Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-12-11 | CVE-2000-1005 | Unspecified vulnerability in Extropia Webstore 1.0/2.0 Directory traversal vulnerability in html_web_store.cgi and web_store.cgi CGI programs in eXtropia WebStore allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2000-12-11 | CVE-2000-1004 | Unspecified vulnerability in Openbsd Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters. | 4.6 |
| 2000-12-11 | CVE-2000-1002 | Unspecified vulnerability in Stalker Communigate PRO 3.3.2 POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks. | 5.0 |
| 2000-12-11 | CVE-2000-1000 | Unspecified vulnerability in AOL Instant Messenger 4.1.2010 Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by transferring a file whose name includes format characters. | 5.0 |
| 2000-11-23 | CVE-2000-1224 | Unspecified vulnerability in Caucho Technology Resin 1.1.5/1.2 Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others. | 5.0 |
| 2000-11-21 | CVE-2000-1217 | Unspecified vulnerability in Microsoft Windows 2000 Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability. | 4.6 |
| 2000-11-14 | CVE-2000-0883 | Unspecified vulnerability in Mandrakesoft Mandrake Linux 6.1/7.0/7.1 The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory. | 5.0 |
| 2000-11-14 | CVE-2000-0882 | Unspecified vulnerability in Intel products Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed ICMP packet, which causes the CPU to crash. | 5.0 |
| 2000-11-14 | CVE-2000-0877 | Unspecified vulnerability in Ranson Johnson Mailform 2.0 mailform.pl CGI script in MailForm 2.0 allows remote attackers to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker. | 5.0 |
| 2000-11-14 | CVE-2000-0876 | Information Exposure vulnerability in Texas Imperial Software Wftpd and Wftpd PRO WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the full pathname of the server via a "%C" command, which generates an error message that includes the pathname. | 5.0 |