Weekly Vulnerabilities Reports > January 22 to 28, 2001
2 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 2 high severity vulnerabilities. This weekly summary report vulnerabilities in 2 products from 2 vendors including ATT, and Oracle. Vulnerabilities are notably categorized as .
- 2 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities are exploitable by an anonymous user.
- ATT has the most reported vulnerabilities, with 1 reported vulnerabilities.
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
2 High Vulnerabilities
|2001-01-23||CVE-2001-1422||ATT|| Authentication vulnerability in AT&T; VNC Weak |
WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users.
|2001-01-23||CVE-2001-1274||Oracle|| Unspecified vulnerability in Oracle Mysql |
Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
0 Medium Vulnerabilities
0 Low Vulnerabilities