search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2000-09-29 1999-01-03 2001-06-26 VU#18287 statd bounce vulnerability
2001-05-05 2001-01-26 2001-06-25 VU#987632 NewsDaemon does not adequately filter user input to $user_username
2001-06-08 2001-01-10 2001-06-22 VU#426456 gpm creates temporary files insecurely
2001-05-17 2000-08-31 2001-06-21 VU#686403 ld.so fails to unset LD_PRELOAD before executing suid root programs
2001-05-06 2001-01-18 2001-06-21 VU#178560 Dallas Semiconductor iButton DS1991 vulnerable to dictionary attack
2001-05-14 2001-01-18 2001-06-20 VU#386504 glibc does not check SUID bit on libraries in /etc/ld.so.cache
2001-05-17 2000-12-29 2001-06-20 VU#475645 Macromedia Flash plug-in contains buffer overflow
2001-05-17 2001-01-05 2001-06-20 VU#451096 Oliver Debon Flash plug-in vulnerable to buffer overflow processing incorrectly formatted sound file
2001-05-10 2000-11-19 2001-06-19 VU#197477 AT&T WinVNC allows user access to passwords and configuration via weak registry permissions
2001-06-13 2001-01-23 2001-06-18 VU#303080 AT&T WinVNC client authentication process vulnerable to man-in-the-middle attack
2001-06-18 2000-07-03 2001-06-18 VU#35842 man 'makewhatis' insecurely uses /tmp
2001-06-13 2001-04-23 2001-06-13 VU#167464 Robtex Viking Web Server permits traversal out of HTTP docs root directory
2001-06-07 2001-05-17 2001-06-07 VU#988768 Microsoft Internet Explorer (IE) permits modification of URL displayed in address bar
2001-05-21 2000-03-22 2001-06-01 VU#22091 gpm-root fails to correctly release GID 0 membership for user defined menus
2001-05-30 2000-05-29 2001-05-30 VU#32448 Due to insecure creation of configuration files via KApplication-class, local users can create arbitrary files when running setuid root KDE programs

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis