Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-12-19 | CVE-2000-0803 | Unspecified vulnerability in GNU Groff GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff. | 10.0 |
2000-12-11 | CVE-2000-1077 | Unspecified vulnerability in Iplanet web Server 4.X Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml extension. | 10.0 |
2000-12-11 | CVE-2000-1076 | Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. | 10.0 |
2000-12-11 | CVE-2000-1074 | Unspecified vulnerability in Netscape Iplanet Ical 2.1 csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory. | 10.0 |
2000-12-11 | CVE-2000-1071 | Unspecified vulnerability in Netscape Iplanet Ical 2.1 The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges. | 10.0 |
2000-12-11 | CVE-2000-1068 | Unspecified vulnerability in Cgi-World Poll IT and Poll IT PRO pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the poll_options parameter. | 10.0 |
2000-12-11 | CVE-2000-1055 | Unspecified vulnerability in Cisco Secure Access Control Server 2.1/2.3(3)/2.4(2) Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large TACACS+ packet. | 10.0 |
2000-12-11 | CVE-2000-1054 | Unspecified vulnerability in Cisco Secure Access Control Server 2.1/2.3(3)/2.4(2) Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet. | 10.0 |
2000-12-11 | CVE-2000-1053 | Unspecified vulnerability in Macromedia Jrun 2.3.X Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet. | 10.0 |
2000-12-11 | CVE-2000-1047 | Unspecified vulnerability in Lotus Domino Enterprise Server and Domino Mail Server Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command. | 10.0 |