search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-09-20 2000-06-14 2002-01-10 VU#984555 Default installations of the Lotus Domino web server disclose system information via HTTP headers
2002-01-08 2002-01-08 2002-01-09 VU#191763 iPlanet Web Server Enterprise Edition and Netscape Enterprise Server malformed Web Publisher command causes denial-of-service
2001-12-21 2001-12-20 2002-01-09 VU#700575 Buffer overflows in Microsoft SQL Server 7.0 and SQL Server 2000
2002-01-08 2002-01-08 2002-01-08 VU#985347 iPlanet Web Server Enterprise Edition and Netscape Enterprise Server Web Publisher command exposes server to brute force attack
2002-01-04 1998-07-15 2002-01-04 VU#6733 PIX 'established' and 'conduit' command may have unexpected interactions
2002-01-04 1998-08-31 2002-01-04 VU#5053 Older Versions of Cisco PIX Firewall Manager permits retrieval of files
2001-12-14 2001-12-13 2002-01-03 VU#457787 Microsoft Internet Explorer download dialog may not display complete filenames
2001-10-16 2001-09-11 2002-01-03 VU#466239 IBM AIX line printer daemon contains a buffer overflow in chk_fhost()
2001-10-16 2001-09-11 2002-01-03 VU#388183 IBM AIX line printer daemon contains a buffer overflow in kill_print()
2001-12-04 2001-12-04 2002-01-02 VU#157447 OpenSSH UseLogin directive permits privilege escalation
2001-12-21 2001-12-19 2001-12-21 VU#249491 IBM AIX login fails to adequately authenticate user when configured to use loadable authentication modules
2001-12-20 2001-10-10 2001-12-21 VU#140723 Advanced Poll does not adequately authenticate users
2001-12-20 2001-12-20 2001-12-21 VU#951555 Microsoft Windows Universal Plug and Play (UPNP) service vulnerable to buffer overflow via malformed advertisement packets
2001-12-20 2001-12-20 2001-12-21 VU#411059 Microsoft Windows Universal Plug and Play service (UPNP) fails to limit the data returned in response to a NOTIFY message
2001-12-20 2001-05-23 2001-12-20 VU#110803 CrushFTP Server does not adequately filter user input thereby permitting directory traversal

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis