update 1.1 CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without knowing the original password. | 9.8 |
| 2000-12-19 | CVE-2000-0941 | Unspecified vulnerability in Kootenay web INC Kootenay web INC Whois 1.0 Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter. | 10.0 |
| 2000-12-19 | CVE-2000-0917 | Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands. | 10.0 |
| 2000-12-19 | CVE-2000-0818 | Unspecified vulnerability in Oracle Listener 7.3.4/8.0.6/8.1.6 The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands. | 10.0 |