Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-11-14 | CVE-2000-0877 | Unspecified vulnerability in Ranson Johnson Mailform 2.0 mailform.pl CGI script in MailForm 2.0 allows remote attackers to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker. | 5.0 |
2000-11-14 | CVE-2000-0876 | Information Exposure vulnerability in Texas Imperial Software Wftpd and Wftpd PRO WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the full pathname of the server via a "%C" command, which generates an error message that includes the pathname. | 5.0 |
2000-11-14 | CVE-2000-0875 | Unspecified vulnerability in Texas Imperial Software Wftpd and Wftpd PRO WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a denial of service by sending a long string of unprintable characters. | 5.0 |
2000-11-14 | CVE-2000-0874 | Unspecified vulnerability in Qualcomm Eudora 4.2/4.3 Eudora mail client includes the absolute path of the sender's host within a virtual card (VCF). | 5.0 |
2000-11-14 | CVE-2000-0872 | Directory Traversal vulnerability in Nathan Purciful PHPphotoalbum 0.9.9 explorer.php in PhotoAlbum 0.9.9 allows remote attackers to read arbitrary files via a .. | 5.0 |
2000-11-14 | CVE-2000-0871 | Unspecified vulnerability in Khamil Landross and Zack Jones Eftp 2.0.4.281 Buffer overflow in EFTP allows remote attackers to cause a denial of service by sending a string that does not contain a newline, then disconnecting from the server. | 5.0 |
2000-11-14 | CVE-2000-0869 | The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method. | 5.0 |
2000-11-14 | CVE-2000-0868 | The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/. | 5.0 |
2000-11-14 | CVE-2000-0864 | Race Condition vulnerability in Gnome Esound 0.2.19 Race condition in the creation of a Unix domain socket in GNOME esound 0.2.19 and earlier allows a local user to change the permissions of arbitrary files and directories, and gain additional privileges, via a symlink attack. | 6.2 |
2000-11-14 | CVE-2000-0862 | Unspecified vulnerability in Allaire Spectra 1.0.1 Vulnerability in an administrative interface utility for Allaire Spectra 1.0.1 allows remote attackers to read and modify sensitive configuration information. | 6.4 |