search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-05-14 2001-01-18 2001-06-20 VU#386504 glibc does not check SUID bit on libraries in /etc/ld.so.cache
2000-11-07 2001-01-18 2001-10-29 VU#684820 SSH-1 allows client authentication to be forwarded by a malicious server to another server
2001-01-18 2001-01-18 2002-03-05 VU#315308 Weak CRC allows last block of IDEA-encrypted SSH packet to be changed without notice
2001-01-31 2001-01-18 2001-03-29 VU#119952 HP-UX Support Tools Manager vulnerable to denial of service
2001-05-06 2001-01-18 2001-06-21 VU#178560 Dallas Semiconductor iButton DS1991 vulnerable to dictionary attack
2001-01-18 2001-01-18 2002-03-05 VU#118892 Older SSH clients do not allow users to disable X11 forwarding
2000-09-26 2001-01-18 2002-03-05 VU#25309 Weak CRC allows RC4 encrypted SSH1 packets to be modified without notice
2001-02-08 2001-01-23 2001-02-08 VU#666872 Buffer Overflow in Lotus Domino Mail Server
2001-05-17 2001-01-23 2001-08-01 VU#982616 KDE2 kdesu 'keep password' option does not verify socket listener potentially exposing su password
2001-06-13 2001-01-23 2001-06-18 VU#303080 AT&T WinVNC client authentication process vulnerable to man-in-the-middle attack
2001-11-29 2001-01-23 2001-12-17 VU#639760 WU-FTPD configured to use RFC 931 authentication running in debug mode contains format string vulnerability
2002-04-05 2001-01-24 2002-04-05 VU#541384 AOL Instant Messenger saves code embedded in image tag to conversation log which could be viewed/executed by a browser
2001-02-06 2001-01-24 2001-02-06 VU#354648 Microsoft Windows NT 4.0/TSE Winsock2ProtocolCatalogMutex has insecure permissions (MS01-003)
2001-05-05 2001-01-26 2001-06-25 VU#987632 NewsDaemon does not adequately filter user input to $user_username
2003-02-14 2001-01-28 2003-02-14 VU#146704 Hyperseek 2000 hsx.cgi does not adequately filter user input disclosing directory listings and file contents

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis