Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-12-31 | CVE-2001-1551 | Local Security vulnerability in Linux Kernel 2.2.19 Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs. | 2.1 |
| 2001-12-31 | CVE-2001-1550 | Unspecified vulnerability in Centra Asp, Centraone and Smart Connect CentraOne 5.2 and Centra ASP with basic authentication enabled creates world-writable base64 encoded log files, which allows local users to obtain cleartext passwords from decoded log files and impersonate users. | 2.1 |
| 2001-12-31 | CVE-2001-1549 | Unspecified vulnerability in Tiny Software Tiny Personal Firewall 1.0/2.0 Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters. | 2.1 |
| 2001-12-31 | CVE-2001-1548 | Unspecified vulnerability in Zonelabs Zonealarm ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters. | 2.1 |
| 2001-12-31 | CVE-2001-1534 | Session Fixation vulnerability in Apache Http Server mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication. | 2.1 |
| 2001-12-31 | CVE-2001-1527 | Local Security vulnerability in Easyscripts Easynews 1.5 easyNews 1.5 and earlier stores administration passwords in cleartext in settings.php, which allows local users to obtain the passwords and gain access. | 2.1 |
| 2001-12-31 | CVE-2001-1521 | Cross-Site Scripting vulnerability in Postnuke Software Foundation Postnuke 0.62/0.63/0.64 Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter. | 2.6 |
| 2001-12-31 | CVE-2001-1520 | Unspecified vulnerability in Intel Xircom REX 6000 1 Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor, connecting to the personal digital assistant (PDA) via Rextools, and capturing the cleartext PIN. | 2.1 |
| 2001-12-31 | CVE-2001-1518 | Denial of Services vulnerability in Microsoft Windows 2000 RunAs Service RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. | 2.1 |
| 2001-12-31 | CVE-2001-1503 | Information Disclosure vulnerability in Solaris in.fingerd The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host. | 2.1 |