LanGuard reports



Supported OVAL Bulletins


More information on 2010 updates



ID:
CVE-2001-1209
Title:
All Servers: Abe Timmerman zml.cgi File Disclosure Vulnerability
Type:
Web
Bulletins:
CVE-2001-1209
SFBID3759
Severity:
Medium
Description:
Remote file retrieving.
Applies to:
Created:
2001-12-31
Updated:
2010-08-21

ID:
CVE-2001-1210
Title:
Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary...
Type:
Hardware
Bulletins:
CVE-2001-1210
SFBID3758
Severity:
Medium
Description:
Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings.
Applies to:
Cisco uBR 924 Cable Access Router
Cisco uBR 925 Cable Access Router
Created:
2001-12-30
Updated:
2017-06-03

ID:
CVE-2001-1220
Title:
D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges.
Type:
Hardware
Bulletins:
CVE-2001-1220
SFBID3735
Severity:
High
Description:
D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges.
Applies to:
DWL-1000AP
Created:
2001-12-21
Updated:
2017-06-03

ID:
CVE-2001-1221
Title:
D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses a default SNMP community string of 'public' which allows remote attackers to gain sensitive information.
Type:
Hardware
Bulletins:
CVE-2001-1221
SFBID3736
Severity:
Medium
Description:
D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses a default SNMP community string of 'public' which allows remote attackers to gain sensitive information.
Applies to:
DWL-1000AP
Created:
2001-12-21
Updated:
2017-06-03

ID:
CVE-2001-0861
Title:
Cisco 12000 Series Router ICMP Unreachable DoS
Type:
Hardware
Bulletins:
CVE-2001-0861
SFBID3534
Severity:
Medium
Description:
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies.
Applies to:
Cisco 12000 Router Series
Created:
2001-12-06
Updated:
2017-06-03

ID:
CVE-2001-0862
Title:
Cisco 12000 Series Router Non-Initial Packet Fragment ACL Bypass
Type:
Hardware
Bulletins:
CVE-2001-0862
SFBID3535
Severity:
High
Description:
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL.
Applies to:
Cisco 12000 Router Series
Created:
2001-12-06
Updated:
2017-06-03

ID:
CVE-2001-0863
Title:
Cisco 12000 Series Router Fragment Keyword Ignored in Outbound ACL
Type:
Hardware
Bulletins:
CVE-2001-0863
SFBID3539
Severity:
Medium
Description:
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments.
Applies to:
Cisco 12000 Router Series
Created:
2001-12-06
Updated:
2017-06-03

ID:
CVE-2001-0864
Title:
Cisco 12000 Series Router deny ip any any ACL Bypass
Type:
Hardware
Bulletins:
CVE-2001-0864
SFBID3536
Severity:
High
Description:
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions.
Applies to:
Cisco 12000 Router Series
Created:
2001-12-06
Updated:
2017-06-03

ID:
CVE-2001-0865
Title:
Cisco 12000 Series Router Turbo ACL DoS
Type:
Hardware
Bulletins:
CVE-2001-0865
SFBID3540
Severity:
High
Description:
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access.
Applies to:
Cisco 12000 Router Series
Created:
2001-12-06
Updated:
2017-06-03

ID:
CVE-2001-0866
Title:
Cisco 12000 Series Router Line Card Outbound ACL Failure
Type:
Hardware
Bulletins:
CVE-2001-0866
SFBID3537
Severity:
High
Description:
Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access controls.
Applies to:
Cisco 12000 Router Series
Created:
2001-12-06
Updated:
2017-06-03

ID:
CVE-2001-0867
Title:
Cisco 12000 Series Router Fragment Keyword ACL Bypass
Type:
Hardware
Bulletins:
CVE-2001-0867
SFBID3538
Severity:
High
Description:
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls.
Applies to:
Cisco 12000 Router Series
Created:
2001-12-06
Updated:
2017-06-03

ID:
CVE-2001-0929
Title:
Cisco IOS Firewall CBAC ACL Bypass
Type:
Hardware
Bulletins:
CVE-2001-0929
SFBID3588
Severity:
High
Description:
Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists.
Applies to:
Created:
2001-11-28
Updated:
2017-06-03

ID:
CVE-2001-0550
Title:
WU-FTPD glob() function error handling heap corruption
Type:
FTP
Bulletins:
CVE-2001-0550
SFBID3581
Severity:
High
Description:
All versions of WU-FTPD alows an attacker to cause a heap corruption, caused by a vulnerability in the glob function. Such function fails to properly signal an error to its caller, and the ftpglob function fails to set the globerr variable under certain situations. The attacker can send a command followed by a tilde and open bracket characters to the FTP server causing a corruption of the process memory space. This allows the execution of arbitrary code on the system with root privileges. In order to detect the vulnerability, the following checks should be enable in the ISS Protection Platform:WuftpGlobHeapCorruptionwuftp-glob-heap-corruptionFor a virtual patch enable the following check in the ISS Protection Platform:FTP_Glob_TildeBrace_VulnsBlock or restrict port 21 in the ISS Protection Platform.For more information on how to do manual protection see: http://xforce.iss.net/xforce/xfdb/7611
Applies to:
wu-ftpd
Created:
2001-11-27
Updated:
2010-08-21

ID:
CVE-2001-0895
Title:
Cisco IOS ARP Table Overwrite DoS
Type:
Hardware
Bulletins:
CVE-2001-0895
SFBID3547
Severity:
Medium
Description:
Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router's interface that contains a different MAC address for the router, which eventually causes the router to overwrite the MAC address in its ARP table.
Applies to:
Cisco Catalyst 4000 Series Switches
Cisco Catalyst 8500 Series
Cisco Catalyst C2948G-L3 Ethernet Switch
Cisco Catalyst 3500 Series XL Switches
Cisco Catalyst 4908G-L3 Switch
Cisco Catalyst 6000
Cisco Catalyst 2900 Series XL Switches
Cisco...
Created:
2001-11-15
Updated:
2017-06-03

ID:
REF000251
Title:
SSH server accepts Version 1.x connections
Type:
Miscellaneous
Bulletins: Severity:
Medium
Description:
SSH protocol Version 1 has various vulnerabilities, this should be disabled and only version 2 clients should be allowed to connect. For more information, visit: http://www.ssh.com/company/newsroom/article/210/
Applies to:
Created:
2001-11-07
Updated:
2010-08-21

ID:
CVE-2001-1503
Title:
Solaris Fingerd Discloses Complete User List
Type:
Miscellaneous
Bulletins:
CVE-2001-1503
SFBID3457
Severity:
Medium
Description:
Sensitive information disclosure.
Applies to:
Solaris
SunOS
Created:
2001-10-22
Updated:
2010-08-21

ID:
CVE-2001-0750
Title:
Cisco IOS Port Scan Remote DoS
Type:
Hardware
Bulletins:
CVE-2001-0750
SFBID2804
Severity:
Medium
Description:
Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999.
Applies to:
Created:
2001-10-18
Updated:
2017-06-03

ID:
CVE-2001-0751
Title:
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections.
Type:
Hardware
Bulletins:
CVE-2001-0751
Severity:
High
Description:
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections.
Applies to:
Created:
2001-10-18
Updated:
2017-06-03

ID:
CVE-2001-0752
Title:
Cisco CBOS ICMP DoS
Type:
Hardware
Bulletins:
CVE-2001-0752
Severity:
Medium
Description:
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set.
Applies to:
Created:
2001-10-18
Updated:
2017-06-03

ID:
CVE-2001-0753
Title:
Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges.
Type:
Hardware
Bulletins:
CVE-2001-0753
Severity:
High
Description:
Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges.
Applies to:
Created:
2001-10-18
Updated:
2017-06-03

ID:
CVE-2001-0754
Title:
Cisco CBOS Large Ping Packet ROMMON Mode DoS
Type:
Hardware
Bulletins:
CVE-2001-0754
Severity:
Medium
Description:
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets.
Applies to:
Created:
2001-10-18
Updated:
2017-06-03

ID:
CVE-2001-0757
Title:
Cisco 6400 NRP2 Unauthenticated Telnet Access
Type:
Hardware
Bulletins:
CVE-2001-0757
SFBID2874
Severity:
High
Description:
Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet.
Applies to:
Cisco 6400 Universal Access Concentrator
Created:
2001-10-18
Updated:
2017-06-03

ID:
CVE-2001-1156
Title:
TYPSoft FTP Server 0-95-1 and possibly prior for Microsoft Windows Can Be Crashed by Remote Users
Type:
FTP
Bulletins:
CVE-2001-1156
SFBID3409
Severity:
Medium
Description:
A vulnerability was reported in TYPSoft’s FTP Server, where remote users can cause the server to crash. There is currently no solution to the vulnerability at the moment. If a remote user accesses the FTP service and sends a STOR or RETR command as shown below, the FTP server goes into a denial of service condition since it will consume nearly all CPU resources.RETR ../../*STOR ../../*
Applies to:
TYPSoft FTP Server
Created:
2001-10-09
Updated:
2010-08-21

ID:
CVE-2001-1071
Title:
Cisco IOS CDP Neighbor Announcement DoS
Type:
Hardware
Bulletins:
CVE-2001-1071
SFBID3412
Severity:
Medium
Description:
Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.
Applies to:
Created:
2001-10-09
Updated:
2017-06-03

ID:
CVE-2001-0650
Title:
Cisco IOS BGP Transitive Attribute DoS
Type:
Hardware
Bulletins:
CVE-2001-0650
SFBID2733
Severity:
Medium
Description:
Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute.
Applies to:
Created:
2001-09-20
Updated:
2017-06-03

ID:
CVE-1999-0756
Title:
IIS: Cold Fusion check
Type:
Web
Bulletins:
CVE-1999-0756
Severity:
Medium
Description:
Related links: www.isummation.com/securing_coldfusion_pages_through_iis.htmlwww.sans.org/rr/papers/index.php?id=300
Applies to:
IIS
Created:
2001-09-18
Updated:
2010-08-21

ID:
REF000106
Title:
IIS: This computer seems to be infected with Nimda
Type:
Web
Bulletins: Severity:
High
Description:
This system seems to be compromised. For more information, visit: http://www.cert.org/advisories/CA-2001-26.html
Applies to:
IIS
Created:
2001-09-18
Updated:
2010-08-21

ID:
CVE-2001-1014
Title:
All Servers: (e)shop Online-Shop System
Type:
Web
Bulletins:
CVE-2001-1014
SFBID3340
Severity:
Medium
Description:
Allows attackers to execute commands (web server privilege).
Applies to:
Created:
2001-09-15
Updated:
2010-08-21

ID:
CVE-2001-1137
Title:
D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote attackers to cause a denial of service (reboot) via malformed IP datagram fragments.
Type:
Hardware
Bulletins:
CVE-2001-1137
SFBID3306
Severity:
Medium
Description:
D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote attackers to cause a denial of service (reboot) via malformed IP datagram fragments.
Applies to:
DI-704
Created:
2001-09-06
Updated:
2017-06-03

ID:
CVE-2001-0992
Title:
All Servers: ShopPlus Cart
Type:
Web
Bulletins:
CVE-2001-0992
Severity:
Medium
Description:
Script doesn't check symbols. any user can execute commands on webserver.
Applies to:
ShopPlus Cart
Created:
2001-09-05
Updated:
2010-08-21

ID:
CVE-2001-0711
Title:
Cisco IOS ILMI Default Community String Remote DoS
Type:
Hardware
Bulletins:
CVE-2001-0711
Severity:
Medium
Description:
Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string.
Applies to:
Created:
2001-08-31
Updated:
2017-06-03

ID:
CVE-2001-1064
Title:
Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop...
Type:
Hardware
Bulletins:
CVE-2001-1064
SFBID3236
Severity:
Medium
Description:
Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets.
Applies to:
Created:
2001-08-31
Updated:
2017-06-03

ID:
CVE-2001-1065
Title:
Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack.
Type:
Hardware
Bulletins:
CVE-2001-1065
Severity:
Medium
Description:
Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack.
Applies to:
Created:
2001-08-31
Updated:
2017-06-03

ID:
CVE-2001-1168
Title:
All Servers: PhpMyExplorer Vulnerable to Directory Traversal
Type:
Web
Bulletins:
CVE-2001-1168
Severity:
Medium
Description:
Allows attackers to view and read files that reside outside the normal bound directory.
Applies to:
PhpMyExplorer
Created:
2001-08-29
Updated:
2010-08-21

ID:
CVE-2001-0589
Title:
NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ 'denial' policy via specific traffic patterns.
Type:
Hardware
Bulletins:
CVE-2001-0589
SFBID2523
Severity:
Low
Description:
NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ 'denial' policy via specific traffic patterns.
Applies to:
Created:
2001-08-22
Updated:
2017-06-03

ID:
CVE-2001-0566
Title:
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled.
Type:
Hardware
Bulletins:
CVE-2001-0566
Severity:
Medium
Description:
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled.
Applies to:
Cisco Catalyst 2900 Series XL Switches
Created:
2001-08-14
Updated:
2017-06-03

ID:
CVE-2001-0621
Title:
Cisco CSS FTP File Disclosure
Type:
Hardware
Bulletins:
CVE-2001-0621
SFBID2745
Severity:
High
Description:
The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands.
Applies to:
Cisco CSS 11100 Content Services Switch Series
Created:
2001-08-14
Updated:
2017-06-03

ID:
CVE-2001-0622
Title:
Cisco CSS Web Management Authentication Bypass
Type:
Hardware
Bulletins:
CVE-2001-0622
SFBID2806
Severity:
High
Description:
The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface.
Applies to:
Cisco CSS 11100 Content Services Switch Series
Created:
2001-08-14
Updated:
2017-06-03

ID:
CVE-2001-1117
Title:
Linksys EtherFast index.htm DSL Username/Password Disclosure
Type:
Hardware
Bulletins:
CVE-2001-1117
SFBID3141
Severity:
Medium
Description:
LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm.
Applies to:
BEFSR41
Created:
2001-08-10
Updated:
2017-06-03

ID:
CVE-2001-1021
Title:
Ipswitch WS_FTP Server 2-0-2 Will Execute Remotely-Supplied Arbitrary Code
Type:
FTP
Bulletins:
CVE-2001-1021
Severity:
High
Description:
There exists a vulnerability in WS_FTP server, allowing a remote user to execute arbitrary code on the server with system privileges. This is due to a buffer overflow triggered by a valid remote user or an anonymous user. A patch has been release by the vendor, which is available at: http://www.ipswitch.com/support/ws_ftp-server/patch-upgrades.asp. The commands used to create a buffer overflow are: DELE, MDTM, MLST, MKD, RMD, RNFR, RNTO, SIZE, STAT, XMKD, and XRMD. Executing one of these commands with an argument longer than 478 bytes will cause such a buffer overflow. A remote user may also send several NULL characters, causing the WS_FTP to consume 100% of the CPU resources, thus causing it to crash.
Applies to:
Ipswitch WS_FTP Server
Created:
2001-07-26
Updated:
2010-08-21

ID:
CVE-2001-1104
Title:
SonicWALL SOHO Firewall Predictable TCP Sequence
Type:
Hardware
Bulletins:
CVE-2001-1104
SFBID3098
Severity:
High
Description:
SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions.
Applies to:
SonicWall Firewall SoHo
Created:
2001-07-25
Updated:
2017-06-03

ID:
CVE-2001-1097
Title:
Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets.
Type:
Hardware
Bulletins:
CVE-2001-1097
SFBID3096
Severity:
Medium
Description:
Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets.
Applies to:
Created:
2001-07-24
Updated:
2017-06-03

ID:
CVE-2001-0514
Title:
SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such...
Type:
Hardware
Bulletins:
CVE-2001-0514
SFBID2896
Severity:
High
Description:
SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such as WEP keys, cause a denial of service, or gain access to the network.
Applies to:
wap11
Created:
2001-07-21
Updated:
2017-06-03

ID:
CVE-2001-0537
Title:
Cisco IOS HTTP Unauthorized Administrative Access
Type:
Hardware
Bulletins:
CVE-2001-0537
SFBID2936
Severity:
High
Description:
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
Applies to:
Created:
2001-07-21
Updated:
2017-06-03

ID:
REF000105
Title:
IIS: This computer is infected with CodeRed
Type:
Web
Bulletins: Severity:
High
Description:
This system seems to be compromised. For more information, visit: http://www.securiteam.com/windowsntfocus/5WP0L004US.html
Applies to:
IIS
Created:
2001-07-20
Updated:
2010-08-21

ID:
CVE-2001-0804
Title:
All Servers: Directory traversal vulnerability in story.pl
Type:
Web
Bulletins:
CVE-2001-0804
SFBID3028
Severity:
Medium
Description:
Directory traversal.
Applies to:
Created:
2001-07-15
Updated:
2010-08-21

ID:
CVE-2001-1183
Title:
Cisco IOS Malformed PPTP Packet Remote DoS
Type:
Hardware
Bulletins:
CVE-2001-1183
SFBID3022
Severity:
Medium
Description:
PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet.
Applies to:
Created:
2001-07-12
Updated:
2017-06-03

ID:
CVE-2001-1038
Title:
Cisco Storage Router Multiple TCP Connections DoS
Type:
Hardware
Bulletins:
CVE-2001-1038
SFBID3014
Severity:
Medium
Description:
Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote attackers to cause a denial of service (reboot) via a series of connections to TCP port 8023.
Applies to:
Cisco SN 5420 Storage Router
Created:
2001-07-11
Updated:
2017-06-03

ID:
CVE-2001-0428
Title:
Cisco VPN 3000 Concentrator Malformed IP Packet DoS
Type:
Hardware
Bulletins:
CVE-2001-0428
SFBID2573
Severity:
Medium
Description:
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option.
Applies to:
Created:
2001-07-02
Updated:
2017-06-03

ID:
CVE-2001-0429
Title:
Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service.
Type:
Hardware
Bulletins:
CVE-2001-0429
SFBID2604
Severity:
Medium
Description:
Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service.
Applies to:
Created:
2001-07-02
Updated:
2017-06-03

ID:
CVE-2001-0444
Title:
Cisco CBOS Show NAT Output Disclosure
Type:
Hardware
Bulletins:
CVE-2001-0444
SFBID2635
Severity:
Low
Description:
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information.
Applies to:
Created:
2001-07-02
Updated:
2017-06-03

ID:
CVE-2001-0455
Title:
Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration.
Type:
Hardware
Bulletins:
CVE-2001-0455
Severity:
High
Description:
Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration.
Applies to:
Cisco Aironet Ap340
Created:
2001-06-27
Updated:
2017-06-03

ID:
CVE-2001-0698
Title:
SurgeFTP nlist directory traversal
Type:
FTP
Bulletins:
CVE-2001-0698
SFBID2892
Severity:
Medium
Description:
SurgeFTP Server version 2.0a is prone to a vulnerability where a remote attacker can traverse directories, if the attacker issues an NLIST command followed by a ‘dot dot’ (/../) sequence. The attacker will be able to view any file on the server. This vulnerability issue can be solved by upgrading to the latest version i.e. 20.b or later, which can be found at: http://www.netwinsite.com/surgeftp/
Applies to:
SurgeFTP
Created:
2001-06-19
Updated:
2010-08-21

ID:
CVE-2001-0821
Title:
All Servers: DCShop vulnerability
Type:
Web
Bulletins:
CVE-2001-0821
SFBID2889
Severity:
High
Description:
Possible retrieval of sensitive information.
Applies to:
DCShop
Created:
2001-06-18
Updated:
2010-08-21

ID:
CVE-2001-0376
Title:
SonicWALL TELE2/SOHO Firewall IKE Key Weakness
Type:
Hardware
Bulletins:
CVE-2001-0376
Severity:
High
Description:
SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used.
Applies to:
SonicWall Firewall Tele 2
SonicWall Firewall SoHo 2
Created:
2001-06-18
Updated:
2017-06-03

ID:
CVE-2001-0375
Title:
Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests.
Type:
Hardware
Bulletins:
CVE-2001-0375
SFBID2551
Severity:
Medium
Description:
Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests.
Applies to:
Cisco PIX 515 Firewall
Cisco PIX 520 Firewall
Created:
2001-06-18
Updated:
2017-06-03

ID:
CVE-2001-0412
Title:
Cisco CSS Debug Mode Privilege Elevation
Type:
Hardware
Bulletins:
CVE-2001-0412
SFBID2559
Severity:
High
Description:
Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode.
Applies to:
Cisco CSS 11050 Content Services Switch
Cisco CSS 11800 Content Services Switch
Cisco CSS 11150 Content Services Switch
Created:
2001-06-18
Updated:
2017-06-03

ID:
CVE-2001-0427
Title:
Cisco VPN Concentrator Invalid Login DoS
Type:
Hardware
Bulletins:
CVE-2001-0427
Severity:
High
Description:
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts.
Applies to:
Cisco VPN 3015 Concentrator
Cisco VPN 3030 Concentrator
Cisco VPN 3080 Concentrator
Cisco VPN 3060 Concentrator
Cisco Vpn 3005 Concentrator
Created:
2001-06-18
Updated:
2017-06-03

ID:
CVE-2001-0820
Title:
Possible Gaztek HTTP Daemon (ghttpd) buffer overflow
Type:
Miscellaneous
Bulletins:
CVE-2001-0820
SFBID2879
Severity:
Medium
Description:
Run arbitrary code (ghttpd privileges).
Applies to:
ghttpd
Created:
2001-06-17
Updated:
2010-08-21

ID:
CVE-2001-0688
Title:
Broker FTP server 5.9.5.0
Type:
FTP
Bulletins:
CVE-2001-0688
SFBID2851
Severity:
Medium
Description:
Broker FTP Server 5.9.5.0 is prone to two vulnerabilities, one being a Buffer Overflow, which may cause a Denial of Service (DoS) condition, while the other one leads to a Directory Traversal, where an attacker will be able to look through the files and folders of a system. There is currently no solution for any of the above vulnerabilities. The buffer overflow can be generated by repeatedly sending the following command:CWD . . orCD . . (for an FTP client). An attacker could also add some more spaces between the dots for a worse effect. The server will add these directory paths to the current path, causing a DoS condition after a certain bound has been reached. One can go through the contents of a drive available on the system, by first going to the home directory when typing the following command:CD C: or CD C:\One can then use the LS command to go through the available files. Although one will be able to go through the files available, it is not possible to send or receive files.
Applies to:
Broker FTP server
Created:
2001-06-10
Updated:
2010-08-21

ID:
CVE-2001-0767
Title:
GuildFTPD FTP
Type:
FTP
Bulletins:
CVE-2001-0767
SFBID2789
Severity:
Medium
Description:
There exists a vulnerability in GuildFTPd version 0.97 known as a directory traversal. This allows anyone with a valid FTP login to read arbitrary files on the system. In order to resolve this problem one will have to upgrade the FTP server to a later version. The commands which cause the directory traversal are:CD ../CD .../CD /.../CD C:\ and others. All of these commands give the ‘550 Access denied’ error.
Applies to:
GuildFTPD
Created:
2001-05-26
Updated:
2010-08-21

ID:
CVE-2001-0561
Title:
All Servers: A1Stats
Type:
Web
Bulletins:
CVE-2001-0561
CVE-2001-0562
SFBID2705
Severity:
Medium
Description:
Remote file retrieving.
Applies to:
A1Stats
Created:
2001-05-07
Updated:
2010-08-21

ID:
CVE-1999-0922
Title:
IIS: Cold Fusion check
Type:
Web
Bulletins:
CVE-1999-0922
Severity:
Medium
Description:
Related links: www.macromedia.com/devnet/coldfusion/security.html www.isummation.com/securing_coldfusion_pages_through_iis.html www.sans.org/rr/papers/index.php?id=300
Applies to:
IIS
Created:
2001-05-07
Updated:
2010-08-21

ID:
CVE-2001-0288
Title:
Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
Type:
Hardware
Bulletins:
CVE-2001-0288
Severity:
High
Description:
Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
Applies to:
Created:
2001-05-03
Updated:
2017-06-03

ID:
CVE-2001-0463
Title:
All Servers: PerlCal allows remote file retrieving
Type:
Web
Bulletins:
CVE-2001-0463
SFBID2663
Severity:
Medium
Description:
Remove file retrieving.
Applies to:
PerlCal
Created:
2001-04-27
Updated:
2010-08-21

ID:
CVE-2001-0272
Title:
All Servers: sendtemp.pl
Type:
Web
Bulletins:
CVE-2001-0272
Severity:
Medium
Description:
Remote file retrieving.
Applies to:
Created:
2001-04-04
Updated:
2010-08-21

ID:
CVE-2001-0466
Title:
All Servers: uStorekeeper allows remote file retrieving
Type:
Web
Bulletins:
CVE-2001-0466
Severity:
Medium
Description:
Remote file retrieving.
Applies to:
uStorekeeper
Created:
2001-04-03
Updated:
2010-08-21

ID:
CVE-2001-0236
Title:
Possible snmpXdmid SunOS buffer overflow
Type:
RPC
Bulletins:
CVE-2001-0236
SFBID2417
Severity:
High
Description:
Some versions of this service are vulnerable (Run arbitrary commands as root).
Applies to:
Created:
2001-03-15
Updated:
2010-08-21

ID:
CVE-2000-0368
Title:
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
Type:
Hardware
Bulletins:
CVE-2000-0368
Severity:
Low
Description:
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
Applies to:
Created:
2001-03-12
Updated:
2017-06-03

ID:
CVE-2001-0360
Title:
All Servers: Ikonboard allows remote file retrieving
Type:
Web
Bulletins:
CVE-2001-0360
SFBID2471
Severity:
Medium
Description:
Remote file retrieving.
Applies to:
Ikonboard
Created:
2001-03-11
Updated:
2010-08-21

ID:
CVE-2001-0293
Title:
FtpXQ FTP Server
Type:
FTP
Bulletins:
CVE-2001-0293
SFBID2426
Severity:
Medium
Description:
FTPXQ FTP Server 2.0.93 is prone to a vulnerability known as directory traversal, where remote attackers read arbitrary files via a .. (dot dot) in the GET command. An attacker will thus have the ability to view any file on a remote computer. There is currently a fix available for such a vulnerability.
Applies to:
FtpXQ FTP Server
Created:
2001-02-28
Updated:
2010-08-21

ID:
CVE-2002-0558
Title:
TYPSoft FTP Server 0-97-1 and prior Discloses Listing of Directory Contents for Any Directory on the
Type:
FTP
Bulletins:
CVE-2002-0558
SFBID2489
Severity:
Medium
Description:
TYPSoft’s FTP server is prone to a vulnerability, where a remote user can obtain a listing of the files located on the same drive as the FTP server. This vulnerability has been solved with the new fixed version 0.97.5, which is available at the vendor’s web site at: http://www.typsoft.com/Some example of FTP commands which cause the crash are:ls ../../*.*ls "../../My%20files/*.*"
Applies to:
TYPSoft FTP Server
Created:
2001-02-28
Updated:
2010-08-21

ID:
CVE-2001-1434
Title:
Cisco IOS snmp-server host Command Community String Creation
Type:
Hardware
Bulletins:
CVE-2001-1434
Severity:
Medium
Description:
Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.
Applies to:
Created:
2001-02-28
Updated:
2017-06-03

ID:
CVE-2004-1776
Title:
Cisco IOS cable-docsis Default SNMP Community String
Type:
Hardware
Bulletins:
CVE-2004-1776
Severity:
High
Description:
Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard.
Applies to:
Created:
2001-02-28
Updated:
2017-06-03

ID:
SFBID2698
Title:
Multiple WarFTPd (1-71) DoS
Type:
FTP
Bulletins:
SFBID2698
Severity:
Medium
Description:
A vulnerability exists in the following FTP servers: Serv-U FTP Server, G6 FTP Server and WarFTPd Server. Submitting an ‘a:/’ with the GET or RETR command appended with arbitrary data repeatedly, will cause a denial of service, since the CPU usage will go up to 100%.There are no solutions or vendor-supplied patches for this vulnerability.
Applies to:
WarFTPd
Created:
2001-02-17
Updated:
2010-08-21

ID:
CVE-2001-0305
Title:
All Servers: Arts Store.cgi
Type:
Web
Bulletins:
CVE-2001-0305
SFBID2385
Severity:
Medium
Description:
Remote file retrieving.
Applies to:
Created:
2001-02-16
Updated:
2010-08-21

ID:
CVE-2001-0041
Title:
Cisco Catalyst Telnetd Authentication Failure Saturation Memory Leak Remote DoS
Type:
Hardware
Bulletins:
CVE-2001-0041
SFBID2072
Severity:
High
Description:
Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts.
Applies to:
Created:
2001-02-16
Updated:
2017-06-03

ID:
CVE-2001-0055
Title:
CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets.
Type:
Hardware
Bulletins:
CVE-2001-0055
Severity:
Medium
Description:
CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets.
Applies to:
Cisco 600 Routers
Created:
2001-02-16
Updated:
2017-06-03

ID:
CVE-2001-0056
Title:
The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection.
Type:
Hardware
Bulletins:
CVE-2001-0056
Severity:
High
Description:
The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection.
Applies to:
Created:
2001-02-16
Updated:
2017-06-03

ID:
CVE-2001-0057
Title:
Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet.
Type:
Hardware
Bulletins:
CVE-2001-0057
Severity:
Medium
Description:
Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet.
Applies to:
Cisco 600 Routers
Created:
2001-02-16
Updated:
2017-06-03

ID:
CVE-2001-0058
Title:
Cisco 600 Series Router HTTP GET DoS
Type:
Hardware
Bulletins:
CVE-2001-0058
Severity:
Medium
Description:
The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character.
Applies to:
Cisco 600 Routers
Created:
2001-02-16
Updated:
2017-06-03

ID:
CVE-2001-0212
Title:
All Servers: Auktion.cgi
Type:
Web
Bulletins:
CVE-2001-0212
SFBID2367
Severity:
Medium
Description:
Remote command execution.
Applies to:
Created:
2001-02-12
Updated:
2010-08-21

ID:
CVE-2001-0210
Title:
All Servers: Commerce.cgi
Type:
Web
Bulletins:
CVE-2001-0210
SFBID2361
Severity:
Medium
Description:
Remote file retrieving.
Applies to:
Created:
2001-02-12
Updated:
2010-08-21

ID:
CVE-2001-0212
Title:
All Servers: HIS Aktion
Type:
Web
Bulletins:
CVE-2001-0212
SFBID2367
Severity:
Medium
Description:
Remote file retrieving.
Applies to:
Created:
2001-02-12
Updated:
2010-08-21

ID:
CVE-2001-0215
Title:
All Servers: Roads search system
Type:
Web
Bulletins:
CVE-2001-0215
SFBID2371
Severity:
Medium
Description:
Remote file retrieving.
Applies to:
Created:
2001-02-12
Updated:
2010-08-21

ID:
CVE-2001-0214
Title:
All Servers: Way-board
Type:
Web
Bulletins:
CVE-2001-0214
SFBID2370
Severity:
Medium
Description:
Remote file retrieving.
Applies to:
Way-board
Created:
2001-02-12
Updated:
2010-08-21

ID:
CVE-2001-0211
Title:
All Servers: WebSPIRS
Type:
Web
Bulletins:
CVE-2001-0211
SFBID2362
Severity:
Low
Description:
Remote file retrieving.
Applies to:
WebSPIRS
Created:
2001-02-12
Updated:
2010-08-21

ID:
CVE-2001-0080
Title:
Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error.
Type:
Hardware
Bulletins:
CVE-2001-0080
SFBID2117
Severity:
Medium
Description:
Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error.
Applies to:
Cisco Catalyst 4000 Series Switches
Cisco Catalyst 6000
Created:
2001-02-12
Updated:
2017-06-03

ID:
CVE-2001-0144
Title:
SSH1 CRC-32 compensation attack
Type:
Miscellaneous
Bulletins:
CVE-2001-0144
SFBID2347
Severity:
High
Description:
Possible remote root.
Applies to:
Created:
2001-02-08
Updated:
2010-08-21

ID:
CVE-2001-0015
Title:
Network Dynamic Data Exchange (DDE) vulnerability
Type:
Registry
Bulletins:
CVE-2001-0015
MS01-007
Severity:
Medium
Description:
An malicious user can elevate his privileges.
Applies to:
Windows 2000
Created:
2001-02-05
Updated:
2010-08-21

ID:
CVE-2001-0010
Title:
BIND 8-2-1, 8-2-2
Type:
DNS
Bulletins:
CVE-2001-0010
SFBID2302
Severity:
High
Description:
BIND is a server program which uses the domain name service protocol, and is used by many DNS servers. BIND version 8 contains an overflow, allowing remote attackers to execute code with root privileges. An upgrade to BIND version 9.1.0 or installing vendor-supplied fixes is recommended. These are available at http://www.securityfocus.com/bid/2302/solution. The overflow allows some memory locations to be overwritten by known values when invalid transaction signatures are being handled. When using UDP a stack frame in BIND can be overwritten, while when using TCP the heap can be overwritten.
Applies to:
BIND
Created:
2001-01-29
Updated:
2010-08-21

ID:
CVE-2002-0400
Title:
BIND - Prior to Version 9
Type:
DNS
Bulletins:
CVE-2002-0400
SFBID4936
Severity:
High
Description:
BIND is a Domain Name Service (DNS) used for converting hostnames into the corresponding IP addresses. Since they are used for Internet purposes, DNSs are a popular target for attackers. A number of servers currently in production are outdated, miss-configured and/or vulnerable, hence making them more prone to attacks such as denial of service, buffer flows etc. Outdated and/or un-patched versions of BIND are most likely vulnerable, thus if one is running a version of BIND, one should ensure that it is the latest version. The current three main version of BIND are 4, 8, and 9. In order to solve such a vulnerability, one should apply all vendor patches or else upgrade to the latest version.
Applies to:
BIND
Created:
2001-01-29
Updated:
2010-08-21

ID:
CVE-2001-0253
Title:
All Servers: Hyperseek
Type:
Web
Bulletins:
CVE-2001-0253
SFBID2314
Severity:
Medium
Description:
Remote file retrieving.
Applies to:
Created:
2001-01-28
Updated:
2010-08-21

ID:
CVE-2001-0113
Title:
OmniHTTPd v2.07
Type:
Miscellaneous
Bulletins:
CVE-2001-0113
CAN-2001-0114
SFBID2211
Severity:
High
Description:
Insecure cgi scripts.
Applies to:
OmniHTTPd
Created:
2001-01-15
Updated:
2010-08-21

ID:
CVE-2000-1097
Title:
SonicWALL SOHO2 Firewall HTTP Long Username DoS
Type:
Hardware
Bulletins:
CVE-2000-1097
SFBID2013
Severity:
Medium
Description:
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page.
Applies to:
SonicWall Firewall SoHo
Created:
2001-01-09
Updated:
2017-06-03

ID:
CVE-2000-1098
Title:
SonicWALL SOHO2 Firewall Empty Request DoS
Type:
Hardware
Bulletins:
CVE-2000-1098
Severity:
Medium
Description:
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request.
Applies to:
SonicWall Firewall SoHo
Created:
2001-01-09
Updated:
2017-06-03

ID:
CVE-2001-1037
Title:
Cisco Storage Router Developer Shell Privilege Escalation
Type:
Hardware
Bulletins:
CVE-2001-1037
SFBID3131
Severity:
Medium
Description:
Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged.
Applies to:
Cisco SN 5420 Storage Router
Created:
2001-01-08
Updated:
2017-06-03

ID:
CVE-2001-0163
Title:
Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
Type:
Hardware
Bulletins:
CVE-2001-0163
Severity:
Medium
Description:
Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
Applies to:
Cisco Aironet Ap340
Created:
2001-01-01
Updated:
2017-06-03

ID:
CVE-2001-0161
Title:
Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks.
Type:
Hardware
Bulletins:
CVE-2001-0161
Severity:
Medium
Description:
Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks.
Applies to:
Cisco Aironet Ap340
Created:
2001-01-01
Updated:
2017-06-03