search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-07-22 2000-04-14 2002-08-30 VU#458659 Microsoft Windows domain name resolver service accepts responses from non-queried DNS servers by default
2002-09-27 2000-04-03 2002-09-27 VU#26493 MS Excel XLM Text Macro execution fails to trigger warning when default medium security set
2002-04-02 2000-03-27 2008-05-06 VU#24140 Linux kernel IP Masquerading "destination loose" (DLOOSE) configuration passes arbitrary UDP traffic
2001-05-21 2000-03-22 2001-06-01 VU#22091 gpm-root fails to correctly release GID 0 membership for user defined menus
2002-06-13 2000-03-20 2002-06-13 VU#25716 Chunked encoding post can consume excessive memory on IIS 4.0 webserver
2002-01-11 2000-03-17 2002-01-11 VU#32794 iPlanet Web Server and Netscape Enterprise Server Web Publisher commands allow directory enumeration
2002-01-16 2000-03-15 2002-01-31 VU#41301 AOL Instant Messenger buffer overflow in screename
2000-09-26 2000-03-01 2004-04-12 VU#25249 HHControl Object (showHelp) may execute shortcuts embedded in help files
2002-09-18 2000-02-09 2002-09-18 VU#214555 Multiple vulnerabilities exist within credit card chips thereby allowing malicious user to bypass authentication mechanism
2001-09-26 2000-01-27 2001-09-26 VU#433499 IBM AIX portmir vulnerable to buffer overflow via echo_error
2001-10-16 2000-01-08 2001-11-09 VU#39001 lpd allows options to be passed to sendmail
2001-10-16 2000-01-08 2001-11-09 VU#30308 lpd hostname authentication bypassed with spoofed DNS
2001-11-15 1999-12-16 2001-11-15 VU#36764 Syskey reuses keystream
2001-05-07 1999-12-14 2001-05-16 VU#28934 Sun Solaris sadmind buffer overflow in amsl_verify when requesting NETMGT_PROC_SERVICE
2001-12-15 1999-12-07 2001-12-15 VU#13217 Problem with HP r-cmnds

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis