Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-01-09 | CVE-2000-1140 | Unspecified vulnerability in Recourse Technologies Mantrap 1.6.1 Recourse ManTrap 1.6 does not properly hide processes from attackers, which could allow attackers to determine that they are in a honeypot system by comparing the results from kill commands with the process listing in the /proc filesystem. | 2.1 |
| 2001-01-09 | CVE-2000-1127 | Local Arbitrary File Read vulnerability in HP Hp-Ux 10.20 registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable. | 3.6 |
| 2001-01-09 | CVE-2000-1096 | Unspecified vulnerability in Paul Vixie Cron 3.0Pl1 crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating world-writeable temporary files and modifying them while the victim is editing the file. | 3.7 |
| 2001-01-09 | CVE-2000-1083 | Buffer Overflow vulnerability in Microsoft Data Engine and SQL Server The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability. | 2.1 |
| 2000-12-19 | CVE-2000-0959 | Unspecified vulnerability in GNU Glibc 2.1.3.10 glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack. | 1.2 |
| 2000-12-19 | CVE-2000-0936 | Unspecified vulnerability in Samba 2.0.7 Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords. | 2.1 |
| 2000-12-19 | CVE-2000-0928 | Unspecified vulnerability in Wquinn Diskadvisor WQuinn QuotaAdvisor 4.1 allows users to list directories and files by running a report on the targeted shares. | 2.1 |
| 2000-12-11 | CVE-2000-1045 | Unspecified vulnerability in Padl Software NSS Ldap Build105/Build113/Build85 nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests. | 1.2 |
| 2000-12-11 | CVE-2000-1018 | Unspecified vulnerability in Mendel Cooper Shred 1.0 shred 1.0 file wiping utility does not properly open a file for overwriting or flush its buffers, which prevents shred from properly replacing the file's data and allows local users to recover the file. | 2.1 |
| 2000-12-11 | CVE-2000-1003 | Unspecified vulnerability in Microsoft Windows 95, Windows 98 and Windows 98Se NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to return an unknown driver type, which causes the client to crash. | 2.6 |