Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-12-11 | CVE-2000-1036 | Unspecified vulnerability in Extent Technologies RBS ISP 2.5 Directory traversal vulnerability in Extent RBS ISP web server allows remote attackers to read sensitive information via a .. | 5.0 |
2000-12-11 | CVE-2000-1032 | Unspecified vulnerability in Checkpoint Firewall-1 3.0/4.0 The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall. | 5.0 |
2000-12-11 | CVE-2000-1031 | Unspecified vulnerability in HP Hp-Ux and Tru64 Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option. | 4.6 |
2000-12-11 | CVE-2000-1030 | Unspecified vulnerability in Csandt Corporatetime FOR the web CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server. | 5.0 |
2000-12-11 | CVE-2000-1027 | Unspecified vulnerability in Cisco PIX Firewall Software 5.2 Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established. | 5.0 |
2000-12-11 | CVE-2000-1025 | Unspecified vulnerability in Unify Ewave Servletexec 3.0C eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running. | 5.0 |
2000-12-11 | CVE-2000-1019 | Unspecified vulnerability in Inktomi Search Software 3.0/3.1.10 Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows remote attackers to cause a denial of service via a malformed URL. | 5.0 |
2000-12-11 | CVE-2000-1017 | Unspecified vulnerability in Webteacher Webdata Webteachers Webdata allows remote attackers with valid Webdata accounts to read arbitrary files by posting a request to import the file into the WebData database. | 5.0 |
2000-12-11 | CVE-2000-1016 | Unspecified vulnerability in Suse Linux 6.3/6.4 The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL. | 5.0 |
2000-12-11 | CVE-2000-1008 | Unspecified vulnerability in Palm OS PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device. | 4.6 |