Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2001-11-21 | CVE-2001-0916 | Buffer Overflow vulnerability in Berkeley Parallel Make Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via a long check argument of a shell definition. | 7.2 |
2001-11-21 | CVE-2001-0915 | Unspecified vulnerability in Berkeley Pmake Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition. | 7.2 |
2001-11-21 | CVE-2001-0911 | PHP-Nuke 5.1 stores user and administrator passwords in a base-64 encoded cookie, which could allow remote attackers to gain privileges by stealing or sniffing the cookie and decoding it. | 7.5 |
2001-11-21 | CVE-2001-0910 | Authentication vulnerability in EMC Networker 6.0 Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup. | 7.5 |
2001-11-21 | CVE-2001-0909 | Buffer Overflow vulnerability in Microsoft Windows XP HCP URI Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL. | 7.5 |
2001-11-21 | CVE-2001-0908 | Unspecified vulnerability in Citrix Metaframe 1.8 CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. | 7.5 |
2001-11-20 | CVE-2001-0903 | Authentication Linear Relation Between Keys vulnerability in Intel High-Bandwidth Digital Content Protection 1.0 Linear key exchange process in High-bandwidth Digital Content Protection (HDCP) System allows remote attackers to access data as plaintext, avoid device blacklists, clone devices, and create new device keyvectors by computing and using alternate key combinations for authentication. | 7.5 |
2001-11-20 | CVE-2001-0902 | Unspecified vulnerability in Microsoft Internet Information Services 5.0 Microsoft IIS 5.0 allows remote attackers to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters. | 7.5 |
2001-11-19 | CVE-2001-1463 | Cryptographic Issues vulnerability in Solarwinds Serv-U File Server 3.0.0.17/3.0.0.16 The remote administration client for RhinoSoft Serv-U 3.0 sends the user password in plaintext even when S/KEY One-Time Password (OTP) authentication is enabled, which allows remote attackers to sniff passwords. | 7.5 |
2001-11-18 | CVE-2001-1228 | Buffer Overflow vulnerability in GNU Gzip 1.2.4/1.2.4A/1.3 Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server. | 7.5 |