Weekly Vulnerabilities Reports > April 30 to May 6, 2001
Overview
82 new vulnerabilities reported during this period, including 22 critical vulnerabilities and 23 high severity vulnerabilities. This weekly summary report vulnerabilities in 78 products from 61 vendors including Microsoft, SUN, Debian, HP, and Francisco Burzi. Vulnerabilities are notably categorized as "Code Injection", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".
- 65 reported vulnerabilities are remotely exploitables.
- 1 reported vulnerabilities have public exploit available.
- 82 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 7 reported vulnerabilities.
- SUN has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
22 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2001-05-03 | CVE-2001-0320 | Francisco Burzi | Remote Security vulnerability in PHP-Nuke 4.0.4/4.4 bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attackers to read arbitrary files and gain PHP administrator privileges by inserting a null character and .. | 10.0 |
| 2001-05-03 | CVE-2001-0301 | Stephen Turner | Unspecified vulnerability in Stephen Turner Analog Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings. | 10.0 |
| 2001-05-03 | CVE-2001-0296 | Texas Imperial Software | Remote Security vulnerability in Texas Imperial Software Wftpd PRO 3.00 Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute arbitrary commands via a long CWD command. | 10.0 |
| 2001-05-03 | CVE-2001-0291 | Buffer overflow in post-query sample CGI program allows remote attackers to execute arbitrary commands via an HTTP POST request that contains at least 10001 parameters. | 10.0 | |
| 2001-05-03 | CVE-2001-0285 | A1Webserver | Denial-Of-Service vulnerability in A1Webserver Http Server 1.0 Buffer overflow in A1 HTTP server 1.0a allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request. | 10.0 |
| 2001-05-03 | CVE-2001-0284 | Openbsd | Denial-Of-Service vulnerability in OpenBSD Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option. | 10.0 |
| 2001-05-03 | CVE-2001-0282 | Guido Frassetto | Denial-Of-Service vulnerability in Guido Frassetto Sedum 2.1 SEDUM 2.1 HTTP server allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request. | 10.0 |
| 2001-05-03 | CVE-2001-0280 | Atrium Software | Unspecified vulnerability in Atrium Software Mercur Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to execute arbitrary commands via a long EXPN command. | 10.0 |
| 2001-05-03 | CVE-2001-0277 | Working Resources INC | Unspecified vulnerability in Working Resources Inc. Badblue 1.2.7 Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request. | 10.0 |
| 2001-05-03 | CVE-2001-0271 | Mailnews CGI | Unspecified vulnerability in Mailnews.Cgi mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitrary commands via a user name that contains shell metacharacters. | 10.0 |
| 2001-05-03 | CVE-2001-0269 | SUN | Security Bypass vulnerability in SUN Sunos 5.8 pam_ldap authentication module in Solaris 8 allows remote attackers to bypass authentication via a NULL password. | 10.0 |
| 2001-05-03 | CVE-2001-0236 | SUN | Buffer Overflow vulnerability in SUN Solaris and Sunos Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event. | 10.0 |
| 2001-05-03 | CVE-2001-0218 | Martin Stover | Unspecified vulnerability in Martin Stover Mars NWE 0.99Pl19 Format string vulnerability in mars_nwe 0.99.pl19 allows remote attackers to execute arbitrary commands. | 10.0 |
| 2001-05-03 | CVE-2001-0213 | Planet Intra | Remote Security vulnerability in Planet Intra Planet Intra 2.5 Buffer overflow in pi program in PlanetIntra 2.5 allows remote attackers to execute arbitrary commands. | 10.0 |
| 2001-05-03 | CVE-2001-0194 | Easy Software Products | Remote Security vulnerability in CUPS Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attackers to execute arbitrary commands via a long input line. | 10.0 |
| 2001-05-03 | CVE-2001-0192 | Davide Libenzi | Remote Security vulnerability in XMail Buffer overflows in CTRLServer in XMail allows attackers to execute arbitrary commands via the cfgfileget or domaindel functions. | 10.0 |
| 2001-05-03 | CVE-2001-0191 | Andy Norman | Unspecified vulnerability in Andy Norman Gnuserv gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length. | 10.0 |
| 2001-05-03 | CVE-2001-0180 | Lars Ellingsen | Remote Security vulnerability in Guestserver Lars Ellingsen guestserver.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the "email" parameter. | 10.0 |
| 2001-05-03 | CVE-2001-0173 | Nobreak Technologies Qdecoder | Remote Buffer Overflow vulnerability in qDecoder Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header. | 10.0 |
| 2001-05-03 | CVE-2001-0171 | Whitsoft | Unspecified vulnerability in Whitsoft Slimserve 1.0 Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request. | 10.0 |
| 2001-05-03 | CVE-2001-0168 | ATT | Buffer Overflow vulnerability in AT&T; WinVNC Server Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0. | 10.0 |
| 2001-05-03 | CVE-2001-0147 | Microsoft | Unspecified vulnerability in Microsoft Windows 2000 Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records. | 10.0 |
23 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2001-05-03 | CVE-2001-0198 | Apple | Remote Overflow vulnerability in Apple Quicktime 4.1.2 Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag. | 7.6 |
| 2001-05-03 | CVE-2001-0174 | Trend Micro | Unspecified vulnerability in Trend Micro Virus Buster 2001 Buffer overflow in Trend Micro Virus Buster 2001 8.00 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a large "To" address. | 7.6 |
| 2001-05-03 | CVE-2001-0167 | ATT | Buffer Overflow vulnerability in AT&T; WinVNC Client Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string. | 7.6 |
| 2001-05-03 | CVE-2001-0326 | Oracle | Remote Security vulnerability in Oracle Application Server and Oracle8I Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePermission. | 7.5 |
| 2001-05-03 | CVE-2001-0325 | QNX | Buffer Overflow vulnerability in QNX RTP 5.60 Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command. | 7.5 |
| 2001-05-03 | CVE-2001-0319 | IBM | Unspecified vulnerability in IBM products orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability. | 7.5 |
| 2001-05-03 | CVE-2001-0308 | Bajie | Code Injection vulnerability in Bajie Java Http Server UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... | 7.5 |
| 2001-05-03 | CVE-2001-0307 | Bajie | Code Injection vulnerability in Bajie Java Http Server Bajie HTTP JServer 0.78, and other versions before 0.80, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request for a CGI program that does not exist. | 7.5 |
| 2001-05-03 | CVE-2001-0292 | Francisco Burzi | Remote Security vulnerability in Francisco Burzi PHP-Nuke 4.4.1A PHP-Nuke 4.4.1a allows remote attackers to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator. | 7.5 |
| 2001-05-03 | CVE-2001-0288 | Cisco | Unspecified vulnerability in Cisco IOS Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | 7.5 |
| 2001-05-03 | CVE-2001-0274 | Kicq | Unspecified vulnerability in Kicq 1.0.0 kicq IRC client 1.0.0, and possibly later versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | 7.5 |
| 2001-05-03 | CVE-2001-0234 | Sourceforge | SQL-Injection vulnerability in Sourceforge Newsdaemon 0.21B NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed user_username parameter. | 7.5 |
| 2001-05-03 | CVE-2001-0154 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly. | 7.5 |
| 2001-05-03 | CVE-2001-0153 | Microsoft | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Visual Basic and Visual Studio Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands. | 7.5 |
| 2001-05-03 | CVE-2001-0145 | Microsoft | Unspecified vulnerability in Microsoft Outlook and Outlook Express Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field. | 7.5 |
| 2001-05-03 | CVE-2001-0281 | Microsoft | Local Security vulnerability in Microsoft Windows NT Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges. | 7.2 |
| 2001-05-03 | CVE-2001-0279 | Debian Mandrakesoft | Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges. | 7.2 |
| 2001-05-03 | CVE-2001-0268 | Netbsd Openbsd | The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. | 7.2 |
| 2001-05-03 | CVE-2001-0267 | HP | Local Security vulnerability in HP MPE IX 5.5 NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges. | 7.2 |
| 2001-05-03 | CVE-2001-0266 | HP | Local Security vulnerability in HP-UX Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges. | 7.2 |
| 2001-05-03 | CVE-2001-0229 | SUN | Local Security vulnerability in SUN Chilisoft 3.5.2 Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts. | 7.2 |
| 2001-05-03 | CVE-2001-0193 | Debian Suse | Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. | 7.2 |
| 2001-05-03 | CVE-2001-0165 | SUN | Unspecified vulnerability in SUN Solaris and Sunos Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (process name) argument. | 7.2 |
30 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2001-05-03 | CVE-2001-0283 | SUN | Directory Traversal vulnerability in SUN FTP Build9 Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. | 6.4 |
| 2001-05-03 | CVE-2001-0276 | Working Resources INC | Unspecified vulnerability in Working Resources Inc. Badblue 1.2.7 ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote attackers to determine the physical path of the server by directly calling ext.dll without any arguments, which produces an error message that contains the path. | 6.4 |
| 2001-05-03 | CVE-2001-0321 | Francisco Burzi | Remote Security vulnerability in Francisco Burzi PHP-Nuke 8.0Final opendir.php script in PHP-Nuke allows remote attackers to read arbitrary files by specifying the filename as an argument to the requesturl parameter. | 5.0 |
| 2001-05-03 | CVE-2001-0306 | Itafrica | Directory Traversal vulnerability in Itafrica Webactive 1.0 Directory traversal vulnerability in ITAfrica WEBactive HTTP Server 1.00 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2001-05-03 | CVE-2001-0305 | Thinking Arts | Directory Traversal vulnerability in Thinking Arts Es.One 1.0 Directory traversal vulnerability in store.cgi in Thinking Arts ES.One package allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2001-05-03 | CVE-2001-0304 | Caucho Technology | Directory Traversal vulnerability in Caucho Technology Resin 1.2.2 Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request. | 5.0 |
| 2001-05-03 | CVE-2001-0303 | PI3 | Buffer Overflow vulnerability in PI3 Pi3Web 1.0.1 tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to determine the physical path of the server via a URL that requests a non-existent file. | 5.0 |
| 2001-05-03 | CVE-2001-0302 | PI3 | Buffer Overflow vulnerability in PI3 Pi3Web 1.0.1 Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL. | 5.0 |
| 2001-05-03 | CVE-2001-0298 | Sapio Design LTD | Denial Of Service vulnerability in Sapio Design LTD Webreflex 1.55 Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request. | 5.0 |
| 2001-05-03 | CVE-2001-0297 | Dattaraj RAO | Directory Traversal vulnerability in Dattaraj RAO Simple Server 1.0 Directory traversal vulnerability in Simple Server HTTPd 1.0 (originally Free Java Server) allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2001-05-03 | CVE-2001-0295 | Jarle Aase | Unspecified vulnerability in Jarle Aase WAR Ftpd 1.67B04 Directory traversal vulnerability in War FTP 1.67.04 allows remote attackers to list directory contents and possibly read files via a "dir *./../.." command. | 5.0 |
| 2001-05-03 | CVE-2001-0294 | Typsoft | Directory Traversal vulnerability in Typsoft FTP Server 0.85 Directory traversal vulnerability in TYPSoft FTP Server 0.85 allows remote attackers to read arbitrary files via (1) a .. | 5.0 |
| 2001-05-03 | CVE-2001-0293 | Datawizard | Directory Traversal vulnerability in Datawizard Ftpxq 2.0.93 Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2001-05-03 | CVE-2001-0286 | A1Webserver | Unspecified vulnerability in A1Webserver Http Server 1.0 Directory traversal vulnerability in A1 HTTP server 1.0a allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2001-05-03 | CVE-2001-0272 | W3 ORG | Directory Traversal vulnerability in Sendtemp.Pl Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web development server allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2001-05-03 | CVE-2001-0270 | Marconi | Denial Of Service vulnerability in Marconi Asx-1000 and Forethought Marconi ASX-1000 ASX switches allow remote attackers to cause a denial of service in the telnet and web management interfaces via a malformed packet with the SYN-FIN and More Fragments attributes set. | 5.0 |
| 2001-05-03 | CVE-2001-0228 | Goahead Software | Directory Traversal vulnerability in GoAhead WebServer Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2001-05-03 | CVE-2001-0227 | Biblioscape | Denial-Of-Service vulnerability in Biblioscape Biblioweb Server 2.0 Buffer overflow in BiblioWeb web server 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request. | 5.0 |
| 2001-05-03 | CVE-2001-0226 | Biblioscape | Directory Traversal vulnerability in Biblioscape Biblioweb Server 2.0 Directory traversal vulnerability in BiblioWeb web server 2.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2001-05-03 | CVE-2001-0205 | AOL | Directory Traversal vulnerability in AOL Server 3.2 Directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting "..." into the requested pathname, a modified .. | 5.0 |
| 2001-05-03 | CVE-2001-0202 | Informs | Directory Traversal vulnerability in Informs Picserver 1.0 Picserver web server allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2001-05-03 | CVE-2001-0200 | Heat ON Software | Path Disclosure vulnerability in Heat-On Software Hsweb 2.0 HSWeb 2.0 HTTP server allows remote attackers to obtain the physical path of the server via a request to the /cgi/ directory, which will list the path if directory browsing is enabled. | 5.0 |
| 2001-05-03 | CVE-2001-0199 | Guido Frassetto | Directory Traversal vulnerability in Guido Frassetto Sedum 2.0 Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2001-05-03 | CVE-2001-0196 | Freebsd | Unspecified vulnerability in Freebsd inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group. | 5.0 |
| 2001-05-03 | CVE-2001-0186 | Free Java WEB Server | Directory Traversal vulnerability in Free Java web Server Free Java web Server 1.0 Directory traversal vulnerability in Free Java Web Server 1.0 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2001-05-03 | CVE-2001-0179 | Macromedia | Unspecified vulnerability in Macromedia Jrun 3.0 Allaire JRun 3.0 allows remote attackers to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "." | 5.0 |
| 2001-05-03 | CVE-2001-0316 | Linux | Unspecified vulnerability in Linux Kernel 2.2.0/2.4.0 Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call. | 4.6 |
| 2001-05-03 | CVE-2001-0290 | GNU | Local Security vulnerability in Mailman Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords. | 4.6 |
| 2001-05-03 | CVE-2001-0289 | Joseph Allen | Unspecified vulnerability in Joseph Allen JOE 2.8 Joe text editor 2.8 searches the current working directory (CWD) for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to execute joe from that directory. | 4.6 |
| 2001-05-03 | CVE-2001-0278 | HP | Local Security vulnerability in MPE/iX Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges. | 4.6 |
7 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2001-05-03 | CVE-2001-0317 | Linux | Unspecified vulnerability in Linux Kernel 2.2.0/2.4.0 Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process. | 3.7 |
| 2001-05-03 | CVE-2001-0324 | Microsoft | Unspecified vulnerability in Microsoft Windows 2000 and Windows 98 Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash. | 2.6 |
| 2001-05-03 | CVE-2001-0273 | Holger Lamm | Unspecified vulnerability in Holger Lamm Pgp4Pine 1.75.6 pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via Gnu Privacy Guard (GnuPG), which causes the message to be sent in cleartext. | 2.6 |
| 2001-05-03 | CVE-2001-0287 | Symantec Veritas | Unspecified vulnerability in Symantec Veritas Cluster Server 1.3.0 VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to cause a denial of service (system panic) via the -L option to the lltstat command. | 2.1 |
| 2001-05-03 | CVE-2001-0275 | Moby | Denial-Of-Service vulnerability in Moby Netsuite web Server 1.02 Moby Netsuite Web Server 1.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request. | 2.1 |
| 2001-05-03 | CVE-2001-0152 | Microsoft | Unspecified vulnerability in Microsoft Plus The password protection option for the Compressed Folders feature in Plus! for Windows 98 and Windows Me writes password information to a file, which allows local users to recover the passwords and read the compressed folders. | 2.1 |
| 2001-05-03 | CVE-2001-1331 | Debian Progeny | mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options (1) -u or (2) -c, which do not drop privileges and follow symlinks. | 1.2 |