Update Sun May 26 14:27:04 CEST 2024

2026-05-01 20:05:09 +02:00 · 2024-05-26 14:27:05 +02:00
parent faa863251c
commit 49bdc782b3
53909 changed files with 993725 additions and 2 deletions
@@ -0,0 +1,17 @@
+### [CVE-2000-0001](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0001)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+RealMedia server allows remote attackers to cause a denial of service via a long ramgen request.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/joocer/ytf
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0008](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0008)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+FTPPro allows local users to read sensitive information, which is stored in plain text.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0008
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0010](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0010)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0010
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0019](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0019)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+IMail POP3 daemon uses weak encryption, which allows local users to read files.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0019
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0020](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0020)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+DNS PRO allows remote attackers to conduct a denial of service via a large number of connections.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0020
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0028](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0028)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0028
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0031](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0031)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0031
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0038](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0038)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+glFtpD includes a default glftpd user account with a default password and a UID of 0.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0038
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0040](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0040)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0040
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0042](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0042)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/siegfried415/smtp-nel-filter
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0045](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0045)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
+
+### POC
+
+#### Reference
+- http://www.securityfocus.com/bid/926
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0047](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0047)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0047
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0052](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0052)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
+
+### POC
+
+#### Reference
+- http://www.l0pht.com/advisories/pam_advisory
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0053)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/EdoWhite/CVEtoMS
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0065](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0065)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in InetServ 3.0 allows remote attackers to execute commands via a long GET request.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0065
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0066](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0066)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0066
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0081](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0081)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. j&#x41;vascript.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0081
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0098](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0098)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/EdoWhite/CVEtoMS
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0101](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0101)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0101
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0102](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0102)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0102
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0109](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0109)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The mcsp Client Site Processor system (MultiCSP) in Standard and Poor's ComStock is installed with several accounts that have no passwords or easily guessable default passwords.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0109
+
@@ -0,0 +1,22 @@
+### [CVE-2000-0114](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0114)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/0xPugal/One-Liners
+- https://github.com/0xPugazh/One-Liners
+- https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/Live-Hack-CVE/CVE-2000-0114
+- https://github.com/POORVAJA-195/Nuclei-Analysis-main
+- https://github.com/bhavesh-pardhi/One-Liner
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0119](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0119)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection.
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=94936267131123&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0126](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0126)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0126
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0129](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0129)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0129
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0131](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0131)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/iricartb/buffer-overflow-warftp-1.65
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0134](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0134)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0134
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0135](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0135)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The @Retail shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0135
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0137](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0137)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0137
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0142](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0142)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0142
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0143](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0143)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0143
+
@@ -0,0 +1,19 @@
+### [CVE-2000-0170](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0170)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/ARPSyndicate/cvemon
+- https://github.com/CVEDB/PoC-List
+- https://github.com/mike182/exploit
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0182](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0182)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+iPlanet Web Server 4.1 allows remote attackers to cause a denial of service via a large number of GET commands, which consumes memory and causes a kernel panic.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2000-0182
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0219](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0219)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt.
+
+### POC
+
+#### Reference
+- https://kc.mcafee.com/corporate/index?page=content&id=SB10053
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0275](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0275)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN.
+
+### POC
+
+#### Reference
+- http://www.l0pht.com/advisories/cc-pinextract.txt
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0342](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0342)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
+
+### POC
+
+#### Reference
+- http://news.cnet.com/news/0-1005-200-1773077.html?tag=st.ne.fd.lthd.1005-200-1773077
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0359](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0359)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header.
+
+### POC
+
+#### Reference
+- http://www.securityfocus.com/bid/1248
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0384](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0384)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access.
+
+### POC
+
+#### Reference
+- http://www.l0pht.com/advisories/ipivot7180.html
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,18 @@
+### [CVE-2000-0388](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0388)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/ARPSyndicate/cvemon
+- https://github.com/joscanoga/Reto-python-CRM
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0405](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0405)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet.
+
+### POC
+
+#### Reference
+- http://www.l0pht.com/advisories/asniff_advisory.txt
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,18 @@
+### [CVE-2000-0413](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0413)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/adavarski/DevSecOps-pipeline-python
+- https://github.com/carlregencia/DevSecOps-pipeline-python
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0427](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0427)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM.
+
+### POC
+
+#### Reference
+- http://www.l0pht.com/advisories/etoken-piepa.txt
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0428](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0428)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and earlier allows a remote attacker to execute arbitrary commands via a long filename for a uuencoded attachment.
+
+### POC
+
+#### Reference
+- http://www.nai.com/nai_labs/asp_set/advisory/39_Trend.asp
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0455](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0455)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option.
+
+### POC
+
+#### Reference
+- http://www.nai.com/nai_labs/asp_set/advisory/41initialized.asp
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0488](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0488)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in ITHouse mail server 1.04 allows remote attackers to execute arbitrary commands via a long RCPT TO mail command.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/siegfried415/smtp-nel-filter
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0500](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0500)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The default configuration of BEA WebLogic 5.1.0 allows a remote attacker to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing.
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=96161462915381&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0507](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0507)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Imate Webmail Server 2.5 allows remote attackers to cause a denial of service via a long HELO command.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/siegfried415/smtp-nel-filter
+
@@ -0,0 +1,18 @@
+### [CVE-2000-0535](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0535)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/ARPSyndicate/cvemon
+- https://github.com/chnzzh/OpenSSL-CVE-lib
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0538](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0538)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password.
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=96045469627806&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0564](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0564)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/CamiloEscobar98/DjangoProject
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0613](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0613)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/pixtcpreset-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0622](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0622)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter.
+
+### POC
+
+#### Reference
+- http://www.nai.com/research/covert/advisories/043.asp
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0625](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0625)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+NetZero 3.0 and earlier uses weak encryption for storing a user's login information, which allows a local user to decrypt the password.
+
+### POC
+
+#### Reference
+- http://www.l0pht.com/advisories/netzero.txt
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0632](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0632)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in the web archive component of L-Soft Listserv 1.8d and earlier allows remote attackers to execute arbitrary commands via a long query string.
+
+### POC
+
+#### Reference
+- http://www.nai.com/nai_labs/asp_set/advisory/43_Advisory.asp
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0635](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0635)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The view_page.html sample page in the MiniVend shopping cart program allows remote attackers to execute arbitrary commands via shell metacharacters.
+
+### POC
+
+#### Reference
+- http://www.zdnet.com/zdnn/stories/news/0,4586,2600258,00.html
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,25 @@
+### [CVE-2000-0649](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0649)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/0xNVAN/win-iisadmin
+- https://github.com/ARPSyndicate/cvemon
+- https://github.com/CVEDB/PoC-List
+- https://github.com/JimboJimbabwe/HackGPTV2
+- https://github.com/amtzespinosa/lord-of-the-root-walkthrough
+- https://github.com/hanmin0512/Web-hacking-LAB
+- https://github.com/n-ventory/win-iisadmin
+- https://github.com/rafaelh/CVE-2000-0649
+- https://github.com/stevenvegar/cve-2000-0649
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0673](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0673)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability.
+
+### POC
+
+#### Reference
+- http://www.nai.com/research/covert/advisories/044.asp
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0678](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0678)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+PGP 5.5.x through 6.5.3 does not properly check if an Additional Decryption Key (ADK) is stored in the signed portion of a public certificate, which allows an attacker who can modify a victim's public certificate to decrypt any data that has been encrypted with the modified certificate.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/hannob/pgpbugs
+
@@ -0,0 +1,18 @@
+### [CVE-2000-0709](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/adavarski/DevSecOps-pipeline-python
+- https://github.com/carlregencia/DevSecOps-pipeline-python
+
@@ -0,0 +1,18 @@
+### [CVE-2000-0710](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0710)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/adavarski/DevSecOps-pipeline-python
+- https://github.com/carlregencia/DevSecOps-pipeline-python
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0778](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0778)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
+
+### POC
+
+#### Reference
+- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A927
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0834](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0834)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/ycdxsb/WindowsPrivilegeEscalation
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0867](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0867)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
+
+### POC
+
+#### Reference
+- http://www.redhat.com/support/errata/RHSA-2000-061.html
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0884](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0884)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/mokrani-zahir/stock
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0892](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0892)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL.
+
+### POC
+
+#### Reference
+- http://www.kb.cert.org/vuls/id/22404
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,18 @@
+### [CVE-2000-0917](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0917)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/LEXUEYE/oinkmaster
+- https://github.com/davidliu88/oinkmaster
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0920](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0920)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "."
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Knighthana/YABWF
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0935](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0935)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Parist0nH1ll/Vulnerabilities-Write-Ups
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0936](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0936)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Parist0nH1ll/Vulnerabilities-Write-Ups
+
@@ -0,0 +1,21 @@
+### [CVE-2000-0979](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0979)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.
+
+### POC
+
+#### Reference
+- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996
+
+#### Github
+- https://github.com/ARPSyndicate/cvemon
+- https://github.com/Ascotbe/Kernelhub
+- https://github.com/CVEDB/PoC-List
+- https://github.com/Z6543/CVE-2000-0979
+- https://github.com/ycdxsb/WindowsPrivilegeEscalation
+
@@ -0,0 +1,18 @@
+### [CVE-2000-0984](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0984)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/ARPSyndicate/cvemon
+- https://github.com/NCNU-OpenSource/Web-Vulnerability
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0998](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0998)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Format string vulnerability in top program allows local attackers to gain root privileges via the "kill" or "renice" function.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/truefinder/truefinder
+
@@ -0,0 +1,17 @@
+### [CVE-2000-0999](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0999)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/phx/cvescan
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1033](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1033)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Serv-U FTP Server allows remote attackers to bypass its anti-hammering feature by first logging on as a valid user (possibly anonymous) and then attempting to guess the passwords of other users.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/RJSOG/cve-scrapper
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1034](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1034)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.
+
+### POC
+
+#### Reference
+- http://www.securityfocus.com/bid/1899
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1039](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1039)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities.  NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level of abstraction than is typical for CVE.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Eplox/TCP-Starvation
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1049](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1049)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL that contains a long string of "." characters.
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=97310314724964&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1050](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1050)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash").
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=97236316510117&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1053)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet.
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=97236125107957&w=2
+
+#### Github
+- https://github.com/octane23/CASE-STUDY-1
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1079](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1079)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram.
+
+### POC
+
+#### Reference
+- http://www.nai.com/research/covert/advisories/045.asp
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1081](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1081)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=97570878710037&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1082](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1082)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=97570878710037&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1083)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=97570878710037&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1084](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1084)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The xp_updatecolvbm function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=97570878710037&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1085](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1085)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=97570884410184&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1086)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=97570884410184&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1087)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=97570884410184&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1088](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1088)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an attacker to cause a denial of service or execute arbitrary commands, aka the "Extended Stored Procedure Parameter Parsing" vulnerability.
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=97570884410184&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,19 @@
+### [CVE-2000-1094](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1094)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/RealVulnerabilityEdu/webvulmap
+- https://github.com/huichen-cs/seceduknwlmap4900
+- https://github.com/jeffreyz69/CISC4900
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1103](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1103)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line.
+
+### POC
+
+#### Reference
+- http://www.securityfocus.com/archive/1/147120
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1134](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1134)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/lucassbeiler/linux_hardening_arsenal
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1196](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1196)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter.
+
+### POC
+
+#### Reference
+- http://packetstormsecurity.org/0004-exploits/ooo1.txt
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1207)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844).
+
+### POC
+
+#### Reference
+- http://marc.info/?l=bugtraq&m=97034397026473&w=2
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1216](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1216)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root privileges via the echo_error routine.
+
+### POC
+
+#### Reference
+- http://www.kb.cert.org/vuls/id/433499
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1220](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1220)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
+
+### POC
+
+#### Reference
+- http://www.l0pht.com/advisories/lpd_advisory
+
+#### Github
+- https://github.com/Live-Hack-CVE/CVE-2001-1583
+
@@ -0,0 +1,17 @@
+### [CVE-2000-1221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1221)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
+
+### POC
+
+#### Reference
+- http://www.l0pht.com/advisories/lpd_advisory
+
+#### Github
+No PoCs found on GitHub currently.
+
@@ -0,0 +1,18 @@
+### [CVE-2000-1234](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1234)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/SarahX/DWF-Documentation
+- https://github.com/kurtseifried/gsd-data-enrichment
+
@@ -0,0 +1,18 @@
+### [CVE-2000-1254](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1254)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging improper RSA key generation on 64-bit HP-UX platforms.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/ARPSyndicate/cvemon
+- https://github.com/chnzzh/OpenSSL-CVE-lib
+
@@ -0,0 +1,17 @@
+### [CVE-2001-0002](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0002)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help (.chm) files to execute arbitrary programs.
+
+### POC
+
+#### Reference
+- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A920
+
+#### Github
+- https://github.com/joocer/ytf
+
@@ -0,0 +1,17 @@
+### [CVE-2001-0010](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0010)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.
+
+### POC
+
+#### Reference
+- http://www.nai.com/research/covert/advisories/047.asp
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/Show More
+++ b/Show More