2001 CVEs
1556 CVEs published in 2001. 12 critical, 19 high. Browse by vendor, severity, or with PoCs.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2001-1496 | Critical | 9.8 | 2001-12-31 | Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly exec… |
CVE-2001-1481 | Critical | 9.8 | 2001-12-31 | Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows re… |
CVE-2001-0766 | Critical | 9.8 | 2001-10-18 | Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose c… |
CVE-2001-1125 | Critical | 9.8 | 2001-10-05 | Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via… |
CVE-2001-0967 | Critical | 9.8 | 2001-08-31 | Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt() function, which makes it easier for an at… |
CVE-2001-1155 | Critical | 9.8 | 2001-08-23 | TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does not properly check the result of a reverse DNS lookup, which… |
CVE-2001-0609 | Critical | 9.8 | 2001-08-02 | Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is p… |
CVE-2001-1291 | Critical | 9.8 | 2001-07-12 | The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote attackers who provide an incorrect username or password, whi… |
CVE-2001-0395 | Critical | 9.8 | 2001-07-02 | Lightwave ConsoleServer 3200 does not disconnect users after unsuccessful login attempts, which could allow remote attackers to conduct brute force password gu… |
CVE-2001-0249 | Critical | 9.8 | 2001-06-18 | Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which… |
CVE-2001-0248 | Critical | 9.8 | 2001-06-18 | Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which… |
CVE-2001-1339 | Critical | 9.8 | 2001-05-24 | Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect users from the service when bad passwords are entered, which makes it easier for remote atta… |
CVE-2001-1471 | High | 8.8 | 2001-07-31 | prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP code via an invalid language value, which prevents the variable… |
CVE-2001-1546 | High | 7.8 | 2001-12-31 | Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to gain privileges by recovering the passwords from the pwhc… |
CVE-2001-0497 | High | 7.8 | 2001-07-21 | dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS T… |
CVE-2001-1238 | High | 7.8 | 2001-07-16 | Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) ser… |
CVE-2001-0195 | High | 7.8 | 2001-03-26 | sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via pas… |
CVE-2001-1537 | High | 7.5 | 2001-12-31 | The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow a… |
CVE-2001-1536 | High | 7.5 | 2001-12-31 | Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain una… |
CVE-2001-1515 | High | 7.5 | 2001-12-31 | Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which… |