CVE-2001-1009

This is an entry in the Common Vulnerability Index under number CVE-2001-1009. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2001-1009

Description: Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.

Continue Reading …

CVE-2001-0341

This is an entry in the Common Vulnerability Index under number CVE-2001-0341. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2001-0341

Description: Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.

Continue Reading …

CVE-2001-0990

This is an entry in the Common Vulnerability Index under number CVE-2001-0990. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2001-0990

Description: Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.

Continue Reading …

CVE-2001-0251

This is an entry in the Common Vulnerability Index under number CVE-2001-0251. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2001-0251

Description: The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command.

Status: Candidate

Note for CVEs with status “Candidate”: Candidates must be reviewed and accepted by the CVE Editorial Board before they can be added to the official CVE list.Continue Reading …

CVE-2001-0340

This is an entry in the Common Vulnerability Index under number CVE-2001-0340. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2001-0340

Description: An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user’s mailbox via a message attachment that contains HTML code,

Continue Reading …

CVE-2001-0730

This is an entry in the Common Vulnerability Index under number CVE-2001-0730. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2001-0730

Description: split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.

Continue Reading …

CVE-2001-0205

This is an entry in the Common Vulnerability Index under number CVE-2001-0205. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2001-0205

Description: Directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting “…” into the requested pathname, a modified ..

Continue Reading …