search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2000-11-07 2001-01-18 2001-10-29 VU#684820 SSH-1 allows client authentication to be forwarded by a malicious server to another server
2000-11-08 2000-10-25 2004-03-30 VU#683677 Cisco IOS software vulnerable to DoS via HTTP request containing "?/"
2000-11-09 2000-04-26 2004-03-30 VU#24346 Cisco IOS software vulnerable to DoS via HTTP request containing "%%"
2000-11-10 2000-11-07 2001-08-08 VU#715973 ISC BIND 8.2.2-P6 vulnerable to DoS via compressed zone transfer, aka the "zxfr bug"
2000-11-13 2000-11-13 2001-03-28 VU#626919 Race condition in periodic
2000-11-16 2000-05-13 2001-01-11 VU#31994 MS ActiveMovieControl Object downloads arbitrary files
2000-11-20 2000-10-10 2001-09-18 VU#111677 Microsoft IIS 4.0 / 5.0 vulnerable to directory traversal via extended unicode in url
2000-12-04 2000-09-25 2003-01-27 VU#382365 LPRng can pass user-supplied input as a format string parameter to syslog() calls
2000-12-12 2000-12-10 2000-12-12 VU#17566 sysback makes call to hostname without a fully qualified path specification
2000-12-12 2000-10-24 2001-01-18 VU#470543 Sun Microsystems Keys exposed and revoked
2000-12-14 1999-07-29 2001-08-10 VU#3062 Cenroll ActiveX Control allows creation of arbitrary files.
2000-12-14 2000-09-26 2001-01-17 VU#800893 Microsoft Internet Explorer vulnerable to file disclosure via code containing GetObject() function
2000-12-15 2000-05-01 2001-01-17 VU#33433 Filemaker Pro 5.0v3 and below does not adequately protect web-enabled databases
2000-12-15 1997-05-24 2000-12-15 VU#20851 SGI IRIX df buffer overflow in directory argument
2000-12-19 2000-12-09 2001-01-11 VU#426273 KTH Kerberos filesystem race condition on tickets stored in /tmp

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis