Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-12-11 | CVE-2000-1031 | Unspecified vulnerability in HP Hp-Ux and Tru64 Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option. | 4.6 |
| 2000-12-11 | CVE-2000-1030 | Unspecified vulnerability in Csandt Corporatetime FOR the web CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server. | 5.0 |
| 2000-12-11 | CVE-2000-1027 | Unspecified vulnerability in Cisco PIX Firewall Software 5.2 Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established. | 5.0 |
| 2000-12-11 | CVE-2000-1025 | Unspecified vulnerability in Unify Ewave Servletexec 3.0C eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running. | 5.0 |
| 2000-12-11 | CVE-2000-1019 | Unspecified vulnerability in Inktomi Search Software 3.0/3.1.10 Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows remote attackers to cause a denial of service via a malformed URL. | 5.0 |
| 2000-12-11 | CVE-2000-1017 | Unspecified vulnerability in Webteacher Webdata Webteachers Webdata allows remote attackers with valid Webdata accounts to read arbitrary files by posting a request to import the file into the WebData database. | 5.0 |
| 2000-12-11 | CVE-2000-1016 | Unspecified vulnerability in Suse Linux 6.3/6.4 The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL. | 5.0 |
| 2000-12-11 | CVE-2000-1008 | Unspecified vulnerability in Palm OS PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device. | 4.6 |
| 2000-12-11 | CVE-2000-1007 | Unspecified vulnerability in Symantec I-Gear 3.5/3.5.7 I-gear 3.5.7 and earlier does not properly process log entries in which a URL is longer than 255 characters, which allows an attacker to cause reporting errors. | 5.0 |
| 2000-12-11 | CVE-2000-1006 | Unspecified vulnerability in Microsoft Exchange Server 5.5 Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified, which allows remote attackers to cause a denial of service via a charset="" command, aka the "Malformed MIME Header" vulnerability. | 5.0 |