Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-11-28 | CVE-2001-0930 | Remote Security vulnerability in Sendpage.Pl Sendpage.pl allows remote attackers to execute arbitrary commands via a message containing shell metacharacters. | 7.5 |
| 2001-11-28 | CVE-2001-0929 | Unspecified vulnerability in Cisco IOS Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists. | 7.5 |
| 2001-11-28 | CVE-2001-0928 | Remote Buffer Overflow vulnerability in GNOME libgtop_daemon Buffer overflow in the permitted function of GNOME gtop daemon (libgtop_daemon) in libgtop 1.0.13 and earlier may allow remote attackers to execute arbitrary code via long authentication data. | 7.5 |
| 2001-11-28 | CVE-1999-1514 | Buffer Overflow vulnerability in Celtech Software Expressfs 2.6 Buffer overflow in Celtech ExpressFS FTP server 2.x allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long USER command. | 7.5 |
| 2001-11-28 | CVE-1999-1024 | Unspecified vulnerability in LBL Tcpdump 3.4 ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a denial of service via a packet with a zero length header, which causes an infinite loop and core dump when tcpdump prints the packet. | 7.5 |
| 2001-11-27 | CVE-2001-0927 | Unspecified vulnerability in Gnome Libgtop Daemon Format string vulnerability in the permitted function of GNOME libgtop_daemon in libgtop 1.0.12 and earlier allows remote attackers to execute arbitrary code via an argument that contains format specifiers that are passed into the (1) syslog_message and (2) syslog_io_message functions. | 7.5 |
| 2001-11-26 | CVE-2001-0922 | Unspecified vulnerability in SUN Netdynamics ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier versions, allows remote attackers to steal session IDs and hijack user sessions by reading the SPIDERSESSION and uniqueValue variables from the login field, then using those variables after the next user logs in. | 7.5 |
| 2001-11-26 | CVE-2001-0875 | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download. | 7.5 |
| 2001-11-25 | CVE-2001-1350 | Unspecified vulnerability in Namazu Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter. | 7.5 |
| 2001-11-22 | CVE-2001-0913 | Remote Security vulnerability in rwhoisd Format string vulnerability in Network Solutions Rwhoisd 1.5.7.2 and earlier, when using syslog, allows remote attackers to corrupt memory and possibly execute arbitrary code via a rwhois request that contains format specifiers. | 7.5 |