|
|
||||
CVE (version 20061101)
Name: CVE-1999-0002
Description:
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.
Status:EntryReference: BID:121
Reference: URL:http://www.securityfocus.com/bid/121
Reference: CERT:CA-98.12.mountd
Reference: CIAC:J-006
Reference: URL:http://www.ciac.org/ciac/bulletins/j-006.shtml
Reference: SGI:19981006-01-I
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I
Reference: XF:linux-mountd-bo
Name: CVE-1999-0003
Description:
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
Status:EntryReference: BID:122
Reference: URL:http://www.securityfocus.com/bid/122
Reference: CERT:CA-98.11.tooltalk
Reference: NAI:NAI-29
Reference: SGI:19981101-01-A
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19981101-01-A
Reference: SGI:19981101-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19981101-01-PX
Reference: XF:aix-ttdbserver
Reference: XF:tooltalk
Name: CVE-1999-0005
Description:
Arbitrary command execution via IMAP buffer overflow in authenticate command.
Status:EntryReference: BID:130
Reference: URL:http://www.securityfocus.com/bid/130
Reference: CERT:CA-98.09.imapd
Reference: SUN:00177
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/177
Reference: XF:imap-authenticate-bo
Name: CVE-1999-0006
Description:
Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.
Status:EntryReference: AUSCERT:AA-98.01
Reference: BID:133
Reference: URL:http://www.securityfocus.com/bid/133
Reference: CERT:CA-98.08.qpopper_vul
Reference: SGI:19980801-01-I
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980801-01-I
Reference: XF:qpopper-pass-overflow
Name: CVE-1999-0007
Description:
Information from SSL-encrypted sessions via PKCS #1.
Status:EntryReference: CERT:CA-98.07.PKCS
Reference: MS:MS98-002
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002
Reference: XF:nt-ssl-fix
Name: CVE-1999-0008
Description:
Buffer overflow in NIS+, in Sun's rpc.nisd program.
Status:EntryReference: CERT:CA-98.06.nisd
Reference: ISS:June10,1998
Reference: SUN:00170
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/170
Reference: XF:nisd-bo-check
Name: CVE-1999-0009
Description:
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
Status:EntryReference: BID:134
Reference: URL:http://www.securityfocus.com/bid/134
Reference: CERT:CA-98.05.bind_problems
Reference: HP:HPSBUX9808-083
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083
Reference: SGI:19980603-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX
Reference: SUN:00180
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/180
Reference: XF:bind-bo
Name: CVE-1999-0010
Description:
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
Status:EntryReference: CERT:CA-98.05.bind_problems
Reference: HP:HPSBUX9808-083
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083
Reference: SGI:19980603-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX
Reference: XF:bind-dos
Name: CVE-1999-0011
Description:
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
Status:EntryReference: CERT:CA-98.05.bind_problems
Reference: HP:HPSBUX9808-083
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083
Reference: SGI:19980603-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX
Reference: SUN:00180
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/180
Reference: XF:bind-axfr-dos
Name: CVE-1999-0012
Description:
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
Status:EntryReference: CERT:CA-98.04.Win32.WebServers
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0012
Reference: XF:nt-web8.3
Name: CVE-1999-0013
Description:
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.
Status:EntryReference: CERT:CA-98.03.ssh-agent
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0013
Reference: NAI:NAI-24
Reference: XF:ssh-agent
Name: CVE-1999-0014
Description:
Unauthorized privileged access or denial of service via dtappgather program in CDE.
Status:EntryReference: CERT:CA-98.02.CDE
Reference: HP:HPSBUX9801-075
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-075
Reference: SUN:00185
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/185
Name: CVE-1999-0016
Description:
Land IP denial of service.
Status:EntryReference: CERT:CA-97.28.Teardrop_Land
Reference: CISCO:http://www.cisco.com/warp/public/770/land-pub.shtml
Reference: FREEBSD:FreeBSD-SA-98:01
Reference: HP:HPSBUX9801-076
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-076
Reference: XF:95-verv-tcp
Reference: XF:cisco-land
Reference: XF:land
Reference: XF:land-patch
Reference: XF:ver-tcpip-sys
Name: CVE-1999-0017
Description:
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
Status:EntryReference: CERT:CA-97.27.FTP_bounce
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017
Reference: XF:ftp-bounce
Reference: XF:ftp-privileged-port
Name: CVE-1999-0018
Description:
Buffer overflow in statd allows root privileges.
Status:EntryReference: AUSCERT:AA-97.29
Reference: BID:127
Reference: URL:http://www.securityfocus.com/bid/127
Reference: CERT:CA-97.26.statd
Reference: XF:statd
Name: CVE-1999-0019
Description:
Delete or create a file via rpc.statd, due to invalid information.
Status:EntryReference: CERT:CA-96.09.rpc.statd
Reference: SUN:00135
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/135
Reference: XF:rpc-stat
Name: CVE-1999-0021
Description:
Arbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program.
Status:EntryReference: BID:128
Reference: URL:http://www.securityfocus.com/bid/128
Reference: BUGTRAQ:19971010 Security flaw in Count.cgi (wwwcount)
Reference: CERT:CA-97.24.Count_cgi
Reference: XF:http-cgi-count
Name: CVE-1999-0022
Description:
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
Status:EntryReference: CERT:CA-97.23.rdist
Reference: SUN:00179
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/179
Reference: XF:rdist-bo3
Reference: XF:rdist-sept97
Name: CVE-1999-0023
Description:
Local user gains root privileges via buffer overflow in rdist, via lookup() function.
Status:EntryReference: CERT:CA-96.14.rdist_vul
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0023
Reference: XF:rdist-bo
Reference: XF:rdist-bo2
Name: CVE-1999-0024
Description:
DNS cache poisoning via BIND, by predictable query IDs.
Status:EntryReference: CERT:CA-97.22.bind
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0024
Reference: NAI:NAI-11
Reference: XF:bind
Name: CVE-1999-0025
Description:
root privileges via buffer overflow in df command on SGI IRIX systems.
Status:EntryReference: AUSCERT:AA-97.19.IRIX.df.buffer.overflow.vul
Reference: BID:346
Reference: URL:http://www.securityfocus.com/bid/346
Reference: CERT:CA-1997-21
Reference: URL:http://www.cert.org/advisories/CA-1997-21.html
Reference: CERT-VN:VU#20851
Reference: URL:http://www.kb.cert.org/vuls/id/20851
Reference: SGI:SGI:19970505-01-A
Reference: SGI:SGI:19970505-02-PX
Reference: XF:df-bo(440)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/440
Name: CVE-1999-0026
Description:
root privileges via buffer overflow in pset command on SGI IRIX systems.
Status:EntryReference: AUSCERT:AA-97.20.IRIX.pset.buffer.overflow.vul
Reference: CERT:CA-97.21.sgi_buffer_overflow
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0026
Reference: XF:pset-bo
Name: CVE-1999-0027
Description:
root privileges via buffer overflow in eject command on SGI IRIX systems.
Status:EntryReference: AUSCERT:AA-97.21.IRIX.eject.buffer.overflow.vul
Reference: CERT:CA-97.21.sgi_buffer_overflow
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0027
Reference: XF:eject-bo
Name: CVE-1999-0028
Description:
root privileges via buffer overflow in login/scheme command on SGI IRIX systems.
Status:EntryReference: AUSCERT:AA-97.22.IRIX.login.scheme.buffer.overflow.vul
Reference: CERT:CA-97.21.sgi_buffer_overflow
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0028
Reference: XF:sgi-schemebo
Name: CVE-1999-0029
Description:
root privileges via buffer overflow in ordist command on SGI IRIX systems.
Status:EntryReference: AUSCERT:AA-97.23-IRIX.ordist.buffer.overflow.vul
Reference: CERT:CA-97.21.sgi_buffer_overflow
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0029
Reference: XF:ordist-bo
Name: CVE-1999-0031
Description:
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
Status:EntryReference: CERT:CA-97.20.javascript
Reference: HP:HPSBUX9707-065
Reference: URL:http://www.codetalker.com/advisories/vendor/hp/hpsbux9707-065.html
Name: CVE-1999-0032
Description:
Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.
Status:EntryReference: AUSCERT:AA-96.12
Reference: BID:707
Reference: URL:http://www.securityfocus.com/bid/707
Reference: BUGTRAQ:19960813 Possible bufferoverflow condition in lpr, xterm and xload
Reference: BUGTRAQ:19961025 Linux & BSD's lpr exploit
Reference: CERT:CA-97.19.bsdlp
Reference: CIAC:H-08
Reference: CIAC:I-042
Reference: URL:http://www.ciac.org/ciac/bulletins/i-042.shtml
Reference: MLIST:[freebsd-security] 19961025 Vadim Kolontsov: BoS: Linux & BSD's lpr exploit
Reference: MLIST:[linux-security] 19961122 LSF Update#14: Vulnerability of the lpr program.
Reference: SGI:19980402-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980402-01-PX
Reference: XF:bsd-lprbo
Reference: XF:bsd-lprbo2
Reference: XF:lpr-bo
Name: CVE-1999-0034
Description:
Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.
Status:EntryReference: CERT:CA-97.17.sperl
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0034
Reference: XF:perl-suid
Name: CVE-1999-0035
Description:
Race condition in signal handling routine in ftpd, allowing read/write arbitrary files.
Status:EntryReference: AUSCERT:AA-97.03
Reference: CERT:CA-97.16.ftpd
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0035
Reference: XF:ftp-ftpd
Name: CVE-1999-0036
Description:
IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.
Status:EntryReference: AUSCERT:AA-97.12
Reference: CERT:CA-97.15.sgi_login
Reference: CIAC:H-106
Reference: URL:http://www.ciac.org/ciac/bulletins/h-106.shtml
Reference: OSVDB:990
Reference: URL:http://www.osvdb.org/990
Reference: SGI:19970508-02-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19970508-02-PX
Reference: XF:sgi-lockout(557)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/557
Name: CVE-1999-0037
Description:
Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.
Status:EntryReference: CERT:CA-97.14.metamail
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0037
Reference: XF:metamail-header-commands
Name: CVE-1999-0038
Description:
Buffer overflow in xlock program allows local users to execute commands as root.
Status:EntryReference: CERT:CA-97.13.xlock
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038
Reference: XF:xlock-bo
Name: CVE-1999-0039
Description:
webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter.
Status:EntryReference: AUSCERT:AA-97.14
Reference: BID:374
Reference: URL:http://www.securityfocus.com/bid/374
Reference: BUGTRAQ:19970507 Re: SGI Advisory: webdist.cgi
Reference: BUGTRAQ:19970507 Re: SGI Security Advisory 19970501-01-A - Vulnerability in
Reference: CERT:CA-1997-12
Reference: URL:http://www.cert.org/advisories/CA-1997-12.html
Reference: OSVDB:235
Reference: URL:http://www.osvdb.org/235
Reference: SGI:19970501-02-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19970501-02-PX
Reference: XF:http-sgi-webdist(333)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/333
Name: CVE-1999-0040
Description:
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
Status:EntryReference: CERT:CA-97.11.libXt
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0040
Reference: XF:libXt-bo
Name: CVE-1999-0041
Description:
Buffer overflow in NLS (Natural Language Service).
Status:EntryReference: CERT:CA-97.10.nls
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041
Reference: XF:nls-bo
Name: CVE-1999-0042
Description:
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
Status:EntryReference: CERT:CA-97.09.imap_pop
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042
Reference: NAI:NAI-21
Reference: XF:popimap-bo
Name: CVE-1999-0043
Description:
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
Status:EntryReference: CERT:CA-97.08.innd
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043
Reference: XF:inn-controlmsg
Name: CVE-1999-0044
Description:
fsdump command in IRIX allows local users to obtain root access by modifying sensitive files.
Status:EntryReference: SGI:19970301-01-P
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19970301-01-P
Reference: XF:sgi-fsdump
Name: CVE-1999-0045
Description:
List of arbitrary files on Web host via nph-test-cgi script.
Status:EntryReference: CERT:CA-97.07.nph-test-cgi_script
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0045
Reference: XF:http-cgi-nph
Name: CVE-1999-0046
Description:
Buffer overflow of rlogin program using TERM environmental variable.
Status:EntryReference: CERT:CA-97.06.rlogin-term
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046
Reference: XF:rlogin-termbo
Name: CVE-1999-0047
Description:
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
Status:EntryReference: BID:685
Reference: URL:http://www.securityfocus.com/bid/685
Reference: CERT:CA-97.05.sendmail
Reference: XF:sendmail-mime-bo2
Name: CVE-1999-0048
Description:
Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.
Status:EntryReference: AUSCERT:AA-97.01
Reference: CERT:CA-97.04.talkd
Reference: FREEBSD:FreeBSD-SA-96:21
Reference: SUN:00147
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/147
Reference: XF:netkit-talkd
Reference: XF:talkd-bo
Name: CVE-1999-0049
Description:
Csetup under IRIX allows arbitrary file creation or overwriting.
Status:EntryReference: CERT:CA-97.03.csetup
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0049
Reference: XF:sgi-csetup
Name: CVE-1999-0050
Description:
Buffer overflow in HP-UX newgrp program.
Status:EntryReference: AUSCERT:AA-96.16.HP-UX.newgrp.Buffer.Overrun.Vulnerability
Reference: CERT:CA-97.02.hp_newgrp
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0050
Reference: XF:hp-newgrpbo
Name: CVE-1999-0051
Description:
Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.
Status:EntryReference: AUSCERT:AA-96.03
Reference: CERT:CA-97.01.flex_lm
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0051
Reference: XF:sgi-licensemanager
Name: CVE-1999-0052
Description:
IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.
Status:EntryReference: FREEBSD:FreeBSD-SA-98:08
Reference: OSVDB:908
Reference: URL:http://www.osvdb.org/908
Reference: XF:freebsd-ip-frag-dos(1389)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1389
Name: CVE-1999-0053
Description:
TCP RST denial of service in FreeBSD.
Status:EntryReference: FREEBSD:FreeBSD-SA-98:07
Reference: OSVDB:6094
Reference: URL:http://www.osvdb.org/6094
Name: CVE-1999-0054
Description:
Sun's ftpd daemon can be subjected to a denial of service.
Status:EntryReference: SUN:00171
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/171
Reference: XF:sun-ftpd
Name: CVE-1999-0055
Description:
Buffer overflows in Sun libnsl allow root access.
Status:EntryReference: AIXAPAR:IX80543
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IX80543&apar=only
Reference: RSI:RSI.0005.05-14-98.SUN.LIBNSL
Reference: SUN:00172
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/172
Reference: XF:sun-libnsl
Name: CVE-1999-0056
Description:
Buffer overflow in Sun's ping program can give root access to local users.
Status:EntryReference: SUN:00174
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/174
Reference: XF:sun-ping
Name: CVE-1999-0057
Description:
Vacation program allows command execution by remote users through a sendmail command.
Status:EntryReference: HP:HPSBUX9811-087
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9811-087
Reference: NAI:NAI-19
Reference: XF:vacation
Name: CVE-1999-0058
Description:
Buffer overflow in PHP cgi program, php.cgi allows shell access.
Status:EntryReference: BID:712
Reference: URL:http://www.securityfocus.com/bid/712
Reference: NAI:NAI-12
Reference: XF:http-cgi-phpbo
Name: CVE-1999-0059
Description:
IRIX fam service allows an attacker to obtain a list of all files on the server.
Status:EntryReference: BID:353
Reference: URL:http://www.securityfocus.com/bid/353
Reference: NAI:NAI-16
Reference: OSVDB:164
Reference: URL:http://www.osvdb.org/164
Reference: XF:irix-fam(325)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/325
Name: CVE-1999-0060
Description:
Attackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool.
Status:EntryReference: ASCEND:http://www.ascend.com/2695.html
Reference: MISC:http://www.ascend.com/2695.html
Reference: NAI:NAI-26
Reference: XF:ascend-config-kill
Name: CVE-1999-0062
Description:
The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage.
Status:EntryReference: NAI:NAI-28
Reference: OSVDB:7559
Reference: URL:http://www.osvdb.org/7559
Reference: XF:openbsd-chpass
Name: CVE-1999-0063
Description:
Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port.
Status:EntryReference: AUSCERT:ESB-98.197
Reference: CISCO:http://www.cisco.com/warp/public/770/iossyslog-pub.shtml
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0063
Reference: XF:cisco-syslog-crash
Name: CVE-1999-0064
Description:
Buffer overflow in AIX lquerylv program gives root access to local users.
Status:EntryReference: BUGTRAQ:May28,1997
Reference: MISC:https://marc.info/?l=bugtraq&m=87602167418428&w=2
Reference: XF:lquerylv-bo
Name: CVE-1999-0065
Description:
Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands.
Status:EntryReference: SUN:00181
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/181
Reference: XF:hp-dtmail
Name: CVE-1999-0066
Description:
AnyForm CGI remote execution.
Status:EntryReference: BID:719
Reference: URL:http://www.securityfocus.com/bid/719
Reference: BUGTRAQ:19950731 SECURITY HOLE: "AnyForm" CGI
Reference: XF:http-cgi-anyform
Name: CVE-1999-0067
Description:
phf CGI program allows remote command execution through shell metacharacters.
Status:EntryReference: AUSCERT:AA-96.01
Reference: BID:629
Reference: URL:http://www.securityfocus.com/bid/629
Reference: BUGTRAQ:19960923 PHF Attacks - Fun and games for the whole family
Reference: CERT:CA-1996-06
Reference: URL:http://www.cert.org/advisories/CA-1996-06.html
Reference: OSVDB:136
Reference: URL:http://www.osvdb.org/136
Reference: XF:http-cgi-phf
Name: CVE-1999-0068
Description:
CGI PHP mylog script allows an attacker to read any file on the target server.
Status:EntryReference: BID:713
Reference: URL:http://www.securityfocus.com/bid/713
Reference: BUGTRAQ:19971019 Vulnerability in PHP Example Logging Scripts
Reference: OSVDB:3396
Reference: URL:http://www.osvdb.org/3396
Reference: XF:http-cgi-php-mylog
Name: CVE-1999-0069
Description:
Solaris ufsrestore buffer overflow.
Status:EntryReference: OSVDB:8158
Reference: URL:http://www.osvdb.org/8158
Reference: SUN:00169
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/169
Reference: XF:sun-ufsrestore
Name: CVE-1999-0070
Description:
test-cgi program allows an attacker to list files on the server.
Status:EntryReference: MLIST:[httpd-users] 20200814 [users@httpd] CVE NIST discrepancies
Reference: URL:https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2@%3Cusers.httpd.apache.org%3E
Reference: XF:http-cgi-test
Name: CVE-1999-0071
Description:
Apache httpd cookie buffer overflow for versions 1.1.1 and earlier.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0071
Reference: NAI:NAI-2
Reference: XF:http-apache-cookie
Name: CVE-1999-0072
Description:
Buffer overflow in AIX xdat gives root access to local users.
Status:EntryReference: ERS:ERS-SVA-E01-1997:004.1
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0072
Reference: XF:ibm-xdat
Name: CVE-1999-0073
Description:
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.
Status:EntryReference: CERT:CA-95:14.Telnetd_Environment_Vulnerability
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0073
Reference: XF:linkerbug
Name: CVE-1999-0074
Description:
Listening TCP ports are sequentially allocated, allowing spoofing attacks.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0074
Reference: XF:seqport
Name: CVE-1999-0075
Description:
PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password.
Status:EntryReference: BUGTRAQ:19961016 Re: ftpd bug? Was: bin/1805: Bug in ftpd
Reference: OSVDB:5742
Reference: URL:http://www.osvdb.org/5742
Reference: XF:ftp-pasvcore
Name: CVE-1999-0077
Description:
Predictable TCP sequence numbers allow spoofing.
Status:EntryReference: XF:tcp-seq-predict(139)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/139
Name: CVE-1999-0079
Description:
Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0079
Reference: XF:ftp-pasv-dos
Reference: XF:ftp-pasvdos
Name: CVE-1999-0080
Description:
Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command.
Status:EntryReference: BUGTRAQ:19950531 SECURITY: problem with some wu-ftpd-2.4 binaries (fwd)
Reference: CERT:CA-95:16.wu-ftpd.vul
Reference: MISC:https://archive.nanog.org/mailinglist/mailarchives/old_archive/1995-11/msg00385.html
Reference: XF:ftp-execdotdot
Name: CVE-1999-0081
Description:
wu-ftp allows files to be overwritten via the rnfr command.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0081
Reference: XF:ftp-rnfr
Name: CVE-1999-0082
Description:
CWD ~root command in ftpd allows root access.
Status:EntryReference: FARMERVENEMA:Improving the Security of Your Site by Breaking Into it
Reference: URL:http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html
Reference: XF:ftp-cwd
Name: CVE-1999-0083
Description:
getcwd() file descriptor leak in FTP.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0083
Reference: XF:cwdleak
Name: CVE-1999-0084
Description:
Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0.
Status:EntryReference: XF:nfs-mknod(78)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/78
Name: CVE-1999-0085
Description:
Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.
Status:EntryReference: BUGTRAQ:19960821 rwhod buffer overflow
Reference: XF:rwhod(119)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/119
Reference: XF:rwhod-vuln(118)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/118
Name: CVE-1999-0087
Description:
Denial of service in AIX telnet can freeze a system and prevent users from accessing the server.
Status:EntryReference: ERS:ERS-SVA-E01-1998:003.1
Reference: OSVDB:7992
Reference: URL:http://www.osvdb.org/7992
Reference: XF:ibm-telnetdos
Name: CVE-1999-0090
Description:
Buffer overflow in AIX rcp command allows local users to obtain root access.
Status:EntryReference: ERS:ERS-SVA-E01-1997:005.1
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0090
Reference: XF:ibm-rcp
Name: CVE-1999-0091
Description:
Buffer overflow in AIX writesrv command allows local users to obtain root access.
Status:EntryReference: ERS:ERS-SVA-E01-1997:005.1
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0091
Reference: XF:ibm-writesrv
Name: CVE-1999-0093
Description:
AIX nslookup command allows local users to obtain root access by not dropping privileges correctly.
Status:EntryReference: ERS:ERS-SVA-E01-1997:008.1
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0093
Reference: XF:ibm-nslookup
Name: CVE-1999-0094
Description:
AIX piodmgrsu command allows local users to gain additional group privileges.
Status:EntryReference: ERS:ERS-SVA-E01-1997:007.1
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0094
Reference: XF:ibm-piodmgrsu
Name: CVE-1999-0095
Description:
The debug command in Sendmail is enabled, allowing attackers to execute commands as root.
Status:EntryReference: BID:1
Reference: URL:http://www.securityfocus.com/bid/1
Reference: CERT:CA-88.01
Reference: CERT:CA-93.14
Reference: FULLDISC:20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)
Reference: URL:http://seclists.org/fulldisclosure/2019/Jun/16
Reference: MLIST:[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
Reference: URL:http://www.openwall.com/lists/oss-security/2019/06/05/4
Reference: MLIST:[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
Reference: URL:http://www.openwall.com/lists/oss-security/2019/06/06/1
Reference: OSVDB:195
Reference: URL:http://www.osvdb.org/195
Reference: XF:smtp-debug
Name: CVE-1999-0096
Description:
Sendmail decode alias can be used to overwrite sensitive files.
Status:EntryReference: CERT:CA-93.16
Reference: CERT:CA-95.05
Reference: CIAC:A-13
Reference: CIAC:A-14
Reference: SUN:00122
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/122&type=0&nav=sec.sba
Reference: XF:smtp-dcod
Name: CVE-1999-0097
Description:
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
Status:EntryReference: ERS:ERS-SVA-E01-1997:009.1
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0097
Reference: XF:ibm-ftp
Name: CVE-1999-0099
Description:
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.
Status:EntryReference: CERT:CA-95.13.syslog.vul
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0099
Reference: XF:smtp-syslog
Name: CVE-1999-0100
Description:
Remote access in AIX innd 1.5.1, using control messages.
Status:EntryReference: ERS:ERS-SVA-E01-1997:002.1
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0100
Reference: XF:inn-controlmsg
Name: CVE-1999-0101
Description:
Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.
Status:EntryReference: CIAC:H-13
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/h-13.shtml
Reference: ERS:ERS-SVA-E01-1996:007.1
Reference: ERS:ERS-SVA-E01-1997:001.1
Reference: NAI:NAI-1
Reference: SUN:00137a
Reference: XF:ghbn-bo
Name: CVE-1999-0102
Description:
Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0102
Reference: XF:slmail-fromheader-overflow
Name: CVE-1999-0103
Description:
Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm.
Status:EntryReference: CERT:CA-96.01.UDP_service_denial
Reference: MISC:https://ics-cert.us-cert.gov/advisories/ICSMA-18-233-01
Reference: XF:chargen
Reference: XF:chargen-patch
Reference: XF:echo
Name: CVE-1999-0108
Description:
The printers program in IRIX has a buffer overflow that gives root access to local users.
Status:EntryReference: BUGTRAQ:19970527 another day, another buffer overflow....
Reference: URL:http://seclists.org/bugtraq/1997/May/191
Reference: XF:printers-bo
Name: CVE-1999-0109
Description:
Buffer overflow in ffbconfig in Solaris 2.5.1.
Status:EntryReference: AUSCERT:AA-97.06
Reference: SUN:00140
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/140
Reference: XF:ffbconfig-bo
Name: CVE-1999-0111
Description:
RIP v1 is susceptible to spoofing.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0111
Reference: XF:rip
Name: CVE-1999-0112
Description:
Buffer overflow in AIX dtterm program for the CDE.
Status:EntryReference: BUGTRAQ:19970520 AIX 4.2 dtterm exploit
Reference: XF:dtterm-bo(878)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/878
Name: CVE-1999-0113
Description:
Some implementations of rlogin allow root access if given a -froot parameter.
Status:EntryReference: BID:458
Reference: URL:http://www.securityfocus.com/bid/458
Reference: BUGTRAQ:19940729 -froot??? (AIX rlogin bug)
Reference: CERT:CA-94.09.bin.login.vulnerability
Reference: CIAC:E-26
Reference: XF:rlogin-froot
Name: CVE-1999-0115
Description:
AIX bugfiler program allows local users to gain root access.
Status:EntryReference: BID:1800
Reference: URL:http://www.securityfocus.com/bid/1800
Reference: BUGTRAQ:19970909 AIX bugfiler
Reference: XF:ibm-bugfiler
Name: CVE-1999-0116
Description:
Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood.
Status:EntryReference: CERT:CA-96.21.tcp_syn.flooding
Reference: SGI:19961202-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19961202-01-PX
Reference: SUN:00136
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/136
Name: CVE-1999-0117
Description:
AIX passwd allows local users to gain root access.
Status:EntryReference: CERT:CA-92:07.AIX.passwd.vulnerability
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0117
Reference: XF:ibm-passwd
Name: CVE-1999-0118
Description:
AIX infod allows local users to gain root access through an X display.
Status:EntryReference: BUGTRAQ:19981119 RSI.0011.11-09-98.AIX.INFOD
Reference: URL:http://marc.info/?l=bugtraq&m=91158980826979&w=2
Reference: XF:aix-infod
Name: CVE-1999-0120
Description:
Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root.
Status:EntryReference: CERT:CA-94.06.utmp.vulnerability
Reference: SUN:00126
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/126
Reference: XF:utmp-write
Name: CVE-1999-0122
Description:
Buffer overflow in AIX lchangelv gives root access.
Status:EntryReference: BUGTRAQ:Jul21,1999
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0122
Reference: XF:lchangelv-bo
Name: CVE-1999-0124
Description:
Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files that can be accessed by the gopher daemon.
Status:EntryReference: CERT:CA-93:11.UMN.UNIX.gopher.vulnerability
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0124
Reference: XF:gopher-vuln
Name: CVE-1999-0125
Description:
Buffer overflow in SGI IRIX mailx program.
Status:EntryReference: SGI:19980605-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980605-01-PX
Reference: XF:sgi-mailx-bo
Name: CVE-1999-0126
Description:
SGI IRIX buffer overflow in xterm and Xaw allows root access.
Status:EntryReference: CERT:VB-98.04.xterm.Xaw
Reference: CIAC:J-010
Reference: URL:http://www.ciac.org/ciac/bulletins/j-010.shtml
Reference: XF:xfree86-xaw
Reference: XF:xfree86-xterm-xaw
Name: CVE-1999-0128
Description:
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
Status:EntryReference: CERT:CA-96.26.ping
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0128
Reference: XF:ping-death
Name: CVE-1999-0129
Description:
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
Status:EntryReference: CERT:CA-96.25.sendmail_groups
Reference: MISC:http://www.cert.org/advisories/CA-1996-25.html
Name: CVE-1999-0130
Description:
Local users can start Sendmail in daemon mode and gain root privileges.
Status:EntryReference: BID:716
Reference: URL:http://www.securityfocus.com/bid/716
Reference: CERT:CA-96.24.sendmail.daemon.mode
Reference: XF:sendmail-daemon-mode
Name: CVE-1999-0131
Description:
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
Status:EntryReference: BID:717
Reference: URL:http://www.securityfocus.com/bid/717
Reference: CERT:CA-96.20.sendmail_vul
Reference: XF:smtp-875bo
Name: CVE-1999-0132
Description:
Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.
Status:EntryReference: CERT:CA-1996-19
Reference: URL:http://www.cert.org/advisories/CA-1996-19.html
Reference: OSVDB:11723
Reference: URL:http://www.osvdb.org/11723
Reference: XF:expreserve(401)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/401
Name: CVE-1999-0133
Description:
fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access.
Status:EntryReference: CERT:CA-96.18.fm_fls
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0133
Reference: XF:fmaker-logfile
Name: CVE-1999-0134
Description:
vold in Solaris 2.x allows local users to gain root access.
Status:EntryReference: AUSCERT:AL-96.04
Reference: CERT:CA-96.17.Solaris_vold_vul
Reference: OSVDB:8159
Reference: URL:http://www.osvdb.org/8159
Reference: XF:sol-voldtmp
Name: CVE-1999-0135
Description:
admintool in Solaris allows a local user to write to arbitrary files and gain root access.
Status:EntryReference: AUSCERT:AL-96.03
Reference: CERT:CA-96.16.Solaris_admintool_vul
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0135
Reference: XF:sun-admintool
Name: CVE-1999-0136
Description:
Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access.
Status:EntryReference: AUSCERT:AL-96.02
Reference: CERT:CA-96.15.Solaris_KCMS_vul
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0136
Reference: XF:sol-KCMSvuln
Name: CVE-1999-0137
Description:
The dip program on many Linux systems allows local users to gain root access via a buffer overflow.
Status:EntryReference: CERT:CA-96.13.dip_vul
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0137
Reference: XF:dip-bo
Reference: XF:linux-dipbo
Name: CVE-1999-0138
Description:
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
Status:EntryReference: CERT:CA-96.12.suidperl_vul
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0138
Reference: XF:sperl-suid
Name: CVE-1999-0139
Description:
Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access.
Status:EntryReference: OSVDB:8205
Reference: URL:http://www.osvdb.org/8205
Reference: RSI:RSI.0012.12-03-98.SOLARIS.MKCOOKIE
Reference: XF:sol-mkcookie
Name: CVE-1999-0141
Description:
Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet.
Status:EntryReference: CERT:CA-96.07.java_bytecode_verifier
Reference: SUN:00134
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/134
Reference: XF:http-java-applet
Name: CVE-1999-0142
Description:
The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts.
Status:EntryReference: CERT:CA-96.05.java_applet_security_mgr
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0142
Reference: XF:http-java-appletsecmgr
Name: CVE-1999-0143
Description:
Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.
Status:EntryReference: CERT:CA-96.03.kerberos_4_key_server
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0143
Reference: XF:kerberos-bf
Name: CVE-1999-0145
Description:
Sendmail WIZ command enabled, allowing root access.
Status:EntryReference: BUGTRAQ:19950206 sendmail wizard thing...
Reference: URL:http://www2.dataguard.no/bugtraq/1995_1/0332.html
Reference: CERT:CA-1990-11
Reference: URL:http://www.cert.org/advisories/CA-1990-11.html
Reference: CERT:CA-1993-14
Reference: URL:http://www.cert.org/advisories/CA-1993-14.html
Reference: FARMERVENEMA:Improving the Security of Your Site by Breaking Into it
Reference: URL:http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html
Reference: FULLDISC:20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)
Reference: URL:http://seclists.org/fulldisclosure/2019/Jun/16
Reference: MLIST:[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
Reference: URL:http://www.openwall.com/lists/oss-security/2019/06/05/4
Reference: MLIST:[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
Reference: URL:http://www.openwall.com/lists/oss-security/2019/06/06/1
Name: CVE-1999-0146
Description:
The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file.
Status:EntryReference: BID:1975
Reference: URL:http://www.securityfocus.com/bid/1975
Reference: BUGTRAQ:19970715 Bug CGI campas
Reference: XF:http-cgi-campas(298)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/298
Name: CVE-1999-0147
Description:
The aglimpse CGI program of the Glimpse package allows remote execution of arbitrary commands.
Status:EntryReference: AUSCERT:AA-97.28
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0147
Reference: XF:http-cgi-glimpse
Name: CVE-1999-0148
Description:
The handler CGI program in IRIX allows arbitrary command execution.
Status:EntryReference: BID:380
Reference: URL:http://www.securityfocus.com/bid/380
Reference: SGI:19970501-02-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19970501-02-PX
Reference: XF:http-sgi-handler
Name: CVE-1999-0149
Description:
The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack.
Status:EntryReference: BID:373
Reference: URL:http://www.securityfocus.com/bid/373
Reference: BUGTRAQ:19970420 IRIX 6.x /cgi-bin/wrap bug
Reference: OSVDB:247
Reference: URL:http://www.osvdb.org/247
Reference: SGI:19970501-02-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19970501-02-PX
Reference: XF:http-sgi-wrap(290)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/290
Name: CVE-1999-0150
Description:
The Perl fingerd program allows arbitrary command execution from remote users.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0150
Reference: XF:perl-fingerd
Name: CVE-1999-0151
Description:
The SATAN session key may be disclosed if the user points the web browser to other sites, possibly allowing root access.
Status:EntryReference: CERT:CA-95.06.satan.vul
Reference: CERT:CA-95.07a.REVISED.satan.vul
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0151
Name: CVE-1999-0152
Description:
The DG/UX finger daemon allows remote command execution through shell metacharacters.
Status:EntryReference: BUGTRAQ:19970811 dgux in.fingerd vulnerability
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0152
Reference: XF:dgux-fingerd
Name: CVE-1999-0153
Description:
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.
Status:EntryReference: OSVDB:1666
Reference: URL:http://www.osvdb.org/1666
Reference: XF:win-oob
Name: CVE-1999-0155
Description:
The ghostscript command with the -dSAFER option allows remote attackers to execute commands.
Status:EntryReference: CERT:CA-95.10.ghostscript
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0155
Reference: XF:gscript-dsafer
Name: CVE-1999-0157
Description:
Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service.
Status:EntryReference: CISCO:http://www.cisco.com/warp/public/770/nifrag.shtml
Reference: OSVDB:1097
Reference: URL:http://www.osvdb.org/1097
Reference: XF:cisco-fragmented-attacks
Name: CVE-1999-0158
Description:
Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM server and retrieve any file whose name and location is known.
Status:EntryReference: CISCO:20010913 Cisco PIX Firewall Manager File Exposure
Reference: URL:http://www.cisco.com/warp/public/770/pixmgrfile-pub.shtml
Reference: OSVDB:685
Reference: URL:http://www.osvdb.org/685
Reference: XF:cisco-pix-file-exposure
Name: CVE-1999-0159
Description:
Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases.
Status:EntryReference: CISCO:http://www.cisco.com/warp/public/770/ioslogin-pub.shtml
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0159
Reference: XF:cisco-ios-crash
Name: CVE-1999-0160
Description:
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections.
Status:EntryReference: CIAC:I-002A
Reference: CISCO:19971001 Vulnerabilities in Cisco CHAP Authentication
Reference: OSVDB:1099
Reference: URL:http://www.osvdb.org/1099
Reference: XF:cisco-chap
Name: CVE-1999-0161
Description:
In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering.
Status:EntryReference: CISCO:http://www.cisco.com/warp/public/707/1.html
Reference: OSVDB:797
Reference: URL:http://www.osvdb.org/797
Reference: XF:cisco-acl-tacacs
Name: CVE-1999-0162
Description:
The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering.
Status:EntryReference: CISCO:19950601 "Established" Keyword May Allow Packets to Bypass Filter
Reference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0162
Reference: XF:cisco-acl-established
Name: CVE-1999-0164
Description:
A race condition in the Solaris ps command allows an attacker to overwrite critical files.
Status:EntryReference: AUSCERT:AA-95.07
Reference: CERT:CA-95.09.Solaris.ps.vul
Reference: OSVDB:8346
Reference: URL:http://www.osvdb.org/8346
Reference: XF:sol-pstmprace
Name: CVE-1999-0166
Description:
NFS allows users to use a "cd .." command to access other directories besides the exported file system.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0166
Reference: XF:nfs-cd
Name: CVE-1999-0167
Description:
In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system.
Status:EntryReference: CERT:CA-91.21.SunOS.NFS.Jumbo.and.fsirand
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0167
Reference: XF:nfs-guess
Name: CVE-1999-0168
Description:
The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0168
Reference: XF:nfs-portmap
Name: CVE-1999-0170
Description:
Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0170
Reference: XF:nfs-ultrix
Name: CVE-1999-0172
Description:
FormMail CGI program allows remote execution of commands.
Status:EntryReference: BUGTRAQ:Aug02,1995
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0172
Reference: XF:http-cgi-formmail-exe
Name: CVE-1999-0173
Description:
FormMail CGI program can be used by web servers other than the host server that the program resides on.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0173
Reference: XF:http-cgi-formmail-use
Name: CVE-1999-0174
Description:
The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BUGTRAQ:19970208 view-source
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174
Reference: XF:http-cgi-viewsrc
Name: CVE-1999-0175
Description:
The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0175
Reference: XF:http-nov-convert
Name: CVE-1999-0176
Description:
The Webgais program allows a remote user to execute arbitrary commands.
Status:EntryReference: BUGTRAQ:Jul10,1997
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0176
Reference: XF:http-webgais-query
Name: CVE-1999-0177
Description:
The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs.
Status:EntryReference: BUGTRAQ:19970904 [Alert] Website's uploader.exe (from demo) vulnerable
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0177
Reference: NTBUGTRAQ:19970904 [Alert] Website's uploader.exe (from demo) vulnerable
Reference: NTBUGTRAQ:19970905 Re: FW: [Alert] Website's uploader.exe (from demo) vulnerable
Reference: XF:http-website-uploader
Name: CVE-1999-0178
Description:
Buffer overflow in the win-c-sample program (win-c-sample.exe) in the WebSite web server 1.1e allows remote attackers to execute arbitrary code via a long query string.
Status:EntryReference: BID:2078
Reference: URL:http://www.securityfocus.com/bid/2078
Reference: BUGTRAQ:19970106 Re: signal handling
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/1997_1/0021.html
Reference: OSVDB:8
Reference: URL:http://www.osvdb.org/8
Reference: XF:http-website-winsample(295)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/295
Name: CVE-1999-0179
Description:
Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share.
Status:EntryReference: MSKB:Q140818
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q140818
Reference: XF:nt-35
Reference: XF:nt-351
Reference: XF:nt-samba-dotdot
Name: CVE-1999-0180
Description:
in.rshd allows users to login with a NULL username and execute commands.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0180
Reference: XF:rsh-null
Name: CVE-1999-0181
Description:
The wall daemon can be used for denial of service, social engineering attacks, or to execute remote commands.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0181
Reference: XF:walld
Name: CVE-1999-0182
Description:
Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password.
Status:EntryReference: CERT:VB-97.10.samba
Reference: CIAC:H-110
Reference: URL:http://www.ciac.org/ciac/bulletins/h-110.shtml
Reference: XF:nt-samba-bo
Name: CVE-1999-0183
Description:
Linux implementations of TFTP would allow access to files outside the restricted directory.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0183
Reference: XF:linux-tftp
Name: CVE-1999-0184
Description:
When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0184
Reference: XF:dns-updates
Name: CVE-1999-0185
Description:
In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.
Status:EntryReference: SUN:00156
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/156
Reference: XF:sun-ftpd/logind
Name: CVE-1999-0188
Description:
The passwd command in Solaris can be subjected to a denial of service.
Status:EntryReference: SUN:00182
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/182
Reference: XF:sun-passwd-dos
Name: CVE-1999-0189
Description:
Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111.
Status:EntryReference: NAI:NAI-15
Reference: SUN:00142
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/142
Reference: XF:rpc-32771
Name: CVE-1999-0190
Description:
Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access.
Status:EntryReference: SUN:00167
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/167
Reference: XF:sun-rpcbind
Name: CVE-1999-0191
Description:
IIS newdsn.exe CGI script allows remote users to overwrite files.
Status:EntryReference: OSVDB:275
Reference: URL:http://www.osvdb.org/275
Reference: XF:http-cgi-newdsn
Name: CVE-1999-0192
Description:
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192
Reference: SNI:SNI-20
Reference: XF:bsd-tel-tgetent
Name: CVE-1999-0194
Description:
Denial of service in in.comsat allows attackers to generate messages.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0194
Reference: XF:comsat
Name: CVE-1999-0196
Description:
websendmail in Webgais 1.0 allows a remote user to access arbitrary files and execute arbitrary code via the receiver parameter ($VAR_receiver variable).
Status:EntryReference: BID:2077
Reference: URL:http://www.securityfocus.com/bid/2077
Reference: BUGTRAQ:19970704 Vulnerability in websendmail
Reference: OSVDB:237
Reference: URL:http://www.osvdb.org/237
Reference: XF:http-webgais-smail
Name: CVE-1999-0201
Description:
A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0201
Reference: XF:ftp-home
Name: CVE-1999-0202
Description:
The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0202
Reference: XF:ftp-exectar
Name: CVE-1999-0203
Description:
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.
Status:EntryReference: CERT:CA-95.08
Reference: CIAC:E-03
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0203
Reference: XF:smtp-sendmail-version5
Name: CVE-1999-0204
Description:
Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.
Status:EntryReference: CIAC:F-13
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0204
Reference: XF:ident-bo
Name: CVE-1999-0206
Description:
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
Status:EntryReference: AUSCERT:AA-96.06a
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0206
Reference: XF:sendmail-mime-bo
Name: CVE-1999-0207
Description:
Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command.
Status:EntryReference: CERT:CA-94.11.majordomo.vulnerabilities
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0207
Reference: XF:majordomo-exe
Name: CVE-1999-0208
Description:
rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.
Status:EntryReference: CERT:CA-95.17.rpc.ypupdated.vul
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0208
Reference: XF:rpc-update
Name: CVE-1999-0209
Description:
The SunView (SunTools) selection_svc facility allows remote users to read files.
Status:EntryReference: BID:8
Reference: URL:http://www.securityfocus.com/bid/8
Reference: CERT:CA-90.05.sunselection.vulnerability
Reference: XF:selsvc
Name: CVE-1999-0210
Description:
Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.
Status:EntryReference: BID:235
Reference: URL:http://www.securityfocus.com/bid/235
Reference: BUGTRAQ:19971126 Solaris 2.5.1 automountd exploit (fwd)
Reference: URL:http://marc.info/?l=bugtraq&m=88053459921223&w=2
Reference: BUGTRAQ:19990103 SUN almost has a clue! (automountd)
Reference: URL:http://marc.info/?l=bugtraq&m=91547759121289&w=2
Reference: CERT:CA-99-05
Reference: URL:http://www.cert.org/advisories/CA-99-05-statd-automountd.html
Reference: HP:HPSBUX9910-104
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9910-104
Name: CVE-1999-0211
Description:
Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone.
Status:EntryReference: BID:24
Reference: URL:http://www.securityfocus.com/bid/24
Reference: CERT:CA-94.02.REVISED.SunOS.rpc.mountd.vulnerability
Name: CVE-1999-0212
Description:
Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server.
Status:EntryReference: CIAC:I-048
Reference: URL:http://www.ciac.org/ciac/bulletins/i-048.shtml
Reference: SUN:00168
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/168
Reference: XF:sun-mountd
Name: CVE-1999-0214
Description:
Denial of service by sending forged ICMP unreachable packets.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0214
Reference: XF:icmp-unreachable
Name: CVE-1999-0215
Description:
Routed allows attackers to append data to files.
Status:EntryReference: CIAC:J-012
Reference: URL:http://www.ciac.org/ciac/bulletins/j-012.shtml
Reference: SGI:19981004-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19981004-01-PX
Reference: XF:ripapp
Name: CVE-1999-0217
Description:
Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0217
Reference: XF:udp-bomb
Name: CVE-1999-0218
Description:
Livingston portmaster machines could be rebooted via a series of commands.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0218
Reference: XF:portmaster-reboot
Name: CVE-1999-0219
Description:
Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command.
Status:EntryReference: BID:269
Reference: URL:http://www.securityfocus.com/bid/269
Reference: BUGTRAQ:19990909 Exploit: Serv-U Ver2.5 FTPd Win9x/NT
Reference: NTBUGTRAQ:19990503 Buffer overflows in FTP Serv-U 2.5
Reference: URL:http://marc.info/?l=ntbugtraq&m=92574916930144&w=2
Reference: NTBUGTRAQ:19990504 Re: Buffer overflows in FTP Serv-U 2.5
Reference: URL:http://marc.info/?l=ntbugtraq&m=92582581330282&w=2
Reference: XF:ftp-servu(205)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/205
Name: CVE-1999-0221
Description:
Denial of service of Ascend routers through port 150 (remote administration).
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0221
Reference: XF:ascend-150-kill
Name: CVE-1999-0223
Description:
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.
Status:EntryReference: BID:1878
Reference: URL:http://www.securityfocus.com/bid/1878
Reference: BUGTRAQ:19961109 Syslogd and Solaris 2.4
Reference: CONFIRM:http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?patchid=103291&collection=fpatches
Reference: SUNBUG:1249320
Reference: XF:sol-syslogd-crash
Name: CVE-1999-0224
Description:
Denial of service in Windows NT messenger service through a long username.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0224
Reference: XF:nt-messenger
Name: CVE-1999-0225
Description:
Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size.
Status:EntryReference: MSKB:Q180963
Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=180963
Reference: NAI:19980214 Windows NT Logon Denial of Service
Reference: URL:http://www.nai.com/nai_labs/asp_set/advisory/25_windows_nt_dos_adv.asp
Reference: XF:nt-logondos
Name: CVE-1999-0227
Description:
Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.
Status:EntryReference: MSKB:Q154087
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q154087
Reference: XF:nt-lsass-crash
Name: CVE-1999-0228
Description:
Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT.
Status:EntryReference: MSKB:Q162567
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q162567
Reference: XF:nt-rpc-ver
Name: CVE-1999-0230
Description:
Buffer overflow in Cisco 7xx routers through the telnet service.
Status:EntryReference: CISCO:http://www.cisco.com/warp/public/770/pwbuf-pub.shtml
Reference: OSVDB:1102
Reference: URL:http://www.osvdb.org/1102
Name: CVE-1999-0233
Description:
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.
Status:EntryReference: MSKB:Q148188
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q148188
Reference: MSKB:Q155056
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q155056
Reference: XF:http-iis-cmd
Name: CVE-1999-0234
Description:
Bash treats any character with a value of 255 as a command separator.
Status:EntryReference: CERT:CA-96.22.bash_vuls
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234
Reference: XF:bash-cmd
Name: CVE-1999-0236
Description:
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0236
Reference: XF:http-scriptalias
Name: CVE-1999-0237
Description:
Remote execution of arbitrary commands through Guestbook CGI program.
Status:EntryReference: CERT:VB-97.02
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0237
Reference: XF:http-cgi-guestbook
Name: CVE-1999-0239
Description:
Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET.
Status:EntryReference: OSVDB:122
Reference: URL:http://www.osvdb.org/122
Reference: XF:fastrack-get-directory-list
Name: CVE-1999-0244
Description:
Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0244
Reference: NAI:NAI-23
Reference: XF:radius-accounting-overflow
Name: CVE-1999-0245
Description:
Some configurations of NIS+ in Linux allowed attackers to log in as the user "+".
Status:EntryReference: BUGTRAQ:19950907 Linux NIS security problem hole and fix
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0245
Reference: XF:linux-plus
Name: CVE-1999-0247
Description:
Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands.
Status:EntryReference: BID:1443
Reference: URL:http://www.securityfocus.com/bid/1443
Reference: NAI:19970721 INN news server vulnerabilities
Reference: URL:http://www.nai.com/nai_labs/asp_set/advisory/17_inn_avd.asp
Reference: XF:inn-bo
Name: CVE-1999-0248
Description:
A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.
Status:EntryReference: CONFIRM:http://www.uni-karlsruhe.de/~ig25/ssh-faq/ssh-faq-6.html#ss6.1
Reference: MISC:http://oliver.efri.hr/~crv/security/bugs/mUNIXes/ssh2.html
Name: CVE-1999-0251
Description:
Denial of service in talk program allows remote attackers to disrupt a user's display.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0251
Reference: XF:talkd-flash
Name: CVE-1999-0252
Description:
Buffer overflow in listserv allows arbitrary command execution.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0252
Reference: XF:smtp-listserv
Name: CVE-1999-0256
Description:
Buffer overflow in War FTP allows remote execution of commands.
Status:EntryReference: OSVDB:875
Reference: URL:http://www.osvdb.org/875
Reference: XF:war-ftpd
Name: CVE-1999-0259
Description:
cfingerd lists all users on a system via search.**@target.
Status:EntryReference: BUGTRAQ:19970523 cfingerd vulnerability
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0259
Reference: XF:cfinger-user-enumeration
Name: CVE-1999-0260
Description:
The jj CGI program allows command execution via shell metacharacters.
Status:EntryReference: BUGTRAQ:19961224 jj cgi
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0260
Reference: XF:http-cgi-jj
Name: CVE-1999-0262
Description:
Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string.
Status:EntryReference: BID:2056
Reference: URL:http://www.securityfocus.com/bid/2056
Reference: BUGTRAQ:19980804 PATCH: faxsurvey
Reference: BUGTRAQ:19980804 remote exploit in faxsurvey cgi-script
Reference: XF:http-cgi-faxsurvey(1532)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1532
Name: CVE-1999-0263
Description:
Solaris SUNWadmap can be exploited to obtain root access.
Status:EntryReference: SUN:00173
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/173
Reference: XF:sun-sunwadmap
Name: CVE-1999-0264
Description:
htmlscript CGI program allows remote read access to files.
Status:EntryReference: BUGTRAQ:Jan27,1998
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0264
Reference: XF:http-htmlscript-file-access
Name: CVE-1999-0265
Description:
ICMP redirect messages may crash or lock up a host.
Status:EntryReference: ISS:ICMP Redirects Against Embedded Controllers
Reference: MSKB:Q154174
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q154174
Reference: XF:icmp-redirect
Name: CVE-1999-0266
Description:
The info2www CGI script allows remote file access or remote command execution.
Status:EntryReference: BID:1995
Reference: URL:http://www.securityfocus.com/bid/1995
Reference: BUGTRAQ:19980303 Vulnerabilites in some versions of info2www CGI
Reference: XF:http-cgi-info2www
Name: CVE-1999-0267
Description:
Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution.
Status:EntryReference: CERT:CA-95.04.NCSA.http.daemon.for.unix.vulnerability
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0267
Reference: XF:http-port
Name: CVE-1999-0268
Description:
MetaInfo MetaWeb web server allows users to upload, execute, and read scripts.
Status:EntryReference: BUGTRAQ:19980630 Security vulnerabilities in MetaInfo products
Reference: BUGTRAQ:19980703 Followup to MetaInfo vulnerabilities
Reference: OSVDB:110
Reference: URL:http://www.osvdb.org/110
Reference: OSVDB:3969
Reference: URL:http://www.osvdb.org/3969
Reference: XF:metaweb-server-dot-attack
Name: CVE-1999-0269
Description:
Netscape Enterprise servers may list files through the PageServices query.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0269
Reference: XF:netscape-server-pageservices
Name: CVE-1999-0270
Description:
Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files.
Status:EntryReference: BID:64
Reference: URL:http://www.securityfocus.com/bid/64
Reference: BUGTRAQ:19980317 IRIX performer_tools bug
Reference: CIAC:I-041
Reference: URL:http://www.ciac.org/ciac/bulletins/i-041.shtml
Reference: OSVDB:134
Reference: URL:http://www.osvdb.org/134
Reference: SGI:19980401-01-P
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980401-01-P
Reference: XF:sgi-pfdispaly(810)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/810
Name: CVE-1999-0272
Description:
Denial of service in Slmail v2.5 through the POP3 port.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0272
Reference: XF:slmail-username-bo
Name: CVE-1999-0273
Description:
Denial of service through Solaris 2.5.1 telnet by sending ^D characters.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0273
Reference: XF:sun-telnet-kill
Name: CVE-1999-0274
Description:
Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0274
Reference: NAI:NAI-5
Reference: XF:nt-dns-dos
Name: CVE-1999-0275
Description:
Denial of service in Windows NT DNS servers by flooding port 53 with too many characters.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0275
Reference: MS:Q169461
Reference: XF:nt-dnscrash
Reference: XF:nt-dnsver
Name: CVE-1999-0276
Description:
mSQL v2.0.1 and below allows remote execution through a buffer overflow.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0276
Reference: SEKURE:sekure.01-99.msql
Reference: XF:msql-debug-bo
Name: CVE-1999-0277
Description:
The WorkMan program can be used to overwrite any file to get root access.
Status:EntryReference: CERT:CA-96.23.workman_vul
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0277
Reference: XF:workman
Name: CVE-1999-0278
Description:
In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.
Status:EntryReference: MS:MS98-003
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-003
Reference: OVAL:oval:org.mitre.oval:def:913
Reference: URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A913
Reference: XF:iis-asp-data-check
Name: CVE-1999-0279
Description:
Excite for Web Servers (EWS) allows remote command execution via shell metacharacters.
Status:EntryReference: BUGTRAQ:19971217 CGI security hole in EWS (Excite for Web Servers)
Reference: BUGTRAQ:19980115 Excite announcement
Reference: CERT:VB-98.01.excite
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0279
Reference: XF:excite-cgi-search-vuln
Name: CVE-1999-0280
Description:
Remote command execution in Microsoft Internet Explorer using .lnk and .url files.
Status:EntryReference: CIAC:H-38
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0280
Reference: NTBUGTRAQ:19970317 Internet Explorer Bug #4
Reference: XF:http-ie-lnkurl
Name: CVE-1999-0281
Description:
Denial of service in IIS using long URLs.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0281
Reference: XF:http-iis-longurl
Name: CVE-1999-0288
Description:
The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.
Status:EntryReference: BUGTRAQ:19970801 WINS flooding
Reference: BUGTRAQ:19970815 Re: WINS flooding
Reference: MISC:http://safenetworks.com/Windows/wins.html
Reference: MSKB:155701
Reference: NTBUGTRAQ:19970801 WINS flooding
Reference: XF:nt-winsupd-fix(1233)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1233
Name: CVE-1999-0289
Description:
The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0289
Name: CVE-1999-0290
Description:
The WinGate telnet proxy allows remote attackers to cause a denial of service via a large number of connections to localhost.
Status:EntryReference: BUGTRAQ:19980221 WinGate DoS
Reference: BUGTRAQ:19980326 WinGate Intermediary Fix/Update
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0290
Reference: XF:wingate-dos
Name: CVE-1999-0291
Description:
The WinGate proxy is installed without a password, which allows remote attackers to redirect connections without authentication.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0291
Reference: XF:wingate-unpassworded
Name: CVE-1999-0292
Description:
Denial of service through Winpopup using large user names.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0292
Reference: XF:nt-winpopup
Name: CVE-1999-0293
Description:
AAA authentication on Cisco systems allows attackers to execute commands without authorization.
Status:EntryReference: CISCO:http://www.cisco.com/warp/public/770/aaapair-pub.shtml
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0293
Reference: XF:cisco-ios-aaa-auth
Name: CVE-1999-0294
Description:
All records in a WINS database can be deleted through SNMP for a denial of service.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0294
Reference: XF:nt-wins-snmp2
Name: CVE-1999-0295
Description:
Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges.
Status:EntryReference: SUN:00157
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/157
Reference: XF:sun-sysdef
Name: CVE-1999-0296
Description:
Solaris volrmmount program allows attackers to read any file.
Status:EntryReference: SUN:00162
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/162
Reference: XF:sun-volrmmount
Name: CVE-1999-0297
Description:
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
Status:EntryReference: AUSCERT:AA-96.21
Reference: CIAC:H-17
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297
Reference: NAI:NAI-3
Reference: XF:vixie-cron
Name: CVE-1999-0299
Description:
Buffer overflow in FreeBSD lpd through long DNS hostnames.
Status:EntryReference: NAI:NAI-9
Reference: OSVDB:6093
Reference: URL:http://www.osvdb.org/6093
Name: CVE-1999-0300
Description:
nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers.
Status:EntryReference: SUN:00155
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/155
Reference: XF:sun-niscache
Name: CVE-1999-0301
Description:
Buffer overflow in SunOS/Solaris ps command.
Status:EntryReference: AUSCERT:AUSCERT-97.17
Reference: SUN:00149
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/149
Reference: XF:sun-ps2bo
Name: CVE-1999-0302
Description:
SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server.
Status:EntryReference: SUN:00176
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/176
Reference: XF:sun-ftp-server
Name: CVE-1999-0303
Description:
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0303
Reference: RSI:RSI.0002.05-18-98.BNU.UUCPD
Reference: XF:bnu-uucpd-bo
Name: CVE-1999-0304
Description:
mmap function in BSD allows local attackers in the kmem group to modify memory through devices.
Status:EntryReference: FREEBSD:FreeBSD-SA-98:02
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0304
Reference: XF:bsd-mmap
Name: CVE-1999-0305
Description:
The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections.
Status:EntryReference: MISC:http://www.openbsd.org/advisories/sourceroute.txt
Reference: OPENBSD:Feb15,1998 "IP Source Routing Problem"
Reference: OSVDB:11502
Reference: URL:http://www.osvdb.org/11502
Reference: XF:bsd-sourceroute(736)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/736
Name: CVE-1999-0308
Description:
HP-UX gwind program allows users to modify arbitrary files.
Status:EntryReference: CIAC:H-03: HP-UX suid Vulnerabilities
Reference: HP:HPSBUX9410-018
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9410-018
Reference: XF:hpux-gwind-overwrite
Name: CVE-1999-0309
Description:
HP-UX vgdisplay program gives root access to local users.
Status:EntryReference: CIAC:H-27: HP-UX vgdisplay Buffer Overrun Vulnerability
Reference: HP:HPSBUX9702-056
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9702-056
Reference: XF:hpux-vgdisplay
Name: CVE-1999-0310
Description:
SSH 1.2.25 on HP-UX allows access to new user accounts.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0310
Reference: XF:ssh-1225
Name: CVE-1999-0311
Description:
fpkg2swpk in HP-UX allows local users to gain root access.
Status:EntryReference: HP:HPSBUX9612-042
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9612-042
Reference: XF:hpux-fpkg2swpk
Name: CVE-1999-0312
Description:
HP ypbind allows attackers with root privileges to modify NIS data.
Status:EntryReference: CERT:CA-93:01.REVISED.HP.NIS.ypbind.vulnerability
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0312
Reference: XF:nis-ypbind
Name: CVE-1999-0313
Description:
disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames.
Status:EntryReference: BID:214
Reference: URL:http://www.securityfocus.com/bid/214
Reference: MISC:http://www.securityfocus.com/bid/213/exploit
Reference: OSVDB:936
Reference: URL:http://www.osvdb.org/936
Reference: SGI:19980701-01-P
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980701-01-P
Reference: XF:sgi-disk-bandwidth(1441)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1441
Name: CVE-1999-0314
Description:
ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames.
Status:EntryReference: BID:213
Reference: URL:http://www.securityfocus.com/bid/213
Reference: MISC:http://www.securityfocus.com/bid/213/exploit
Reference: OSVDB:6788
Reference: URL:http://www.osvdb.org/6788
Reference: SGI:19980701-01-P
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980701-01-P
Reference: XF:sgi-ioconfig(1199)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1199
Name: CVE-1999-0315
Description:
Buffer overflow in Solaris fdformat command gives root access to local users.
Status:EntryReference: SUN:00138
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/138
Reference: XF:fdformat-bo
Name: CVE-1999-0316
Description:
Buffer overflow in Linux splitvt command gives root access to local users.
Status:EntryReference: CIAC:G-08
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0316
Reference: XF:linux-splitvt
Name: CVE-1999-0318
Description:
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
Status:EntryReference: BUGTRAQ:19961125 Security Problems in XMCD
Reference: BUGTRAQ:19961125 XMCD v2.1 released (was: Security Problems in XMCD)
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0318
Reference: XF:xmcd-envbo
Name: CVE-1999-0320
Description:
SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.
Status:EntryReference: SUN:00166
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/166
Reference: XF:sun-rpc.cmsd
Name: CVE-1999-0321
Description:
Buffer overflow in Solaris kcms_configure command allows local users to gain root access.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0321
Reference: XF:sun-kcms-configure-bo
Name: CVE-1999-0322
Description:
The open() function in FreeBSD allows local attackers to write to arbitrary files.
Status:EntryReference: FREEBSD:FreeBSD-SA-97:05
Reference: OSVDB:6092
Reference: URL:http://www.osvdb.org/6092
Reference: XF:freebsd-open
Name: CVE-1999-0323
Description:
FreeBSD mmap function allows users to modify append-only or immutable files.
Status:EntryReference: FREEBSD:FreeBSD-SA-98:04
Reference: NETBSD:1998-003
Reference: URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1998-003.txt.asc
Reference: XF:bsd-mmap
Name: CVE-1999-0324
Description:
ppl program in HP-UX allows local users to create root files through symlinks.
Status:EntryReference: CIAC:H-31
Reference: HP:HPSBUX9702-053
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9702-053
Reference: XF:hp-ppllog
Name: CVE-1999-0325
Description:
vhe_u_mnt program in HP-UX allows local users to create root files through symlinks.
Status:EntryReference: HP:HPSBUX9406-013
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9406-013
Reference: XF:hp-vhe
Name: CVE-1999-0326
Description:
Vulnerability in HP-UX mediainit program.
Status:EntryReference: HP:HPSBUX9710-071
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9710-071
Reference: XF:hp-mediainit
Name: CVE-1999-0327
Description:
SGI syserr program allows local users to corrupt files.
Status:EntryReference: SGI:19971103-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19971103-01-PX
Reference: XF:sgi-syserr
Name: CVE-1999-0328
Description:
SGI permissions program allows local users to gain root privileges.
Status:EntryReference: SGI:19971103-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19971103-01-PX
Reference: XF:sgi-permtool
Name: CVE-1999-0329
Description:
SGI mediad program allows local users to gain root access.
Status:EntryReference: SGI:19980602-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980602-01-PX
Reference: XF:sgi-mediad
Name: CVE-1999-0332
Description:
Buffer overflow in NetMeeting allows denial of service and remote command execution.
Status:EntryReference: MSKB:Q184346
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q184346
Reference: XF:nt-netmeeting
Name: CVE-1999-0334
Description:
In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access.
Status:EntryReference: CERT:CA-93.19.Solaris.Startup.vulnerability
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0334
Reference: XF:sol-startup
Name: CVE-1999-0335
Description:
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Status:EntryName: CVE-1999-0337
Description:
AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.
Status:EntryReference: CERT:CA-94.10.IBM.AIX.bsh.vulnerability.html
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0337
Reference: XF:ibm-bsh
Name: CVE-1999-0338
Description:
AIX Licensed Program Product performance tools allow local users to gain root access.
Status:EntryReference: CERT:CA-94.03.AIX.performance.tools
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0338
Reference: XF:ibm-perf-tools
Name: CVE-1999-0339
Description:
Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0339
Reference: RSI:RSI.0007.05-26-98
Reference: XF:sol-sun-libauth
Name: CVE-1999-0340
Description:
Buffer overflow in Linux Slackware crond program allows local users to gain root access.
Status:EntryReference: KSRT:005
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0340
Reference: XF:linux-crond
Name: CVE-1999-0341
Description:
Buffer overflow in the Linux mail program "deliver" allows local users to gain root access.
Status:EntryReference: KSRT:006
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0341
Reference: XF:linux-deliver
Name: CVE-1999-0342
Description:
Linux PAM modules allow local users to gain root access using temporary files.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0342
Reference: REDHAT:http://www.redhat.com/corp/support/errata/rh42-errata-general.html#pam
Reference: XF:linux-pam-passwd-tmprace
Name: CVE-1999-0343
Description:
A malicious Palace server can force a client to execute arbitrary programs.
Status:EntryReference: BUGTRAQ:19981002 Announcements from The Palace (fwd)
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0343
Reference: XF:palace-malicious-servers-vuln
Name: CVE-1999-0344
Description:
NT users can gain debug-level access on a system process using the Sechole exploit.
Status:EntryReference: MS:MS98-009
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-009
Reference: MSKB:Q190288
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q190288
Reference: XF:nt-priv-fix
Name: CVE-1999-0346
Description:
CGI PHP mlog script allows an attacker to read any file on the target server.
Status:EntryReference: BID:713
Reference: URL:http://www.securityfocus.com/bid/713
Reference: BUGTRAQ:19971019 Vulnerability in PHP Example Logging Scripts
Reference: OSVDB:3397
Reference: URL:http://www.osvdb.org/3397
Reference: XF:http-cgi-php-mlog
Name: CVE-1999-0348
Description:
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
Status:EntryReference: MSKB:Q197003
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q197003
Reference: NTBUGTRAQ:Jan27,1999
Reference: OSVDB:930
Reference: URL:http://www.osvdb.org/930
Name: CVE-1999-0349
Description:
A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.
Status:EntryReference: BUGTRAQ:Jan27,1999
Reference: EEYE:IIS Remote FTP Exploit/DoS Attack
Reference: URL:http://www.eeye.com/html/Research/Advisories/IIS%20Remote%20FTP%20Exploit/DoS%20Attack.html
Reference: MS:MS99-003
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-003
Reference: MSKB:Q188348
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q188348
Reference: XF:iis-remote-ftp
Name: CVE-1999-0350
Description:
Race condition in the db_loader program in ClearCase gives local users root access by setting SUID bits.
Status:EntryReference: L0PHT:Feb8,1999
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0350
Reference: XF:clearcase-temp-race
Name: CVE-1999-0351
Description:
FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client.
Status:EntryReference: INFOWAR:01
Reference: MISC:http://attrition.org/security/advisory/misc/infowar/iw_sec_01.txt
Reference: XF:pasv-pizza-thief-dos(3389)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3389
Name: CVE-1999-0353
Description:
rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory.
Status:EntryReference: CIAC:J-026
Reference: URL:http://www.ciac.org/ciac/bulletins/j-026.shtml
Reference: HP:HPSBUX9902-091
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9902-091
Reference: XF:pcnfsd-world-write
Name: CVE-1999-0355
Description:
Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service.
Status:EntryReference: ISS:Multiple vulnerabilities in ControlIT(tm) (formerly Remotely Possible/32) enterprise management software
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0355
Reference: XF:controlit-reboot
Name: CVE-1999-0357
Description:
Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets.
Status:EntryReference: BUGTRAQ:19990125 Win98 crash?
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0357
Reference: XF:win98-oshare-dos
Name: CVE-1999-0358
Description:
Digital Unix 4.0 has a buffer overflow in the inc program of the mh package.
Status:EntryReference: BUGTRAQ:19990125 Digital Unix 4.0 exploitable buffer overflows
Reference: URL:http://www.securityfocus.com/archive/1/12121
Reference: CIAC:J-027
Reference: URL:http://www.ciac.org/ciac/bulletins/j-027.shtml
Reference: COMPAQ:SSRT0583U
Reference: XF:du-inc
Name: CVE-1999-0362
Description:
WS_FTP server remote denial of service through cwd command.
Status:EntryReference: BID:217
Reference: URL:http://www.securityfocus.com/bid/217
Reference: EEYE:AD02021999
Reference: URL:http://www.eeye.com/html/Research/Advisories/AD02021999.html
Reference: XF:wsftp-remote-dos
Name: CVE-1999-0363
Description:
SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise.
Status:EntryReference: BID:328
Reference: URL:http://www.securityfocus.com/bid/328
Reference: BUGTRAQ:Feb02,1999
Reference: XF:plp-lpc-bo
Name: CVE-1999-0365
Description:
The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry.
Status:EntryReference: BUGTRAQ:Feb04,1999
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0365
Reference: XF:metamail-header-commands
Name: CVE-1999-0366
Description:
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.
Status:EntryReference: MS:MS99-004
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-004
Reference: MSKB:Q214840
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q214840
Reference: XF:nt-sp4-auth-error
Name: CVE-1999-0367
Description:
NetBSD netstat command allows local users to access kernel memory.
Status:EntryReference: NETBSD:1999-002
Reference: OSVDB:7571
Reference: URL:http://www.osvdb.org/7571
Name: CVE-1999-0368
Description:
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
Status:EntryReference: CERT:CA-99.03
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368
Reference: NETECT:palmetto.ftpd
Reference: XF:palmetto-ftpd-bo
Name: CVE-1999-0369
Description:
The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.
Status:EntryReference: SUN:00183
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/183
Reference: XF:sun-sdtcm-convert-bo
Name: CVE-1999-0371
Description:
Lynx allows a local user to overwrite sensitive files through /tmp symlinks.
Status:EntryReference: BUGTRAQ:19990211 Lynx /tmp problem
Reference: CERT:VB-97.05.lynx
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0371
Reference: XF:lynx-temp-files-race
Name: CVE-1999-0372
Description:
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.
Status:EntryReference: MS:MS99-005
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-005
Reference: MSKB:Q217004
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q217004
Reference: XF:nt-backoffice-setup
Name: CVE-1999-0373
Description:
Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root.
Status:EntryReference: ISS:Buffer Overflow in "Super" package in Debian Linux
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0373
Reference: XF:linux-super-bo
Reference: XF:linux-super-logging-bo
Name: CVE-1999-0374
Description:
Debian GNU/Linux cfengine package is susceptible to a symlink attack.
Status:EntryReference: BUGTRAQ:Feb16,1999
Reference: DEBIAN:19990215
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0374
Reference: XF:linux-cfengine-symlinks
Name: CVE-1999-0375
Description:
Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands.
Status:EntryReference: BUGTRAQ:Feb16,1999
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0375
Reference: NAI:February 16, 1999
Reference: XF:nfr-webd-overflow
Name: CVE-1999-0376
Description:
Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.
Status:EntryReference: BUGTRAQ:Feb20,1999
Reference: L0PHT:Feb18,1999
Reference: MS:MS99-006
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-006
Reference: XF:nt-knowndlls-list
Name: CVE-1999-0377
Description:
Process table attack in Unix systems allows a remote attacker to perform a denial of service by filling a machine's process tables through multiple connections to network services.
Status:EntryReference: BUGTRAQ:Feb22,1999
Reference: SECTRACK:1033881
Reference: URL:http://www.securitytracker.com/id/1033881
Name: CVE-1999-0378
Description:
InterScan VirusWall for Solaris doesn't scan files for viruses when a single HTTP request includes two GET commands.
Status:EntryReference: BUGTRAQ:19990222 BlackHats Advisory -- InterScan VirusWall
Reference: BUGTRAQ:19990225 Patch for InterScan VirusWall for Unix now available
Reference: OSVDB:6167
Reference: URL:http://www.osvdb.org/6167
Reference: XF:viruswall-http-request
Name: CVE-1999-0379
Description:
Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting.
Status:EntryReference: BID:498
Reference: URL:http://www.securityfocus.com/bid/498
Reference: BUGTRAQ:19990223 Microsoft Security Bulletin (MS99-007)
Reference: MS:MS99-007
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-007
Reference: OSVDB:1019
Reference: URL:http://www.osvdb.org/1019
Reference: XF:win-resourcekit-taskpads
Name: CVE-1999-0380
Description:
SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user.
Status:EntryReference: BID:497
Reference: URL:http://www.securityfocus.com/bid/497
Reference: BUGTRAQ:19990225 ALERT: SLMail 3.2 (and 3.1) with the Remote Administration Service
Reference: URL:http://marc.info/?l=bugtraq&m=91996412724720&w=2
Reference: NTBUGTRAQ:199902225 ALERT: SLMail 3.2 (and 3.1) with the Remote Administration Service
Reference: URL:http://marc.info/?l=ntbugtraq&m=91999015212415&w=2
Reference: NTBUGTRAQ:SLmail 3.2 Build 3113 (Web Administration Security Fix)
Reference: URL:http://marc.info/?l=ntbugtraq&m=92110501504997&w=2
Reference: XF:slmail-ras-ntfs-bypass(5392)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5392
Name: CVE-1999-0382
Description:
The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.
Status:EntryReference: MS:MS99-008
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-008
Reference: XF:nt-screen-saver
Name: CVE-1999-0383
Description:
ACC Tigris allows public access without a login.
Status:EntryReference: BID:183
Reference: URL:http://www.securityfocus.com/bid/183
Reference: BUGTRAQ:19990103 Tigris vulnerability
Reference: OSVDB:267
Reference: URL:http://www.osvdb.org/267
Reference: XF:acc-tigris-login
Name: CVE-1999-0384
Description:
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.
Status:EntryReference: MS:MS99-001
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-001
Reference: XF:forms-vuln-patch
Name: CVE-1999-0385
Description:
The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.
Status:EntryReference: ISS:LDAP Buffer overflow against Microsoft Directory Services
Reference: MS:MS99-009
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-009
Reference: XF:ldap-exchange-overflow
Reference: XF:ldap-mds-dos
Name: CVE-1999-0386
Description:
Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.
Status:EntryReference: MS:MS99-010
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-010
Reference: OSVDB:111
Reference: URL:http://www.osvdb.org/111
Reference: XF:pws-file-access
Name: CVE-1999-0387
Description:
A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.
Status:EntryReference: BID:829
Reference: URL:http://www.securityfocus.com/bid/829
Reference: MS:MS99-052
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-052
Reference: MSKB:Q168115
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q168115
Reference: XF:9x-plaintext-pwd
Name: CVE-1999-0388
Description:
DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root.
Status:EntryReference: L0PHT:Jan3,1999
Reference: OSVDB:3186
Reference: URL:http://www.osvdb.org/3186
Reference: XF:datalynx-suguard-relative-paths
Name: CVE-1999-0390
Description:
Buffer overflow in Dosemu Slang library in Linux.
Status:EntryReference: BID:187
Reference: URL:http://www.securityfocus.com/bid/187
Reference: BUGTRAQ:19990104 Dosemu/S-Lang Overflow + sploit
Reference: CALDERA:CSSA-1999-006.1
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-006.1.txt
Name: CVE-1999-0391
Description:
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
Status:EntryReference: L0PHT:Jan. 5, 1999
Reference: MISC:https://marc.info/?l=bugtraq&m=91552769809542&w=2
Name: CVE-1999-0392
Description:
Buffer overflow in Thomas Boutell's cgic library version up to 1.05.
Status:EntryReference: BUGTRAQ:Jan10,1999
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0392
Reference: XF:http-cgic-library-bo
Name: CVE-1999-0393
Description:
Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.
Status:EntryReference: BUGTRAQ:19981212 ** Sendmail 8.9.2 DoS - exploit ** get what you want!
Reference: BUGTRAQ:19990121 Sendmail 8.8.x/8.9.x bugware
Reference: URL:http://marc.info/?l=bugtraq&m=91694391227372&w=2
Reference: XF:sendmail-parsing-redirection
Name: CVE-1999-0395
Description:
A race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server.
Status:EntryReference: ISS:19990118 Vulnerability in the BackWeb Polite Agent Protocol
Reference: URL:http://xforce.iss.net/alerts/advise17.php
Reference: XF:backweb-polite-agent-protocol
Name: CVE-1999-0396
Description:
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0396
Reference: NETBSD:1999-001
Reference: OPENBSD:Feb17,1999
Reference: XF:netbsd-tcp-race
Name: CVE-1999-0402
Description:
wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.
Status:EntryReference: BUGTRAQ:Feb2,1999
Reference: DEBIAN:19990220
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0402
Reference: XF:wget-permissions
Name: CVE-1999-0403
Description:
A bug in Cyrix CPUs on Linux allows local users to perform a denial of service.
Status:EntryReference: BUGTRAQ:19990204 Cyrix bug: freeze in hell, badboy
Reference: URL:http://marc.info/?l=bugtraq&m=91821080015725&w=2
Reference: XF:cyrix-hang
Name: CVE-1999-0404
Description:
Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution.
Status:EntryReference: BUGTRAQ:Feb14,1999
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0404
Reference: XF:mailmax-bo
Name: CVE-1999-0405
Description:
A buffer overflow in lsof allows local users to obtain root privilege.
Status:EntryReference: BUGTRAQ:Feb18,1999
Reference: DEBIAN:19990220a
Reference: HERT:002
Reference: OSVDB:3163
Reference: URL:http://www.osvdb.org/3163
Reference: XF:lsof-bo
Name: CVE-1999-0407
Description:
By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.
Status:EntryReference: BUGTRAQ:19990209 ALERT: IIS4 allows proxied password attacks over NetBIOS
Reference: URL:http://marc.info/?l=bugtraq&m=91983486431506&w=2
Reference: BUGTRAQ:19990209 Re: IIS4 allows proxied password attacks over NetBIOS
Reference: URL:http://marc.info/?l=bugtraq&m=92000623021036&w=2
Reference: XF:iis-iisadmpwd
Name: CVE-1999-0408
Description:
Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server.
Status:EntryReference: BID:337
Reference: URL:http://www.securityfocus.com/bid/337
Reference: BUGTRAQ:19990225 Cobalt root exploit
Reference: XF:cobalt-raq-history-exposure
Name: CVE-1999-0409
Description:
Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access.
Status:EntryReference: BID:319
Reference: URL:http://www.securityfocus.com/bid/319
Reference: BUGTRAQ:19990304 Linux /usr/bin/gnuplot overflow
Reference: XF:gnuplot-home-overflow
Name: CVE-1999-0410
Description:
The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access.
Status:EntryReference: BID:293
Reference: URL:http://www.securityfocus.com/bid/293
Reference: BUGTRAQ:Mar5,1999
Reference: XF:sol-cancel
Name: CVE-1999-0412
Description:
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.
Status:EntryReference: BID:501
Reference: URL:http://www.securityfocus.com/bid/501
Reference: BUGTRAQ:Feb19,1999
Reference: XF:iis-isapi-execute
Name: CVE-1999-0413
Description:
A buffer overflow in the SGI X server allows local users to gain root access through the X server font path.
Status:EntryReference: SGI:19990301-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19990301-01-PX
Reference: XF:irix-font-path-overflow
Name: CVE-1999-0414
Description:
In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0414
Reference: NAI:Linux Blind TCP Spoofing
Reference: XF:linux-blind-spoof
Name: CVE-1999-0415
Description:
The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration.
Status:EntryReference: CIAC:J-034
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/j-034.shtml
Reference: CISCO:19990311 Cisco 7xx TCP and HTTP Vulnerabilities
Reference: URL:http://www.cisco.com/warp/public/770/7xxconn-pub.shtml
Reference: ISS:19990311 Remote Reconfiguration and Denial of Service Vulnerabilities in Cisco 700 ISDN Routers
Reference: XF:cisco-router-commands
Reference: XF:cisco-web-config
Name: CVE-1999-0416
Description:
Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port.
Status:EntryReference: CIAC:J-034
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/j-034.shtml
Reference: CISCO:19990311 Cisco 7xx TCP and HTTP Vulnerabilities
Reference: URL:http://www.cisco.com/warp/public/770/7xxconn-pub.shtml
Reference: ISS:19990311 Remote Reconfiguration and Denial of Service Vulnerabilities in Cisco 700 ISDN Routers
Reference: XF:cisco-web-crash
Name: CVE-1999-0417
Description:
64 bit Solaris 7 procfs allows local users to perform a denial of service.
Status:EntryReference: BID:448
Reference: URL:http://www.securityfocus.com/bid/448
Reference: BUGTRAQ:Mar9,1999
Reference: OSVDB:1001
Reference: URL:http://www.osvdb.org/1001
Reference: XF:solaris-psinfo-crash
Name: CVE-1999-0420
Description:
umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0420
Reference: NETBSD:1999-006
Name: CVE-1999-0421
Description:
During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password.
Status:EntryReference: BID:338
Reference: URL:http://www.securityfocus.com/bid/338
Reference: ISS:Short-Term High-Risk Vulnerability During Slackware 3.6 Network Installations
Reference: OSVDB:981
Reference: URL:http://www.osvdb.org/981
Reference: XF:linux-slackware-install
Name: CVE-1999-0422
Description:
In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0422
Reference: NETBSD:1999-007
Name: CVE-1999-0423
Description:
Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges.
Status:EntryReference: HP:HPSBUX9903-093
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-093
Reference: XF:hp-hpterm-files
Name: CVE-1999-0424
Description:
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424
Reference: SUSE:Mar18,1999
Reference: XF:netscape-talkback-overwrite
Name: CVE-1999-0425
Description:
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425
Reference: SUSE:Mar18,1999
Reference: XF:netscape-talkback-kill
Name: CVE-1999-0428
Description:
OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
Status:EntryReference: BUGTRAQ:19990322 OpenSSL/SSLeay Security Alert
Reference: OSVDB:3936
Reference: URL:http://www.osvdb.org/3936
Reference: XF:ssl-session-reuse
Name: CVE-1999-0429
Description:
The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference.
Status:EntryReference: BUGTRAQ:19990323
Reference: URL:http://marc.info/?l=bugtraq&m=92221437025743&w=2
Reference: BUGTRAQ:19990324 Re: LNotes encryption
Reference: URL:http://marc.info/?l=bugtraq&m=92241547418689&w=2
Reference: BUGTRAQ:19990326 Lotus Notes Encryption Bug
Reference: URL:http://marc.info/?l=bugtraq&m=92246997917866&w=2
Reference: BUGTRAQ:19990326 Re: Lotus Notes security advisory
Reference: URL:http://marc.info/?l=bugtraq&m=92249282302994&w=2
Reference: XF:lotus-client-encryption
Name: CVE-1999-0430
Description:
Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload.
Status:EntryReference: CISCO:Cisco Catalyst Supervisor Remote Reload
Reference: ISS:Remote Denial of Service Vulnerability in Cisco Catalyst Series Ethernet Switches
Reference: OSVDB:1103
Reference: URL:http://www.osvdb.org/1103
Reference: XF:cisco-catalyst-crash
Name: CVE-1999-0432
Description:
ftp on HP-UX 11.00 allows local users to gain privileges.
Status:EntryReference: HP:HPSBUX9903-094
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-094
Reference: XF:hp-ftp
Name: CVE-1999-0433
Description:
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
Status:EntryReference: BUGTRAQ:19990321 X11R6 NetBSD Security Problem
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433
Reference: SUSE:Mar28,1999
Reference: XF:xfree86-temp-directories
Name: CVE-1999-0436
Description:
Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges.
Status:EntryReference: HP:HPSBUX9903-095
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-095
Reference: XF:hp-desms-servers
Name: CVE-1999-0437
Description:
Remote attackers can perform a denial of service in WebRamp systems by sending a malicious string to the HTTP port.
Status:EntryReference: ISS:WebRamp Denial of Service Attacks
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0437
Reference: XF:webramp-device-crash
Name: CVE-1999-0438
Description:
Remote attackers can perform a denial of service in WebRamp systems by sending a malicious UDP packet to port 5353, changing its IP address.
Status:EntryReference: ISS:WebRamp Denial of Service Attacks
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0438
Reference: XF:webramp-ipchange
Name: CVE-1999-0439
Description:
Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.
Status:EntryReference: BUGTRAQ:19990405 Re: [SECURITY] new version of procmail with security fixes
Reference: CALDERA:CSSA-1999:007
Reference: DEBIAN:19990422
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0439
Reference: XF:procmail-overflow
Name: CVE-1999-0440
Description:
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
Status:EntryReference: BID:1939
Reference: URL:http://www.securityfocus.com/bid/1939
Reference: BUGTRAQ:19990405 Security Hole in Java 2 (and JDK 1.1.x)
Reference: URL:http://marc.info/?l=bugtraq&m=92333596624452&w=2
Reference: CONFIRM:http://java.sun.com/pr/1999/03/pr990329-01.html
Reference: XF:java-unverified-code
Name: CVE-1999-0441
Description:
Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service.
Status:EntryReference: BID:509
Reference: URL:http://www.securityfocus.com/bid/509
Reference: EEYE:AD02221999
Reference: URL:http://www.eeye.com/html/Research/Advisories/AD02221999.html
Reference: XF:wingate-redirector-dos
Name: CVE-1999-0442
Description:
Solaris ff.core allows local users to modify files.
Status:EntryReference: BID:327
Reference: URL:http://www.securityfocus.com/bid/327
Reference: BUGTRAQ:19990107 really silly ff.core exploit for Solaris
Reference: BUGTRAQ:19990108 ff.core exploit on Solaris (2.)7
Reference: BUGTRAQ:19990408 Solaris7 and ff.core
Name: CVE-1999-0445
Description:
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.
Status:EntryReference: CISCO:Cisco IOS(R) Software Input Access List Leakage with NAT
Reference: OSVDB:1104
Reference: URL:http://www.osvdb.org/1104
Reference: XF:cisco-natacl-leakage
Name: CVE-1999-0446
Description:
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.
Status:EntryReference: NETBSD:1999-008
Reference: OSVDB:7051
Reference: URL:http://www.osvdb.org/7051
Reference: XF:netbsd-vfslocking-panic
Name: CVE-1999-0447
Description:
Local users can gain privileges using the debug utility in the MPE/iX operating system.
Status:EntryReference: HP:HPSBMP9904-006
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMP9904-006
Reference: XF:mpeix-debug
Name: CVE-1999-0448
Description:
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
Status:EntryReference: BUGTRAQ:19990121 IIS 4 Request Logging Security Advisory
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0448
Reference: XF:iis-http-request-logging
Name: CVE-1999-0449
Description:
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.
Status:EntryReference: BID:193
Reference: URL:http://www.securityfocus.com/bid/193
Reference: BUGTRAQ:19990125 Re: [NTSEC] IIS 4 Advisory - ExAir sample site DoS
Reference: BUGTRAQ:19990126 IIS 4 Advisory - ExAir sample site DoS
Reference: NTBUGTRAQ:19990126 IIS 4 Advisory - ExAir sample site DoS
Reference: OSVDB:2
Reference: URL:http://www.osvdb.org/2
Reference: OSVDB:3
Reference: URL:http://www.osvdb.org/3
Reference: OSVDB:4
Reference: URL:http://www.osvdb.org/4
Reference: XF:iis-exair-dos
Name: CVE-1999-0457
Description:
Linux ftpwatch program allows local users to gain root privileges.
Status:EntryReference: BID:317
Reference: URL:http://www.securityfocus.com/bid/317
Reference: BUGTRAQ:Jan17,1999
Reference: DEBIAN:19990117
Reference: XF:ftpwatch-vuln
Name: CVE-1999-0458
Description:
L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password information.
Status:EntryReference: BUGTRAQ:Jan6,1999
Reference: OSVDB:915
Reference: URL:http://www.osvdb.org/915
Reference: XF:l0phtcrack-temp-files
Name: CVE-1999-0463
Description:
Remote attackers can perform a denial of service using IRIX fcagent.
Status:EntryReference: SGI:19981201-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19981201-01-PX
Reference: XF:sgi-fcagent-dos
Name: CVE-1999-0464
Description:
Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames.
Status:EntryReference: BUGTRAQ:19990104 Tripwire mess..
Reference: URL:http://marc.info/?l=bugtraq&m=91553066310826&w=2
Reference: CONFIRM:http://marc.info/?l=bugtraq&m=91592136122066&w=2
Reference: OSVDB:6609
Reference: URL:http://www.osvdb.org/6609
Name: CVE-1999-0466
Description:
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device.
Status:EntryReference: NETBSD:1999-009
Reference: OSVDB:905
Reference: URL:http://www.osvdb.org/905
Name: CVE-1999-0468
Description:
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.
Status:EntryReference: BUGTRAQ:Apr9,1999
Reference: MS:MS99-012
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-012
Reference: XF:ie-scriplet-fileread
Name: CVE-1999-0470
Description:
A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.
Status:EntryReference: BID:482
Reference: URL:http://www.securityfocus.com/bid/482
Reference: BUGTRAQ:19990409 New Novell Remote.NLM Password Decryption Algorithm with Exploit
Reference: XF:netware-remotenlm-passwords
Name: CVE-1999-0471
Description:
The remote proxy server in Winroute allows a remote attacker to reconfigure the proxy without authentication through the "cancel" button.
Status:EntryReference: BUGTRAQ:Apr9,1999
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0471
Reference: XF:winroute-config
Name: CVE-1999-0472
Description:
The SNMP default community name "public" is not properly removed in NetApps C630 Netcache, even if the administrator tries to disable it.
Status:EntryReference: BUGTRAQ:Apr7,1999
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0472
Reference: XF:netcache-snmp
Name: CVE-1999-0473
Description:
The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred.
Status:EntryReference: BID:145
Reference: URL:http://www.securityfocus.com/bid/145
Reference: BUGTRAQ:19990407 rsync 2.3.1 release - security fix
Reference: CALDERA:CSSA-1999:010.0
Reference: DEBIAN:19990823
Reference: XF:rsync-permissions
Name: CVE-1999-0474
Description:
The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory.
Status:EntryReference: BUGTRAQ:Apr5,1999
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0474
Reference: XF:icq-webserver-read
Name: CVE-1999-0475
Description:
A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.
Status:EntryReference: BUGTRAQ:Apr5,1999
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0475
Reference: XF:procmail-race
Name: CVE-1999-0478
Description:
Denial of service in HP-UX sendmail 8.8.6 related to accepting connections.
Status:EntryReference: HP:HPSBUX9904-097
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9904-097
Reference: XF:sendmail-headers-dos
Name: CVE-1999-0479
Description:
Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems.
Status:EntryReference: HP:HPSBUX9903-092
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-092
Reference: XF:netscape-server-dos
Name: CVE-1999-0481
Description:
Denial of service in "poll" in OpenBSD.
Status:EntryReference: OPENBSD:Mar22,1999
Reference: OSVDB:7556
Reference: URL:http://www.osvdb.org/7556
Name: CVE-1999-0482
Description:
OpenBSD kernel crash through TSS handling, as caused by the crashme program.
Status:EntryReference: OPENBSD:Mar21,1999
Reference: OSVDB:7557
Reference: URL:http://www.osvdb.org/7557
Name: CVE-1999-0483
Description:
OpenBSD crash using nlink value in FFS and EXT2FS filesystems.
Status:EntryReference: OPENBSD:Feb25,1999
Reference: OSVDB:6129
Reference: URL:http://www.osvdb.org/6129
Name: CVE-1999-0484
Description:
Buffer overflow in OpenBSD ping.
Status:EntryReference: OPENBSD:Feb23,1999
Reference: OSVDB:6130
Reference: URL:http://www.osvdb.org/6130
Name: CVE-1999-0485
Description:
Remote attackers can cause a system crash through ipintr() in ipq in OpenBSD.
Status:EntryReference: OPENBSD:Feb19,1999
Reference: OSVDB:7558
Reference: URL:http://www.osvdb.org/7558
Reference: XF:openbsd-ipintr-race
Name: CVE-1999-0487
Description:
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files.
Status:EntryReference: MS:MS99-011
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-011
Reference: XF:ie-dhtml-control
Name: CVE-1999-0491
Description:
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.
Status:EntryReference: BID:119
Reference: URL:http://www.securityfocus.com/bid/119
Reference: BUGTRAQ:19990420 Bash Bug
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9904202114070.6623-100000@smooth.Operator.org
Reference: CALDERA:CSSA-1999-008.0
Reference: URL:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-008.0.txt
Name: CVE-1999-0493
Description:
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd.
Status:EntryReference: BID:450
Reference: URL:http://www.securityfocus.com/bid/450
Reference: BUGTRAQ:19990103 SUN almost has a clue! (automountd)
Reference: URL:http://marc.info/?l=bugtraq&m=91547759121289&w=2
Reference: CERT:CA-99-05
Reference: URL:http://www.cert.org/advisories/CA-99-05-statd-automountd.html
Reference: CIAC:J-045
Reference: URL:http://www.ciac.org/ciac/bulletins/j-045.shtml
Reference: SUN:00186
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/186&type=0&nav=sec.sba
Name: CVE-1999-0494
Description:
Denial of service in WinGate proxy through a buffer overflow in POP3.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0494
Reference: XF:wingate-pop3-user-bo
Name: CVE-1999-0496
Description:
A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.
Status:EntryReference: MSKB:Q146965
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q146965
Reference: XF:nt-getadmin
Reference: XF:nt-getadmin-present
Name: CVE-1999-0513
Description:
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
Status:EntryReference: CERT:CA-98.01.smurf
Reference: FREEBSD:FreeBSD-SA-98:06
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0513
Reference: XF:smurf
Name: CVE-1999-0514
Description:
UDP messages to broadcast addresses are allowed, allowing for a Fraggle attack that can cause a denial of service by flooding the target.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0514
Reference: XF:fraggle
Name: CVE-1999-0526
Description:
An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.
Status:EntryReference: CERT-VN:VU#704969
Reference: URL:http://www.kb.cert.org/vuls/id/704969
Reference: XF:xcheck-keystroke
Name: CVE-1999-0551
Description:
HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests.
Status:EntryReference: HP:HPSBUX9804-078
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9804-078
Reference: XF:hp-openmail
Name: CVE-1999-0566
Description:
An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0566
Reference: XF:ibm-syslogd
Reference: XF:syslog-flood
Name: CVE-1999-0608
Description:
An incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information.
Status:EntryReference: BUGTRAQ:19990420 Shopping Carts exposing CC data
Reference: URL:http://marc.info/?l=bugtraq&m=92462991805485&w=2
Reference: CONFIRM:http://www.pdgsoft.com/Security/security.html.
Reference: XF:pdgsoftcart-misconfig(3857)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3857
Name: CVE-1999-0612
Description:
A version of finger is running that exposes valid user information to any entity on the network.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0612
Reference: XF:finger-out
Reference: XF:finger-running
Name: CVE-1999-0626
Description:
A version of rusers is running that exposes valid user information to any entity on the network.
Status:EntryReference: MISC:https://www.cve.org/CVERecord?id=CVE-1999-0626
Reference: XF:ruser
Reference: XF:rusersd
Name: CVE-1999-0627
Description:
The rexd service is running, which uses weak authentication that can allow an attacker to execute commands.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0627
Reference: XF:rexd
Name: CVE-1999-0628
Description:
The rwho/rwhod service is running, which exposes machine status and user information.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0628
Reference: XF:rwhod
Name: CVE-1999-0668
Description:
The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
Status:EntryReference: BID:598
Reference: URL:http://www.securityfocus.com/bid/598
Reference: BUGTRAQ:19990821 IE 5.0 allows executing programs
Reference: CIAC:J-064
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/j-064.shtml
Reference: MS:MS99-032
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-032
Reference: MSKB:Q240308
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q240308
Reference: XF:ms-scriptlet-eyedog-unsafe
Name: CVE-1999-0671
Description:
Buffer overflow in ToxSoft NextFTP client through CWD command.
Status:EntryReference: BID:572
Reference: URL:http://www.securityfocus.com/bid/572
Reference: XF:toxsoft-nextftp-cwd-bo
Name: CVE-1999-0672
Description:
Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics.
Status:EntryReference: BID:573
Reference: URL:http://www.securityfocus.com/bid/573
Reference: XF:fujitsu-topic-bo
Name: CVE-1999-0674
Description:
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
Status:EntryReference: BID:570
Reference: URL:http://www.securityfocus.com/bid/570
Reference: BUGTRAQ:19990809 profil(2) bug, a simple test program
Reference: CIAC:J-067
Reference: URL:http://www.ciac.org/ciac/bulletins/j-067.shtml
Reference: FREEBSD:FreeBSD-SA-99:02
Reference: NETBSD:1999-011
Reference: OPENBSD:Aug 9,1999
Reference: XF:netbsd-profil
Name: CVE-1999-0675
Description:
Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host.
Status:EntryReference: BID:576
Reference: URL:http://www.securityfocus.com/bid/576
Reference: BUGTRAQ:19990809 FW1 UDP Port 0 DoS
Reference: URL:http://www.securityfocus.com/archive/1/23615
Reference: OSVDB:1038
Reference: URL:http://www.osvdb.org/1038
Reference: XF:checkpoint-port
Name: CVE-1999-0676
Description:
sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.
Status:EntryReference: BID:575
Reference: URL:http://www.securityfocus.com/bid/575
Reference: BUGTRAQ:19990808 sdtcm_convert
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=19990809134220.A1191@hades.chaoz.org
Reference: XF:sun-sdtcm-convert
Name: CVE-1999-0678
Description:
A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.
Status:EntryReference: BID:318
Reference: URL:http://www.securityfocus.com/bid/318
Reference: BUGTRAQ:19990405 An issue with Apache on Debian
Reference: XF:apache-debian-usrdoc
Name: CVE-1999-0679
Description:
Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows remote attackers to execute commands via m_invite invite option.
Status:EntryReference: BID:581
Reference: URL:http://www.securityfocus.com/bid/581
Reference: BUGTRAQ:19990813 w00w00's efnet ircd advisory (exploit included)
Reference: CONFIRM:http://www.efnet.org/archive/servers/hybrid/ChangeLog
Reference: XF:hybrid-ircd-minvite-bo
Name: CVE-1999-0680
Description:
Windows NT Terminal Server performs extra work when a client opens a new connection but before it is authenticated, allowing for a denial of service.
Status:EntryReference: BID:571
Reference: URL:http://www.securityfocus.com/bid/571
Reference: CIAC:J-057
Reference: URL:http://www.ciac.org/ciac/bulletins/j-057.shtml
Reference: MS:MS99-028
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-028
Reference: MSKB:Q238600
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q238600
Reference: XF:nt-terminal-dos
Name: CVE-1999-0681
Description:
Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL.
Status:EntryReference: BID:568
Reference: URL:http://www.securityfocus.com/bid/568
Reference: BUGTRAQ:19990807 Crash FrontPage Remotely...
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/1999-q3/0381.html
Reference: XF:frontpage-pws-dos(3117)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3117
Name: CVE-1999-0682
Description:
Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying features are enabled.
Status:EntryReference: BID:567
Reference: URL:http://www.securityfocus.com/bid/567
Reference: CIAC:J-056
Reference: URL:http://www.ciac.org/ciac/bulletins/j-056.shtml
Reference: MS:MS99-027
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-027
Reference: MSKB:Q237927
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q237927
Reference: XF:exchange-relay
Name: CVE-1999-0683
Description:
Denial of service in Gauntlet Firewall via a malformed ICMP packet.
Status:EntryReference: BID:556
Reference: URL:http://www.securityfocus.com/bid/556
Reference: BUGTRAQ:19990729 Remotely Lock Up Gauntlet 5.0
Reference: OSVDB:1029
Reference: URL:http://www.osvdb.org/1029
Reference: XF:gauntlet-dos
Name: CVE-1999-0685
Description:
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
Status:EntryReference: BID:618
Reference: URL:http://www.securityfocus.com/bid/618
Reference: BUGTRAQ:19991209 Netscape communicator 4.06J, 4.5J-4.6J, 4.61e Buffer Overflow
Name: CVE-1999-0686
Description:
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
Status:EntryReference: BUGTRAQ:19990514 TGAD DoS
Reference: BUGTRAQ:19990610 Re: VVOS/Netscape Bug
Reference: CIAC:J-046
Reference: URL:http://www.ciac.org/ciac/bulletins/j-046.shtml
Reference: HP:HPSBUX9906-098
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9906-098
Reference: XF:hp-tgad-dos
Name: CVE-1999-0687
Description:
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
Status:EntryReference: BID:637
Reference: URL:http://www.securityfocus.com/bid/637
Reference: BUGTRAQ:19990913 Vulnerability in ttsession
Reference: CERT:CA-99-11
Reference: CIAC:K-001
Reference: URL:http://www.ciac.org/ciac/bulletins/k-001.shtml
Reference: COMPAQ:SSRT0617U_TTSESSION
Reference: HP:HPSBUX9909-103
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103
Reference: SUN:00192
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192
Reference: XF:cde-ttsession-rpc-auth
Name: CVE-1999-0688
Description:
Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x.
Status:EntryReference: BID:545
Reference: URL:http://www.securityfocus.com/bid/545
Reference: HP:HPSBUX9907-101
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9907-101
Reference: XF:hp-sd-bo
Name: CVE-1999-0689
Description:
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
Status:EntryReference: BID:636
Reference: URL:http://www.securityfocus.com/bid/636
Reference: BUGTRAQ:19990913 Vulnerability in dtspcd
Reference: CERT:CA-99-11
Reference: HP:HPSBUX9909-103
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103
Reference: OVAL:oval:org.mitre.oval:def:1880
Reference: URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1880
Reference: SUN:00192
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192
Reference: XF:cde-dtspcd-file-auth
Name: CVE-1999-0690
Description:
HP CDE program includes the current directory in root's PATH variable.
Status:EntryReference: CIAC:J-053
Reference: URL:http://www.ciac.org/ciac/bulletins/j-053.shtml
Reference: HP:HPSBUX9907-100
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9907-100
Reference: XF:hp-cde-directory
Name: CVE-1999-0691
Description:
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
Status:EntryReference: BID:635
Reference: URL:http://www.securityfocus.com/bid/635
Reference: BUGTRAQ:19990913 Vulnerability in dtaction
Reference: CERT:CA-99-11
Reference: COMPAQ:SSRTO615U_DTACTION
Reference: HP:HPSBUX9909-103
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103
Reference: OVAL:oval:org.mitre.oval:def:3078
Reference: URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3078
Reference: SUN:00192
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192
Reference: XF:cde-dtaction-username-bo
Name: CVE-1999-0692
Description:
The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges.
Status:EntryReference: CERT:CA-99-09
Reference: CIAC:J-052
Reference: URL:http://www.ciac.org/ciac/bulletins/j-052.shtml
Reference: SGI:19990701-01-P
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19990701-01-P
Reference: XF:sgi-arrayd
Name: CVE-1999-0693
Description:
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
Status:EntryReference: BID:641
Reference: URL:http://www.securityfocus.com/bid/641
Reference: CERT:CA-99-11
Reference: HP:HPSBUX9909-103
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103
Reference: OVAL:oval:org.mitre.oval:def:4374
Reference: URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4374
Reference: SUN:00192
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192
Reference: XF:cde-dtsession-env-bo
Name: CVE-1999-0694
Description:
Denial of service in AIX ptrace system call allows local users to crash the system.
Status:EntryReference: CIAC:J-055
Reference: URL:http://www.ciac.org/ciac/bulletins/j-055.shtml
Reference: IBM:ERS-SVA-E01-1999:002.1
Reference: XF:aix-ptrace-halt
Name: CVE-1999-0695
Description:
The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. (dot dot) attack.
Status:EntryReference: BID:620
Reference: URL:http://www.securityfocus.com/bid/620
Reference: BUGTRAQ:19990904 [Sybase] software vendors do not think about old bugs
Reference: OSVDB:1064
Reference: URL:http://www.osvdb.org/1064
Reference: XF:http-powerdynamo-dotdotslash
Name: CVE-1999-0696
Description:
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).
Status:EntryReference: BUGTRAQ:19990709 Exploit of rpc.cmsd
Reference: CERT:CA-99-08
Reference: CIAC:J-051
Reference: URL:http://www.ciac.org/ciac/bulletins/j-051.shtml
Reference: COMPAQ:SSRT0614U_RPC_CMSD
Reference: HP:HPSBUX9908-102
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9908-102
Reference: SCO:SB-99.12
Reference: SUN:00188
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/188
Reference: SUNBUG:4230754
Reference: XF:sun-cmsd-bo
Name: CVE-1999-0697
Description:
SCO Doctor allows local users to gain root privileges through a Tools option.
Status:EntryReference: BID:621
Reference: URL:http://www.securityfocus.com/bid/621
Reference: BUGTRAQ:19990908 SCO 5.0.5 /bin/doctor nightmare
Reference: XF:sco-doctor-execute
Name: CVE-1999-0699
Description:
The Bluestone Sapphire web server allows session hijacking via easily guessable session IDs.
Status:EntryReference: BID:623
Reference: URL:http://www.securityfocus.com/bid/623
Reference: BUGTRAQ:19990908 [Security] Spoofed Id in Bluestone Sapphire/Web
Name: CVE-1999-0700
Description:
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.
Status:EntryReference: MS:MS99-026
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-026
Reference: MSKB:Q237185
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q237185
Reference: XF:nt-malformed-dialer
Name: CVE-1999-0701
Description:
After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.
Status:EntryReference: BID:626
Reference: URL:http://www.securityfocus.com/bid/626
Reference: MS:MS99-036
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-036
Reference: MSKB:Q173039
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q173039
Reference: XF:nt-install-unattend-file
Name: CVE-1999-0702
Description:
Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Export Favorites feature, aka the "ImportExportFavorites" vulnerability.
Status:EntryReference: BID:627
Reference: URL:http://www.securityfocus.com/bid/627
Reference: BUGTRAQ:19990909 IE 5.0 security vulnerabilities - ImportExportFavorites - at least creating and overwriting files, probably executing programs
Reference: MS:MS99-037
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037
Reference: MSKB:Q241361
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q241361
Reference: XF:ie5-import-export-favorites
Name: CVE-1999-0703
Description:
OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character and block devices.
Status:EntryReference: BUGTRAQ:19990805 4.4 BSD issue -- chflags
Reference: CIAC:J-066
Reference: URL:http://www.ciac.org/ciac/bulletins/j-066.shtml
Reference: FREEBSD:FreeBSD-SA-99:01
Reference: OPENBSD:Jul30,1999
Reference: XF:openbsd-chflags-fchflags-permitted
Name: CVE-1999-0704
Description:
Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
Status:EntryReference: BID:614
Reference: URL:http://www.securityfocus.com/bid/614
Reference: CALDERA:CSSA-1999:024.0
Reference: CERT:CA-99-12
Reference: DEBIAN:19991018
Reference: FREEBSD:SA-99:06
Reference: REDHAT:RHSA-1999:032-01
Reference: XF:amd-bo
Name: CVE-1999-0705
Description:
Buffer overflow in INN inews program.
Status:EntryReference: BID:616
Reference: URL:http://www.securityfocus.com/bid/616
Reference: CALDERA:CSSA-1999-026
Reference: DEBIAN:19990907
Reference: REDHAT:RHSA1999033_01
Reference: SUSE:19990831 Security hole in INN
Reference: XF:inn-inews-bo
Name: CVE-1999-0706
Description:
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.
Status:EntryReference: BID:583
Reference: URL:http://www.securityfocus.com/bid/583
Reference: DEBIAN:19990807
Reference: SUSE:19990817 Security hole in i4l (xmonisdn)
Name: CVE-1999-0707
Description:
The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization.
Status:EntryReference: BID:493
Reference: URL:http://www.securityfocus.com/bid/493
Reference: CIAC:J-050
Reference: URL:http://www.ciac.org/ciac/bulletins/j-050.shtml
Reference: HP:HPSBUX9906-099
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9906-099
Reference: XF:hp-visualize-conference-ftp
Name: CVE-1999-0708
Description:
Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field.
Status:EntryReference: BID:651
Reference: URL:http://www.securityfocus.com/bid/651
Reference: BUGTRAQ:19990921 BP9909-00: cfingerd local buffer overflow
Name: CVE-1999-0710
Description:
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
Status:EntryReference: BID:2059
Reference: URL:http://www.securityfocus.com/bid/2059
Reference: BUGTRAQ:19990725 Redhat 6.0 cachemgr.cgi lameness
Reference: CONFIRM:http://www.redhat.com/support/errata/archives/rh52-errata-general.html#squid
Reference: DEBIAN:DSA-576
Reference: URL:http://www.debian.org/security/2004/dsa-576
Reference: FEDORA:FEDORA-2005-373
Reference: URL:http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html
Reference: FEDORA:FLSA-2006:152809
Reference: URL:http://fedoranews.org/updates/FEDORA--.shtml
Reference: REDHAT:RHSA-1999:025
Reference: URL:http://www.redhat.com/support/errata/RHSA-1999-025.html
Reference: REDHAT:RHSA-2005:489
Reference: URL:http://www.redhat.com/support/errata/RHSA-2005-489.html
Reference: XF:http-cgi-cachemgr(2385)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2385
Name: CVE-1999-0711
Description:
The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root.
Status:EntryReference: BUGTRAQ:19990430 *Huge* security hole in Oracle 8.0.5 with Intellegent agent installed
Reference: URL:http://marc.info/?t=92550157100002&w=2&r=1
Reference: BUGTRAQ:19990506 Oracle Security Followup, patch and FAQ: setuid on oratclsh
Reference: URL:http://marc.info/?l=bugtraq&m=92609807906778&w=2
Reference: XF:oracle-oratclsh
Name: CVE-1999-0713
Description:
The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.
Status:EntryReference: BUGTRAQ:19990404 Digital Unix 4.0E /var permission
Reference: CIAC:J-044
Reference: URL:http://www.ciac.org/ciac/bulletins/j-044.shtml
Reference: COMPAQ:SSRT0600U
Reference: XF:cde-dtlogin
Name: CVE-1999-0714
Description:
Vulnerability in Compaq Tru64 UNIX edauth command.
Status:EntryReference: COMPAQ:SSRT0588U
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0714
Reference: XF:du-edauth
Name: CVE-1999-0715
Description:
Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.
Status:EntryReference: BUGTRAQ:19990519 Buffer Overruns in RAS allows execution of arbitary code as system
Reference: MS:MS99-016
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-016
Reference: MSKB:Q230677
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q230677
Reference: XF:nt-ras-bo
Name: CVE-1999-0716
Description:
Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.
Status:EntryReference: MS:MS99-015
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-015
Reference: MSKB:Q231605
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q231605
Reference: XF:nt-helpfile-bo
Name: CVE-1999-0717
Description:
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
Status:EntryReference: MS:MS99-014
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-014
Reference: MSKB:Q231304
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q231304
Reference: XF:excel-virus-warning
Name: CVE-1999-0718
Description:
IBM GINA, when used for OS/2 domain authentication of Windows NT users, allows local users to gain administrator privileges by changing the GroupMapping registry key.
Status:EntryReference: BID:608
Reference: URL:http://www.securityfocus.com/bid/608
Reference: NTBUGTRAQ:19990823 IBM Gina security warning
Reference: URL:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9908&L=ntbugtraq&F=&S=&P=5534
Reference: XF:ibm-gina-group-add(3166)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3166
Name: CVE-1999-0719
Description:
The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code.
Status:EntryReference: BID:563
Reference: URL:http://www.securityfocus.com/bid/563
Reference: BUGTRAQ:19990802 Gnumeric potential security hole.
Reference: REDHAT:RHSA-1999:023-01
Reference: XF:gnu-guile-plugin-export
Name: CVE-1999-0720
Description:
The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users.
Status:EntryReference: BID:597
Reference: URL:http://www.securityfocus.com/bid/597
Reference: BUGTRAQ:19990823 [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD / lynx / vlock / mc / glibc 2.0.x
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=lcamtuf.4.05.9907041223290.355-300000@nimue.ids.pl
Reference: XF:linux-pt-chown
Name: CVE-1999-0721
Description:
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
Status:EntryReference: BINDVIEW:Phantom Technical Advisory
Reference: CIAC:J-049
Reference: URL:http://www.ciac.org/ciac/bulletins/j-049.shtml
Reference: MS:MS99-020
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-020
Reference: MSKB:Q231457
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q231457
Reference: XF:msrpc-lsa-lookupnames-dos
Name: CVE-1999-0722
Description:
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages.
Status:EntryReference: BID:558
Reference: URL:http://www.securityfocus.com/bid/558
Reference: CERT:CA-99-10
Reference: XF:cobalt-raq2-default-config
Name: CVE-1999-0723
Description:
The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.
Status:EntryReference: BID:478
Reference: URL:http://www.securityfocus.com/bid/478
Reference: CIAC:J-049
Reference: URL:http://www.ciac.org/ciac/bulletins/j-049.shtml
Reference: MS:MS99-021
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-021
Reference: MSKB:Q233323
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q233323
Reference: NTBUGTRAQ:19990411 Death by MessageBox
Reference: XF:nt-csrss-dos
Name: CVE-1999-0724
Description:
Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function.
Status:EntryReference: OPENBSD:Aug12,1999
Reference: OSVDB:6128
Reference: URL:http://www.osvdb.org/6128
Reference: XF:openbsd-uio_offset-bo
Name: CVE-1999-0725
Description:
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page".
Status:EntryReference: BID:477
Reference: URL:http://www.securityfocus.com/bid/477
Reference: MS:MS99-022
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-022
Reference: MSKB:Q233335
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q233335
Reference: XF:iis-double-byte-code-page(2302)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2302
Name: CVE-1999-0726
Description:
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
Status:EntryReference: BID:499
Reference: URL:http://www.securityfocus.com/bid/499
Reference: MS:MS99-023
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-023
Reference: MSKB:Q234557
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q234557
Reference: XF:nt-malformed-image-header
Name: CVE-1999-0727
Description:
A kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.
Status:EntryReference: OPENBSD:19990608 Packets that should have been handled by IPsec may be transmitted as cleartext
Reference: OSVDB:6127
Reference: URL:http://www.osvdb.org/6127
Reference: XF:openbsd-ipsec-cleartext
Name: CVE-1999-0728
Description:
A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.
Status:EntryReference: MS:MS99-024
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-024
Reference: MSKB:Q236359
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q236359
Reference: XF:nt-ioctl-dos
Name: CVE-1999-0729
Description:
Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to conduct a denial of service through the ldap_search request.
Status:EntryReference: BID:601
Reference: URL:http://www.securityfocus.com/bid/601
Reference: CIAC:J-061
Reference: URL:http://www.ciac.org/ciac/bulletins/j-061.shtml
Reference: ISS:19990823 Denial of Service Attack against Lotus Notes Domino Server 4.6
Reference: URL:http://xforce.iss.net/alerts/advise34.php
Reference: OSVDB:1057
Reference: URL:http://www.osvdb.org/1057
Reference: XF:lotus-ldap-bo
Name: CVE-1999-0730
Description:
The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack.
Status:EntryReference: DEBIAN:19990612
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0730
Name: CVE-1999-0731
Description:
The KDE klock program allows local users to unlock a session using malformed input.
Status:EntryReference: BID:489
Reference: URL:http://www.securityfocus.com/bid/489
Reference: BUGTRAQ:19990623 Security flaw in klock
Reference: CALDERA:CSSA-1999:017
Reference: MISC:https://github.com/KDE/kde1-kdebase/commit/04906bd5de2f220bf100b605dad37b4a1d9a91a6
Reference: SUSE:19990629 Security hole in Klock
Name: CVE-1999-0732
Description:
The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.
Status:EntryReference: DEBIAN:19990823b
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0732
Reference: XF:smtp-refuser-tmp
Name: CVE-1999-0733
Description:
Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable.
Status:EntryReference: BID:490
Reference: URL:http://www.securityfocus.com/bid/490
Reference: BUGTRAQ:19990626 VMWare Advisory - buffer overflows
Reference: BUGTRAQ:19990626 VMware Security Alert
Reference: BUGTRAQ:19990705 Re: VMWare Advisory.. - exploit
Reference: XF:vmware-bo
Name: CVE-1999-0734
Description:
A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication.
Status:EntryReference: CISCO:19990819 CiscoSecure Access Control Server for UNIX Remote Administration Vulnerability
Reference: URL:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-19990819-dbaccess
Reference: XF:ciscosecure-read-write(3133)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3133
Name: CVE-1999-0735
Description:
KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories.
Status:EntryReference: BID:300
Reference: URL:http://www.securityfocus.com/bid/300
Reference: CALDERA:CSSA-1999:016
Reference: ISS:KDE K-Mail File Creation Vulnerability
Reference: REDHAT:RHSA-1999:015-01
Reference: URL:http://www.redhat.com/support/errata/RHSA1999015_01.html
Name: CVE-1999-0740
Description:
Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.
Status:EntryReference: BID:594
Reference: URL:http://www.securityfocus.com/bid/594
Reference: CALDERA:CSSA-1999:022
Reference: REDHAT:RHSA1999029_01
Reference: XF:linux-telnetd-term
Name: CVE-1999-0742
Description:
The Debian mailman package uses weak authentication, which allows attackers to gain privileges.
Status:EntryReference: BID:480
Reference: URL:http://www.securityfocus.com/bid/480
Reference: DEBIAN:19990623
Name: CVE-1999-0743
Description:
Trn allows local users to overwrite other users' files via symlinks.
Status:EntryReference: BUGTRAQ:19990819 Insecure use of file in /tmp by trn
Reference: DEBIAN:19990823c
Reference: SUSE:19990824 Security hole in trn
Reference: XF:trn-symlinks(3144)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3144
Name: CVE-1999-0744
Description:
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
Status:EntryReference: BID:603
Reference: URL:http://www.securityfocus.com/bid/603
Reference: ISS:Buffer Overflow in Netscape Enterprise and FastTrack Web Servers
Name: CVE-1999-0745
Description:
Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.
Status:EntryReference: BID:590
Reference: URL:http://www.securityfocus.com/bid/590
Reference: CIAC:J-059
Reference: URL:http://www.ciac.org/ciac/bulletins/j-059.shtml
Reference: IBM:ERS-SVA-E01-1999:003.1
Reference: XF:aix-pdnsd-bo
Name: CVE-1999-0746
Description:
A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.
Status:EntryReference: BID:587
Reference: URL:http://www.securityfocus.com/bid/587
Reference: BUGTRAQ:19990814 DOS against SuSE's identd
Reference: SUSE:19990824 Security hole in netcfg
Reference: XF:suse-identd-dos
Name: CVE-1999-0747
Description:
Denial of service in BSDi Symmetric Multiprocessing (SMP) when an fstat call is made when the system has a high CPU load.
Status:EntryReference: BID:589
Reference: URL:http://www.securityfocus.com/bid/589
Reference: BUGTRAQ:19990816 Symmetric Multiprocessing (SMP) Vulnerbility in BSDi 4.0.1
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.BSI.4.10.9908170253560.19291-100000@saturn.psn.net
Reference: XF:bsdi-smp-dos
Name: CVE-1999-0749
Description:
Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.
Status:EntryReference: BID:586
Reference: URL:http://www.securityfocus.com/bid/586
Reference: BUGTRAQ:19990815 telnet.exe heap overflow - remotely exploitable
Reference: MS:MS99-033
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-033
Reference: XF:win-ie5-telnet-heap-overflow
Name: CVE-1999-0751
Description:
Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.
Status:EntryReference: BID:631
Reference: URL:http://www.securityfocus.com/bid/631
Reference: BUGTRAQ:19990913 Accept overflow on Netscape Enterprise Server 3.6 SP2
Reference: XF:netscape-accept-bo(3256)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3256
Name: CVE-1999-0752
Description:
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.
Status:EntryReference: BUGTRAQ:19990706 Netscape Enterprise Server SSL Handshake Bug
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0752
Name: CVE-1999-0753
Description:
The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories.
Status:EntryReference: BID:591
Reference: URL:http://www.securityfocus.com/bid/591
Reference: BUGTRAQ:19990817 Stupid bug in W3-msql
Reference: XF:mini-sql-w3-msql-cgi
Name: CVE-1999-0754
Description:
The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable.
Status:EntryReference: BID:255
Reference: URL:http://www.securityfocus.com/bid/255
Reference: BUGTRAQ:19990511 INN 2.0 and higher. Root compromise potential
Reference: CALDERA:CSSA-1999-011.0
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-011.0.txt
Reference: MISC:http://www.redhat.com/corp/support/errata/inn99_05_22.html
Reference: SUSE:19990518 Security hole in INN
Reference: XF:inn-innconf-env
Name: CVE-1999-0755
Description:
Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.
Status:EntryReference: MS:MS99-017
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-017
Reference: MSKB:Q230681
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q230681
Reference: XF:nt-ras-pwcache
Name: CVE-1999-0756
Description:
ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility.
Status:EntryReference: ALLAIRE:ASB99-07
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=10968&Method=Full
Reference: XF:coldfusion-admin-dos(2207)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2207
Name: CVE-1999-0758
Description:
Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.
Status:EntryReference: ALLAIRE:ASB99-06
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0758
Reference: XF:netscape-space-view
Name: CVE-1999-0759
Description:
Buffer overflow in FuseMAIL POP service via long USER and PASS commands.
Status:EntryReference: BID:634
Reference: URL:http://www.securityfocus.com/bid/634
Reference: BUGTRAQ:19990913 Many kind of POP3/SMTP server softwares for Windows have buffer overflow bug
Reference: CONFIRM:http://www.crosswinds.net/~fuseware/faq.html#8
Reference: XF:fuseware-popmail-bo
Name: CVE-1999-0760
Description:
Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges.
Status:EntryReference: ALLAIRE:ASB99-10
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=11714&Method=Full
Reference: BID:550
Reference: URL:http://www.securityfocus.com/bid/550
Reference: XF:coldfusion-server-cfml-tags(3288)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3288
Name: CVE-1999-0761
Description:
Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program.
Status:EntryReference: BID:644
Reference: URL:http://www.securityfocus.com/bid/644
Reference: FREEBSD:FreeBSD-SA-99:05
Reference: OSVDB:1074
Reference: URL:http://www.osvdb.org/1074
Reference: XF:freebsd-fts-lib-bo
Name: CVE-1999-0762
Description:
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
Status:EntryReference: BUGTRAQ:19990524 Netscape Communicator JavaScript in <TITLE> security vulnerability
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762
Reference: XF:netscape-title
Name: CVE-1999-0763
Description:
NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.
Status:EntryReference: NETBSD:1999-010
Reference: OSVDB:6540
Reference: URL:http://www.osvdb.org/6540
Reference: XF:netbsd-arp
Name: CVE-1999-0764
Description:
NetBSD allows ARP packets to overwrite static ARP entries.
Status:EntryReference: NETBSD:1999-010
Reference: OSVDB:6539
Reference: URL:http://www.osvdb.org/6539
Reference: XF:netbsd-arp
Name: CVE-1999-0765
Description:
SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor.
Status:EntryReference: BID:262
Reference: URL:http://www.securityfocus.com/bid/262
Reference: BUGTRAQ:19990619 IRIX midikeys root exploit.
Reference: SGI:19990501-01-A
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19990501-01-A
Reference: XF:irix-midikeys
Name: CVE-1999-0766
Description:
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.
Status:EntryReference: BID:600
Reference: URL:http://www.securityfocus.com/bid/600
Reference: MS:MS99-031
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-031
Reference: MSKB:Q240346
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q240346
Reference: XF:msvm-verifier-java
Name: CVE-1999-0768
Description:
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.
Status:EntryReference: BID:602
Reference: URL:http://www.securityfocus.com/bid/602
Reference: REDHAT:RHSA-1999:030-02
Reference: SUSE:19990829 Security hole in cron
Name: CVE-1999-0769
Description:
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
Status:EntryReference: BID:611
Reference: URL:http://www.securityfocus.com/bid/611
Reference: CALDERA:CSSA-1999:023.0
Reference: DEBIAN:19990830 cron
Reference: REDHAT:RHSA-1999:030-02
Reference: SUSE:19990829 Security hole in cron
Name: CVE-1999-0770
Description:
Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems.
Status:EntryReference: BID:549
Reference: URL:http://www.securityfocus.com/bid/549
Reference: BUGTRAQ:19990729 Simple DOS attack on FW-1
Reference: CHECKPOINT:ACK DOS ATTACK
Reference: OSVDB:1027
Reference: URL:http://www.osvdb.org/1027
Name: CVE-1999-0771
Description:
The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BUGTRAQ:19990526 Infosec.19990526.compaq-im.a
Reference: COMPAQ:SSRT0612U
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0771
Reference: XF:management-agent-file-read
Name: CVE-1999-0772
Description:
Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301.
Status:EntryReference: BUGTRAQ:19990527 Re: Infosec.19990526.compaq-im.a (New DoS and correction to my previous post)
Reference: COMPAQ:SSRT0612U
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0772
Reference: XF:management-agent-dos
Name: CVE-1999-0773
Description:
Buffer overflow in Solaris lpset program allows local users to gain root access.
Status:EntryReference: BUGTRAQ:19990511 Solaris2.6 and 2.7 lpset overflow
Reference: URL:http://www.netspace.org/cgi-bin/wa?A2=ind9905B&L=bugtraq&P=R2017
Reference: XF:sol-lpset-bo
Name: CVE-1999-0774
Description:
Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names.
Status:EntryReference: BID:617
Reference: URL:http://www.securityfocus.com/bid/617
Reference: BUGTRAQ:19990830 Babcia Padlina Ltd. security advisory: mars_nwe buffer overf
Reference: REDHAT:RHSA1999037_01
Reference: SUSE:19990916 Security hole in mars nwe
Name: CVE-1999-0775
Description:
Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.
Status:EntryReference: CISCO:19990610 Cisco IOS Software established Access List Keyword Error
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0775
Reference: XF:cisco-gigaswitch
Name: CVE-1999-0777
Description:
IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.
Status:EntryReference: BID:658
Reference: URL:http://www.securityfocus.com/bid/658
Reference: MS:MS99-039
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-039
Reference: MSKB:Q241407
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q241407
Reference: MSKB:Q242559
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q242559
Reference: XF:iis-ftp-no-access-files
Name: CVE-1999-0778
Description:
Buffer overflow in Xi Graphics Accelerated-X server allows local users to gain root access via a long display or query parameter.
Status:EntryReference: BID:488
Reference: URL:http://www.securityfocus.com/bid/488
Reference: BUGTRAQ:19990626 KSR[T] #011: Accelerated-X
Reference: KSRT:011
Reference: XF:accelx-display-bo
Name: CVE-1999-0779
Description:
Denial of service in HP-UX SharedX recserv program.
Status:EntryReference: HP:HPSBUX9810-086
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9810-086
Reference: XF:hp-sharedx
Name: CVE-1999-0780
Description:
KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.
Status:EntryReference: BUGTRAQ:19981118 Multiple KDE security vulnerabilities (root compromise)
Reference: URL:http://marc.info/?l=bugtraq&m=91141486301691&w=2
Reference: XF:kde-klock-process-kill
Name: CVE-1999-0781
Description:
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
Status:EntryReference: BUGTRAQ:19981118 Multiple KDE security vulnerabilities (root compromise)
Reference: URL:http://marc.info/?l=bugtraq&m=91141486301691&w=2
Reference: XF:kde-klock-bindir-trojans
Name: CVE-1999-0782
Description:
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
Status:EntryReference: BUGTRAQ:19981118 Multiple KDE security vulnerabilities (root compromise)
Reference: URL:http://marc.info/?l=bugtraq&m=91141486301691&w=2
Reference: XF:kde-kppp-directory-create
Name: CVE-1999-0783
Description:
FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system.
Status:EntryReference: CIAC:I-057
Reference: URL:http://www.ciac.org/ciac/bulletins/i-057.shtml
Reference: FREEBSD:FreeBSD-SA-98:05
Reference: OSVDB:6090
Reference: URL:http://www.osvdb.org/6090
Reference: XF:freebsd-nfs-link-dos
Name: CVE-1999-0785
Description:
The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in the inn.conf file.
Status:EntryReference: BID:254
Reference: URL:http://www.securityfocus.com/bid/254
Reference: BUGTRAQ:19990511 INN 2.0 and higher. Root compromise potential
Reference: SUSE:19990518 Security hole in INN
Reference: XF:inn-pathrun
Name: CVE-1999-0786
Description:
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.
Status:EntryReference: BID:659
Reference: URL:http://www.securityfocus.com/bid/659
Reference: BUGTRAQ:19990922 LD_PROFILE local root exploit for solaris 2.6
Name: CVE-1999-0787
Description:
The SSH authentication agent follows symlinks via a UNIX domain socket.
Status:EntryReference: BID:660
Reference: URL:http://www.securityfocus.com/bid/660
Reference: BUGTRAQ:19990917 A few bugs...
Reference: URL:http://marc.info/?l=bugtraq&m=93760201002154&w=2
Reference: BUGTRAQ:19990924 [Fwd: Truth about ssh 1.2.27 vulnerability]
Reference: URL:http://marc.info/?l=bugtraq&m=93832856804415&w=2
Reference: XF:ssh-socket-auth-symlink-dos
Name: CVE-1999-0788
Description:
Arkiea nlservd allows remote attackers to conduct a denial of service.
Status:EntryReference: BID:662
Reference: URL:http://www.securityfocus.com/bid/662
Reference: BUGTRAQ:19990924 Multiple vendor Knox Arkiea local root/remote DoS
Reference: URL:http://marc.info/?l=bugtraq&m=93837184228248&w=2
Reference: XF:arkiea-backup-nlserverd-remote-dos
Name: CVE-1999-0789
Description:
Buffer overflow in AIX ftpd in the libc library.
Status:EntryReference: BID:679
Reference: URL:http://www.securityfocus.com/bid/679
Reference: BUGTRAQ:19990928 Remote bufferoverflow exploit for ftpd from AIX 4.3.2 running on an RS6000
Reference: CIAC:J-072
Reference: URL:http://www.ciac.org/ciac/bulletins/j-072.shtml
Reference: IBM:ERS-SVA-E01-1999:004.1
Reference: XF:aix-ftpd-bo
Name: CVE-1999-0790
Description:
A remote attacker can read information from a Netscape user's cache via JavaScript.
Status:EntryReference: MISC:http://home.netscape.com/security/notes/jscachebrowsing.html
Reference: XF:netscape-javascript
Name: CVE-1999-0791
Description:
Hybrid Network cable modems do not include an authentication mechanism for administration, allowing remote attackers to compromise the system through the HSMP protocol.
Status:EntryReference: BID:695
Reference: URL:http://www.securityfocus.com/bid/695
Reference: BUGTRAQ:19991006 KSR[T] Advisories #012: Hybrid Network's Cable Modems
Reference: KSRT:012
Reference: XF:hybrid-anon-cable-modem-reconfig
Name: CVE-1999-0793
Description:
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.
Status:EntryReference: MS:MS99-043
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-043
Reference: XF:ie-java-redirect
Name: CVE-1999-0794
Description:
Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file.
Status:EntryReference: MS:MS99-044
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-044
Reference: MSKB:Q241900
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q241900
Reference: MSKB:Q241901
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q241901
Reference: MSKB:Q241902
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q241902
Reference: XF:excel-sylk
Name: CVE-1999-0796
Description:
FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks.
Status:EntryReference: FREEBSD:SA-98.03
Reference: OSVDB:6089
Reference: URL:http://www.osvdb.org/6089
Reference: XF:freebsd-ttcp-spoof
Name: CVE-1999-0797
Description:
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.
Status:EntryReference: CIAC:I-070
Reference: URL:http://www.ciac.org/ciac/bulletins/i-070.shtml
Reference: ISS:19980629 Distributed DoS attack against NIS/NIS+ based networks.
Reference: XF:sun-nis-nisplus
Name: CVE-1999-0799
Description:
Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location.
Status:EntryReference: BUGTRAQ:19970725 Exploitable buffer overflow in bootpd (most unices)
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0799
Reference: XF:bootpd-bo
Name: CVE-1999-0800
Description:
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
Status:EntryReference: ALLAIRE:ASB99-05
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=9602&Method=Full
Reference: NTBUGTRAQ:19990211 ACFUG List: Alert: Allaire Forums GetFile bug
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html
Reference: OSVDB:944
Reference: URL:http://www.osvdb.org/944
Reference: XF:allaire-forums-file-read(1748)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1748
Name: CVE-1999-0801
Description:
BMC Patrol allows remote attackers to gain access to an agent by spoofing frames.
Status:EntryReference: BUGTRAQ:19990409 Patrol security bugs
Reference: URL:http://www.securityfocus.com/archive/1/13204
Reference: XF:bmc-patrol-frames(2075)
Reference: URL:http://www.iss.net/security_center/static/2075.php
Name: CVE-1999-0802
Description:
Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon.
Status:EntryReference: BUGTRAQ:19990503 MSIE 5 FAVICON BUG
Reference: MS:MS99-018
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-018
Reference: MSKB:Q231450
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q231450
Reference: XF:ie-favicon
Name: CVE-1999-0803
Description:
The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack.
Status:EntryReference: BUGTRAQ:19990525 IBM eNetwork Firewall for AIX
Reference: URL:http://marc.info/?l=bugtraq&m=92765973207648&w=2
Reference: OSVDB:962
Reference: URL:http://www.osvdb.org/962
Reference: XF:ibm-enfirewall-tmpfiles
Name: CVE-1999-0804
Description:
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
Status:EntryReference: BID:302
Reference: URL:http://www.securityfocus.com/bid/302
Reference: BUGTRAQ:19990601 Linux kernel 2.2.x vulnerability/exploit
Reference: CALDERA:CSSA-1999:013
Reference: DEBIAN:19990607
Reference: REDHAT:19990603 Kernel Update
Reference: SUSE:19990602 Denial of Service on the 2.2 kernel
Name: CVE-1999-0806
Description:
Buffer overflow in Solaris dtprintinfo program.
Status:EntryReference: BUGTRAQ:19990510 Solaris2.6,2.7 dtprintinfo exploits
Reference: OSVDB:6552
Reference: URL:http://www.osvdb.org/6552
Reference: XF:cde-dtprintinfo
Name: CVE-1999-0807
Description:
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0807
Reference: XF:netscape-dirsvc-password
Name: CVE-1999-0809
Description:
Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".
Status:EntryReference: BUGTRAQ:19990709 Communicator 4.[56]x, JavaScript used to bypass cookie settings
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809
Name: CVE-1999-0810
Description:
Denial of service in Samba NETBIOS name service daemon (nmbd).
Status:EntryReference: BUGTRAQ:19990721 Samba 2.0.5 security fixes
Reference: CALDERA:CSSA-1999:018.0
Reference: DEBIAN:19990731
Reference: DEBIAN:19990804
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0810
Reference: REDHAT:RHSA-1999:022-02
Reference: SUSE:19990816 Security hole in Samba
Name: CVE-1999-0811
Description:
Buffer overflow in Samba smbd program via a malformed message command.
Status:EntryReference: BID:536
Reference: URL:http://www.securityfocus.com/bid/536
Reference: BUGTRAQ:19990721 Samba 2.0.5 security fixes
Reference: CALDERA:CSSA-1999:018.0
Reference: DEBIAN:19990731 Samba
Reference: REDHAT:RHSA-1999:022-02
Reference: SUSE:19990816 Security hole in Samba
Reference: XF:samba-message-bo
Name: CVE-1999-0812
Description:
Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations.
Status:EntryReference: BUGTRAQ:19990721 Samba 2.0.5 security fixes
Reference: CALDERA:CSSA-1999:018.0
Reference: DEBIAN:19990731
Reference: DEBIAN:19990804
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0812
Reference: REDHAT:RHSA-1999:022-02
Reference: SUSE:19990816 Security hole in Samba
Name: CVE-1999-0813
Description:
Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges.
Status:EntryReference: BUGTRAQ:19980724 CFINGERD root security hole
Reference: BUGTRAQ:19990810 Severe bug in cfingerd before 1.4.0
Reference: DEBIAN:19990814
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0813
Reference: XF:cfingerd-privileges
Name: CVE-1999-0814
Description:
Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.
Status:EntryReference: REDHAT:RHSA-1999:027
Reference: URL:http://www.redhat.com/support/errata/RHSA-1999-027.html
Name: CVE-1999-0815
Description:
Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries.
Status:EntryReference: MSKB:Q196270
Reference: URL:http://support.microsoft.com/support/kb/articles/q196/2/70.asp
Reference: OVAL:oval:org.mitre.oval:def:952
Reference: URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A952
Reference: XF:nt-snmpagent-leak(1974)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1974
Name: CVE-1999-0817
Description:
Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0817
Reference: SUSE:19990915 Security hole in lynx
Name: CVE-1999-0819
Description:
NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it.
Status:EntryReference: BUGTRAQ:19991130 NTmail and VRFY
Reference: URL:http://marc.info/?l=bugtraq&m=94398141118586&w=2
Reference: NTBUGTRAQ:19991130 NTmail and VRFY
Reference: XF:nt-mail-vrfy
Name: CVE-1999-0820
Description:
FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands.
Status:EntryReference: BID:838
Reference: URL:http://www.securityfocus.com/bid/838
Reference: BUGTRAQ:19991130 Several FreeBSD-3.3 vulnerabilities
Reference: OSVDB:5996
Reference: URL:http://www.osvdb.org/5996
Reference: XF:freebsd-seyon-dir-add
Name: CVE-1999-0823
Description:
Buffer overflow in FreeBSD xmindpath allows local users to gain privileges via -f argument.
Status:EntryReference: BID:839
Reference: URL:http://www.securityfocus.com/bid/839
Reference: BUGTRAQ:19991130 Several FreeBSD-3.3 vulnerabilities
Reference: OSVDB:1150
Reference: URL:http://www.osvdb.org/1150
Reference: XF:freebsd-xmindpath
Name: CVE-1999-0824
Description:
A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.
Status:EntryReference: BID:833
Reference: URL:http://www.securityfocus.com/bid/833
Reference: BUGTRAQ:19991130 Subst.exe carelessness (fwd)
Reference: NTBUGTRAQ:19991130 SUBST problem
Name: CVE-1999-0826
Description:
Buffer overflow in FreeBSD angband allows local users to gain privileges.
Status:EntryReference: BID:840
Reference: URL:http://www.securityfocus.com/bid/840
Reference: BUGTRAQ:19991130 Several FreeBSD-3.3 vulnerabilities
Reference: OSVDB:1151
Reference: URL:http://www.osvdb.org/1151
Reference: XF:angband-bo
Name: CVE-1999-0831
Description:
Denial of service in Linux syslogd via a large number of connections.
Status:EntryReference: BID:809
Reference: URL:http://www.securityfocus.com/bid/809
Reference: BUGTRAQ:19991130 [david@slackware.com: New Patches for Slackware 4.0 Available]
Reference: CALDERA:CSSA-1999-035.0
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-035.0.txt
Reference: REDHAT:RHSA1999055-01
Reference: SUSE:19991118 syslogd-1.3.33 (a1)
Reference: XF:slackware-syslogd-dos
Name: CVE-1999-0832
Description:
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.
Status:EntryReference: BID:782
Reference: URL:http://www.securityfocus.com/bid/782
Reference: BUGTRAQ:19991109 undocumented bugs - nfsd
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.20.9911091058140.12964-100000@mail.zigzag.pl
Reference: BUGTRAQ:19991130 [david@slackware.com: New Patches for Slackware 4.0 Available]
Reference: CALDERA:CSSA-1999-033.0
Reference: URL:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-033.0.txt
Reference: DEBIAN:19991111 buffer overflow in nfs server
Reference: URL:http://www.debian.org/security/1999/19991111
Reference: REDHAT:RHSA-1999:053-01
Reference: URL:http://www.redhat.com/support/errata/rh42-errata-general.html#NFS
Reference: SUSE:19991110 Security hole in nfs-server < 2.2beta47 within nkita
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_29.html
Reference: XF:linux-nfs-maxpath-bo
Name: CVE-1999-0833
Description:
Buffer overflow in BIND 8.2 via NXT records.
Status:EntryReference: BID:788
Reference: URL:http://www.securityfocus.com/bid/788
Reference: CALDERA:CSSA-1999-034.1
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt
Reference: CERT:CA-99-14
Reference: DEBIAN:19991116 Denial of service vulnerabilities in bind
Reference: REDHAT:RHSA-1999:054-01
Reference: SUSE:19991111 Security hole in bind8 < 8.2.2p2 and bind4 < 4.9.7-REL
Reference: XF:bind-nxt-bo
Name: CVE-1999-0834
Description:
Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library.
Status:EntryReference: BID:843
Reference: URL:http://www.securityfocus.com/bid/843
Reference: BUGTRAQ:19991201 Security Advisory: Buffer overflow in RSAREF2
Reference: BUGTRAQ:19991202 OpenBSD sslUSA26 advisory (Re: CORE-SDI: Buffer overflow in RSAREF2)
Reference: CERT:CA-99-15
Reference: XF:rsaref-bo
Name: CVE-1999-0835
Description:
Denial of service in BIND named via malformed SIG records.
Status:EntryReference: BID:788
Reference: URL:http://www.securityfocus.com/bid/788
Reference: CALDERA:CSSA-1999-034.1
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt
Reference: CERT:CA-99-14
Reference: DEBIAN:19991116 Denial of service vulnerabilities in bind
Reference: REDHAT:RHSA-1999:054-01
Reference: SUSE:19991111 Security hole in bind8 < 8.2.2p2 and bind4 < 4.9.7-REL
Reference: XF:bind-sigrecord-dos
Name: CVE-1999-0836
Description:
UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.
Status:EntryReference: BID:842
Reference: URL:http://www.securityfocus.com/bid/842
Reference: BUGTRAQ:19991202 UnixWare 7 uidadmin exploit + discussion
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=19991202160111.20553.qmail@nwcst282.netaddress.usa.net
Reference: SCO:SB-99.22a
Reference: URL:ftp://ftp.sco.com/SSE/security_bulletins/SB-99.22a
Reference: XF:unixware-uid-admin
Name: CVE-1999-0837
Description:
Denial of service in BIND by improperly closing TCP sessions via so_linger.
Status:EntryReference: BID:788
Reference: URL:http://www.securityfocus.com/bid/788
Reference: CALDERA:CSSA-1999-034.1
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt
Reference: CERT:CA-99-14
Reference: DEBIAN:19991116 Denial of service vulnerabilities in bind
Reference: REDHAT:RHSA-1999:054-01
Reference: SUN:00194
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194
Reference: SUSE:19991111 Security hole in bind8 < 8.2.2p2 and bind4 < 4.9.7-REL
Reference: XF:bind-solinger-dos
Name: CVE-1999-0838
Description:
Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE command.
Status:EntryReference: BID:859
Reference: URL:http://www.securityfocus.com/bid/859
Reference: BUGTRAQ:19991202 Remote DoS Attack in Serv-U FTP-Server v2.5a Vulnerability
Reference: XF:servu-ftp-site-bo
Name: CVE-1999-0839
Description:
Windows NT Task Scheduler installed with Internet Explorer 5 allows a user to gain privileges by modifying the job after it has been scheduled.
Status:EntryReference: BID:828
Reference: URL:http://www.securityfocus.com/bid/828
Reference: MS:MS99-051
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-051
Reference: MSKB:Q246972
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q246972
Reference: NTBUGTRAQ:19991130 Windows NT Task Scheduler vulnerability allows user to administrator elevation
Reference: XF:ie-task-scheduler-privs
Name: CVE-1999-0842
Description:
Symantec Mail-Gear 1.0 web interface server allows remote users to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:827
Reference: URL:http://www.securityfocus.com/bid/827
Reference: BUGTRAQ:19991129 Symantec Mail-Gear 1.0 Web interface Server Directory Traversal Vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=NCBBKFKDOLAGKIAPMILPCEAFCBAA.labs@ussrback.com
Reference: NTBUGTRAQ:19991129 Symantec Mail-Gear 1.0 Web interface Server Directory Traversal Vulnerability
Reference: OSVDB:1144
Reference: URL:http://www.osvdb.org/1144
Reference: XF:symantec-mail-dir-traversal
Name: CVE-1999-0847
Description:
Buffer overflow in free internet chess server (FICS) program, xboard.
Status:EntryReference: BUGTRAQ:19991129 FICS buffer overflow
Reference: MISC:https://marc.info/?l=bugtraq&m=94407791819019&w=2
Reference: XF:fics-board-bo
Name: CVE-1999-0848
Description:
Denial of service in BIND named via consuming more than "fdmax" file descriptors.
Status:EntryReference: BID:788
Reference: URL:http://www.securityfocus.com/bid/788
Reference: CALDERA:CSSA-1999-034.1
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt
Reference: CERT:CA-99-14
Reference: DEBIAN:19991116 Denial of service vulnerabilities in bind
Reference: REDHAT:RHSA-1999:054-01
Reference: SUN:00194
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194
Reference: SUSE:19991111 Security hole in bind8 < 8.2.2p2 and bind4 < 4.9.7-REL
Reference: XF:bind-fdmax-dos
Name: CVE-1999-0849
Description:
Denial of service in BIND named via maxdname.
Status:EntryReference: BID:788
Reference: URL:http://www.securityfocus.com/bid/788
Reference: CALDERA:CSSA-1999-034.1
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt
Reference: CERT:CA-99-14
Reference: DEBIAN:19991116 Denial of service vulnerabilities in bind
Reference: REDHAT:RHSA-1999:054-01
Reference: SUN:00194
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194
Reference: SUSE:19991111 Security hole in bind8 < 8.2.2p2 and bind4 < 4.9.7-REL
Reference: XF:bind-maxdname-bo
Name: CVE-1999-0851
Description:
Denial of service in BIND named via naptr.
Status:EntryReference: BID:788
Reference: URL:http://www.securityfocus.com/bid/788
Reference: CALDERA:CSSA-1999-034.1
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt
Reference: CERT:CA-99-14
Reference: DEBIAN:19991116 Denial of service vulnerabilities in bind
Reference: REDHAT:RHSA-1999:054-01
Reference: SUN:00194
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194
Reference: SUSE:19991111 Security hole in bind8 < 8.2.2p2 and bind4 < 4.9.7-REL
Reference: XF:bind-naptr-dos
Name: CVE-1999-0853
Description:
Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure.
Status:EntryReference: BID:847
Reference: URL:http://www.securityfocus.com/bid/847
Reference: ISS:19991201 Buffer Overflow in Netscape Enterprise and FastTrack Authentication Procedure
Reference: XF:netscape-fasttrack-auth-bo
Name: CVE-1999-0854
Description:
Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file.
Status:EntryReference: BUGTRAQ:19991130 Ultimate Bulletin Board v5.3x? Bug
Reference: BUGTRAQ:20000225 FW: Important UBB News For Licensed Users
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-22&msg=NDBBLKOPOLNKELHPDEFKIEPGCAAA.renzo.toma@veronica.nl
Reference: CONFIRM:http://www.ultimatebb.com/home/versions.shtml
Reference: XF:http-ultimate-bbs
Name: CVE-1999-0856
Description:
login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist.
Status:EntryReference: BUGTRAQ:19991202 Slackware 7.0 - login bug
Reference: MISC:https://marc.info/?l=bugtraq&m=94416739411280&w=2
Reference: XF:slackware-remote-login
Name: CVE-1999-0858
Description:
Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server.
Status:EntryReference: BID:846
Reference: URL:http://www.securityfocus.com/bid/846
Reference: MS:MS99-054
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-054
Reference: MSKB:Q247333
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q247333
Reference: XF:ie-wpad-proxy-settings
Name: CVE-1999-0859
Description:
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
Status:EntryReference: BID:837
Reference: URL:http://www.securityfocus.com/bid/837
Reference: BUGTRAQ:19991130 Solaris 2.x chkperm/arp vulnerabilities
Reference: OSVDB:6994
Reference: URL:http://www.osvdb.org/6994
Reference: SUNBUG:4296166
Reference: XF:sol-arp-parse
Name: CVE-1999-0861
Description:
Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.
Status:EntryReference: MS:MS99-053
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-053
Reference: MSKB:Q244613
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q244613
Reference: XF:iis-ssl-isapi-filter
Name: CVE-1999-0864
Description:
UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.
Status:EntryReference: BID:851
Reference: URL:http://www.securityfocus.com/bid/851
Reference: BUGTRAQ:19991202 UnixWare coredumps follow symlinks
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=19991203020720.13115.qmail@nwcst289.netaddress.usa.net
Reference: BUGTRAQ:19991215 Recent postings about SCO UnixWare 7
Reference: URL:http://marc.info/?l=bugtraq&m=94530783815434&w=2
Reference: BUGTRAQ:19991220 SCO OpenServer Security Status
Reference: URL:http://marc.info/?l=bugtraq&m=94581379905584&w=2
Reference: BUGTRAQ:19991223 FYI, SCO Security patches available.
Reference: URL:http://marc.info/?l=bugtraq&m=94606167110764&w=2
Reference: XF:sco-coredump-symlink
Name: CVE-1999-0865
Description:
Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port.
Status:EntryReference: BID:860
Reference: URL:http://www.securityfocus.com/bid/860
Reference: BUGTRAQ:19991203 CommuniGatePro 3.1 for NT DoS
Reference: URL:http://marc.info/?l=bugtraq&m=94426440413027&w=2
Reference: NTBUGTRAQ:19991203 CommuniGatePro 3.1 for NT Buffer Overflow
Reference: URL:http://marc.info/?l=ntbugtraq&m=94454565726775&w=2
Reference: XF:communigate-pro-bo
Name: CVE-1999-0866
Description:
Buffer overflow in UnixWare xauto program allows local users to gain root privilege.
Status:EntryReference: BID:848
Reference: URL:http://www.securityfocus.com/bid/848
Reference: BUGTRAQ:19991203 UnixWare gain root with non-su/gid binaries
Reference: BUGTRAQ:19991215 Recent postings about SCO UnixWare 7
Reference: URL:http://marc.info/?l=bugtraq&m=94530783815434&w=2
Reference: BUGTRAQ:19991220 SCO OpenServer Security Status
Reference: URL:http://marc.info/?l=bugtraq&m=94581379905584&w=2
Reference: BUGTRAQ:19991223 FYI, SCO Security patches available.
Reference: URL:http://marc.info/?l=bugtraq&m=94606167110764&w=2
Reference: SCO:SB-99.24a
Reference: URL:ftp://ftp.sco.com/SSE/security_bulletins/SB-99.24a
Reference: XF:sco-xauto-bo
Name: CVE-1999-0867
Description:
Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.
Status:EntryReference: BID:579
Reference: URL:http://www.securityfocus.com/bid/579
Reference: CIAC:J-058
Reference: URL:http://www.ciac.org/ciac/bulletins/j-058.shtml
Reference: MS:MS99-029
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-029
Reference: MSKB:Q238349
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q238349
Reference: XF:http-iis-malformed-header
Name: CVE-1999-0868
Description:
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
Status:EntryReference: CERT:CA-97.08
Reference: MISC:https://www.cs.ait.ac.th/joomla3/index.php/security-advisories?CERT/CA97/msg00027.shtml
Reference: XF:inn-ucbmail-shell-meta
Name: CVE-1999-0869
Description:
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing.
Status:EntryReference: MS:MS98-020
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-020
Reference: MSKB:167614
Reference: XF:http-frame-spoof
Name: CVE-1999-0870
Description:
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.
Status:EntryReference: MS:MS98-015
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-015
Reference: MSKB:169245
Reference: XF:ie-usp-cuartango
Name: CVE-1999-0871
Description:
Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability.
Status:EntryReference: MS:MS98-013
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-013
Reference: OSVDB:7837
Reference: URL:http://www.osvdb.org/7837
Reference: XF:ie-crossframe-file-read(3668)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3668
Name: CVE-1999-0873
Description:
Buffer overflow in Skyfull mail server via MAIL FROM command.
Status:EntryReference: BID:759
Reference: URL:http://www.securityfocus.com/bid/759
Reference: XF:skyfull-mail-from-bo
Name: CVE-1999-0874
Description:
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
Status:EntryReference: CERT:CA-99-07
Reference: CIAC:J-048
Reference: URL:http://www.ciac.org/ciac/bulletins/j-048.shtml
Reference: EEYE:AD06081999
Reference: URL:http://www.eeye.com/html/Research/Advisories/AD06081999.html
Reference: MS:MS99-019
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-019
Reference: MSKB:Q234905
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q234905
Reference: OVAL:oval:org.mitre.oval:def:915
Reference: URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A915
Reference: XF:iis-htr-overflow
Name: CVE-1999-0875
Description:
DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.
Status:EntryReference: BID:578
Reference: URL:http://www.securityfocus.com/bid/578
Reference: L0PHT:19990811
Reference: MSKB:Q216141
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q216141
Reference: XF:irdp-gateway-spoof
Name: CVE-1999-0876
Description:
Buffer overflow in Internet Explorer 4.0 via EMBED tag.
Status:EntryReference: MSKB:Q176697
Reference: URL:http://support.microsoft.com/support/kb/articles/q176/6/97.asp
Reference: MSKB:Q185959
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q185959
Name: CVE-1999-0877
Description:
Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME.
Status:EntryReference: MS:MS99-042
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-042
Reference: MSKB:Q243638
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q243638
Reference: XF:ie-iframe-exec
Name: CVE-1999-0878
Description:
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.
Status:EntryReference: AUSCERT:AA-1999.01
Reference: BID:599
Reference: URL:http://www.securityfocus.com/bid/599
Reference: CERT:CA-99-13
Reference: COMPAQ:SSRT0622
Reference: REDHAT:RHSA1999031_01
Reference: XF:wu-ftpd-dir-name
Name: CVE-1999-0879
Description:
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file.
Status:EntryReference: CERT:CA-99-13
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0879
Reference: XF:wuftp-message-file-root
Name: CVE-1999-0880
Description:
Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.
Status:EntryReference: CERT:CA-99-13
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0880
Reference: XF:wuftp-site-newer-dos
Name: CVE-1999-0881
Description:
Falcon web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:743
Reference: URL:http://www.securityfocus.com/bid/743
Reference: BINDVIEW:Falcon Web Server
Reference: BUGTRAQ:19991025 Falcon Web Server
Reference: OSVDB:1127
Reference: URL:http://www.osvdb.org/1127
Reference: XF:falcon-path-parsing
Name: CVE-1999-0883
Description:
Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine.
Status:EntryReference: BID:742
Reference: URL:http://www.securityfocus.com/bid/742
Reference: BUGTRAQ:19991024 RFP9905: Zeus webserver remote root compromise
Reference: OSVDB:1126
Reference: URL:http://www.osvdb.org/1126
Reference: XF:zeus-remote-root(3380)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3380
Name: CVE-1999-0884
Description:
The Zeus web server administrative interface uses weak encryption for its passwords.
Status:EntryReference: BID:742
Reference: URL:http://www.securityfocus.com/bid/742
Reference: BUGTRAQ:19991024 RFP9905: Zeus webserver remote root compromise
Reference: OSVDB:8186
Reference: URL:http://www.osvdb.org/8186
Reference: XF:zeus-weak-password(3833)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3833
Name: CVE-1999-0886
Description:
The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager.
Status:EntryReference: BID:645
Reference: URL:http://www.securityfocus.com/bid/645
Reference: MS:MS99-041
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-041
Reference: MSKB:Q242294
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q242294
Reference: XF:nt-rasman-pathname
Name: CVE-1999-0887
Description:
FTGate web interface server allows remote attackers to read files via a .. (dot dot) attack.
Status:EntryReference: BUGTRAQ:19991104 FTGate Version 2.1 Web interface Server Directory Traversal Vulnerability
Reference: EEYE:AD05261999
Reference: URL:http://www.eeye.com/html/Research/Advisories/AD05261999.html
Reference: OSVDB:1137
Reference: URL:http://www.osvdb.org/1137
Name: CVE-1999-0888
Description:
dbsnmp in Oracle Intelligent Agent allows local users to gain privileges by setting the ORACLE_HOME environmental variable, which dbsnmp uses to find the nmiconf.tcl script.
Status:EntryReference: BID:585
Reference: URL:http://www.securityfocus.com/bid/585
Reference: BUGTRAQ:19990817 Security Bug in Oracle
Reference: XF:oracle-dbsnmp
Name: CVE-1999-0889
Description:
Cisco 675 routers running CBOS allow remote attackers to establish telnet sessions if an exec or superuser password has not been set.
Status:EntryReference: BUGTRAQ:19990810 Cisco 675 password nonsense
Reference: OSVDB:39
Reference: URL:http://www.osvdb.org/39
Reference: XF:cisco-cbos-telnet
Name: CVE-1999-0890
Description:
iHTML Merchant allows remote attackers to obtain sensitive information or execute commands via a code parsing error.
Status:EntryReference: BID:694
Reference: URL:http://www.securityfocus.com/bid/694
Reference: BUGTRAQ:19990928 Team Asylum: iHTML Merchant Vulnerabilities
Reference: CONFIRM:http://www.ihtmlmerchant.com/support_patches_feedback.htm
Reference: XF:ihtml-merchant-file-access
Name: CVE-1999-0891
Description:
The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect.
Status:EntryReference: BID:674
Reference: URL:http://www.securityfocus.com/bid/674
Reference: CERT-VN:VU#37828
Reference: URL:http://www.kb.cert.org/vuls/id/37828
Reference: CIAC:K-002
Reference: URL:http://www.ciac.org/ciac/bulletins/k-002.shtml
Reference: MS:MS99-040
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-040
Reference: MSKB:Q242542
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q242542
Reference: OSVDB:11274
Reference: URL:http://www.osvdb.org/11274
Reference: XF:ie-download-behavior
Name: CVE-1999-0892
Description:
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.
Status:EntryReference: BUGTRAQ:19991018 Netscape 4.x buffer overflow
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892
Name: CVE-1999-0893
Description:
userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.
Status:EntryReference: BUGTRAQ:19991011 SCO OpenServer 5.0.5 overwrite /etc/shadow
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0893
Reference: XF:sco-openserver-userosa-script
Name: CVE-1999-0894
Description:
Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0894
Reference: REDHAT:RHSA1999042-01
Name: CVE-1999-0895
Description:
Firewall-1 does not properly restrict access to LDAP attributes.
Status:EntryReference: BID:725
Reference: URL:http://www.securityfocus.com/bid/725
Reference: BUGTRAQ:19991020 Checkpoint FireWall-1 V4.0: possible bug in LDAP authentication
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=19991020150002.21047.qmail@tarjan.mediaways.net
Reference: OSVDB:1117
Reference: URL:http://www.osvdb.org/1117
Reference: XF:checkpoint-ldap-auth
Name: CVE-1999-0896
Description:
Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password.
Status:EntryReference: BID:767
Reference: URL:http://www.securityfocus.com/bid/767
Reference: BUGTRAQ:19991109 RealNetworks RealServer G2 buffer overflow.
Reference: MISC:http://service.real.com/help/faq/servg260.html
Reference: XF:realserver-g2-pw-bo
Name: CVE-1999-0897
Description:
iChat ROOMS Webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BUGTRAQ:19980908 bug in iChat 3.0 (maybe others)
Reference: URL:http://marc.info/?l=bugtraq&m=90538488231977&w=2
Reference: XF:ichat-file-read-vuln
Name: CVE-1999-0898
Description:
Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request.
Status:EntryReference: BID:768
Reference: URL:http://www.securityfocus.com/bid/768
Reference: MS:MS99-047
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-047
Reference: MSKB:Q243649
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q243649
Reference: XF:nt-printer-spooler-bo
Name: CVE-1999-0899
Description:
The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider.
Status:EntryReference: BID:769
Reference: URL:http://www.securityfocus.com/bid/769
Reference: MS:MS99-047
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-047
Reference: MSKB:Q243649
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q243649
Reference: XF:nt-printer-spooler-bo
Name: CVE-1999-0900
Description:
Buffer overflow in rpc.yppasswdd allows a local user to gain privileges via MD5 hash generation.
Status:EntryReference: DEBIAN:19991027 nis
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0900
Reference: REDHAT:RHSA1999046-01
Reference: SUSE:19991023 Security hole in ypserv < 1.3.9
Name: CVE-1999-0901
Description:
ypserv allows a local user to modify the GECOS and login shells of other users.
Status:EntryReference: DEBIAN:19991027 nis
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0901
Reference: REDHAT:RHSA1999046-01
Reference: SUSE:19991023 Security hole in ypserv < 1.3.9
Name: CVE-1999-0902
Description:
ypserv allows local administrators to modify password tables.
Status:EntryReference: DEBIAN:19991027 nis
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0902
Reference: REDHAT:RHSA1999046-01
Reference: SUSE:19991023 Security hole in ypserv < 1.3.9
Name: CVE-1999-0903
Description:
genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767.
Status:EntryReference: BUGTRAQ:19991025 IBM AIX Packet Filter module
Reference: BUGTRAQ:19991027 Re: IBM AIX Packet Filter module (followup)
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0903
Reference: XF:aix-genfilt-filtering
Name: CVE-1999-0904
Description:
Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username.
Status:EntryReference: BID:771
Reference: URL:http://www.securityfocus.com/bid/771
Reference: BUGTRAQ:19991103 Remote DoS Attack in BFTelnet Server v1.1 for Windows NT
Reference: XF:bftelnet-username-dos
Name: CVE-1999-0905
Description:
Denial of service in Axent Raptor firewall via malformed zero-length IP options.
Status:EntryReference: BID:736
Reference: URL:http://www.securityfocus.com/bid/736
Reference: BUGTRAQ:19991020 Remote DoS in Axent's Raptor 6.0
Reference: OSVDB:1121
Reference: URL:http://www.osvdb.org/1121
Reference: XF:raptor-ipoptions-dos
Name: CVE-1999-0906
Description:
Buffer overflow in sccw allows local users to gain root access via the HOME environmental variable.
Status:EntryReference: BID:656
Reference: URL:http://www.securityfocus.com/bid/656
Reference: BUGTRAQ:19990923 SuSE 6.2 sccw overflow exploit
Reference: SUSE:19990926 Security hole in sccw (Part II)
Reference: XF:linux-sccw-bo
Name: CVE-1999-0907
Description:
sccw allows local users to read arbitrary files.
Status:EntryReference: BUGTRAQ:19990916 SuSE 6.2 /usr/bin/sccw read any file
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0907
Reference: SUSE:19990921 Security Hole in sccw-1.1 and earlier
Name: CVE-1999-0908
Description:
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.
Status:EntryReference: BID:655
Reference: URL:http://www.securityfocus.com/bid/655
Reference: BUGTRAQ:19990921 solaris DoS
Reference: XF:sun-tcp-mutex-enter-dos
Name: CVE-1999-0909
Description:
Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability.
Status:EntryReference: BID:646
Reference: URL:http://www.securityfocus.com/bid/646
Reference: MS:MS99-038
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-038
Reference: MSKB:Q238453
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q238453
Reference: NAI:Windows IP Source Routing Vulnerability
Reference: XF:nt-ip-source-route
Name: CVE-1999-0912
Description:
FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files.
Status:EntryReference: BID:653
Reference: URL:http://www.securityfocus.com/bid/653
Reference: BUGTRAQ:19990921 FreeBSD-specific denial of service
Reference: OSVDB:1079
Reference: URL:http://www.osvdb.org/1079
Reference: XF:freebsd-vfscache-dos
Name: CVE-1999-0914
Description:
Buffer overflow in the FTP client in the Debian GNU/Linux netstd package.
Status:EntryReference: BID:324
Reference: URL:http://www.securityfocus.com/bid/324
Reference: BUGTRAQ:19990103 [SECURITY] New versions of netstd fixes buffer overflows
Reference: DEBIAN:19990104
Name: CVE-1999-0915
Description:
URL Live! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:746
Reference: URL:http://www.securityfocus.com/bid/746
Reference: BUGTRAQ:19991028 URL Live! 1.0 WebServer
Reference: OSVDB:1129
Reference: URL:http://www.osvdb.org/1129
Name: CVE-1999-0916
Description:
WebTrends software stores account names and passwords in a file which does not have restricted access permissions.
Status:EntryReference: ISS:19990629 Bad Permissions on Passwords Stored by WebTrends Software
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0916
Name: CVE-1999-0917
Description:
The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files.
Status:EntryReference: MS:MS99-018
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-018
Reference: MSKB:Q231452
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q231452
Reference: XF:legacy-activex-local-drive
Name: CVE-1999-0918
Description:
Denial of service in various Windows systems via malformed, fragmented IGMP packets.
Status:EntryReference: BID:514
Reference: URL:http://www.securityfocus.com/bid/514
Reference: BUGTRAQ:19990703 IGMP fragmentation bug in Windows 98/2000
Reference: MS:MS99-034
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-034
Reference: MSKB:Q238329
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q238329
Reference: XF:igmp-dos
Name: CVE-1999-0920
Description:
Buffer overflow in the pop-2d POP daemon in the IMAP package allows remote attackers to gain privileges via the FOLD command.
Status:EntryReference: BID:283
Reference: URL:http://www.securityfocus.com/bid/283
Reference: BUGTRAQ:19990526 Remote vulnerability in pop2d
Reference: DEBIAN:19990607a
Reference: XF:pop2-fold-bo
Name: CVE-1999-0921
Description:
BMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service.
Status:EntryReference: BID:1879
Reference: URL:http://www.securityfocus.com/bid/1879
Reference: BUGTRAQ:19990409 Patrol security bugs
Reference: URL:http://www.securityfocus.com/archive/1/13204
Reference: XF:bmc-patrol-udp-dos(4291)
Reference: URL:http://www.iss.net/security_center/static/4291.php
Name: CVE-1999-0922
Description:
An example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file.
Status:EntryReference: ALLAIRE:ASB99-02
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=8739&Method=Full
Reference: XF:coldfusion-sourcewindow
Name: CVE-1999-0924
Description:
The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service.
Status:EntryReference: ALLAIRE:ASB99-02
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=8739&Method=Full
Reference: OSVDB:3236
Reference: URL:http://www.osvdb.org/3236
Reference: XF:coldfusion-syntax-checker(1742)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1742
Name: CVE-1999-0927
Description:
NTMail allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:279
Reference: URL:http://www.securityfocus.com/bid/279
Reference: EEYE:AD05261999
Reference: URL:http://www.eeye.com/html/Research/Advisories/AD05261999.html
Reference: XF:ntmail-fileread
Name: CVE-1999-0928
Description:
Buffer overflow in SmartDesk WebSuite allows remote attackers to cause a denial of service via a long URL.
Status:EntryReference: BID:278
Reference: URL:http://www.securityfocus.com/bid/278
Reference: BUGTRAQ:19990525 Buffer overflow in SmartDesk WebSuite v2.1
Reference: XF:websuite-dos
Name: CVE-1999-0930
Description:
wwwboard allows a remote attacker to delete message board articles via a malformed argument.
Status:EntryReference: BID:1795
Reference: URL:http://www.securityfocus.com/bid/1795
Reference: BUGTRAQ:19980903 wwwboard.pl vulnerability
Reference: CONFIRM:http://www.worldwidemart.com/scripts/faq/wwwboard/q5.shtml
Reference: XF:http-cgi-wwwboard(2344)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2344
Name: CVE-1999-0931
Description:
Buffer overflow in Mediahouse Statistics Server allows remote attackers to execute commands.
Status:EntryReference: BID:734
Reference: URL:http://www.securityfocus.com/bid/734
Reference: BUGTRAQ:19990930 Security flaw in Mediahouse Statistics Server v4.28 & 5.01
Reference: XF:mediahouse-stats-login-bo
Name: CVE-1999-0932
Description:
Mediahouse Statistics Server allows remote attackers to read the administrator password, which is stored in cleartext in the ss.cfg file.
Status:EntryReference: BID:735
Reference: URL:http://www.securityfocus.com/bid/735
Reference: BUGTRAQ:19990930 Security flaw in Mediahouse Statistics Server v4.28 & 5.01
Reference: XF:mediahouse-stats-adminpw-cleartext
Name: CVE-1999-0933
Description:
TeamTrack web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:689
Reference: URL:http://www.securityfocus.com/bid/689
Reference: BUGTRAQ:19991001 RFP9904: TeamTrack webserver vulnerability
Reference: OSVDB:1096
Reference: URL:http://www.osvdb.org/1096
Name: CVE-1999-0934
Description:
classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters.
Status:EntryReference: BID:2020
Reference: URL:http://www.securityfocus.com/bid/2020
Reference: EL8:19991215 Classifieds (classifieds.cgi)
Reference: XF:http-cgi-classifieds-read(3102)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3102
Name: CVE-1999-0935
Description:
classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form.
Status:EntryReference: EL8:19991215 Classifieds (classifieds.cgi)
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0935
Name: CVE-1999-0936
Description:
BNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters.
Status:EntryReference: EL8:19981203 BNBSurvey (survey.cgi)
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0936
Name: CVE-1999-0937
Description:
BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable.
Status:EntryReference: EL8:19981203 BNBForm (bnbform.cgi)
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0937
Name: CVE-1999-0938
Description:
MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages.
Status:EntryReference: CERT:VN-99-03
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0938
Reference: XF:sdr-execute
Name: CVE-1999-0939
Description:
Denial of service in Debian IRC Epic/epic4 client via a long string.
Status:EntryReference: BID:605
Reference: URL:http://www.securityfocus.com/bid/605
Reference: BUGTRAQ:19990826 [SECURITY] New versions of epic4 fixes possible DoS vulnerability
Reference: DEBIAN:19990826
Name: CVE-1999-0940
Description:
Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages.
Status:EntryReference: CALDERA:CSSA-1999-031
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0940
Reference: SUSE:19990927 Security hole in mutt
Name: CVE-1999-0942
Description:
UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes.
Status:EntryReference: BUGTRAQ:19991005 SCO UnixWare 7.1 local root exploit
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0942
Reference: XF:sco-unixware-dos7utils-root-privs
Name: CVE-1999-0943
Description:
Buffer overflow in OpenLink 3.2 allows remote attackers to gain privileges via a long GET request to the web configurator.
Status:EntryReference: BID:720
Reference: URL:http://www.securityfocus.com/bid/720
Reference: BUGTRAQ:19991015 OpenLink 3.2 Advisory
Name: CVE-1999-0945
Description:
Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands.
Status:EntryReference: CIAC:I-080
Reference: URL:http://www.ciac.org/ciac/bulletins/i-080.shtml
Reference: ISS:19980724 Denial of Service attacks against Microsoft Exchange 5.0 to 5.5
Reference: URL:http://xforce.iss.net/alerts/advise4.php
Reference: MSKB:Q169174
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q169174
Reference: XF:exchange-dos(1223)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1223
Name: CVE-1999-0946
Description:
Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag.
Status:EntryReference: BID:760
Reference: URL:http://www.securityfocus.com/bid/760
Reference: BUGTRAQ:19991102 Some holes for Win/UNIX softwares
Reference: URL:http://marc.info/?l=bugtraq&m=94157187815629&w=2
Reference: XF:yamaha-midiplug-embed
Name: CVE-1999-0947
Description:
AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.
Status:EntryReference: BID:762
Reference: URL:http://www.securityfocus.com/bid/762
Reference: BUGTRAQ:19991102 Some holes for Win/UNIX softwares
Reference: URL:http://marc.info/?l=bugtraq&m=94157187815629&w=2
Name: CVE-1999-0950
Description:
Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.
Status:EntryReference: BID:747
Reference: URL:http://www.securityfocus.com/bid/747
Reference: BUGTRAQ:19991027 WFTPD v2.40 FTPServer remotely exploitable buffer overflow vulnerability
Reference: XF:wftpd-mkd-bo
Name: CVE-1999-0951
Description:
Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote attackers to execute commands.
Status:EntryReference: BID:739
Reference: URL:http://www.securityfocus.com/bid/739
Reference: BUGTRAQ:19991022 Imagemap CGI overflow exploit
Reference: OSVDB:3380
Reference: URL:http://www.osvdb.org/3380
Reference: XF:http-cgi-imagemap-bo
Name: CVE-1999-0953
Description:
WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers.
Status:EntryReference: BUGTRAQ:19980903 wwwboard.pl vulnerability
Reference: BUGTRAQ:19990916 More fun with WWWBoard
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0953
Name: CVE-1999-0954
Description:
WWWBoard has a default username and default password.
Status:EntryReference: BID:649
Reference: URL:http://www.securityfocus.com/bid/649
Reference: BUGTRAQ:19990916 More fun with WWWBoard
Name: CVE-1999-0955
Description:
Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command.
Status:EntryReference: CERT:CA-94.08
Reference: CIAC:E-17
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0955
Reference: XF:ftp-exec
Name: CVE-1999-0956
Description:
The NeXT NetInfo _writers property allows local users to gain root privileges or conduct a denial of service.
Status:EntryReference: CERT:CA-93.02a
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0956
Reference: XF:next-netinfo
Name: CVE-1999-0957
Description:
MajorCool mj_key_cache program allows local users to modify files via a symlink attack.
Status:EntryReference: BUGTRAQ:19970618 Security hole in MajorCool 1.0.3
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0957
Reference: XF:majorcool-file-overwrite-vuln
Name: CVE-1999-0958
Description:
sudo 1.5.x allows local users to execute arbitrary commands via a .. (dot dot) attack.
Status:EntryReference: BUGTRAQ:19980112 Re: hole in sudo for MP-RAS.
Reference: URL:http://marc.info/?l=bugtraq&m=88465708614896&w=2
Reference: XF:sudo-dot-dot-attack
Name: CVE-1999-0959
Description:
IRIX startmidi program allows local users to modify arbitrary files via a symlink attack.
Status:EntryReference: AUSCERT:AA-97-05
Reference: BID:469
Reference: URL:http://www.securityfocus.com/bid/469
Reference: BUGTRAQ:19970209 IRIX: Bug in startmidi
Reference: OSVDB:8447
Reference: URL:http://www.osvdb.org/8447
Reference: SGI:19980301-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980301-01-PX
Reference: XF:irix-startmidi-file-creation(1634)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1634
Name: CVE-1999-0960
Description:
IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option.
Status:EntryReference: AUSCERT:AA-96.11
Reference: SGI:19980301-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980301-01-PX
Reference: XF:irix-cdplayer-directory-create
Name: CVE-1999-0961
Description:
HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation.
Status:EntryReference: BUGTRAQ:19960921 Vunerability in HP sysdiag ?
Reference: URL:http://marc.info/?l=bugtraq&m=87602167419906&w=2
Reference: CIAC:H-03
Reference: XF:hp-sysdiag-symlink
Name: CVE-1999-0962
Description:
Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option.
Status:EntryReference: AUSCERT:AA-96.13
Reference: HP:HPSBUX9701-045
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9701-045
Reference: OSVDB:6415
Reference: URL:http://www.osvdb.org/6415
Reference: XF:hp-password-cmd-bo
Name: CVE-1999-0963
Description:
FreeBSD mount_union command allows local users to gain root privileges via a symlink attack.
Status:EntryReference: BUGTRAQ:19960517 BoS: SECURITY BUG in FreeBSD
Reference: CERT:VB-96.06
Reference: OSVDB:6088
Reference: URL:http://www.osvdb.org/6088
Reference: XF:freebsd-mount-union-root
Name: CVE-1999-0964
Description:
Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code via a long PATH_LOCALE environment variable.
Status:EntryReference: FREEBSD:FreeBSD-SA-97:01
Reference: OSVDB:6086
Reference: URL:http://www.osvdb.org/6086
Reference: XF:freebsd-setlocale-bo
Name: CVE-1999-0965
Description:
Race condition in xterm allows local users to modify arbitrary files via the logging option.
Status:EntryReference: CERT:CA-93.17
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0965
Reference: XF:xterm
Name: CVE-1999-0966
Description:
Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0].
Status:EntryReference: L0PHT:19970127 Solaris libc - getopt(3)
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0966
Name: CVE-1999-0967
Description:
Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.
Status:EntryReference: L0PHT:19971101 Microsoft Internet Explorer 4.0 Suite
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0967
Name: CVE-1999-0968
Description:
Buffer overflow in BNC IRC proxy allows remote attackers to gain privileges.
Status:EntryReference: BID:1927
Reference: URL:http://www.securityfocus.com/bid/1927
Reference: BUGTRAQ:19981226 bnc exploit
Reference: URL:http://www.securityfocus.com/archive/1/11711
Reference: XF:bnc-proxy-bo(1546)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1546
Name: CVE-1999-0969
Description:
The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork.
Status:EntryReference: ISS:19980929 "Snork" Denial of Service Attack Against Windows NT RPC Service
Reference: MS:MS98-014
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-014
Reference: MSKB:Q193233
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q193233
Reference: NTBUGTRAQ:19980929 ISS Security Advisory: Snork
Reference: XF:snork-dos
Name: CVE-1999-0971
Description:
Buffer overflow in Exim allows local users to gain root privileges via a long :include: option in a .forward file.
Status:EntryReference: BUGTRAQ:19970722 Security hole in exim 1.62: local root exploit
Reference: URL:http://www.securityfocus.com/archive/1/7301
Reference: XF:exim-include-overflow
Name: CVE-1999-0972
Description:
Buffer overflow in Xshipwars xsw program.
Status:EntryReference: BID:863
Reference: URL:http://www.securityfocus.com/bid/863
Reference: BUGTRAQ:19991209 xsw 1.24 remote buffer overflow
Name: CVE-1999-0973
Description:
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.
Status:EntryReference: BID:858
Reference: URL:http://www.securityfocus.com/bid/858
Reference: BUGTRAQ:19991206 [w00giving #8] Solaris 2.7's snoop
Reference: BUGTRAQ:19991209 Clarification needed on the snoop vuln(s) (fwd)
Name: CVE-1999-0974
Description:
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.
Status:EntryReference: BID:864
Reference: URL:http://www.securityfocus.com/bid/864
Reference: BUGTRAQ:19991209 Clarification needed on the snoop vuln(s) (fwd)
Reference: ISS:19991209 Buffer Overflow in Solaris Snoop
Reference: SUN:00190
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/190
Name: CVE-1999-0975
Description:
The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed.
Status:EntryReference: BID:868
Reference: URL:http://www.securityfocus.com/bid/868
Reference: BUGTRAQ:19991207 Local user can fool another to run executable. .CNT/.GID/.HLP M$WINNT
Name: CVE-1999-0976
Description:
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail.
Status:EntryReference: BID:857
Reference: URL:http://www.securityfocus.com/bid/857
Reference: BUGTRAQ:19991207 [Debian] New version of sendmail released
Reference: OPENBSD:19991204
Reference: XF:sendmail-bi-alias
Name: CVE-1999-0977
Description:
Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.
Status:EntryReference: BID:2354
Reference: URL:http://www.securityfocus.com/bid/2354
Reference: BID:866
Reference: URL:http://www.securityfocus.com/bid/866
Reference: BUGTRAQ:19991210 Re: Solaris sadmind Buffer Overflow Vulnerability
Reference: BUGTRAQ:19991210 Solaris sadmind Buffer Overflow Vulnerability
Reference: CERT:CA-99-16
Reference: OSVDB:2558
Reference: URL:http://www.osvdb.org/2558
Reference: SF-INCIDENTS:19991209 sadmind
Reference: SUN:00191
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/191
Reference: XF:sol-sadmind-amslverify-bo
Name: CVE-1999-0978
Description:
htdig allows remote attackers to execute commands via filenames with shell metacharacters.
Status:EntryReference: BID:867
Reference: URL:http://www.securityfocus.com/bid/867
Reference: DEBIAN:19991209
Name: CVE-1999-0979
Description:
The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed.
Status:EntryReference: BID:869
Reference: URL:http://www.securityfocus.com/bid/869
Reference: BUGTRAQ:19991209 Fundamental flaw in UnixWare 7 security
Reference: BUGTRAQ:19991215 Recent postings about SCO UnixWare 7
Reference: URL:http://marc.info/?l=bugtraq&m=94530783815434&w=2
Name: CVE-1999-0980
Description:
Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request.
Status:EntryReference: MS:MS99-055
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-055
Reference: MSKB:Q246045
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q246045
Name: CVE-1999-0981
Description:
Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect."
Status:EntryReference: MS:MS99-050
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-050
Reference: MSKB:Q246094
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q246094
Name: CVE-1999-0982
Description:
The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file.
Status:EntryReference: BUGTRAQ:19991206 Solaris WBEM 1.0: plaintext password stored in world readable file
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0982
Name: CVE-1999-0986
Description:
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
Status:EntryReference: BID:870
Reference: URL:http://www.securityfocus.com/bid/870
Reference: BUGTRAQ:19991209 Big problem on 2.0.x?
Name: CVE-1999-0987
Description:
Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name.
Status:EntryReference: MSKB:Q237923
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q237923
Reference: NTBUGTRAQ:19991118 NT System Policy for Win95 Not downloaded when adding a space after domain name
Name: CVE-1999-0989
Description:
Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol.
Status:EntryReference: BID:861
Reference: URL:http://www.securityfocus.com/bid/861
Reference: BUGTRAQ:19991205 new IE5 remote exploit
Reference: NTBUGTRAQ:19991205 new IE5 remote exploit
Name: CVE-1999-0991
Description:
Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name.
Status:EntryReference: BID:862
Reference: URL:http://www.securityfocus.com/bid/862
Reference: BUGTRAQ:19991206 Remote DoS Attack in GoodTech Telnet Server NT v2.2.1 Vulnerability
Reference: NTBUGTRAQ:19991206 Remote DoS Attack in GoodTech Telnet Server NT v2.2.1 Vulnerability
Name: CVE-1999-0992
Description:
HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP).
Status:EntryReference: HP:HPSBUX9912-107
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9912-107
Name: CVE-1999-0994
Description:
Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords.
Status:EntryReference: BID:873
Reference: URL:http://www.securityfocus.com/bid/873
Reference: BINDVIEW:19991216 Windows NT's SYSKEY feature
Reference: MS:MS99-056
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-056
Reference: MSKB:Q248183
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q248183
Name: CVE-1999-0995
Description:
Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request."
Status:EntryReference: BID:875
Reference: URL:http://www.securityfocus.com/bid/875
Reference: MS:MS99-057
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-057
Reference: MSKB:Q248185
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q248185
Reference: NAI:19991216 Windows NT LSA Remote Denial of Service
Name: CVE-1999-0996
Description:
Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request.
Status:EntryReference: BUGTRAQ:19991216 Infoseek Ultraseek Remote Buffer Overflow
Reference: EEYE:AD19991215
Reference: URL:http://www.eeye.com/html/Research/Advisories/AD19991215.html
Reference: NTBUGTRAQ:19991216 Infoseek Ultraseek Remote Buffer Overflow
Reference: OSVDB:6490
Reference: URL:http://www.osvdb.org/6490
Reference: XF:infoseek-ultraseek-bo
Name: CVE-1999-0997
Description:
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
Status:EntryReference: BUGTRAQ:19991220 Security vulnerability in certain wu-ftpd (and derivitives) configurations (fwd)
Reference: DEBIAN:DSA-377
Reference: URL:http://www.debian.org/security/2003/dsa-377
Reference: XF:wuftp-ftp-conversion
Name: CVE-1999-0998
Description:
Cisco Cache Engine allows an attacker to replace content in the cache.
Status:EntryReference: BUGTRAQ:19991216 Cisco Security Advisory: Cisco Cache Engine Authentication Vulnerabilities
Reference: CISCO:19991216 Cisco Cache Engine Authentication Vulnerabilities
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0998
Reference: XF:cisco-cache-engine-replace
Name: CVE-1999-0999
Description:
Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.
Status:EntryReference: BID:817
Reference: URL:http://www.securityfocus.com/bid/817
Reference: MS:MS99-059
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-059
Reference: MSKB:Q248749
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q248749
Name: CVE-1999-1000
Description:
The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics.
Status:EntryReference: BUGTRAQ:19991216 Cisco Security Advisory: Cisco Cache Engine Authentication Vulnerabilities
Reference: CISCO:19991216 Cisco Cache Engine Authentication Vulnerabilities
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-1000
Reference: XF:cisco-cache-engine-performance
Name: CVE-1999-1001
Description:
Cisco Cache Engine allows a remote attacker to gain access via a null username and password.
Status:EntryReference: BUGTRAQ:19991216 Cisco Security Advisory: Cisco Cache Engine Authentication Vulnerabilities
Reference: CISCO:19991216 Cisco Cache Engine Authentication Vulnerabilities
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-1001
Name: CVE-1999-1004
Description:
Buffer overflow in the POP server POProxy for the Norton Anti-Virus protection NAV2000 program via a large USER command.
Status:EntryReference: BUGTRAQ:19991217 NAV2000 Email Protection DoS
Reference: URL:http://www.securityfocus.com/archive/1/38970
Reference: BUGTRAQ:19991220 Norton Email Protection Remote Overflow (Addendum)
Reference: URL:http://www.securityfocus.com/archive/1/39194
Reference: CONFIRM:http://service1.symantec.com/SUPPORT/nav.nsf/df0a595864594c86852567ac0063608c/6206f660a1f2516a882568660082c930?OpenDocument&Highlight=0,poproxy
Reference: OSVDB:6267
Reference: URL:http://www.osvdb.org/6267
Name: CVE-1999-1005
Description:
Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter.
Status:EntryReference: BID:879
Reference: URL:http://www.securityfocus.com/bid/879
Reference: BUGTRAQ:19991219 Groupewise Web Interface
Reference: URL:http://marc.info/?l=bugtraq&m=94571433731824&w=2
Reference: OSVDB:3413
Reference: URL:http://www.osvdb.org/3413
Reference: XF:groupwise-web-read-files
Name: CVE-1999-1007
Description:
Buffer overflow in VDO Live Player allows remote attackers to execute commands on the VDO client via a malformed .vdo file.
Status:EntryReference: BID:872
Reference: URL:http://www.securityfocus.com/bid/872
Reference: BUGTRAQ:19991213 VDO Live Player 3.02 Buffer Overflow
Reference: URL:http://marc.info/?l=bugtraq&m=94512259331599&w=2
Reference: XF:vdolive-bo-execute
Name: CVE-1999-1008
Description:
xsoldier program allows local users to gain root access via a long argument.
Status:EntryReference: BID:871
Reference: URL:http://www.securityfocus.com/bid/871
Reference: BUGTRAQ:19991215 FreeBSD 3.3 xsoldier root exploit
Reference: MISC:http://marc.info/?l=freebsd-security&m=94531826621620&w=2
Reference: XF:unix-xsoldier-overflow
Name: CVE-1999-1010
Description:
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
Status:EntryReference: BUGTRAQ:19991214 sshd1 allows unencrypted sessions regardless of server policy
Reference: URL:http://marc.info/?l=bugtraq&m=94519142415338&w=2
Reference: XF:ssh-policy-bypass
Name: CVE-1999-1011
Description:
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.
Status:EntryReference: BID:529
Reference: URL:https://www.securityfocus.com/bid/529
Reference: CIAC:J-054
Reference: URL:http://www.ciac.org/ciac/bulletins/j-054.shtml
Reference: ISS:19990809 Vulnerabilities in Microsoft Remote Data Service
Reference: MS:MS98-004
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-004
Reference: MS:MS99-025
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-025
Reference: OSVDB:272
Reference: URL:http://www.osvdb.org/272
Reference: XF:nt-iis-rds
Name: CVE-1999-1014
Description:
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.
Status:EntryReference: BID:672
Reference: URL:http://www.securityfocus.com/bid/672
Reference: BUGTRAQ:19990913 Solaris 2.7 /usr/bin/mail
Reference: URL:http://marc.info/?l=bugtraq&m=93727925026476&w=2
Reference: BUGTRAQ:19990927 Working Solaris x86 /usr/bin/mail exploit
Reference: URL:http://marc.info/?l=bugtraq&m=93846422810162&w=2
Reference: SUNBUG:4276509
Reference: XF:sun-usrbinmail-local-bo(3297)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3297
Name: CVE-1999-1019
Description:
SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable (processd) with a Trojan horse, facilitating a root or Administrator compromise.
Status:EntryReference: BID:495
Reference: URL:http://www.securityfocus.com/bid/495
Reference: BUGTRAQ:19990623 Cabletron Spectrum security vulnerability
Reference: URL:http://marc.info/?l=bugtraq&m=93024398713491&w=2
Reference: BUGTRAQ:19990624 Re: Cabletron Spectrum security vulnerability
Reference: URL:http://marc.info/?l=bugtraq&m=93024398513475&w=2
Name: CVE-1999-1021
Description:
NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade.
Status:EntryReference: BID:47
Reference: URL:http://www.securityfocus.com/bid/47
Reference: CERT:CA-1992-15
Reference: URL:http://www.cert.org/advisories/CA-1992-15.html
Reference: SUN:00117
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/117&type=0&nav=sec.sba
Reference: XF:nfs-uid(82)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/82
Name: CVE-1999-1027
Description:
Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program.
Status:EntryReference: BID:290
Reference: URL:http://www.securityfocus.com/bid/290
Reference: BUGTRAQ:19980507 admintool mode 0777 in Solaris 2.6 HW3/98
Reference: URL:http://marc.info/?l=bugtraq&m=90221101925880&w=2
Reference: SUNBUG:4178998
Reference: XF:solaris-admintool-world-writable(7296)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7296
Name: CVE-1999-1028
Description:
Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631.
Status:EntryReference: BID:288
Reference: URL:http://www.securityfocus.com/bid/288
Reference: NTBUGTRAQ:19990528 DoS against PC Anywhere
Reference: URL:http://marc.info/?l=ntbugtraq&m=92807524225090&w=2
Reference: XF:pcanywhere-dos(2256)
Reference: URL:http://www.iss.net/security_center/static/2256.php
Name: CVE-1999-1032
Description:
Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges.
Status:EntryReference: BID:26
Reference: URL:http://www.securityfocus.com/bid/26
Reference: CERT:CA-1991-11
Reference: URL:http://www.cert.org/advisories/CA-1991-11.html
Reference: CIAC:B-36
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/b-36.shtml
Reference: XF:ultrix-telnet(584)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/584
Name: CVE-1999-1034
Description:
Vulnerability in login in AT&T System V Release 4 allows local users to gain privileges.
Status:EntryReference: BID:23
Reference: URL:http://www.securityfocus.com/bid/23
Reference: CERT:CA-1991-08
Reference: URL:http://www.cert.org/advisories/CA-1991-08.html
Reference: CIAC:B-28
Reference: URL:http://www.ciac.org/ciac/bulletins/b-28.shtml
Reference: XF:sysv-login(583)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/583
Name: CVE-1999-1035
Description:
IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability.
Status:EntryReference: MS:MS98-019
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-019
Reference: MSKB:Q192296
Reference: URL:http://support.microsoft.com/support/kb/articles/q192/2/96.asp
Reference: XF:iis-get-dos(1823)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1823
Name: CVE-1999-1037
Description:
rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rex.$$ file.
Status:EntryReference: BUGTRAQ:19980626 vulnerability in satan, cops & tiger
Reference: URL:http://marc.info/?l=bugtraq&m=90221103125976&w=2
Reference: BUGTRAQ:19980627 Re: vulnerability in satan, cops & tiger
Reference: URL:http://marc.info/?l=bugtraq&m=90221103125986&w=2
Reference: OSVDB:3147
Reference: URL:http://www.osvdb.org/3147
Reference: XF:satan-rexsatan-symlink(7167)
Reference: URL:http://www.iss.net/security_center/static/7167.php
Name: CVE-1999-1044
Description:
Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges.
Status:EntryReference: CIAC:I-050
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/i-050.shtml
Reference: COMPAQ:SSRT0495U
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/i-050.shtml
Reference: XF:dgux-advfs-softlinks(7431)
Reference: URL:http://www.iss.net/security_center/static/7431.php
Name: CVE-1999-1045
Description:
pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request.
Status:EntryReference: BUGTRAQ:19980115 [rootshell] Security Bulletin #7
Reference: URL:http://marc.info/?l=bugtraq&m=88490880523890&w=2
Reference: BUGTRAQ:19980115 pnserver exploit..
Reference: URL:http://marc.info/?l=bugtraq&m=88492978527261&w=2
Reference: BUGTRAQ:19980817 Re: Real Audio Server Version 5 bug?
Reference: URL:http://marc.info/?l=bugtraq&m=90338245305236&w=2
Reference: MISC:http://service.real.com/help/faq/serv501.html
Reference: OSVDB:6979
Reference: URL:http://www.osvdb.org/6979
Reference: XF:realserver-pnserver-remote-dos(7297)
Reference: URL:http://www.iss.net/security_center/static/7297.php
Name: CVE-1999-1047
Description:
When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular order, Gauntlet allows remote attackers to bypass firewall access restrictions, and does not log the activities.
Status:EntryReference: BUGTRAQ:19991018 Gauntlet 5.0 BSDI warning
Reference: URL:http://marc.info/?l=bugtraq&m=94026690521279&w=2
Reference: BUGTRAQ:19991019 Re: Gauntlet 5.0 BSDI warning
Reference: URL:http://marc.info/?l=bugtraq&m=94036662326185&w=2
Reference: XF:gauntlet-bsdi-bypass(3397)
Reference: URL:http://www.iss.net/security_center/static/3397.php
Name: CVE-1999-1048
Description:
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory.
Status:EntryReference: BUGTRAQ:19970821 Buffer overflow in /bin/bash
Reference: URL:http://marc.info/?l=bugtraq&m=87602746719555&w=2
Reference: BUGTRAQ:19980905 BASH buffer overflow, LiNUX x86 exploit
Reference: URL:http://www.securityfocus.com/archive/1/10542
Reference: DEBIAN:19980909 problem with very long pathnames
Reference: URL:http://www.debian.org/security/1998/19980909
Reference: OSVDB:8345
Reference: URL:http://www.osvdb.org/8345
Reference: XF:linux-bash-bo(3414)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3414
Name: CVE-1999-1055
Description:
Microsoft Excel 97 does not warn the user before executing worksheet functions, which could allow attackers to execute arbitrary commands by using the CALL function to execute a malicious DLL, aka the Excel "CALL Vulnerability."
Status:EntryReference: BID:179
Reference: URL:http://www.securityfocus.com/bid/179
Reference: MS:MS98-018
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-018
Reference: XF:excel-call(1737)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1737
Name: CVE-1999-1057
Description:
VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command.
Status:EntryReference: BID:12
Reference: URL:http://www.securityfocus.com/bid/12
Reference: CERT:CA-1990-07
Reference: URL:http://www.cert.org/advisories/CA-1990-07.html
Reference: CIAC:B-04
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/b-04.shtml
Reference: XF:vms-analyze-processdump-privileges(7137)
Reference: URL:http://www.iss.net/security_center/static/7137.php
Name: CVE-1999-1059
Description:
Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands.
Status:EntryReference: BID:36
Reference: URL:http://www.securityfocus.com/bid/36
Reference: CERT:CA-1992-04
Reference: URL:http://www.cert.org/advisories/CA-1992-04.html
Reference: XF:att-rexecd(3159)
Reference: URL:http://www.iss.net/security_center/static/3159.php
Name: CVE-1999-1074
Description:
Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking.
Status:EntryReference: BID:98
Reference: URL:http://www.securityfocus.com/bid/98
Reference: BUGTRAQ:19980501 Warning! Webmin Security Advisory
Reference: URL:http://www.securityfocus.com/archive/1/9138
Reference: CONFIRM:http://www.webmin.com/webmin/changes.html
Name: CVE-1999-1080
Description:
rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf.
Status:EntryReference: BID:250
Reference: URL:http://www.securityfocus.com/bid/250
Reference: BUGTRAQ:19990510 SunOS 5.7 rmmount, no nosuid.
Reference: URL:http://marc.info/?l=bugtraq&m=92633694100270&w=2
Reference: BUGTRAQ:19991011
Reference: URL:http://marc.info/?l=bugtraq&m=93971288323395&w=2
Reference: SUNBUG:4205437
Reference: XF:solaris-rmmount-gain-root(8350)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/8350
Name: CVE-1999-1085
Description:
SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote attackers to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and computing a valid CRC-32 checksum for the packet, aka the "SSH insertion attack."
Status:EntryReference: BUGTRAQ:19980612 CORE-SDI-04: SSH insertion attack
Reference: URL:http://marc.info/?l=bugtraq&m=90221103125884&w=2
Reference: BUGTRAQ:19980703 UPDATE: SSH insertion attack
Reference: URL:http://marc.info/?l=bugtraq&m=90221104525878&w=2
Reference: CERT-VN:VU#13877
Reference: URL:http://www.kb.cert.org/vuls/id/13877
Reference: CISCO:20010627 Multiple SSH Vulnerabilities
Reference: XF:ssh-insert(1126)
Reference: URL:http://www.iss.net/security_center/static/1126.php
Name: CVE-1999-1087
Description:
Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server.
Status:EntryReference: CONFIRM:http://www.microsoft.com/Windows/Ie/security/dotless.asp
Reference: MS:MS98-016
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-016
Reference: MSKB:Q168617
Reference: URL:http://support.microsoft.com/support/kb/articles/q168/6/17.asp
Reference: OSVDB:7828
Reference: URL:http://www.osvdb.org/7828
Reference: XF:ie-dotless(2209)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2209
Name: CVE-1999-1090
Description:
The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files.
Status:EntryReference: CERT:CA-1991-15
Reference: URL:http://www.cert.org/advisories/CA-1991-15.html
Reference: XF:ftp-ncsa(1844)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1844
Name: CVE-1999-1093
Description:
Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page.
Status:EntryReference: MS:MS98-011
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-011
Reference: MSKB:Q191200
Reference: URL:http://support.microsoft.com/support/kb/articles/q191/2/00.asp
Reference: XF:java-script-patch(1276)
Reference: URL:http://www.iss.net/security_center/static/1276.php
Name: CVE-1999-1094
Description:
Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue."
Status:EntryReference: BUGTRAQ:19980114 L0pht Advisory MSIE4.0(1)
Reference: URL:http://marc.info/?l=bugtraq&m=88480839506155&w=2
Reference: MSKB:Q176697
Reference: URL:http://support.microsoft.com/support/kb/articles/q176/6/97.asp
Reference: XF:iemk-bug(917)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/917
Name: CVE-1999-1098
Description:
Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing.
Status:EntryReference: CERT:CA-1995-03
Reference: URL:http://www.cert.org/advisories/CA-1995-03.html
Reference: CIAC:F-12
Reference: URL:http://www.ciac.org/ciac/bulletins/f-12.shtml
Reference: OSVDB:4881
Reference: URL:http://www.osvdb.org/4881
Reference: XF:bsd-telnet(516)
Reference: URL:http://www.iss.net/security_center/static/516.php
Name: CVE-1999-1099
Description:
Kerberos 4 allows remote attackers to obtain sensitive information via a malformed UDP packet that generates an error string that inadvertently includes the realm name and the last user.
Status:EntryReference: BUGTRAQ:19961122 L0pht Kerberos Advisory
Reference: URL:http://marc.info/?l=bugtraq&m=87602167420184&w=2
Reference: XF:kerberos-user-grab(65)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/65
Name: CVE-1999-1100
Description:
Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack.
Status:EntryReference: CIAC:I-056
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/i-056.shtml
Reference: CISCO:19980616 PIX Private Link Key Processing and Cryptography Issues
Reference: URL:http://www.cisco.com/warp/public/770/pixkey-pub.shtml
Reference: XF:cisco-pix-parse-error(1579)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1579
Name: CVE-1999-1102
Description:
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
Status:EntryReference: BUGTRAQ:19940307 8lgm Advisory Releases
Reference: URL:http://www.aenigma.net/resources/maillist/bugtraq/1994/0091.htm
Reference: CIAC:E-25a
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/e-25.shtml
Reference: MISC:http://www.phreak.org/archives/security/8lgm/8lgm.lpr
Name: CVE-1999-1103
Description:
dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter.
Status:EntryReference: CERT:VB-96.05
Reference: URL:http://www.cert.org/vendor_bulletins/VB-96.05.dec
Reference: CIAC:G-18
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/g-18.shtml
Reference: MISC:http://www.tao.ca/fire/bos/0209.html
Reference: XF:osf-dxconsole-gain-privileges(7138)
Reference: URL:http://www.iss.net/security_center/static/7138.php
Name: CVE-1999-1104
Description:
Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords.
Status:EntryReference: BUGTRAQ:19951205 Cracked: WINDOWS.PWL
Reference: URL:http://marc.info/?l=bugtraq&m=87602167418931&w=2
Reference: BUGTRAQ:19980120 How to recover private keys for various Microsoft products
Reference: URL:http://marc.info/?l=bugtraq&m=88536273725787&w=2
Reference: MSKB:Q140557
Reference: URL:http://support.microsoft.com/support/kb/articles/q140/5/57.asp
Reference: NTBUGTRAQ:19980121 How to recover private keys for various Microsoft products
Reference: URL:http://marc.info/?l=ntbugtraq&m=88540877601866&w=2
Reference: XF:win95-nbsmbpwl(71)
Reference: URL:http://www.iss.net/security_center/static/71.php
Name: CVE-1999-1105
Description:
Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive.
Status:EntryReference: CONFIRM:http://www.zdnet.com/eweek/reviews/1016/tr42bug.html
Reference: MISC:http://www.net-security.sk/bugs/NT/netware1.html
Reference: XF:win95-netware-hidden-share(7231)
Reference: URL:http://www.iss.net/security_center/static/7231.php
Name: CVE-1999-1109
Description:
Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated.
Status:EntryReference: BID:904
Reference: URL:http://www.securityfocus.com/bid/904
Reference: BUGTRAQ:19991222 Re: procmail / Sendmail - five bugs
Reference: URL:http://marc.info/?l=bugtraq&m=94632241202626&w=2
Reference: BUGTRAQ:20000113 Re: procmail / Sendmail - five bugs
Reference: URL:http://marc.info/?l=bugtraq&m=94780566911948&w=2
Reference: XF:sendmail-etrn-dos(7760)
Reference: URL:http://www.iss.net/security_center/static/7760.php
Name: CVE-1999-1111
Description:
Vulnerability in StackGuard before 1.21 allows remote attackers to bypass the Random and Terminator Canary security mechanisms by using a non-linear attack which directly modifies a pointer to a return address instead of using a buffer overflow to reach the return address entry itself.
Status:EntryReference: BID:786
Reference: URL:http://www.securityfocus.com/bid/786
Reference: BUGTRAQ:19911109 ImmuniX OS Security Alert: StackGuard 1.21 Released
Reference: URL:http://marc.info/?l=bugtraq&m=94218618329838&w=2
Reference: XF:immunix-stackguard-bo(3524)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3524
Name: CVE-1999-1114
Description:
Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges.
Status:EntryReference: AUSCERT:AA-96.17
Reference: URL:ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-96.17.suid_exec.vul
Reference: BID:467
Reference: URL:http://www.securityfocus.com/bid/467
Reference: CIAC:H-15A
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/h-15a.shtml
Reference: SGI:19980405-01-I
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980405-01-I
Reference: XF:ksh-suid_exec(2100)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2100
Name: CVE-1999-1115
Description:
Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh).
Status:EntryReference: BID:7
Reference: URL:http://www.securityfocus.com/bid/7
Reference: CERT:CA-1990-04
Reference: URL:http://www.cert.org/advisories/CA-1990-04.html
Reference: CIAC:A-30
Reference: URL:http://www.ciac.org/ciac/bulletins/a-30.shtml
Reference: XF:apollo-suidexec-unauthorized-access(6721)
Reference: URL:http://www.iss.net/security_center/static/6721.php
Name: CVE-1999-1116
Description:
Vulnerability in runpriv in Indigo Magic System Administration subsystem of SGI IRIX 6.3 and 6.4 allows local users to gain root privileges.
Status:EntryReference: BID:462
Reference: URL:http://www.securityfocus.com/bid/462
Reference: OSVDB:1009
Reference: URL:http://www.osvdb.org/1009
Reference: SGI:19970503-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19970503-01-PX
Reference: XF:sgi-runpriv(2108)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2108
Name: CVE-1999-1117
Description:
lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter.
Status:EntryReference: BID:455
Reference: URL:http://www.securityfocus.com/bid/455
Reference: BUGTRAQ:19961124
Reference: URL:http://marc.info/?l=bugtraq&w=2&r=1&s=lquerypv&q=b
Reference: BUGTRAQ:19961125 AIX lquerypv
Reference: URL:http://marc.info/?l=bugtraq&m=87602167420196&w=2
Reference: BUGTRAQ:19961125 lquerypv fix
Reference: URL:http://marc.info/?l=bugtraq&m=87602167420195&w=2
Reference: CIAC:H-13
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/h-13.shtml
Reference: XF:ibm-lquerypv(1752)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1752
Name: CVE-1999-1118
Description:
ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters.
Status:EntryReference: BID:433
Reference: URL:http://www.securityfocus.com/bid/433
Reference: SUN:00165
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/165&type=0&nav=sec.sba
Reference: XF:sun-ndd(817)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/817
Name: CVE-1999-1119
Description:
FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands.
Status:EntryReference: BID:41
Reference: URL:http://www.securityfocus.com/bid/41
Reference: CERT:CA-1992-09
Reference: URL:http://www.cert.org/advisories/CA-1992-09.html
Reference: XF:aix-anon-ftp(3154)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3154
Name: CVE-1999-1120
Description:
netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges.
Status:EntryReference: BID:395
Reference: URL:http://www.securityfocus.com/bid/395
Reference: BUGTRAQ:19970104 Irix: netprint story
Reference: URL:http://marc.info/?l=bugtraq&m=87602167420403&w=2
Reference: OSVDB:993
Reference: URL:http://www.osvdb.org/993
Reference: SGI:19961203-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19961203-01-PX
Reference: SGI:19961203-02-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19961203-02-PX
Reference: XF:sgi-netprint(2107)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2107
Name: CVE-1999-1121
Description:
The default configuration for UUCP in AIX before 3.2 allows local users to gain root privileges.
Status:EntryReference: BID:38
Reference: URL:http://www.securityfocus.com/bid/38
Reference: CERT:CA-1992-06
Reference: URL:http://www.cert.org/advisories/CA-1992-06.html
Reference: OSVDB:891
Reference: URL:http://www.osvdb.org/891
Reference: XF:ibm-uucp(554)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/554
Name: CVE-1999-1122
Description:
Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges.
Status:EntryReference: BID:3
Reference: URL:http://www.securityfocus.com/bid/3
Reference: CERT:CA-1989-02
Reference: URL:http://www.cert.org/advisories/CA-1989-02.html
Reference: CIAC:CIAC-08
Reference: URL:http://www.ciac.org/ciac/bulletins/ciac-08.shtml
Reference: SUNBUG:1019265
Reference: XF:sun-restore-gain-privileges(6695)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/6695
Name: CVE-1999-1127
Description:
Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability.
Status:EntryReference: MS:MS98-017
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-017
Reference: MSKB:Q195733
Reference: URL:http://support.microsoft.com/support/kb/articles/Q195/7/33.asp
Reference: XF:nt-spoolss(523)
Reference: URL:http://www.iss.net/security_center/static/523.php
Name: CVE-1999-1131
Description:
Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or organization.
Status:EntryReference: CERT:VB-97.12
Reference: URL:http://www.cert.org/vendor_bulletins/VB-97.12.opengroup
Reference: CIAC:I-060
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/i-060.shtml
Reference: SGI:19980601-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980601-01-PX
Reference: XF:sgi-osf-dce-dos(1123)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1123
Name: CVE-1999-1132
Description:
Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs.
Status:EntryReference: BUGTRAQ:19981005 NMRC Advisory - Lame NT Token Ring DoS
Reference: URL:http://marc.info/?l=bugtraq&m=90763508011966&w=2
Reference: MSKB:Q179157
Reference: URL:http://support.microsoft.com/support/kb/articles/Q179/1/57.asp
Reference: NTBUGTRAQ:19981002 NMRC Advisory - Lame NT Token Ring DoS
Reference: URL:http://marc.info/?l=ntbugtraq&m=90760603030452&w=2
Reference: XF:token-ring-dos(1399)
Reference: URL:http://www.iss.net/security_center/static/1399.php
Name: CVE-1999-1136
Description:
Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems.
Status:EntryReference: BUGTRAQ:19980729 HP-UX Predictive & Netscape SSL Vulnerabilities
Reference: URL:http://marc.info/?l=bugtraq&m=90221104526177&w=2
Reference: CIAC:I-081
Reference: URL:http://www.ciac.org/ciac/bulletins/i-081.shtml
Reference: HP:HPSBMP9807-005
Reference: URL:http://cert.ip-plus.net/bulletin-archive/msg00040.html
Reference: HP:HPSBUX9807-081
Reference: URL:http://www.codetalker.com/advisories/vendor/hp/hpsbux9807-081.html
Reference: XF:mpeix-predictive(1413)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1413
Name: CVE-1999-1137
Description:
The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.
Status:EntryReference: CIAC:E-01
Reference: URL:http://www.ciac.org/ciac/bulletins/e-01.shtml
Reference: OSVDB:6436
Reference: URL:http://www.osvdb.org/6436
Reference: SUN:00122
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/122&type=0&nav=sec.sba
Reference: XF:sun-audio(549)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/549
Name: CVE-1999-1138
Description:
SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable.
Status:EntryReference: CERT:CA-1993-13
Reference: URL:http://www.cert.org/advisories/CA-1993-13.html
Reference: XF:sco-homedir(546)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/546
Name: CVE-1999-1139
Description:
Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file.
Status:EntryReference: BUGTRAQ:19970901 HP UX Bug :)
Reference: URL:http://marc.info/?l=bugtraq&m=87602880019745&w=2
Reference: BUGTRAQ:19980121 HP-UX CUE, CUD and LAND vulnerabilities
Reference: URL:http://security-archive.merton.ox.ac.uk/bugtraq-199801/0122.html
Reference: CIAC:I-027B
Reference: URL:http://www.ciac.org/ciac/bulletins/i-027b.shtml
Reference: HP:HPSBUX9801-074
Reference: URL:http://www.codetalker.com/advisories/vendor/hp/hpsbux9801-074.html
Reference: XF:hp-cue(2007)
Reference: URL:http://www.iss.net/security_center/static/2007.php
Name: CVE-1999-1140
Description:
Buffer overflow in CrackLib 2.5 may allow local users to gain root privileges via a long GECOS field.
Status:EntryReference: BUGTRAQ:19971214 buffer overflows in cracklib?!
Reference: URL:http://marc.info/?l=bugtraq&m=88209041500913&w=2
Reference: CERT:VB-97.16
Reference: URL:http://www.cert.org/vendor_bulletins/VB-97.16.CrackLib
Reference: XF:cracklib-bo(1539)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1539
Name: CVE-1999-1142
Description:
SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user.
Status:EntryReference: CERT:CA-1992-11
Reference: URL:http://www.cert.org/advisories/CA-1992-11.html
Reference: SUN:00116
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/116
Reference: XF:sun-env(3152)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3152
Name: CVE-1999-1143
Description:
Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs.
Status:EntryReference: CIAC:H-065
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/h-65.shtml
Reference: SGI:19970504-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19970504-01-PX
Reference: XF:sgi-rld(2109)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2109
Name: CVE-1999-1144
Description:
Certain files in MPower in HP-UX 10.x are installed with insecure permissions, which allows local users to gain privileges.
Status:EntryReference: HP:HPSBUX9701-051
Reference: URL:http://www.codetalker.com/advisories/vendor/hp/hpsbux9701-051.html
Reference: XF:hp-mpower(2056)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2056
Name: CVE-1999-1145
Description:
Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges.
Status:EntryReference: CIAC:H-21
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/h-21.shtml
Reference: HP:HPSBUX9701-044
Reference: URL:http://www.securityfocus.com/templates/advisory.html?id=1514
Reference: XF:hp-glanceplus(2059)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2059
Name: CVE-1999-1146
Description:
Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges.
Status:EntryReference: HP:HPSBUX9405-011
Reference: URL:http://www.securityfocus.com/advisories/1555
Reference: XF:hp-glanceplus-gpm(2060)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2060
Name: CVE-1999-1147
Description:
Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows remote attackers to execute arbitrary commands via a long string to the Agent port (1827), which is handled by smaxagent.exe.
Status:EntryReference: BUGTRAQ:19981204 [SAFER-981204.DOS.1.3] Buffer Overflow in Platinum PCM 7.0
Reference: URL:http://marc.info/?l=bugtraq&m=91273739726314&w=2
Reference: BUGTRAQ:19981207 Re: [SAFER-981204.DOS.1.3] Buffer Overflow in Platinum PCM 7.0
Reference: OSVDB:3164
Reference: URL:http://www.osvdb.org/3164
Reference: XF:pcm-dos-execute(1430)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1430
Name: CVE-1999-1148
Description:
FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time.
Status:EntryReference: MS:MS98-006
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-006
Reference: MSKB:Q189262
Reference: URL:http://support.microsoft.com/support/kb/articles/Q189/2/62.ASP
Reference: XF:iis-passive-ftp(1215)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1215
Name: CVE-1999-1156
Description:
BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns.
Status:EntryReference: NTBUGTRAQ:19990517 Vulnerabilities in BisonWare FTP Server 3.5
Reference: XF:bisonware-port-crash(2254)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2254
Name: CVE-1999-1157
Description:
Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface.
Status:EntryReference: MSKB:Q192774
Reference: URL:http://support.microsoft.com/support/kb/articles/Q192/7/74.ASP
Reference: XF:tcpipsys-icmp-dos(3894)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3894
Name: CVE-1999-1159
Description:
SSH 2.0.11 and earlier allows local users to request remote forwarding from privileged ports without being root.
Status:EntryReference: BUGTRAQ:19981229 ssh2 security problem (and patch) (fwd)
Reference: URL:http://marc.info/?l=bugtraq&m=91495920911490&w=2
Reference: XF:ssh-privileged-port-forward(1471)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1471
Name: CVE-1999-1160
Description:
Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges.
Status:EntryReference: CIAC:H-33
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/h-33.shtml
Reference: HP:HPSBUX9702-055
Reference: URL:http://marc.info/?l=bugtraq&m=87602167420581&w=2
Reference: XF:hp-ftpd-kftpd(7437)
Reference: URL:http://www.iss.net/security_center/static/7437.php
Name: CVE-1999-1161
Description:
Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump.
Status:EntryReference: AUSCERT:AA-97.07
Reference: BUGTRAQ:19961103 Re: Untitled
Reference: URL:http://marc.info/?l=bugtraq&m=87602167420102&w=2
Reference: BUGTRAQ:19961104 ppl bugs
Reference: URL:http://marc.info/?l=bugtraq&m=87602167420103&w=2
Reference: CIAC:H-32
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/h-32.shtml
Reference: HP:HPSBUX9704-057
Reference: URL:http://www.codetalker.com/advisories/vendor/hp/hpsbux9704-057.html
Reference: XF:hp-ppl(7438)
Reference: URL:http://www.iss.net/security_center/static/7438.php
Name: CVE-1999-1162
Description:
Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers to cause a denial of service by preventing users from being able to log into the system.
Status:EntryReference: CERT:CA-1993-08
Reference: URL:http://www.cert.org/advisories/CA-1993-08.html
Reference: XF:sco-passwd-deny(542)
Reference: URL:http://www.iss.net/security_center/static/542.php
Name: CVE-1999-1163
Description:
Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation.
Status:EntryReference: HP:HPSBUX9911-105
Reference: URL:http://marc.info/?l=bugtraq&m=94347039929958&w=2
Reference: XF:hp-ssp(7439)
Reference: URL:http://www.iss.net/security_center/static/7439.php
Name: CVE-1999-1167
Description:
Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation.
Status:EntryReference: CONFIRM:http://www.wired.com/news/technology/0,1282,20677,00.html
Reference: MISC:http://www.wired.com/news/technology/0,1282,20636,00.html
Reference: XF:thirdvoice-cross-site-scripting(7252)
Reference: URL:http://www.iss.net/security_center/static/7252.php
Name: CVE-1999-1175
Description:
Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.
Status:EntryReference: CIAC:I-054
Reference: URL:http://www.ciac.org/ciac/bulletins/i-054.shtml
Reference: CISCO:19980513 Cisco Web Cache Control Protocol Router Vulnerability
Reference: URL:http://www.cisco.com/warp/public/770/wccpauth-pub.shtml
Reference: XF:cisco-wccp-vuln(1577)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1577
Name: CVE-1999-1177
Description:
Directory traversal vulnerability in nph-publish before 1.2 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the pathname for an upload operation.
Status:EntryReference: CONFIRM:http://www-genome.wi.mit.edu/WWW/tools/CGI_scripts/server_publish/nph-publish
Reference: MISC:http://www.w3.org/Security/Faq/wwwsf4.html
Reference: XF:http-cgi-nphpublish(2055)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2055
Name: CVE-1999-1181
Description:
Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges.
Status:EntryReference: CIAC:J-003
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/j-003.shtml
Reference: SGI:19980901-01-PX
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19980901-01-PX
Reference: XF:irix-register(7441)
Reference: URL:http://www.iss.net/security_center/static/7441.php
Name: CVE-1999-1188
Description:
mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database.
Status:EntryReference: BUGTRAQ:19981227 mysql: mysqld creates world readable logs..
Reference: URL:http://marc.info/?l=bugtraq&m=91479159617803&w=2
Reference: XF:mysql-readable-log-files(1568)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1568
Name: CVE-1999-1189
Description:
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
Status:EntryReference: BID:822
Reference: URL:http://www.securityfocus.com/bid/822
Reference: BUGTRAQ:19991124 Netscape Communicator 4.7 - Navigator Overflows
Reference: URL:http://www.securityfocus.com/archive/1/36306
Reference: BUGTRAQ:19991127 Netscape Communicator 4.7 - Navigator Overflows
Reference: URL:http://www.securityfocus.com/archive/1/36608
Reference: XF:netscape-long-argument-bo(7884)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7884
Name: CVE-1999-1191
Description:
Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
Status:EntryReference: AUSCERT:AA-97.18
Reference: URL:ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-97.18.solaris.chkey.buffer.overflow.vul
Reference: BID:207
Reference: URL:http://www.securityfocus.com/bid/207
Reference: BUGTRAQ:19970519 Re: Finally, most of an exploit for Solaris 2.5.1's ps.
Reference: URL:http://marc.info/?l=bugtraq&m=87602167418335&w=2
Reference: SUN:00144
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/144
Reference: XF:solaris-chkey-bo(7442)
Reference: URL:http://www.iss.net/security_center/static/7442.php
Name: CVE-1999-1192
Description:
Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
Status:EntryReference: BID:206
Reference: URL:http://www.securityfocus.com/bid/206
Reference: SUN:00143
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/143
Reference: XF:solaris-eeprom-bo(7444)
Reference: URL:http://www.iss.net/security_center/static/7444.php
Name: CVE-1999-1193
Description:
The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root.
Status:EntryReference: BID:20
Reference: URL:http://www.securityfocus.com/bid/20
Reference: CERT:CA-1991-06
Reference: URL:http://www.cert.org/advisories/CA-1991-06.html
Reference: XF:next-me(581)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/581
Name: CVE-1999-1194
Description:
chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which allows local users to gain privileges.
Status:EntryReference: BID:17
Reference: URL:http://www.securityfocus.com/bid/17
Reference: CERT:CA-1991-05
Reference: URL:http://www.cert.org/advisories/CA-1991-05.html
Reference: XF:dec-chroot(577)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/577
Name: CVE-1999-1197
Description:
TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a user who tries to redirect console output and input, which could allow a local user to gain privileges.
Status:EntryReference: BID:14
Reference: URL:http://www.securityfocus.com/bid/14
Reference: CERT:CA-1990-12
Reference: URL:http://www.cert.org/advisories/CA-1990-12.html
Reference: XF:sunos-tioccons-console-redirection(7140)
Reference: URL:http://www.iss.net/security_center/static/7140.php
Name: CVE-1999-1198
Description:
BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges.
Status:EntryReference: BID:11
Reference: URL:http://www.securityfocus.com/bid/11
Reference: CERT:CA-1990-06
Reference: URL:http://www.cert.org/advisories/CA-1990-06.html
Reference: CIAC:B-01
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/b-01.shtml
Reference: XF:nextstep-builddisk-root-access(7141)
Reference: URL:http://www.iss.net/security_center/static/7141.php
Name: CVE-1999-1199
Description:
Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.
Status:EntryReference: BUGTRAQ:19980807 YA Apache DoS attack
Reference: URL:http://marc.info/?l=bugtraq&m=90252779826784&w=2
Reference: BUGTRAQ:19980808 Debian Apache Security Update
Reference: URL:http://marc.info/?l=bugtraq&m=90276683825862&w=2
Reference: BUGTRAQ:19980810 Apache DoS Attack
Reference: URL:http://marc.info/?l=bugtraq&m=90286768232093&w=2
Reference: BUGTRAQ:19980811 Apache 'sioux' DOS fix for TurboLinux
Reference: URL:http://marc.info/?l=bugtraq&m=90280517007869&w=2
Reference: CONFIRM:http://www.redhat.com/support/errata/rh51-errata-general.html#apache
Reference: MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
Reference: URL:https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
Reference: MLIST:[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
Reference: URL:https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
Reference: MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
Reference: URL:https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
Reference: MLIST:[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
Reference: URL:https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
Name: CVE-1999-1201
Description:
Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing.
Status:EntryReference: BID:225
Reference: URL:http://www.securityfocus.com/bid/225
Reference: NTBUGTRAQ:19990206 New Windows 9x Bug: TCP Chorusing
Reference: URL:http://marc.info/?l=ntbugtraq&m=91849617221319&w=2
Reference: XF:win-multiple-ip-dos(7542)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7542
Name: CVE-1999-1203
Description:
Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier.
Status:EntryReference: BUGTRAQ:19990210 Security problems in ISDN equipment authentication
Reference: URL:http://marc.info/?l=bugtraq&m=91868964203769&w=2
Reference: BUGTRAQ:19990212 PPP/ISDN multilink security issue - summary
Reference: URL:http://marc.info/?l=bugtraq&m=91888117502765&w=2
Reference: XF:ascend-ppp-isdn-dos(7498)
Reference: URL:http://www.iss.net/security_center/static/7498.php
Name: CVE-1999-1204
Description:
Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default "ANY" address and result in access to more systems than intended by the administrator.
Status:EntryReference: BUGTRAQ:19980511 Firewall-1 Reserved Keywords Vulnerability
Reference: URL:http://marc.info/?l=bugtraq&m=90221101925912&w=2
Reference: CONFIRM:http://www.checkpoint.com/techsupport/config/keywords.html
Reference: OSVDB:4416
Reference: URL:http://www.osvdb.org/4416
Reference: XF:fw1-user-defined-keywords-access(7293)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7293
Name: CVE-1999-1205
Description:
nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information.
Status:EntryReference: BUGTRAQ:19960607 HP-UX B.10.01 vulnerability
Reference: URL:http://marc.info/?l=bugtraq&m=87602167419195&w=2
Reference: CIAC:G-34
Reference: HP:HPSBUX9607-035
Reference: URL:http://packetstormsecurity.org/advisories/ibm-ers/96-08
Reference: XF:hp-nettune(414)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/414
Name: CVE-1999-1208
Description:
Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument.
Status:EntryReference: BUGTRAQ:19970721 AIX ping (Exploit)
Reference: URL:http://marc.info/?l=bugtraq&m=87602661419330&w=2
Reference: BUGTRAQ:19970721 AIX ping, lchangelv, xlock fixes
Reference: URL:http://marc.info/?l=bugtraq&m=87602661419337&w=2
Reference: XF:ping-bo(803)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/803
Name: CVE-1999-1209
Description:
Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges.
Status:EntryReference: BUGTRAQ:19971204 scoterm exploit
Reference: URL:http://marc.info/?l=bugtraq&m=88131151000069&w=2
Reference: CERT:VB-97.14
Reference: URL:http://www.cert.org/vendor_bulletins/VB-97.14.scoterm
Reference: XF:sco-scoterm(690)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/690
Name: CVE-1999-1214
Description:
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
Status:EntryReference: MISC:http://www.openbsd.com/advisories/signals.txt
Reference: OPENBSD:19970915 Vulnerability in I/O Signal Handling
Reference: URL:http://www.openbsd.com/advisories/signals.txt
Reference: OSVDB:11062
Reference: URL:http://www.osvdb.org/11062
Reference: XF:openbsd-iosig(556)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/556
Name: CVE-1999-1215
Description:
LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges.
Status:EntryReference: CERT:CA-1993-12
Reference: URL:http://www.cert.org/advisories/CA-1993-12.html
Reference: CIAC:D-21
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/d-21.shtml
Reference: XF:novell-login(545)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/545
Name: CVE-1999-1217
Description:
The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories.
Status:EntryReference: NTBUGTRAQ:19970723 NT security - why bother?
Reference: URL:http://marc.info/?l=ntbugtraq&m=87602726319426&w=2
Reference: NTBUGTRAQ:19970725 Re: NT security - why bother?
Reference: URL:http://marc.info/?l=ntbugtraq&m=87602726319435&w=2
Reference: XF:nt-path(526)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/526
Name: CVE-1999-1222
Description:
Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cause a denial of service (crash) by returning 0.0.0.0 as the IP address for a DNS host name lookup.
Status:EntryReference: MSKB:Q188571
Reference: URL:http://support.microsoft.com/support/kb/articles/Q188/5/71.ASP
Reference: XF:dns-netbtsys-dos(3893)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3893
Name: CVE-1999-1223
Description:
IIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which the URL contains a large number of / (forward slash) characters.
Status:EntryReference: MSKB:Q187503
Reference: URL:http://support.microsoft.com/support/kb/articles/q187/5/03.asp
Reference: XF:url-asp-av(3892)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3892
Name: CVE-1999-1226
Description:
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.
Status:EntryReference: MISC:http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html
Reference: XF:netscape-huge-key-dos(3436)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3436
Name: CVE-1999-1233
Description:
IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability.
Status:EntryReference: BID:657
Reference: URL:http://www.securityfocus.com/bid/657
Reference: MS:MS99-039
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-039
Reference: MSKB:241562
Reference: URL:http://support.microsoft.com/support/kb/articles/Q241/5/62.asp
Reference: XF:iis-unresolved-domain-access(3306)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3306
Name: CVE-1999-1243
Description:
SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges.
Status:EntryReference: CIAC:F-16
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/f-16.shtml
Reference: SGI:19950301-01-P373
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19950301-01-P373
Reference: XF:sgi-permissions(2113)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2113
Name: CVE-1999-1246
Description:
Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.
Status:EntryReference: MSKB:Q229972
Reference: URL:http://support.microsoft.com/support/kb/articles/Q229/9/72.asp
Reference: XF:siteserver-directmail-passwords(2068)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2068
Name: CVE-1999-1249
Description:
movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges.
Status:EntryReference: HP:HPSBUX9701-047
Reference: URL:http://www.codetalker.com/advisories/vendor/hp/hpsbux9701-047.html
Reference: OSVDB:8099
Reference: URL:http://www.osvdb.org/8099
Reference: XF:hp-movemail(2057)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2057
Name: CVE-1999-1258
Description:
rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent remote access to the daemon, which allows remote attackers to obtain sensitive system information.
Status:EntryReference: SUN:00102
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/102
Reference: XF:sun-pwdauthd(1782)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1782
Name: CVE-1999-1259
Description:
Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information.
Status:EntryReference: MSKB:Q189529
Reference: URL:http://support.microsoft.com/support/kb/articles/q189/5/29.asp
Reference: XF:office-extraneous-data(1780)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1780
Name: CVE-1999-1262
Description:
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities.
Status:EntryReference: BUGTRAQ:19990202 Unsecured server in applets under Netscape
Reference: URL:http://www.securityfocus.com/archive/1/12231
Reference: XF:java-socket-open(1727)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1727
Name: CVE-1999-1263
Description:
Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file.
Status:EntryReference: BUGTRAQ:19971024 Vulnerability in metamail
Reference: URL:http://marc.info/?l=bugtraq&m=87773365324657&w=2
Reference: XF:metamail-file-creation(1677)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1677
Name: CVE-1999-1276
Description:
fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device.
Status:EntryReference: DEBIAN:19981207 fte-console: does not drop its root priviliges
Reference: URL:http://www.debian.org/security/1998/19981207
Reference: XF:fte-console-privileges(1609)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1609
Name: CVE-1999-1279
Description:
An interaction between the AS/400 shared folders feature and Microsoft SNA Server 3.0 and earlier allows users to view each other's folders when the users share the same Local APPC LU.
Status:EntryReference: MSKB:Q138001
Reference: URL:http://support.microsoft.com/support/kb/articles/q138/0/01.asp
Reference: XF:snaserver-shared-folders(1548)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1548
Name: CVE-1999-1284
Description:
NukeNabber allows remote attackers to cause a denial of service by connecting to the NukeNabber port (1080) without sending any data, which causes the CPU usage to rise to 100% from the report.exe program that is executed upon the connection.
Status:EntryReference: BUGTRAQ:19981105 various *lame* DoS attacks
Reference: URL:http://www.securityfocus.com/archive/1/11131
Reference: BUGTRAQ:19981107 Re: various *lame* DoS attacks
Reference: URL:http://marc.info/?l=bugtraq&m=91063407332594&w=2
Reference: MISC:http://www.dynamsol.com/puppet/text/new.txt
Reference: XF:nukenabber-timeout-dos(1540)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1540
Name: CVE-1999-1288
Description:
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.
Status:EntryReference: BUGTRAQ:19981119 Vulnerability in Samba on RedHat, Caldera and PHT TurboLinux
Reference: URL:http://www.securityfocus.com/archive/1/11397
Reference: CALDERA:SA-1998.35
Reference: URL:http://www.caldera.com/support/security/advisories/SA-1998.35.txt
Reference: XF:samba-wsmbconf(1406)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1406
Name: CVE-1999-1290
Description:
Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string.
Status:EntryReference: BUGTRAQ:19981117 nftp vulnerability (fwd)
Reference: URL:http://marc.info/?l=bugtraq&m=91127951426494&w=2
Reference: CONFIRM:http://www.ayukov.com/nftp/history.html
Reference: XF:nftp-bo(1397)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1397
Name: CVE-1999-1294
Description:
Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore permissions, which are inherited by programs such as File Manager that are started from the Shortcut Bar, which could allow local users to read folders for which they do not have permission.
Status:EntryReference: MSKB:Q146604
Reference: URL:http://support.microsoft.com/support/kb/articles/q146/6/04.asp
Reference: XF:nt-filemgr(562)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/562
Name: CVE-1999-1297
Description:
cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.
Status:EntryReference: SUNBUG:1077164
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fpatches%2F100452&zone_32=10045%2A%20
Reference: XF:sun-cmdtool-echo(7482)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7482
Name: CVE-1999-1298
Description:
Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user without a password and with /bin/date as the shell, which could allow attackers to gain access to certain system resources.
Status:EntryReference: FREEBSD:FreeBSD-SA-97:03
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-97:03.sysinstall.asc
Reference: OSVDB:6087
Reference: URL:http://www.osvdb.org/6087
Reference: XF:freebsd-sysinstall-ftp-password(7537)
Reference: URL:http://www.iss.net/security_center/static/7537.php
Name: CVE-1999-1301
Description:
A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly other programs.
Status:EntryReference: CIAC:G-31
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/g-31.shtml
Reference: FREEBSD:FreeBSD-SA-96:17
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-96:17.rzsz.asc
Reference: XF:rzsz-command-execution(7540)
Reference: URL:http://www.iss.net/security_center/static/7540.php
Name: CVE-1999-1309
Description:
Sendmail before 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option.
Status:EntryReference: BUGTRAQ:19940314 sendmail -d problem (OLD yet still here)
Reference: URL:http://www.dataguard.no/bugtraq/1994_1/0040.html
Reference: BUGTRAQ:19940315 Security problem in sendmail versions 8.x.x
Reference: URL:http://www.dataguard.no/bugtraq/1994_1/0048.html
Reference: BUGTRAQ:19940315 anyone know details?
Reference: URL:http://www.dataguard.no/bugtraq/1994_1/0042.html
Reference: BUGTRAQ:19940315 so...
Reference: URL:http://www.dataguard.no/bugtraq/1994_1/0043.html
Reference: BUGTRAQ:19940327 sendmail exploit script - resend
Reference: URL:http://www.dataguard.no/bugtraq/1994_1/0078.html
Reference: CERT:CA-1994-12
Reference: URL:http://www.cert.org/advisories/CA-94.12.sendmail.vulnerabilities
Reference: XF:sendmail-debug-gain-root(7155)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7155
Name: CVE-1999-1316
Description:
Passfilt.dll in Windows NT SP2 allows users to create a password that contains the user's name, which could make it easier for an attacker to guess.
Status:EntryReference: MSKB:Q247975
Reference: URL:http://support.microsoft.com/support/kb/articles/Q247/9/75.asp
Reference: XF:passfilt-fullname(7391)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7391
Name: CVE-1999-1317
Description:
Windows NT 4.0 SP4 and earlier allows local users to gain privileges by modifying the symbolic link table in the \?? object folder using a different case letter (upper or lower) to point to a different device.
Status:EntryReference: MSKB:Q222159
Reference: URL:http://support.microsoft.com/support/kb/articles/q222/1/59.asp
Reference: NTBUGTRAQ:19990312 [ ALERT ] Case Sensitivity and Symbolic Links
Reference: URL:http://marc.info/?l=ntbugtraq&m=92127046701349&w=2
Reference: NTBUGTRAQ:19990314 AW: [ ALERT ] Case Sensitivity and Symbolic Links
Reference: URL:http://marc.info/?l=ntbugtraq&m=92162979530341&w=2
Reference: XF:nt-symlink-case(7398)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7398
Name: CVE-1999-1318
Description:
/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to gain privileges via Trojan horse programs.
Status:EntryReference: SUNBUG:1121935
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fpatches%2F100630&zone_32=112193%2A%20
Reference: XF:sun-su-path(7480)
Reference: URL:http://www.iss.net/security_center/static/7480.php
Name: CVE-1999-1320
Description:
Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing.
Status:EntryReference: CIAC:D-01
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/d-01.shtml
Reference: XF:netware-packet-spoofing-privileges(7213)
Reference: URL:http://www.iss.net/security_center/static/7213.php
Name: CVE-1999-1321
Description:
Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing.
Status:EntryReference: BUGTRAQ:19981105 security patch for ssh-1.2.26 kerberos code
Reference: URL:http://lists.netspace.org/cgi-bin/wa?A2=ind9811A&L=bugtraq&P=R4814
Reference: OSVDB:4883
Reference: URL:http://www.osvdb.org/4883
Name: CVE-1999-1324
Description:
VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which makes it easier for attackers to conduct brute force password guessing.
Status:EntryReference: CIAC:D-06
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/d-06.shtml
Reference: XF:openvms-sysgen-enabled(7225)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7225
Name: CVE-1999-1325
Description:
SAS System 5.18 on VAX/VMS is installed with insecure permissions for its directories and startup file, which allows local users to gain privileges.
Status:EntryReference: CIAC:C-19
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/c-19.shtml
Reference: XF:vaxvms-sas-gain-privileges(7261)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7261
Name: CVE-1999-1326
Description:
wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files.
Status:EntryReference: BUGTRAQ:19970104 serious security bug in wu-ftpd v2.4
Reference: URL:http://marc.info/?l=bugtraq&m=87602167420401&w=2
Reference: BUGTRAQ:19970105 BoS: serious security bug in wu-ftpd v2.4 -- PATCH
Reference: URL:http://marc.info/?l=bugtraq&m=87602167420408&w=2
Reference: XF:wuftpd-abor-gain-privileges(7169)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7169
Name: CVE-1999-1327
Description:
Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable.
Status:EntryReference: BUGTRAQ:19980601 Re: SECURITY: Red Hat Linux 5.1 linuxconf bug (fwd)
Reference: URL:http://marc.info/?l=bugtraq&m=90221103125826&w=2
Reference: CONFIRM:http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf
Reference: OSVDB:6065
Reference: URL:http://www.osvdb.org/6065
Reference: XF:linuxconf-lang-bo(7239)
Reference: URL:http://www.iss.net/security_center/static/7239.php
Name: CVE-1999-1328
Description:
linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.
Status:EntryReference: BUGTRAQ:19980823 Security concerns in linuxconf shipped w/RedHat 5.1
Reference: URL:http://marc.info/?l=bugtraq&m=90383955231511&w=2
Reference: BUGTRAQ:19980826 [djb@redhat.com: Unidentified subject!]
Reference: CONFIRM:http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf
Reference: OSVDB:6068
Reference: URL:http://www.osvdb.org/6068
Reference: XF:linuxconf-symlink-gain-privileges(7232)
Reference: URL:http://www.iss.net/security_center/static/7232.php
Name: CVE-1999-1329
Description:
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.
Status:EntryReference: CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#SysVinit
Reference: XF:sysvinit-root-bo(7250)
Reference: URL:http://www.iss.net/security_center/static/7250.php
Name: CVE-1999-1330
Description:
The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.
Status:EntryReference: BUGTRAQ:19970709 [linux-security] so-called snprintf() in db-1.85.4 (fwd)
Reference: URL:http://marc.info/?l=bugtraq&m=87602661419259&w=2
Reference: CONFIRM:http://lists.openresources.com/Debian/debian-bugs-closed/msg00581.html
Reference: CONFIRM:http://www.redhat.com/support/errata/rh42-errata-general.html#db
Reference: XF:linux-libdb-snprintf-bo(7244)
Reference: URL:http://www.iss.net/security_center/static/7244.php
Name: CVE-1999-1331
Description:
netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface.
Status:EntryReference: CONFIRM:http://www.redhat.com/support/errata/rh42-errata-general.html#netcfg
Reference: XF:netcfg-ethernet-dos(7245)
Reference: URL:http://www.iss.net/security_center/static/7245.php
Name: CVE-1999-1332
Description:
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.
Status:EntryReference: BID:7845
Reference: URL:http://www.securityfocus.com/bid/7845
Reference: BUGTRAQ:19980128 GZEXE - the big problem
Reference: URL:http://marc.info/?l=bugtraq&m=88603844115233&w=2
Reference: CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#gzip
Reference: DEBIAN:DSA-308
Reference: URL:http://www.debian.org/security/2003/dsa-308
Reference: OSVDB:3812
Reference: URL:http://www.osvdb.org/3812
Reference: XF:gzip-gzexe-tmp-symlink(7241)
Reference: URL:http://www.iss.net/security_center/static/7241.php
Name: CVE-1999-1333
Description:
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.
Status:EntryReference: BUGTRAQ:19980319 ncftp 2.4.2 MkDirs bug
Reference: URL:http://marc.info/?l=bugtraq&m=89042322924057&w=2
Reference: CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp
Reference: OSVDB:6111
Reference: URL:http://www.osvdb.org/6111
Reference: XF:ncftp-autodownload-command-execution(7240)
Reference: URL:http://www.iss.net/security_center/static/7240.php
Name: CVE-1999-1335
Description:
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.
Status:EntryReference: CONFIRM:http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp
Reference: XF:cmusnmp-read-write(7251)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7251
Name: CVE-1999-1336
Description:
3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29 allows remote attackers to cause a denial of service (reboot) via a flood of IAC packets to the telnet port.
Status:EntryReference: BUGTRAQ:19990812 3com hiperarch flaw [hiperbomb.c]
Reference: URL:http://marc.info/?l=bugtraq&m=93458364903256&w=2
Reference: BUGTRAQ:19990816 Re: 3com hiperarch flaw [hiperbomb.c]
Reference: URL:http://marc.info/?l=bugtraq&m=93492615408725&w=2
Reference: OSVDB:6057
Reference: URL:http://www.osvdb.org/6057
Name: CVE-1999-1337
Description:
FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.
Status:EntryReference: BUGTRAQ:19990801 midnight commander vulnerability(?) (fwd)
Reference: URL:http://marc.info/?l=bugtraq&m=93370073207984&w=2
Reference: OSVDB:5921
Reference: URL:http://www.osvdb.org/5921
Reference: XF:midnight-commander-data-disclosure(9873)
Reference: URL:http://www.iss.net/security_center/static/9873.php
Name: CVE-1999-1339
Description:
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command.
Status:EntryReference: BUGTRAQ:19990722 Linux +ipchains+ ping -R
Reference: URL:http://marc.info/?l=bugtraq&m=93277426802802&w=2
Reference: BUGTRAQ:19990722 Re: ping -R causes kernel panic on a forwarding machine ( 2.2.5 a nd 2 .2.10)
Reference: URL:http://marc.info/?l=bugtraq&m=93277766505061&w=2
Reference: CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.2/patch-2.2.11.gz
Reference: OSVDB:6105
Reference: URL:http://www.osvdb.org/6105
Reference: XF:ipchains-ping-route-dos(7257)
Reference: URL:http://www.iss.net/security_center/static/7257.php
Name: CVE-1999-1341
Description:
Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices.
Status:EntryReference: BUGTRAQ:19991022 Local user can send forged packets
Reference: URL:http://marc.info/?l=bugtraq&m=94061108411308&w=2
Reference: XF:linux-tiocsetd-forge-packets(7858)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7858
Name: CVE-1999-1351
Description:
Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request.
Status:EntryReference: BUGTRAQ:19990924 Kvirc bug
Reference: URL:http://marc.info/?l=bugtraq&m=93845560631314&w=2
Reference: XF:kvirc-dot-directory-traversal(7761)
Reference: URL:http://www.iss.net/security_center/static/7761.php
Name: CVE-1999-1356
Description:
Compaq Integration Maintenance Utility as used in Compaq Insight Manager agent before SmartStart 4.50 modifies the legal notice caption (LegalNoticeCaption) and text (LegalNoticeText) in Windows NT, which could produce a legal notice that is in violation of the security policy.
Status:EntryReference: BUGTRAQ:19990902 Compaq CIM UG Overwrites Legal Notice
Reference: URL:http://marc.info/?l=bugtraq&m=93646669500991&w=2
Reference: NTBUGTRAQ:19990902 Compaq CIM UG Overwrites Legal Notice
Reference: URL:http://marc.info/?l=ntbugtraq&m=93637792706047&w=2
Reference: NTBUGTRAQ:19990917 Re: Compaq CIM UG Overwrites Legal Notice
Reference: URL:http://marc.info/?l=ntbugtraq&m=93759822830815&w=2
Reference: XF:compaq-smartstart-legal-notice(7763)
Reference: URL:http://www.iss.net/security_center/static/7763.php
Name: CVE-1999-1358
Description:
When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only.
Status:EntryReference: MSKB:Q157673
Reference: URL:http://support.microsoft.com/support/kb/articles/q157/6/73.asp
Reference: XF:nt-user-policy-update(7400)
Reference: URL:http://www.iss.net/security_center/static/7400.php
Name: CVE-1999-1359
Description:
When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies.
Status:EntryReference: MSKB:Q163875
Reference: URL:http://support.microsoft.com/support/kb/articles/q163/8/75.asp
Reference: XF:nt-group-policy-longname(7401)
Reference: URL:http://www.iss.net/security_center/static/7401.php
Name: CVE-1999-1360
Description:
Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle.
Status:EntryReference: MSKB:Q160650
Reference: URL:http://support.microsoft.com/support/kb/articles/q160/6/50.asp
Reference: XF:nt-kernel-handle-dos(7402)
Reference: URL:http://www.iss.net/security_center/static/7402.php
Name: CVE-1999-1362
Description:
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.
Status:EntryReference: MSKB:Q160601
Reference: URL:http://support.microsoft.com/support/kb/articles/q160/6/01.asp
Reference: XF:nt-win32k-dos(7403)
Reference: URL:http://www.iss.net/security_center/static/7403.php
Name: CVE-1999-1363
Description:
Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool.
Status:EntryReference: MSKB:Q163143
Reference: URL:http://support.microsoft.com/support/kb/articles/q163/1/43.asp
Reference: XF:nt-nonpagedpool-dos(7405)
Reference: URL:http://www.iss.net/security_center/static/7405.php
Name: CVE-1999-1365
Description:
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default.
Status:EntryReference: BID:515
Reference: URL:http://www.securityfocus.com/bid/515
Reference: NTBUGTRAQ:19990628 NT runs Explorer.exe, Taskmgr.exe etc. from wrong location
Reference: URL:http://marc.info/?l=ntbugtraq&m=93069418400856&w=2
Reference: NTBUGTRAQ:19990630 Update: NT runs explorer.exe, etc...
Reference: URL:http://marc.info/?l=ntbugtraq&m=93127894731200&w=2
Reference: XF:nt-login-default-folder(2336)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2336
Name: CVE-1999-1379
Description:
DNS allows remote attackers to use DNS name servers as traffic amplifiers via a UDP DNS query with a spoofed source address, which produces more traffic to the victim than was sent by the attacker.
Status:EntryReference: AUSCERT:AL-1999.004
Reference: URL:ftp://ftp.auscert.org.au/pub/auscert/advisory/AL-1999.004.dns_dos
Reference: BUGTRAQ:19990730 Possible Denial Of Service using DNS
Reference: URL:http://marc.info/?l=bugtraq&m=93348057829957&w=2
Reference: BUGTRAQ:19990810 Possible Denial Of Service using DNS
Reference: URL:http://marc.info/?l=bugtraq&m=93433758607623&w=2
Reference: CIAC:J-063
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/j-063.shtml
Reference: XF:dns-udp-query-dos(7238)
Reference: URL:http://www.iss.net/security_center/static/7238.php
Name: CVE-1999-1380
Description:
Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0.
Status:EntryReference: MISC:http://mlarchive.ima.com/win95/1997/May/0342.html
Reference: MISC:http://news.zdnet.co.uk/story/0,,s2065518,00.html
Reference: MISC:http://www.net-security.sk/bugs/NT/nu20.html
Reference: XF:nu-tuneocx-activex-control(7188)
Reference: URL:http://www.iss.net/security_center/static/7188.php
Name: CVE-1999-1382
Description:
NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program.
Status:EntryReference: BUGTRAQ:19980108 NetWare NFS
Reference: URL:http://marc.info/?l=bugtraq&m=88427711321769&w=2
Reference: BUGTRAQ:19980812 Re: Netware NFS (fwd)
Reference: URL:http://marc.info/?l=bugtraq&m=90295697702474&w=2
Reference: CONFIRM:http://support.novell.com/cgi-bin/search/tidfinder.cgi?2940551
Reference: XF:netware-nfs-file-ownership(7246)
Reference: URL:http://www.iss.net/security_center/static/7246.php
Name: CVE-1999-1384
Description:
Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.
Status:EntryReference: AUSCERT:AA-96.08
Reference: URL:ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-96.08.SGI.systour.vul
Reference: BID:470
Reference: URL:http://www.securityfocus.com/bid/470
Reference: BUGTRAQ:19961030 (Another) vulnerability in new SGIs
Reference: URL:http://marc.info/?l=bugtraq&m=87602167420095&w=2
Reference: SGI:19961101-01-I
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19961101-01-I
Reference: XF:irix-systour(7456)
Reference: URL:http://www.iss.net/security_center/static/7456.php
Name: CVE-1999-1385
Description:
Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable.
Status:EntryReference: BUGTRAQ:19961219 Exploit for ppp bug (FreeBSD 2.1.0).
Reference: URL:http://marc.info/?l=bugtraq&m=87602167420332&w=2
Reference: FREEBSD:FreeBSD-SA-96:20
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-96:20.stack-overflow.asc
Reference: OSVDB:6085
Reference: URL:http://www.osvdb.org/6085
Reference: XF:ppp-bo(7465)
Reference: URL:http://www.iss.net/security_center/static/7465.php
Name: CVE-1999-1386
Description:
Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.
Status:EntryReference: BUGTRAQ:19980308 another /tmp race: `perl -e' opens temp file not safely
Reference: URL:http://marc.info/?l=bugtraq&m=88932165406213&w=2
Reference: CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#perl
Reference: XF:perl-e-tmp-symlink(7243)
Reference: URL:http://www.iss.net/security_center/static/7243.php
Name: CVE-1999-1397
Description:
Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed.
Status:EntryReference: BID:476
Reference: URL:http://www.securityfocus.com/bid/476
Reference: BUGTRAQ:19990323 Index Server 2.0 and the Registry
Reference: URL:http://marc.info/?l=bugtraq&m=92242671024118&w=2
Reference: NTBUGTRAQ:19990323 Index Server 2.0 and the Registry
Reference: URL:http://marc.info/?l=ntbugtraq&m=92223293409756&w=2
Reference: XF:iis-indexserver-reveal-path(7559)
Reference: URL:http://www.iss.net/security_center/static/7559.php
Name: CVE-1999-1402
Description:
The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.
Status:EntryReference: BID:456
Reference: URL:http://www.securityfocus.com/bid/456
Reference: BUGTRAQ:19970517 UNIX domain socket (Solarisx86 2.5)
Reference: URL:http://marc.info/?l=bugtraq&m=87602167418317&w=2
Reference: BUGTRAQ:19971003 Solaris 2.6 and sockets
Reference: URL:http://marc.info/?l=bugtraq&m=87602248718482&w=2
Reference: XF:sun-domain-socket-permissions(7172)
Reference: URL:http://www.iss.net/security_center/static/7172.php
Name: CVE-1999-1407
Description:
ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file.
Status:EntryReference: BID:368
Reference: URL:http://www.securityfocus.com/bid/368
Reference: BUGTRAQ:19980309 *sigh* another RH5 /tmp problem
Reference: URL:http://marc.info/?l=bugtraq&m=88950856416985&w=2
Reference: CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts
Reference: XF:initscripts-ifdhcpdone-dhcplog-symlink(7294)
Reference: URL:http://www.iss.net/security_center/static/7294.php
Name: CVE-1999-1409
Description:
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.
Status:EntryReference: BID:331
Reference: URL:http://www.securityfocus.com/bid/331
Reference: BUGTRAQ:19980703 more about 'at'
Reference: URL:http://www.shmoo.com/mail/bugtraq/jul98/msg00064.html
Reference: BUGTRAQ:19980805 irix-6.2 "at -f" vulnerability
Reference: URL:http://marc.info/?l=bugtraq&m=90233906612929&w=2
Reference: NETBSD:NetBSD-SA1998-004
Reference: URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA1998-004.txt.asc
Reference: XF:at-f-read-files(7577)
Reference: URL:http://www.iss.net/security_center/static/7577.php
Name: CVE-1999-1411
Description:
The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp.
Status:EntryReference: BID:316
Reference: URL:http://www.securityfocus.com/bid/316
Reference: BUGTRAQ:19981128 Debian: Security flaw in FSP
Reference: URL:http://marc.info/?l=bugtraq&m=91228908407679&w=2
Reference: BUGTRAQ:19981130 Debian: Security flaw in FSP
Reference: URL:http://marc.info/?l=bugtraq&m=91244712808780&w=2
Reference: BUGTRAQ:19990217 Debian GNU/Linux 2.0r5 released (fwd)
Reference: URL:http://marc.info/?l=bugtraq&m=91936850009861&w=2
Reference: DEBIAN:19981126 new version of fsp fixes security flaw
Reference: URL:http://lists.debian.org/debian-security-announce/debian-security-announce-1998/msg00033.html
Reference: XF:fsp-anon-ftp-access(7574)
Reference: URL:http://www.iss.net/security_center/static/7574.php
Name: CVE-1999-1414
Description:
IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges.
Status:EntryReference: BID:284
Reference: URL:http://www.securityfocus.com/bid/284
Reference: NTBUGTRAQ:19990525 Security Leak with IBM Netfinity Remote Control Software
Reference: URL:http://marc.info/?l=ntbugtraq&m=92765856706547&w=2
Reference: NTBUGTRAQ:19990609 IBM's response to "Security Leak with IBM Netfinity Remote Control Software
Reference: URL:http://marc.info/?l=ntbugtraq&m=92902484317769&w=2
Name: CVE-1999-1419
Description:
Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges.
Status:EntryReference: BID:219
Reference: URL:http://www.securityfocus.com/bid/219
Reference: SUN:00148
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/148
Reference: XF:sun-nisplus-bo(7535)
Reference: URL:http://www.iss.net/security_center/static/7535.php
Name: CVE-1999-1423
Description:
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.
Status:EntryReference: BID:209
Reference: URL:http://www.securityfocus.com/bid/209
Reference: BUGTRAQ:19970626 Solaris Ping bug (DoS)
Reference: URL:http://marc.info/?l=bugtraq&m=87602558319160&w=2
Reference: BUGTRAQ:19970627 SUMMARY: Solaris Ping bug (DoS)
Reference: URL:http://marc.info/?l=bugtraq&m=87602558319171&w=2
Reference: BUGTRAQ:19970627 Solaris Ping bug(inetsvc)
Reference: URL:http://marc.info/?l=bugtraq&m=87602558319181&w=2
Reference: BUGTRAQ:19971005 Solaris Ping Bug and other [bc] oddities
Reference: URL:http://marc.info/?l=bugtraq&m=87602558319180&w=2
Reference: SUN:00146
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/146
Reference: XF:ping-multicast-loopback-dos(7492)
Reference: URL:http://www.iss.net/security_center/static/7492.php
Name: CVE-1999-1432
Description:
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges.
Status:EntryReference: BID:160
Reference: URL:http://www.securityfocus.com/bid/160
Reference: BUGTRAQ:19980716 Security risk with powermanagemnet on Solaris 2.6
Reference: URL:http://marc.info/?l=bugtraq&m=90221104525997&w=2
Reference: SUNBUG:4024179
Name: CVE-1999-1433
Description:
HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file.
Status:EntryReference: BID:157
Reference: URL:http://www.securityfocus.com/bid/157
Reference: BUGTRAQ:19980715 JetAdmin software
Reference: URL:http://marc.info/?l=bugtraq&m=90221104525988&w=2
Reference: BUGTRAQ:19980722 Re: JetAdmin software
Reference: URL:http://marc.info/?l=bugtraq&m=90221104526067&w=2
Name: CVE-1999-1437
Description:
ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml.
Status:EntryReference: BID:151
Reference: URL:http://www.securityfocus.com/bid/151
Reference: BUGTRAQ:19980707 ePerl: bad handling of ISINDEX queries
Reference: URL:http://marc.info/?l=bugtraq&m=90221104525890&w=2
Reference: BUGTRAQ:19980710 ePerl Security Update Available
Reference: URL:http://marc.info/?l=bugtraq&m=90221104525927&w=2
Name: CVE-1999-1452
Description:
GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt.
Status:EntryReference: BID:198
Reference: URL:http://www.securityfocus.com/bid/198
Reference: BUGTRAQ:19990129 ole objects in a "secured" environment?
Reference: URL:http://marc.info/?l=bugtraq&m=91788829326419&w=2
Reference: MSKB:Q214802
Reference: URL:http://support.microsoft.com/support/kb/articles/q214/8/02.asp
Reference: NTBUGTRAQ:19990129 ole objects in a "secured" environment?
Reference: URL:http://marc.info/?l=ntbugtraq&m=91764169410814&w=2
Reference: NTBUGTRAQ:19990205 Alert: MS releases GINA-fix for SP3, SP4, and TS
Reference: URL:http://marc.info/?l=ntbugtraq&m=91822011021558&w=2
Reference: XF:nt-gina-clipboard(1975)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1975
Name: CVE-1999-1455
Description:
RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host.
Status:EntryReference: MSKB:Q158320
Reference: URL:http://support.microsoft.com/support/kb/articles/q158/3/20.asp
Reference: XF:nt-rshsvc-ale-bypass(7422)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7422
Name: CVE-1999-1456
Description:
thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename.
Status:EntryReference: BUGTRAQ:19980819 thttpd 2.04 released (fwd)
Reference: URL:http://www.securityfocus.com/archive/1/10368
Reference: CONFIRM:http://www.acme.com/software/thttpd/thttpd.html#releasenotes
Reference: XF:thttpd-file-read(1809)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1809
Name: CVE-1999-1468
Description:
rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.
Status:EntryReference: BID:31
Reference: URL:http://www.securityfocus.com/bid/31
Reference: CERT:CA-91.20
Reference: URL:http://www.cert.org/advisories/CA-91.20.rdist.vulnerability
Reference: MISC:http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-01.html
Reference: OSVDB:8106
Reference: URL:http://www.osvdb.org/8106
Reference: XF:rdist-popen-gain-privileges(7160)
Reference: URL:http://www.iss.net/security_center/static/7160.php
Name: CVE-1999-1472
Description:
Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue.
Status:EntryReference: BUGTRAQ:19971017 Security Hole in Explorer 4.0
Reference: URL:http://marc.info/?l=bugtraq&m=87710897923098&w=2
Reference: CONFIRM:http://www.microsoft.com/Windows/ie/security/freiburg.asp
Reference: MISC:http://www.insecure.org/sploits/Internet_explorer_4.0.hack.html
Reference: MSKB:Q176697
Reference: URL:http://support.microsoft.com/support/kb/articles/q176/6/97.asp
Reference: MSKB:Q176794
Reference: URL:http://support.microsoft.com/support/kb/articles/q176/7/94.asp
Reference: OSVDB:7819
Reference: URL:http://www.osvdb.org/7819
Reference: XF:http-ie-spy(587)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/587
Name: CVE-1999-1473
Description:
When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue."
Status:EntryReference: MSKB:Q176697
Reference: URL:http://support.microsoft.com/support/kb/articles/q176/6/97.asp
Reference: OSVDB:7818
Reference: URL:http://www.osvdb.org/7818
Reference: XF:ie-page-redirect(7426)
Reference: URL:http://www.iss.net/security_center/static/7426.php
Name: CVE-1999-1476
Description:
A bug in Intel Pentium processor (MMX and Overdrive) allows local users to cause a denial of service (hang) in Intel-based operating systems such as Windows NT and Windows 95, via an invalid instruction, aka the "Invalid Operand with Locked CMPXCHG8B Instruction" problem.
Status:EntryReference: MSKB:Q163852
Reference: URL:http://support.microsoft.com/support/kb/articles/q163/8/52.asp
Reference: XF:pentium-crash(704)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/704
Name: CVE-1999-1478
Description:
The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character.
Status:EntryReference: BID:522
Reference: URL:http://www.securityfocus.com/bid/522
Reference: NTBUGTRAQ:19990706 Bug in SUN's Hotspot VM
Reference: URL:http://marc.info/?l=ntbugtraq&m=93138827429589&w=2
Reference: NTBUGTRAQ:19990716 FW: (Review ID: 85125) Hotspot crashes bringing down webserver
Reference: URL:http://marc.info/?l=ntbugtraq&m=93240220324183&w=2
Reference: XF:sun-hotspot-vm(2348)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2348
Name: CVE-1999-1481
Description:
Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair.
Status:EntryReference: BID:741
Reference: URL:http://www.securityfocus.com/bid/741
Reference: BUGTRAQ:19991025 [squid] exploit for external authentication problem
Reference: URL:http://www.securityfocus.com/archive/1/33295
Reference: BUGTRAQ:19991103 [squid]exploit for external authentication problem
Reference: URL:http://www.securityfocus.com/archive/1/33295
Reference: CONFIRM:http://www.squid-cache.org/Versions/v2/2.2/bugs/
Reference: XF:squid-proxy-auth-access(3433)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3433
Name: CVE-1999-1486
Description:
sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack.
Status:EntryReference: AIXAPAR:IX75554
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IX75554&apar=only
Reference: AIXAPAR:IX76330
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IX76330&apar=only
Reference: AIXAPAR:IX76853
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IX76853&apar=only
Reference: BID:408
Reference: URL:http://www.securityfocus.com/bid/408
Reference: CONFIRM:http://techsupport.services.ibm.com/aix/fixes/v4/os/bos.acct.4.3.1.0.info
Reference: XF:aix-sadc-timex(7675)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7675
Name: CVE-1999-1488
Description:
sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication.
Status:EntryReference: BID:371
Reference: URL:http://www.securityfocus.com/bid/371
Reference: CIAC:I-079A
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/i-079a.shtml
Reference: XF:ibm-sdr-read-files(7217)
Reference: URL:http://www.iss.net/security_center/static/7217.php
Name: CVE-1999-1490
Description:
xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable.
Status:EntryReference: BID:362
Reference: URL:http://www.securityfocus.com/bid/362
Reference: BUGTRAQ:19980528 ALERT: Tiresome security hole in "xosview", RedHat5.1?
Reference: URL:http://marc.info/?l=bugtraq&m=90221101926021&w=2
Reference: BUGTRAQ:19980529 Re: Tiresome security hole in "xosview" (xosexp.c)
Reference: URL:http://marc.info/?l=bugtraq&m=90221101926034&w=2
Reference: XF:linux-xosview-bo(8787)
Reference: URL:http://www.iss.net/security_center/static/8787.php
Name: CVE-1999-1494
Description:
colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.
Status:EntryReference: BID:336
Reference: URL:http://www.securityfocus.com/bid/336
Reference: BUGTRAQ:19940809 Re: IRIX 5.2 Security Advisory
Reference: URL:http://www.securityfocus.com/archive/1/675
Reference: BUGTRAQ:19950307 sigh. another Irix 5.2 hole.
Reference: URL:http://www.tryc.on.ca/archives/bugtraq/1995_1/0614.html
Reference: SGI:19950209-00-P
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/19950209-01-P
Reference: XF:sgi-colorview(2112)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2112
Name: CVE-1999-1507
Description:
Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash.
Status:EntryReference: BID:59
Reference: URL:http://www.securityfocus.com/bid/59
Reference: CERT:CA-1993-03
Reference: URL:http://www.cert.org/advisories/CA-1993-03.html
Reference: XF:sun-dir(521)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/521
Name: CVE-1999-1512
Description:
The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attackers to execute arbitrary commands as root via an infected mail message with shell metacharacters in the reply-to field.
Status:EntryReference: BID:527
Reference: URL:http://www.securityfocus.com/bid/527
Reference: BUGTRAQ:19990716 AMaViS virus scanner for Linux - root exploit
Reference: URL:http://marc.info/?l=bugtraq&m=93219846414732&w=2
Reference: CONFIRM:http://www.amavis.org/ChangeLog.txt
Reference: XF:amavis-command-execute(2349)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2349
Name: CVE-1999-1520
Description:
A configuration problem in the Ad Server Sample directory (AdSamples) in Microsoft Site Server 3.0 allows an attacker to obtain the SITE.CSC file, which exposes sensitive SQL database information.
Status:EntryReference: BID:256
Reference: URL:http://www.securityfocus.com/bid/256
Reference: BUGTRAQ:19990511 [ALERT] Site Server 3.0 May Expose SQL IDs and PSWs
Reference: URL:http://marc.info/?l=bugtraq&m=92647407227303&w=2
Reference: XF:siteserver-site-csc(2270)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2270
Name: CVE-1999-1530
Description:
cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system.
Status:EntryReference: BID:777
Reference: URL:http://www.securityfocus.com/bid/777
Reference: BUGTRAQ:19991108 Security flaw in Cobalt RaQ2 cgiwrap
Reference: URL:http://marc.info/?l=bugtraq&m=94209954200450&w=2
Reference: BUGTRAQ:19991109 [Cobalt] Security Advisory - cgiwrap
Reference: URL:http://marc.info/?l=bugtraq&m=94225629200045&w=2
Reference: OSVDB:35
Reference: URL:http://www.osvdb.org/35
Reference: XF:cobalt-cgiwrap-incorrect-permissions(7764)
Reference: URL:http://www.iss.net/security_center/static/7764.php
Name: CVE-1999-1531
Description:
Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.
Status:EntryReference: BID:763
Reference: URL:http://www.securityfocus.com/bid/763
Reference: BUGTRAQ:19991102 Some holes for Win/UNIX softwares
Reference: URL:http://marc.info/?l=bugtraq&m=94157187815629&w=2
Reference: XF:ibm-homepageprint-bo(7767)
Reference: URL:http://www.iss.net/security_center/static/7767.php
Name: CVE-1999-1535
Description:
Buffer overflow in AspUpload.dll in Persits Software AspUpload before 1.4.0.2 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument in the HTTP request.
Status:EntryReference: BID:592
Reference: URL:http://www.securityfocus.com/bid/592
Reference: NTBUGTRAQ:19990720 Buffer overflow in AspUpload 1.4
Reference: URL:http://marc.info/?l=ntbugtraq&m=93256878011447&w=2
Reference: NTBUGTRAQ:19990818 AspUpload Buffer Overflow Fixed
Reference: URL:http://marc.info/?l=ntbugtraq&m=93501427820328&w=2
Reference: XF:http-aspupload-bo(3291)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3291
Name: CVE-1999-1537
Description:
IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the files over SSL.
Status:EntryReference: BID:521
Reference: URL:http://www.securityfocus.com/bid/521
Reference: NTBUGTRAQ:19990707 SSL and IIS.
Reference: URL:http://marc.info/?l=ntbugtraq&m=93138827329577&w=2
Reference: XF:ssl-iis-dos(2352)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2352
Name: CVE-1999-1542
Description:
RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.
Status:EntryReference: BUGTRAQ:19991004 RH6.0 local/remote command execution
Reference: URL:http://marc.info/?l=bugtraq&m=93915641729415&w=2
Reference: BUGTRAQ:19991006 Fwd: [Re: RH6.0 local/remote command execution]
Reference: URL:http://marc.info/?l=bugtraq&m=93923853105687&w=2
Reference: XF:linux-rh-rpmmail(3353)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3353
Name: CVE-1999-1550
Description:
bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter.
Status:EntryReference: BID:778
Reference: URL:http://www.securityfocus.com/bid/778
Reference: BUGTRAQ:19991108 BigIP - bigconf.cgi holes
Reference: URL:http://marc.info/?l=bugtraq&m=94217006208374&w=2
Reference: BUGTRAQ:19991109
Reference: URL:http://marc.info/?l=bugtraq&m=94225879703021&w=2
Reference: BUGTRAQ:19991109 Re: BigIP - bigconf.cgi holes
Reference: URL:http://marc.info/?l=bugtraq&m=94217879020184&w=2
Reference: XF:bigip-bigconf-view-files(7771)
Reference: URL:http://www.iss.net/security_center/static/7771.php
Name: CVE-1999-1556
Description:
Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value.
Status:EntryReference: BID:109
Reference: URL:http://www.securityfocus.com/bid/109
Reference: NTBUGTRAQ:19980629 MS SQL Server 6.5 stores password in unprotected registry keys
Reference: URL:http://marc.info/?l=ntbugtraq&m=90222453431645&w=2
Reference: XF:mssql-sqlexecutivecmdexec-password(7354)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7354
Name: CVE-1999-1565
Description:
Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Status:EntryReference: BUGTRAQ:19990820 [SECURITY] New versions of man2html fixes postinst glitch
Reference: URL:http://www.securityfocus.com/archive/1/24784
Reference: OSVDB:6291
Reference: URL:http://www.osvdb.org/6291
Name: CVE-1999-1568
Description:
Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command.
Status:EntryReference: BUGTRAQ:19990223 Comments on NcFTPd "theoretical root compromise"
Reference: URL:http://www.securityfocus.com/archive/1/12699
Reference: BUGTRAQ:19990223 NcFTPd remote buffer overflow
Reference: URL:http://marc.info/?l=bugtraq&m=91981352617720&w=2
Reference: XF:ncftpd-port-bo(1833)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/1833
Name: CVE-2000-0001
Description:
RealMedia server allows remote attackers to cause a denial of service via a long ramgen request.
Status:EntryReference: BID:888
Reference: URL:http://www.securityfocus.com/bid/888
Reference: BUGTRAQ:19991222 RealMedia Server 5.0 Crasher (rmscrash.c)
Reference: XF:realserver-ramgen-dos
Name: CVE-2000-0002
Description:
Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execute commands via a long GET request.
Status:EntryReference: BID:889
Reference: URL:http://www.securityfocus.com/bid/889
Reference: BUGTRAQ:19991223 Local / Remote GET Buffer Overflow Vulnerability in ZBServer 1.5 Pro Edition for Win98/NT
Reference: URL:http://marc.info/?l=bugtraq&m=94598388530358&w=2
Reference: BUGTRAQ:20000128 ZBServer 1.50-r1x exploit (WinNT)
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=36B0596E.8D111D66@teleline.es
Reference: NTBUGTRAQ:19991223 Local / Remote GET Buffer Overflow Vulnerability in ZBServer 1.5 Pro Edition for Win98/NT
Reference: URL:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9912&L=NTBUGTRAQ&P=R3556
Reference: VULNWATCH:20020114 ZBServer Pro DoS Vulnerability
Reference: XF:zbserver-get-bo
Name: CVE-2000-0003
Description:
Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.
Status:EntryReference: BUGTRAQ:19991230 UnixWare rtpm exploit + discussion
Reference: BUGTRAQ:20000127 New SCO patches...
Reference: URL:http://marc.info/?l=bugtraq&m=94908470928258&w=2
Name: CVE-2000-0004
Description:
ZBServer Pro allows remote attackers to read source code for executable files by inserting a . (dot) into the URL.
Status:EntryReference: BUGTRAQ:19991223 Re: Local / Remote GET Buffer Overflow Vulnerability in ZBServer 1.5 Pro Edition for Win98/NT
Reference: URL:http://marc.info/?l=bugtraq&m=94606572912422&w=2
Reference: NTBUGTRAQ:19991223 Local / Remote GET Buffer Overflow Vulnerability in ZBServer 1.5 Pro Edition for Win98/NT
Reference: URL:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9912&L=NTBUGTRAQ&P=R3556
Reference: XF:zbserver-url-dot
Name: CVE-2000-0006
Description:
strace allows local users to read arbitrary files via memory mapped file names.
Status:EntryReference: BUGTRAQ:19991225 strace can lie
Reference: URL:http://online.securityfocus.com/archive/1/39831
Reference: XF:linux-strace(4554)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4554
Name: CVE-2000-0007
Description:
Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service.
Status:EntryReference: BID:1740
Reference: URL:http://www.securityfocus.com/bid/1740
Reference: BUGTRAQ:19991230 PC-Cillin 6.x DoS Attack
Reference: XF:pccillin-proxy-remote-dos(4491)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4491
Name: CVE-2000-0009
Description:
The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands.
Status:EntryReference: BID:907
Reference: URL:http://www.securityfocus.com/bid/907
Reference: BUGTRAQ:19991230 bna,sh
Reference: XF:netarchitect-path-vulnerability
Name: CVE-2000-0010
Description:
WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter.
Status:EntryReference: BUGTRAQ:19991226 WebWho+ ADVISORY
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0010
Reference: XF:http-cgi-webwhoplus
Name: CVE-2000-0011
Description:
Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request.
Status:EntryReference: BID:906
Reference: URL:http://www.securityfocus.com/bid/906
Reference: BUGTRAQ:19991231 Local / Remote GET Buffer Overflow Vulnerability in AnalogX SimpleServer:WWW HTTP Server v1.1
Reference: MISC:http://www.analogx.com/contents/download/network/sswww.htm
Reference: OSVDB:1184
Reference: URL:http://www.osvdb.org/1184
Reference: XF:simpleserver-get-bo
Name: CVE-2000-0012
Description:
Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands.
Status:EntryReference: BID:898
Reference: URL:http://www.securityfocus.com/bid/898
Reference: BUGTRAQ:19991227 remote buffer overflow in miniSQL
Reference: XF:w3-msql-scanf-bo
Name: CVE-2000-0013
Description:
IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program.
Status:EntryReference: BID:909
Reference: URL:http://www.securityfocus.com/bid/909
Reference: BUGTRAQ:19991231 irix-soundplayer.sh
Reference: XF:irix-soundplayer-symlink
Name: CVE-2000-0014
Description:
Denial of service in Savant web server via a null character in the requested URL.
Status:EntryReference: BID:897
Reference: URL:http://www.securityfocus.com/bid/897
Reference: BUGTRAQ:19991228 Local / Remote D.o.S Attack in Savant Web Server V2.0 WIN9X / NT / 2K
Reference: XF:savant-server-null-dos
Name: CVE-2000-0015
Description:
CascadeView TFTP server allows local users to gain privileges via a symlink attack.
Status:EntryReference: BID:910
Reference: URL:http://www.securityfocus.com/bid/910
Reference: BUGTRAQ:19991231 tftpserv.sh
Reference: XF:cascadeview-tftp-symlink
Name: CVE-2000-0018
Description:
wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file.
Status:EntryReference: BID:885
Reference: URL:http://www.securityfocus.com/bid/885
Reference: BUGTRAQ:19991221 Wmmon under FreeBSD
Reference: OSVDB:1169
Reference: URL:http://www.osvdb.org/1169
Reference: XF:freebsd-wmmon-root-exploit
Name: CVE-2000-0020
Description:
DNS PRO allows remote attackers to conduct a denial of service via a large number of connections.
Status:EntryReference: BUGTRAQ:19991221 Remote D.o.S Attack in DNS PRO v5.7 WinNT From FBLI Software Vulnerability
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0020
Reference: NTBUGTRAQ:19991221 Remote D.o.S Attack in DNS PRO v5.7 WinNT From FBLI Software Vulnerability
Reference: XF:dnspro-flood-dos
Name: CVE-2000-0022
Description:
Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.
Status:EntryReference: BID:881
Reference: URL:http://www.securityfocus.com/bid/881
Reference: BUGTRAQ:19991221 serious Lotus Domino HTTP denial of service
Reference: BUGTRAQ:19991227 Re: Lotus Domino HTTP denial of service attack
Name: CVE-2000-0023
Description:
Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
Status:EntryReference: BID:881
Reference: URL:http://www.securityfocus.com/bid/881
Reference: BUGTRAQ:19991221 serious Lotus Domino HTTP denial of service
Reference: BUGTRAQ:19991222 Lotus Notes HTTP cgi-bin vulnerability: possible workaround
Reference: BUGTRAQ:19991227 Re: Lotus Domino HTTP denial of service attack
Reference: OSVDB:51
Reference: URL:http://www.osvdb.org/51
Name: CVE-2000-0024
Description:
IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability.
Status:EntryReference: BUGTRAQ:19991228 Third Party Software Affected by IIS "Escape Character Parsing" Vulnerability
Reference: BUGTRAQ:19991229 More info on MS99-061 (IIS escape character vulnerability)
Reference: MISC:http://www.acrossecurity.com/aspr/ASPR-1999-11-10-1-PUB.txt
Reference: MS:MS99-061
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-061
Reference: MSKB:Q246401
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q246401
Reference: XF:iis-badescapes
Name: CVE-2000-0025
Description:
IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.
Status:EntryReference: MS:MS99-058
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-058
Reference: MSKB:Q238606
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q238606
Reference: OSVDB:8098
Reference: URL:http://www.osvdb.org/8098
Name: CVE-2000-0026
Description:
Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.
Status:EntryReference: BID:876
Reference: URL:http://www.securityfocus.com/bid/876
Reference: BUGTRAQ:19991222 UnixWare i2odialogd remote root exploit
Reference: BUGTRAQ:19991223 FYI, SCO Security patches available.
Reference: URL:http://marc.info/?l=bugtraq&m=94606167110764&w=2
Reference: OSVDB:6310
Reference: URL:http://www.osvdb.org/6310
Name: CVE-2000-0027
Description:
IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack.
Status:EntryReference: BID:900
Reference: URL:http://www.securityfocus.com/bid/900
Reference: BUGTRAQ:19991227 IBM NetStation/UnixWare local root exploit
Reference: URL:http://www.securityfocus.com/archive/1/39962
Reference: XF:ibm-netstat-race-condition(5381)
Reference: URL:http://www.iss.net/security_center/static/5381.php
Name: CVE-2000-0029
Description:
UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack.
Status:EntryReference: BID:901
Reference: URL:http://www.securityfocus.com/bid/901
Reference: BUGTRAQ:19991227 UnixWare local pis exploit
Reference: BUGTRAQ:20000113 Info on some security holes reported against SCO Unixware.
Reference: URL:http://marc.info/?l=bugtraq&m=94780294009285&w=2
Name: CVE-2000-0030
Description:
Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.
Status:EntryReference: BID:878
Reference: URL:http://www.securityfocus.com/bid/878
Reference: BUGTRAQ:19991222 Solaris 2.7 dmispd local/remote problems
Reference: XF:sol-dmispd-fill-disk
Name: CVE-2000-0031
Description:
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
Status:EntryReference: L0PHT:19991227 initscripts-4.48-1 RedHat Linux 6.1
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0031
Reference: REDHAT:RHSA-1999:052-04
Name: CVE-2000-0032
Description:
Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.
Status:EntryReference: BID:878
Reference: URL:http://www.securityfocus.com/bid/878
Reference: BUGTRAQ:19991222 Solaris 2.7 dmispd local/remote problems
Reference: OSVDB:7582
Reference: URL:http://www.osvdb.org/7582
Reference: XF:sol-dmispd-dos
Name: CVE-2000-0033
Description:
InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments.
Status:EntryReference: BID:899
Reference: URL:http://www.securityfocus.com/bid/899
Reference: BUGTRAQ:19991227 Trend Micro InterScan VirusWall SMTP bug
Reference: XF:interscan-viruswall-bypass
Name: CVE-2000-0034
Description:
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."
Status:EntryReference: BUGTRAQ:19991222 More Netscape Passwords Available.
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034
Reference: XF:netscape-password-preferences
Name: CVE-2000-0036
Description:
Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability.
Status:EntryReference: MS:MS99-060
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-060
Reference: MSKB:Q249082
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q249082
Name: CVE-2000-0037
Description:
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
Status:EntryReference: BID:903
Reference: URL:http://www.securityfocus.com/bid/903
Reference: BUGTRAQ:19991228 majordomo local exploit
Reference: BUGTRAQ:20000113 Info on some security holes reported against SCO Unixware.
Reference: URL:http://marc.info/?l=bugtraq&m=94780294009285&w=2
Reference: BUGTRAQ:20000124 majordomo 1.94.5 does not fix all vulnerabilities
Reference: REDHAT:RHSA-2000:005
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-005.html
Name: CVE-2000-0039
Description:
AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program.
Status:EntryReference: BID:896
Reference: URL:http://www.securityfocus.com/bid/896
Reference: BUGTRAQ:19991229 AltaVista
Reference: BUGTRAQ:19991229 AltaVista followup and monitor script
Reference: BUGTRAQ:19991230 Follow UP AltaVista
Reference: BUGTRAQ:20000103 FW: Patch issued for AltaVista Search Engine Directory TraversalVulnerability
Reference: BUGTRAQ:20000109 Altavista followup
Reference: OSVDB:15
Reference: URL:http://www.osvdb.org/15
Name: CVE-2000-0040
Description:
glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.
Status:EntryReference: BUGTRAQ:19991223 Multiple vulnerabilites in glFtpD (current versions)
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0040
Name: CVE-2000-0041
Description:
Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack.
Status:EntryReference: BID:890
Reference: URL:http://www.securityfocus.com/bid/890
Reference: BUGTRAQ:19991229 The "Mac DoS Attack," a Scheme for Blocking Internet Connections
Name: CVE-2000-0042
Description:
Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command.
Status:EntryReference: BID:895
Reference: URL:http://www.securityfocus.com/bid/895
Reference: BUGTRAQ:19991229 Local / Remote D.o.S Attack in CSM Mail Server for Windows 95/NT v.2000.08.A
Reference: XF:csm-server-bo
Name: CVE-2000-0043
Description:
Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request.
Status:EntryReference: BID:905
Reference: URL:http://www.securityfocus.com/bid/905
Reference: BUGTRAQ:19991230 Local / Remote GET Buffer Overflow Vulnerability in CamShot WebCam HTTP Server v2.5 for Win9x/NT
Reference: XF:camshot-http-get-overflow
Name: CVE-2000-0044
Description:
Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands.
Status:EntryReference: BID:919
Reference: URL:http://www.securityfocus.com/bid/919
Reference: BUGTRAQ:20000105 SECURITY ALERT - WAR FTP DAEMON ALL VERSIONS
Reference: XF:warftp-macro-access-files
Name: CVE-2000-0045
Description:
MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
Status:EntryReference: BID:926
Reference: URL:http://www.securityfocus.com/bid/926
Reference: BUGTRAQ:20000111 Serious bug in MySQL password handling.
Reference: BUGTRAQ:20000113 New MySQL Available
Reference: XF:mysql-pwd-grant
Name: CVE-2000-0048
Description:
get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program.
Status:EntryReference: BID:928
Reference: URL:http://www.securityfocus.com/bid/928
Reference: BUGTRAQ:20000112 Serious Bug in Corel Linux.(Local root exploit)
Reference: CONFIRM:http://linux.corel.com/support/clos_patch1.htm
Reference: XF:linux-corel-update
Name: CVE-2000-0050
Description:
The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs.
Status:EntryReference: ALLAIRE:ASB00-01
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=13976&Method=Full
Reference: BID:915
Reference: URL:http://www.securityfocus.com/bid/915
Reference: XF:allaire-webtop-access
Name: CVE-2000-0051
Description:
The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL.
Status:EntryReference: ALLAIRE:ASB00-02
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=13977&Method=Full
Reference: BID:916
Reference: URL:http://www.securityfocus.com/bid/916
Reference: XF:allaire-spectra-config-dos
Name: CVE-2000-0052
Description:
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
Status:EntryReference: BID:913
Reference: URL:http://www.securityfocus.com/bid/913
Reference: L0PHT:20000104 PamSlam
Reference: URL:http://www.l0pht.com/advisories/pam_advisory
Reference: REDHAT:RHSA-2000:001
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-001.html
Reference: XF:linux-pam-userhelper
Reference: URL:http://xforce.iss.net/search.php3?type=2&pattern=linux-pam-userhelper
Name: CVE-2000-0053
Description:
Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request.
Status:EntryReference: BID:912
Reference: URL:http://www.securityfocus.com/bid/912
Reference: MS:MS00-001
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-001
Reference: MSKB:Q246731
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q246731
Reference: XF:mcis-malformed-imap
Name: CVE-2000-0056
Description:
IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi.
Status:EntryReference: BID:914
Reference: URL:http://www.securityfocus.com/bid/914
Reference: BUGTRAQ:20000105 Local / Remote D.o.S Attack in IMail IMONITOR Server for WinNT Version 5.08
Reference: XF:imail-imonitor-status-dos
Name: CVE-2000-0057
Description:
Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information.
Status:EntryReference: ALLAIRE:ASB00-03
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=13978&Method=Full
Reference: BID:917
Reference: URL:http://www.securityfocus.com/bid/917
Reference: XF:coldfusion-cfcache
Name: CVE-2000-0060
Description:
Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers to cause a denial of service via a long user name.
Status:EntryReference: BID:894
Reference: URL:http://www.securityfocus.com/bid/894
Reference: BUGTRAQ:19991227 Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt
Reference: URL:http://marc.info/?l=bugtraq&m=94633851427858&w=2
Reference: NTBUGTRAQ:19991227 Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt
Reference: URL:http://marc.info/?l=ntbugtraq&m=94647711311057&w=2
Reference: XF:avirt-rover-pop3-dos(3765)
Reference: URL:http://www.iss.net/security_center/static/3765.php
Name: CVE-2000-0062
Description:
The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to conduct unauthorized activities.
Status:EntryReference: BID:922
Reference: URL:http://www.securityfocus.com/bid/922
Reference: BUGTRAQ:20000104 [petrilli@digicool.com: [Zope] SECURITY ALERT]
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000104222219.B41650@schvin.net
Reference: XF:zope-dtml
Name: CVE-2000-0063
Description:
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script.
Status:EntryReference: BID:938
Reference: URL:http://www.securityfocus.com/bid/938
Reference: BUGTRAQ:20000118 Nortel Contivity Vulnerability
Reference: XF:http-cgi-cgiproc-file-read
Name: CVE-2000-0064
Description:
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters.
Status:EntryReference: BID:938
Reference: URL:http://www.securityfocus.com/bid/938
Reference: BUGTRAQ:20000118 Nortel Contivity Vulnerability
Reference: OSVDB:7583
Reference: URL:http://www.osvdb.org/7583
Reference: XF:http-cgi-cgiproc-dos
Name: CVE-2000-0065
Description:
Buffer overflow in InetServ 3.0 allows remote attackers to execute commands via a long GET request.
Status:EntryReference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0065
Reference: NTBUGTRAQ:20000117 Remote Buffer Exploit - InetServ 3.0
Reference: XF:inetserv-get-bo
Name: CVE-2000-0070
Description:
NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request."
Status:EntryReference: BID:934
Reference: URL:http://www.securityfocus.com/bid/934
Reference: BINDVIEW:20000113 Local Promotion Vulnerability in Windows NT 4
Reference: URL:http://www.bindview.com/security/advisory/adv_NtImpersonate.html
Reference: MS:MS00-003
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-003
Reference: MSKB:Q247869
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q247869
Reference: XF:nt-spoofed-lpc-port
Reference: URL:http://xforce.iss.net/search.php3?type=2&pattern=nt-spoofed-lpc-port
Name: CVE-2000-0072
Description:
Visual Casel (Vcasel) does not properly prevent users from executing files, which allows local users to use a relative pathname to specify an alternate file which has an approved name and possibly gain privileges.
Status:EntryReference: BID:937
Reference: URL:http://www.securityfocus.com/bid/937
Reference: BUGTRAQ:20000118 Warning: VCasel security hole.
Reference: URL:http://marc.info/?l=bugtraq&m=94823061421676&w=2
Reference: XF:vcasel-filename-trusting(3867)
Reference: URL:http://www.iss.net/security_center/static/3867.php
Name: CVE-2000-0073
Description:
Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word.
Status:EntryReference: MS:MS00-005
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-005
Reference: MSKB:Q249973
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q249973
Reference: XF:win-malformed-rtf-control-word
Reference: URL:http://xforce.iss.net/search.php3?type=2&pattern=win-malformed-rtf-control-word
Name: CVE-2000-0075
Description:
Super Mail Transfer Package (SMTP), later called MsgCore, has a memory leak which allows remote attackers to cause a denial of service by repeating multiple HELO, MAIL FROM, RCPT TO, and DATA commands in the same session.
Status:EntryReference: BID:930
Reference: URL:http://www.securityfocus.com/bid/930
Reference: BUGTRAQ:20000113 Local / Remote D.o.S Attack in Super Mail Transfer Package (SMTP) Server for WinNT Version 1.9x
Reference: NTBUGTRAQ:20000113 Local / Remote D.o.S Attack in Super Mail Transfer Package (SMTP) Server for WinNT Version 1.9x
Reference: XF:supermail-memleak-dos
Name: CVE-2000-0076
Description:
nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover.
Status:EntryReference: BID:1439
Reference: URL:http://www.securityfocus.com/bid/1439
Reference: BUGTRAQ:19991230 vibackup.sh
Reference: URL:http://marc.info/?l=bugtraq&m=94709988232618&w=2
Reference: DEBIAN:20000108
Reference: XF:nvi-delete-files
Name: CVE-2000-0080
Description:
AIX techlibss allows local users to overwrite files via a symlink attack.
Status:EntryReference: BID:931
Reference: URL:http://www.securityfocus.com/bid/931
Reference: BUGTRAQ:20000110 2nd attempt: AIX techlibss follows links
Reference: URL:http://marc.info/?l=bugtraq&m=94757136413681&w=2
Reference: XF:aix-techlibss-symbolic-link
Name: CVE-2000-0083
Description:
HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges.
Status:EntryReference: HP:HPSBUX0001-109
Reference: URL:http://www.securityfocus.com/templates/advisory.html?id=2031
Reference: XF:hp-audio-security-perms
Name: CVE-2000-0087
Description:
Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.
Status:EntryReference: BUGTRAQ:20000113 Misleading sense of security in Netscape
Reference: URL:http://marc.info/?l=bugtraq&m=94790377622943&w=2
Reference: XF:netscape-mail-notify-plaintext(4385)
Reference: URL:http://www.iss.net/security_center/static/4385.php
Name: CVE-2000-0088
Description:
Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability.
Status:EntryReference: BID:946
Reference: URL:http://www.securityfocus.com/bid/946
Reference: MS:MS00-002
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-002
Reference: XF:office-malformed-convert
Name: CVE-2000-0089
Description:
The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability.
Status:EntryReference: BID:947
Reference: URL:http://www.securityfocus.com/bid/947
Reference: BUGTRAQ:20000122 RDISK registry enumeration file vulnerability in Windows NT 4.0 Terminal Server Edition
Reference: MS:MS00-004
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-004
Reference: MSKB:Q249108
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q249108
Reference: NTBUGTRAQ:20000121 RDISK registry enumeration file vulnerability in Windows NT 4.0 Terminal Server Edition
Reference: XF:nt-rdisk-enum-file
Name: CVE-2000-0090
Description:
VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack.
Status:EntryReference: BID:943
Reference: URL:http://www.securityfocus.com/bid/943
Reference: BUGTRAQ:20000124 VMware 1.1.2 Symlink Vulnerability
Reference: OSVDB:1205
Reference: URL:http://www.osvdb.org/1205
Reference: XF:linux-vmware-symlink
Name: CVE-2000-0091
Description:
Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password.
Status:EntryReference: BID:942
Reference: URL:http://www.securityfocus.com/bid/942
Reference: BUGTRAQ:20000122 remote root qmail-pop with vpopmail advisory and exploit with patch
Reference: BUGTRAQ:20000123 Re: vpopmail/vchkpw remote root exploit
Reference: MISC:http://www.inter7.com/vpopmail/
Reference: MISC:http://www.inter7.com/vpopmail/ChangeLog
Name: CVE-2000-0092
Description:
The BSD make program allows local users to modify files via a symlink attack when the -j option is being used.
Status:EntryReference: BID:939
Reference: URL:http://www.securityfocus.com/bid/939
Reference: FREEBSD:FreeBSD-SA-00:01
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:01.make.asc
Reference: XF:gnu-makefile-tmp-root
Name: CVE-2000-0094
Description:
procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr.
Status:EntryReference: BID:940
Reference: URL:http://www.securityfocus.com/bid/940
Reference: BUGTRAQ:20000121 *BSD procfs vulnerability
Reference: FREEBSD:FreeBSD-SA-00:02
Reference: NETBSD:NetBSD-SA2000-001
Reference: URL:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-001.txt.asc
Reference: OPENBSD:20000120 [2.6] 018: SECURITY FIX: Jan 20, 2000
Reference: OSVDB:20760
Reference: URL:http://www.osvdb.org/20760
Reference: XF:netbsd-procfs(3995)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3995
Name: CVE-2000-0095
Description:
The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier.
Status:EntryReference: BID:944
Reference: URL:http://www.securityfocus.com/bid/944
Reference: HP:HPSBUX0001-110
Reference: URL:http://www.securityfocus.com/templates/advisory.html?id=2041
Name: CVE-2000-0097
Description:
The WebHits ISAPI filter in Microsoft Index Server allows remote attackers to read arbitrary files, aka the "Malformed Hit-Highlighting Argument" vulnerability.
Status:EntryReference: BID:950
Reference: URL:http://www.securityfocus.com/bid/950
Reference: MS:MS00-006
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-006
Reference: NTBUGTRAQ:20000127 Alert: MS IIS 4 / IS 2 (Cerberus Security Advisory CISADV000126)
Reference: OSVDB:1210
Reference: URL:http://www.osvdb.org/1210
Reference: XF:http-indexserver-dirtrans
Name: CVE-2000-0098
Description:
Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist.
Status:EntryReference: MS:MS00-006
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-006
Name: CVE-2000-0099
Description:
Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument.
Status:EntryReference: BUGTRAQ:20000119 Unixware ppptalk
Reference: URL:http://marc.info/?l=bugtraq&m=94848865112897&w=2
Name: CVE-2000-0100
Description:
The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program.
Status:EntryReference: MS:MS00-012
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-012
Reference: NTBUGTRAQ:20000115 Security Vulnerability with SMS 2.0 Remote Control
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/current/0045.html
Name: CVE-2000-0107
Description:
Linux apcd program allows local attackers to modify arbitrary files via a symlink attack.
Status:EntryReference: BID:958
Reference: URL:http://www.securityfocus.com/bid/958
Reference: DEBIAN:20000201
Reference: URL:http://www.debian.org/security/2000/20000201
Name: CVE-2000-0111
Description:
The RightFax web client uses predictable session numbers, which allows remote attackers to hijack user sessions.
Status:EntryReference: BID:953
Reference: URL:http://www.securityfocus.com/bid/953
Reference: BUGTRAQ:20000129 [LoWNOISE] Rightfax web client 5.2
Reference: XF:avt-rightfax-predict-session
Name: CVE-2000-0112
Description:
The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation.
Status:EntryReference: BID:960
Reference: URL:http://www.securityfocus.com/bid/960
Reference: BUGTRAQ:20000202 vulnerability in Linux Debian default boot configuration
Reference: URL:http://marc.info/?l=bugtraq&m=94973075614088&w=2
Reference: XF:debian-mbr-bypass-security
Name: CVE-2000-0113
Description:
The SyGate Remote Management program does not properly restrict access to its administration service, which allows remote attackers to cause a denial of service, or access network traffic statistics.
Status:EntryReference: BID:952
Reference: URL:http://www.securityfocus.com/bid/952
Reference: BUGTRAQ:20000128 SyGate 3.11 Port 7323 / Remote Admin hole
Reference: URL:http://marc.info/?l=bugtraq&m=94934808714972&w=2
Reference: BUGTRAQ:20000202 SV: SyGate 3.11 Port 7323 / Remote Admin hole
Reference: URL:http://marc.info/?l=bugtraq&m=94952641025328&w=2
Reference: BUGTRAQ:20000203 UPDATE: Sygate 3.11 Port 7323 Telnet Hole
Reference: URL:http://marc.info/?l=bugtraq&m=94973281714994&w=2
Reference: CONFIRM:http://www.sybergen.com/support/fix.htm
Name: CVE-2000-0116
Description:
Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag.
Status:EntryReference: BID:954
Reference: URL:http://www.securityfocus.com/bid/954
Reference: BUGTRAQ:20000129 "Strip Script Tags" in FW-1 can be circumvented
Reference: NTBUGTRAQ:20000129 "Strip Script Tags" in FW-1 can be circumvented
Reference: OSVDB:1212
Reference: URL:http://www.osvdb.org/1212
Reference: XF:http-script-bypass
Name: CVE-2000-0117
Description:
The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin (root).
Status:EntryReference: BID:951
Reference: URL:http://www.securityfocus.com/bid/951
Reference: BUGTRAQ:20000127 Cobalt RaQ2 - a user of mine changed my admin password..
Reference: BUGTRAQ:20000131 [ Cobalt ] Security Advisory -- 01.31.2000
Reference: XF:http-cgi-cobalt-passwords
Name: CVE-2000-0120
Description:
The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 allows users to bypass authentication via the bAuthenticated parameter.
Status:EntryReference: ALLAIRE:ASB00-04
Reference: BID:955
Reference: URL:http://www.securityfocus.com/bid/955
Reference: XF:allaire-spectra-ras-access(4025)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4025
Name: CVE-2000-0121
Description:
The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the "Recycle Bin Creation" vulnerability.
Status:EntryReference: BID:963
Reference: URL:http://www.securityfocus.com/bid/963
Reference: MS:MS00-007
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-007
Reference: MSKB:Q248399
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q248399
Reference: NTBUGTRAQ:20000201 "Recycle Bin Creation" Vulnerability in Windows NT / Windows 2000
Name: CVE-2000-0127
Description:
The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll.
Status:EntryReference: BID:969
Reference: URL:http://www.securityfocus.com/bid/969
Reference: BUGTRAQ:20000203 Webspeed security issue
Reference: CONFIRM:http://www.progress.com/services/support/cgi-bin/techweb-kbase.cgi/webkb.html?kbid=19412&keywords=security%20Webspeed
Reference: XF:webspeed-adminutil-auth
Name: CVE-2000-0128
Description:
The Finger Server 0.82 allows remote attackers to execute commands via shell metacharacters.
Status:EntryReference: BUGTRAQ:20000204 "The Finger Server"
Reference: CONFIRM:http://www.glazed.org/finger/changelog.txt
Reference: OSVDB:7610
Reference: URL:http://www.osvdb.org/7610
Reference: XF:finger-server-input
Name: CVE-2000-0130
Description:
Buffer overflow in SCO scohelp program allows remote attackers to execute commands.
Status:EntryReference: BUGTRAQ:20000127 New SCO patches...
Reference: URL:http://marc.info/?l=bugtraq&m=94908470928258&w=2
Reference: SCO:SB-00.02a
Reference: URL:ftp://ftp.sco.com/SSE/security_bulletins/SB-00.02a
Reference: XF:sco-help-bo
Name: CVE-2000-0131
Description:
Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands.
Status:EntryReference: BID:966
Reference: URL:http://www.securityfocus.com/bid/966
Reference: BUGTRAQ:20000201 war-ftpd 1.6x DoS
Reference: URL:http://marc.info/?l=bugtraq&m=94960703721503&w=2
Reference: OSVDB:4677
Reference: URL:http://www.osvdb.org/4677
Name: CVE-2000-0139
Description:
Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed RETR command.
Status:EntryReference: BID:982
Reference: URL:http://www.securityfocus.com/bid/982
Reference: BUGTRAQ:20000210 remote DoS on Internet Anywhere Mail Server Ver.3.1.3
Reference: URL:http://marc.info/?l=bugtraq&m=95021326417936&w=2
Name: CVE-2000-0140
Description:
Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service via a large number of connections.
Status:EntryReference: BID:980
Reference: URL:http://www.securityfocus.com/bid/980
Reference: BUGTRAQ:20000210 remote DoS on Internet Anywhere Mail Server Ver.3.1.3
Reference: URL:http://marc.info/?l=bugtraq&m=95021326417936&w=2
Reference: NTBUGTRAQ:20000210 remote DoS on Internet Anywhere Mail Server Ver.3.1.3
Name: CVE-2000-0141
Description:
Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field.
Status:EntryReference: BID:991
Reference: URL:http://www.securityfocus.com/bid/991
Reference: BUGTRAQ:20000211 perl-cgi hole in UltimateBB by Infopop Corp.
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-8&msg=20000211224935.A13236@infomag.ape.relarn.ru
Reference: BUGTRAQ:20000225 FW: Important UBB News For Licensed Users
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-22&msg=NDBBLKOPOLNKELHPDEFKIEPGCAAA.renzo.toma@veronica.nl
Reference: MISC:http://www.ultimatebb.com/home/versions.shtml
Reference: XF:http-cgi-ultimatebb
Name: CVE-2000-0144
Description:
Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack.
Status:EntryReference: BID:971
Reference: URL:http://www.securityfocus.com/bid/971
Reference: BUGTRAQ:20000207 Infosec.20000207.axis700.a
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-02/0034.html
Name: CVE-2000-0145
Description:
The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions.
Status:EntryReference: BUGTRAQ:20000205 Debian (frozen): Perms on /usr/lib/libguile.so.6.0.0
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0145
Name: CVE-2000-0146
Description:
The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause a denial of service via a long URL to the servlet.
Status:EntryReference: BID:972
Reference: URL:http://www.securityfocus.com/bid/972
Reference: BUGTRAQ:20000207 Novell GroupWise 5.5 Enhancement Pack Web Access Denial of Service
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-02/0049.html
Reference: XF:novell-groupwise-url-dos
Name: CVE-2000-0148
Description:
MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.
Status:EntryReference: BID:975
Reference: URL:http://www.securityfocus.com/bid/975
Reference: BUGTRAQ:20000208 Remote access vulnerability in all MySQL server versions
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-02/0053.html
Reference: BUGTRAQ:20000214 MySQL 3.22.32 released
Name: CVE-2000-0149
Description:
Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL.
Status:EntryReference: BID:977
Reference: URL:http://www.securityfocus.com/bid/977
Reference: BUGTRAQ:20000208 Zeus Web Server: Null Terminated Strings
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-02/0057.html
Reference: BUGTRAQ:20000209 [SAFER 000209.EXP.1.2] Zeus Web Server - obtaining source of CGI scripts
Reference: OSVDB:254
Reference: URL:http://www.osvdb.org/254
Reference: XF:zeus-server-null-string(3982)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3982
Name: CVE-2000-0150
Description:
Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt.
Status:EntryReference: BID:979
Reference: URL:http://www.securityfocus.com/bid/979
Reference: BUGTRAQ:20000209 FireWall-1 FTP Server Vulnerability
Reference: BUGTRAQ:20000210 Multiple firewalls: FTP Application Level Gateway "PASV" Vulnerability
Reference: BUGTRAQ:20000212 Re: FireWall-1 FTP Server Vulnerability
Reference: CERT-VN:VU#328867
Reference: URL:http://www.kb.cert.org/vuls/id/328867
Reference: OSVDB:4417
Reference: URL:http://www.osvdb.org/4417
Name: CVE-2000-0152
Description:
Remote attackers can cause a denial of service in Novell BorderManager 3.5 by pressing the enter key in a telnet connection to port 2000.
Status:EntryReference: BID:976
Reference: URL:http://www.securityfocus.com/bid/976
Reference: BUGTRAQ:20000209 Novell BorderManager 3.5 Remote Slow Death
Reference: BUGTRAQ:20000211 BorderManager csatpxy.nlm fix avalable.
Reference: OSVDB:7468
Reference: URL:http://www.osvdb.org/7468
Name: CVE-2000-0156
Description:
Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability.
Status:EntryReference: MS:MS00-009
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-009
Reference: OSVDB:7827
Reference: URL:http://www.osvdb.org/7827
Reference: XF:ie-image-source-redirect(3996)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3996
Name: CVE-2000-0157
Description:
NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process.
Status:EntryReference: BID:992
Reference: URL:http://www.securityfocus.com/bid/992
Reference: NETBSD:1999-012
Reference: URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-012.txt.asc
Reference: XF:netbsd-ptrace
Name: CVE-2000-0159
Description:
HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges.
Status:EntryReference: HP:HPSBUX0002-111
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=20000217160216.13708.qmail@underground.org
Name: CVE-2000-0161
Description:
Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not validate an identification number, which allows remote attackers to execute SQL commands.
Status:EntryReference: BID:994
Reference: URL:http://www.securityfocus.com/bid/994
Reference: MS:MS00-010
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-010
Name: CVE-2000-0162
Description:
The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.
Status:EntryReference: MS:MS00-011
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-011
Name: CVE-2000-0164
Description:
The installation of Sun Internet Mail Server (SIMS) creates a world-readable file that allows local users to obtain passwords.
Status:EntryReference: BID:1004
Reference: URL:http://www.securityfocus.com/bid/1004
Reference: BUGTRAQ:20000220 Sun Internet Mail Server
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=Pine.SOL.4.21.0002200031320.22675-100000@klayman.hq.formus.pl
Reference: SUNBUG:4316521
Reference: XF:sims-temp-world-readable
Name: CVE-2000-0165
Description:
The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands.
Status:EntryReference: BUGTRAQ:20000210 Re: application proxies?
Reference: CIAC:K-023
Reference: URL:http://www.ciac.org/ciac/bulletins/k-023.shtml
Reference: FREEBSD:FreeBSD-SA-00:04
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=Pine.BSF.4.21.0002192249290.10784-100000@freefall.freebsd.org
Reference: XF:delegate-proxy-bo(4105)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4195
Name: CVE-2000-0166
Description:
Buffer overflow in the InterAccess telnet server TelnetD allows remote attackers to execute commands via a long login name.
Status:EntryReference: BID:995
Reference: URL:http://www.securityfocus.com/bid/995
Reference: BUGTRAQ:20000221 Local / Remote Exploiteable Buffer Overflow Vulnerability in InterAccess TelnetD Server 4.0 for Windows NT
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=NCBBKFKDOLAGKIAPMILPGEJHCCAA.labs@ussrback.com
Reference: BUGTRAQ:20000223 Pragma Systems response to USSRLabs report
Reference: URL:http://marc.info/?l=bugtraq&m=95142756403323&w=2
Reference: XF:interaccess-telnet-login-bo
Name: CVE-2000-0168
Description:
Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability.
Status:EntryReference: BID:1043
Reference: URL:http://www.securityfocus.com/bid/1043
Reference: BUGTRAQ:20000306 con\con is a old thing (anyway is cool)
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=NCBBKFKDOLAGKIAPMILPCENECCAA.labs@ussrback.com
Reference: MS:MS00-017
Reference: URL:http://www.securityfocus.com/templates/advisory.html?id=2126
Reference: XF:win-dos-devicename-dos
Name: CVE-2000-0169
Description:
Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'.
Status:EntryReference: BID:1053
Reference: URL:http://www.securityfocus.com/bid/1053
Reference: NTBUGTRAQ:20000314 Oracle Web Listener 4.0.x
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q1/0211.html
Reference: XF:oracle-weblistener-remote-attack
Name: CVE-2000-0170
Description:
Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.
Status:EntryReference: BID:1011
Reference: URL:http://www.securityfocus.com/bid/1011
Reference: BUGTRAQ:20000226 man bugs might lead to root compromise (RH 6.1 and other boxes)
Name: CVE-2000-0171
Description:
atsadc in the atsar package for Linux does not properly check the permissions of an output file, which allows local users to gain root privileges.
Status:EntryReference: BID:1048
Reference: URL:http://www.securityfocus.com/bid/1048
Reference: BUGTRAQ:20000311 TESO advisory -- atsadc
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0102.html
Reference: XF:atsar-root-access
Name: CVE-2000-0172
Description:
The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges.
Status:EntryReference: BID:1038
Reference: URL:http://www.securityfocus.com/bid/1038
Reference: BUGTRAQ:20000303 Potential security problem with mtr
Reference: BUGTRAQ:20000308 [TL-Security-Announce] mtr-0.41 and earlier TLSA2000003-1 (fwd)
Reference: DEBIAN:20000309 mtr
Reference: FREEBSD:FreeBSD-SA-00:09
Name: CVE-2000-0174
Description:
StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1040
Reference: URL:http://www.securityfocus.com/bid/1040
Reference: BUGTRAQ:20000308 [SAFER 000309.EXP.1.4] StarScheduler (StarOffice) vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0063.html
Reference: XF:staroffice-scheduler-fileread
Name: CVE-2000-0175
Description:
Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.
Status:EntryReference: BID:1039
Reference: URL:http://www.securityfocus.com/bid/1039
Reference: BUGTRAQ:20000308 [SAFER 000309.EXP.1.4] StarScheduler (StarOffice) vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0063.html
Reference: XF:staroffice-scheduler-bo
Name: CVE-2000-0178
Description:
ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions.
Status:EntryReference: BID:1017
Reference: URL:http://www.securityfocus.com/bid/1017
Reference: BUGTRAQ:20000227 Advisory: Foundry Networks ServerIron TCP/IP sequence predictability
Reference: MISC:http://www.foundrynet.com/bugTraq.html
Name: CVE-2000-0179
Description:
HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of service via a large number of connections to port 5555.
Status:EntryReference: BID:1015
Reference: URL:http://www.securityfocus.com/bid/1015
Reference: BUGTRAQ:20000228 HP Omniback remote DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-02/0387.html
Reference: HP:HPSBUX0006-115
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0006-115
Reference: XF:omniback-connection-dos
Name: CVE-2000-0180
Description:
Sojourn search engine allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1052
Reference: URL:http://www.securityfocus.com/bid/1052
Reference: NTBUGTRAQ:20000313 SOJOURN Search engine exposes files
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q1/0201.html
Reference: XF:sojourn-file-read(4197)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4197
Name: CVE-2000-0181
Description:
Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection.
Status:EntryReference: BID:1054
Reference: URL:http://www.securityfocus.com/bid/1054
Reference: BUGTRAQ:20000311 Our old friend Firewall-1
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0119.html
Reference: OSVDB:1256
Reference: URL:http://www.osvdb.org/1256
Name: CVE-2000-0182
Description:
iPlanet Web Server 4.1 allows remote attackers to cause a denial of service via a large number of GET commands, which consumes memory and causes a kernel panic.
Status:EntryReference: BUGTRAQ:20000223 DoS for the iPlanet Web Server, Enterprise Edition 4.1
Reference: MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0182
Name: CVE-2000-0183
Description:
Buffer overflow in ircII 4.4 IRC client allows remote attackers to execute commands via the DCC chat capability.
Status:EntryReference: BID:1046
Reference: URL:http://www.securityfocus.com/bid/1046
Reference: BUGTRAQ:20000310 Fwd: ircii-4.4 buffer overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0093.html
Reference: FREEBSD:FreeBSD-SA-00:11
Reference: REDHAT:RHSA-2000:008
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-008.html
Name: CVE-2000-0184
Description:
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.
Status:EntryReference: BID:1037
Reference: URL:http://www.securityfocus.com/bid/1037
Reference: BUGTRAQ:20000309
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0082.html
Name: CVE-2000-0185
Description:
RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private.
Status:EntryReference: BID:1049
Reference: URL:http://www.securityfocus.com/bid/1049
Reference: BUGTRAQ:20000308 RealServer exposes internal IP addresses
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0069.html
Name: CVE-2000-0186
Description:
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
Status:EntryReference: BID:1020
Reference: URL:http://www.securityfocus.com/bid/1020
Reference: BUGTRAQ:20000228 [ Hackerslab bug_paper ] Linux dump buffer overflow
Reference: REDHAT:RHSA-2000:100
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-100.html
Reference: TURBO:TLSA200007-1
Name: CVE-2000-0189
Description:
ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files.
Status:EntryReference: BID:1021
Reference: URL:http://www.securityfocus.com/bid/1021
Reference: BUGTRAQ:20000305 ColdFusion Bug: Application.cfm shows full path
Reference: NTBUGTRAQ:20000301 ColdFusions application.cfm shows full path
Name: CVE-2000-0191
Description:
Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack.
Status:EntryReference: BID:1025
Reference: URL:http://www.securityfocus.com/bid/1025
Reference: BUGTRAQ:20000229 Infosec.20000229.axisstorpointcd.a
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=41256894.00492503.00@mailgw.backupcentralen.se
Reference: OSVDB:19
Reference: URL:http://www.osvdb.org/19
Reference: XF:axis-storpoint-auth
Name: CVE-2000-0192
Description:
The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows remote attackers to determine what packages are installed on the system.
Status:EntryReference: BID:1036
Reference: URL:http://www.securityfocus.com/bid/1036
Reference: BUGTRAQ:20000304 OpenLinux 2.3: rpm_query
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0029.html
Name: CVE-2000-0193
Description:
The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges.
Status:EntryReference: BID:1030
Reference: URL:http://www.securityfocus.com/bid/1030
Reference: BUGTRAQ:20000302 Corel Linux 1.0 dosemu default configuration: Local root vuln
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200003020436.PAA20168@jawa.chilli.net.au
Reference: XF:linux-dosemu-config
Name: CVE-2000-0194
Description:
buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters.
Status:EntryReference: BID:1007
Reference: URL:http://www.securityfocus.com/bid/1007
Reference: BUGTRAQ:20000224 Corel Linux 1.0 local root compromise
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-02/0323.html
Name: CVE-2000-0195
Description:
setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file.
Status:EntryReference: BID:1008
Reference: URL:http://www.securityfocus.com/bid/1008
Reference: BUGTRAQ:20000224 Corel Linux 1.0 local root compromise
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-02/0323.html
Reference: XF:corel-linux-setxconf-root
Name: CVE-2000-0196
Description:
Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.
Status:EntryReference: BID:1018
Reference: URL:http://www.securityfocus.com/bid/1018
Reference: DEBIAN:20000229
Reference: REDHAT:RHSA-2000:006
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-006.html
Name: CVE-2000-0200
Description:
Buffer overflow in Microsoft Clip Art Gallery allows remote attackers to cause a denial of service or execute commands via a malformed CIL (clip art library) file, aka the "Clip Art Buffer Overrun" vulnerability.
Status:EntryReference: BID:1034
Reference: URL:http://www.securityfocus.com/bid/1034
Reference: MS:MS00-015
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-015
Name: CVE-2000-0201
Description:
The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking.
Status:EntryReference: BID:1033
Reference: URL:http://www.securityfocus.com/bid/1033
Reference: BUGTRAQ:20000301 IE 5.x allows executing arbitrary programs using .chm files
Name: CVE-2000-0202
Description:
Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow remote attackers to gain privileges via a malformed Select statement in an SQL query.
Status:EntryReference: BID:1041
Reference: URL:http://www.securityfocus.com/bid/1041
Reference: MS:MS00-014
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-014
Name: CVE-2000-0206
Description:
The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges.
Status:EntryReference: BID:1035
Reference: URL:http://www.securityfocus.com/bid/1035
Reference: BUGTRAQ:20000305 Oracle installer problem
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0023.html
Name: CVE-2000-0207
Description:
SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metacharacters.
Status:EntryReference: BID:1031
Reference: URL:http://www.securityfocus.com/bid/1031
Reference: BUGTRAQ:20000301 infosrch.cgi vulnerability (IRIX 6.5)
Reference: SGI:20000501-01-P
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/20000501-01-P
Reference: XF:irix-infosrch-fname
Name: CVE-2000-0208
Description:
The htdig (ht://Dig) CGI program htsearch allows remote attackers to read arbitrary files by enclosing the file name with backticks (`) in parameters to htsearch.
Status:EntryReference: BID:1026
Reference: URL:http://www.securityfocus.com/bid/1026
Reference: BUGTRAQ:20000228 ht://Dig remote information exposure
Reference: DEBIAN:20000227
Reference: FREEBSD:FreeBSD-SA-00:06
Reference: TURBO:TLSA200005-1
Name: CVE-2000-0209
Description:
Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and possibly execute commands via a long URL in a malicious web page.
Status:EntryReference: BID:1012
Reference: URL:http://www.securityfocus.com/bid/1012
Reference: BUGTRAQ:20000227 lynx - someone is deaf and blind ;)
Reference: FREEBSD:FreeBSD-SA-00:08
Name: CVE-2000-0210
Description:
The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files.
Status:EntryReference: BID:998
Reference: URL:http://www.securityfocus.com/bid/998
Reference: BUGTRAQ:20000221 flex license manager tempfile predictable name...
Name: CVE-2000-0211
Description:
The Windows Media server allows remote attackers to cause a denial of service via a series of client handshake packets that are sent in an improper sequence, aka the "Misordered Windows Media Services Handshake" vulnerability.
Status:EntryReference: BID:1000
Reference: URL:http://www.securityfocus.com/bid/1000
Reference: MS:MS00-013
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-013
Reference: XF:win-media-dos
Name: CVE-2000-0212
Description:
InterAccess TelnetD Server 4.0 allows remote attackers to conduct a denial of service via malformed terminal client configuration information.
Status:EntryReference: BID:1001
Reference: URL:http://www.securityfocus.com/bid/1001
Reference: BUGTRAQ:20000224 Local / Remote D.o.S Attack in InterAccess TelnetD Server Release 4.0 *ALL BUILDS* for WinNT Vulnerability
Reference: XF:interaccess-telnet-dos(4033)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4033
Name: CVE-2000-0215
Description:
Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges.
Status:EntryReference: BID:1019
Reference: URL:http://www.securityfocus.com/bid/1019
Reference: SCO:SB-00.05
Name: CVE-2000-0217
Description:
The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.
Status:EntryReference: BID:1006
Reference: URL:http://www.securityfocus.com/bid/1006
Reference: BUGTRAQ:20000224 SSH & xauth
Name: CVE-2000-0218
Description:
Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname.
Status:EntryReference: CALDERA:CSSA-2000-002.0
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txt
Reference: OSVDB:6980
Reference: URL:http://www.osvdb.org/6980
Reference: OSVDB:7004
Reference: URL:http://www.osvdb.org/7004
Reference: SUSE:20000210 util < 2.10f
Name: CVE-2000-0221
Description:
The Nautica Marlin bridge allows remote attackers to cause a denial of service via a zero length UDP packet to the SNMP port.
Status:EntryReference: BID:1009
Reference: URL:http://www.securityfocus.com/bid/1009
Reference: BUGTRAQ:20000225 Scorpion Marlin
Name: CVE-2000-0222
Description:
The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote attackers to connect to the ADMIN$ share without a password until the reboot occurs.
Status:EntryReference: BID:990
Reference: URL:http://www.securityfocus.com/bid/990
Reference: BUGTRAQ:20000215 Windows 2000 installation process weakness
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000215155750.M4500@safe.hsc.fr
Name: CVE-2000-0223
Description:
Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter.
Status:EntryReference: BID:1047
Reference: URL:http://www.securityfocus.com/bid/1047
Reference: BUGTRAQ:20000311 TESO advisory -- wmcdplay
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0107.html
Name: CVE-2000-0224
Description:
ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack.
Status:EntryReference: NAI:20000215 ARCserve symlink vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=000101bf78af$94528870$4d2f45a1@jmagdych.na.nai.com
Reference: SCO:SSE063
Reference: XF:sco-openserver-arc-symlink
Name: CVE-2000-0225
Description:
The Pocsag POC32 program does not properly prevent remote users from accessing its server port, even if the option has been disabled.
Status:EntryReference: BID:1032
Reference: URL:http://www.securityfocus.com/bid/1032
Reference: BUGTRAQ:20000303 Pocsag remote access to client can't be disabled.
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=003601bf854b$6893a090$0100a8c0@FIREWALKER
Reference: OSVDB:259
Reference: URL:http://www.osvdb.org/259
Reference: XF:telnet-pocsag
Name: CVE-2000-0226
Description:
IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability."
Status:EntryReference: BID:1066
Reference: URL:http://www.securityfocus.com/bid/1066
Reference: MS:MS00-018
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-018
Reference: XF:iis-chunked-encoding-dos
Name: CVE-2000-0228
Description:
Microsoft Windows Media License Manager allows remote attackers to cause a denial of service by sending a malformed request that causes the manager to halt, aka the "Malformed Media License Request" Vulnerability.
Status:EntryReference: BID:1058
Reference: URL:http://www.securityfocus.com/bid/1058
Reference: MS:MS00-016
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-016
Reference: XF:mwmt-malformed-media-license
Name: CVE-2000-0229
Description:
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
Status:EntryReference: BID:1069
Reference: URL:http://www.securityfocus.com/bid/1069
Reference: BUGTRAQ:20000322 gpm-root
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html
Reference: REDHAT:RHSA-2000:009
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-009.html
Reference: REDHAT:RHSA-2000:045
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-045.html
Reference: SUSE:20000405 Security hole in gpm < 1.18.1
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_45.html
Reference: XF:linux-gpm-root
Name: CVE-2000-0230
Description:
Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.
Status:EntryReference: BID:1060
Reference: URL:http://www.securityfocus.com/bid/1060
Reference: BUGTRAQ:20000316 TESO & C-Skills development advisory -- imwheel
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0168.html
Reference: REDHAT:RHSA-2000:016
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-016.html
Reference: XF:linux-imwheel-bo
Name: CVE-2000-0231
Description:
Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges.
Status:EntryReference: BID:1061
Reference: URL:http://www.securityfocus.com/bid/1061
Reference: BUGTRAQ:20000316 "TESO & C-Skills development advisory -- kreatecd" at:
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0162.html
Reference: SUSE:20000405 Security hole in kreatecd < 0.3.8b
Reference: XF:linux-kreatecd-path
Name: CVE-2000-0232
Description:
Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denial of service via a malformed TCP/IP print request.
Status:EntryReference: BID:1082
Reference: URL:http://www.securityfocus.com/bid/1082
Reference: BUGTRAQ:20000330 Remote DoS Attack in Windows 2000/NT 4.0 TCP/IP Print Request Server Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0306.html
Reference: MS:MS00-021
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-021
Reference: XF:win-tcpip-printing-dos
Name: CVE-2000-0233
Description:
SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges.
Status:EntryReference: SUSE:20000327 Security hole in SuSE Linux IMAP Server
Reference: URL:http://archives.neohapsis.com/archives/vendor/2000-q1/0035.html
Reference: XF:linux-imap-remote-unauthorized-access
Name: CVE-2000-0234
Description:
The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file.
Status:EntryReference: BID:1083
Reference: URL:http://www.securityfocus.com/bid/1083
Reference: BUGTRAQ:20000330 Cobalt apache configuration exposes .htaccess
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000330220757.28456.qmail@securityfocus.com
Reference: CONFIRM:http://www.securityfocus.com/templates/advisory.html?id=2150
Reference: XF:cobalt-raq-remote-access
Name: CVE-2000-0235
Description:
Buffer overflow in the huh program in the orville-write package allows local users to gain root privileges.
Status:EntryReference: BID:1070
Reference: URL:http://www.securityfocus.com/bid/1070
Reference: FREEBSD:FreeBSD-SA-00:10
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:10-orville-write.asc
Reference: OSVDB:1263
Reference: URL:http://www.osvdb.org/1263
Reference: XF:freebsd-orvillewrite-bo
Name: CVE-2000-0236
Description:
Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump.
Status:EntryReference: BID:1063
Reference: URL:http://www.securityfocus.com/bid/1063
Reference: BUGTRAQ:20000317 [SAFER 000317.EXP.1.5] Netscape Enterprise Server and '?wp' tags
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=38D2173D.24E39DD0@relaygroup.com
Reference: XF:netscape-server-directory-indexing
Name: CVE-2000-0237
Description:
Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories.
Status:EntryReference: BID:1075
Reference: URL:http://www.securityfocus.com/bid/1075
Reference: MISC:http://zsh.stupidphat.com/advisory.cgi?000311-1
Reference: XF:netscape-webpublisher-invalid-access
Name: CVE-2000-0238
Description:
Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL.
Status:EntryReference: BID:1064
Reference: URL:http://www.securityfocus.com/bid/1064
Reference: BUGTRAQ:20000317 DoS with NAVIEG
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=s8d1f3e3.036@kib.co.kodiak.ak.us
Reference: XF:nav-email-gateway-dos
Name: CVE-2000-0240
Description:
vqSoft vqServer program allows remote attackers to read arbitrary files via a /........../ in the URL, a variation of a .. (dot dot) attack.
Status:EntryReference: BID:1067
Reference: URL:http://www.securityfocus.com/bid/1067
Reference: BUGTRAQ:20000321 vqserver /........../
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=4.1.20000321084646.0095c7f0@olga.swip.net
Reference: CONFIRM:http://www.vqsoft.com/vq/server/faqs/dotdotbug.html
Reference: OSVDB:270
Reference: URL:http://www.osvdb.org/270
Reference: XF:vqserver-dir-traverse
Name: CVE-2000-0243
Description:
AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to cause a denial of service via a short GET request to cgi-bin.
Status:EntryReference: BID:1076
Reference: URL:http://www.securityfocus.com/bid/1076
Reference: BUGTRAQ:20000324 AnalogX SimpleServer 1.03 Remote Crash" at:
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=web-5645555@post2.rnci.com
Reference: MISC:http://www.analogx.com/contents/download/network/sswww.htm
Reference: OSVDB:1265
Reference: URL:http://www.osvdb.org/1265
Reference: XF:simpleserver-exception-dos(4189)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4189
Name: CVE-2000-0245
Description:
Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts.
Status:EntryReference: BID:1079
Reference: URL:http://www.securityfocus.com/bid/1079
Reference: BUGTRAQ:20000328 Objectserver vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200003290852.aa27218@blaze.arl.mil
Reference: CIAC:K-030
Reference: URL:http://www.ciac.org/ciac/bulletins/k-030.shtml
Reference: OSVDB:1267
Reference: URL:http://www.osvdb.org/1267
Reference: SGI:20000303-01-PX
Reference: URL:ftp://sgigate.sgi.com/security/20000303-01-PX
Reference: XF:irix-objectserver-create-accounts(4206)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4206
Name: CVE-2000-0246
Description:
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
Status:EntryReference: BID:1081
Reference: URL:http://www.securityfocus.com/bid/1081
Reference: MS:MS00-019
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-019
Reference: MSKB:Q249599
Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=249599
Reference: XF:iis-virtual-unc-share
Name: CVE-2000-0247
Description:
Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain root privileges.
Status:EntryReference: BID:1842
Reference: URL:http://www.securityfocus.com/bid/1842
Reference: BUGTRAQ:20000322 Local root compromise in GNQS 3.50.6 and 3.50.7
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0236.html
Reference: FREEBSD:FreeBSD-SA-00:13
Reference: URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:13.generic-nqs.asc
Reference: MISC:http://ftp.gnqs.org/pub/gnqs/source/by-version-number/v3.50/Generic-NQS-3.50.8-ChangeLog.txt
Reference: XF:generic-nqs-local-root(4306)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4306
Name: CVE-2000-0249
Description:
The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program.
Status:EntryReference: BID:1152
Reference: URL:http://www.securityfocus.com/bid/1152
Reference: IBM:ERS-OAR-E01-2000:075.1
Reference: ISS:20000426 Insecure file handling in IBM AIX frcactrl program
Reference: URL:http://xforce.iss.net/alerts/advise47.php3
Reference: XF:aix-frcactrl
Name: CVE-2000-0251
Description:
HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses.
Status:EntryReference: BID:1090
Reference: URL:http://www.securityfocus.com/bid/1090
Reference: HP:HPSBUX0004-112
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0021.html
Reference: XF:hp-virtual-vault
Name: CVE-2000-0252
Description:
The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell metacharacters in a form variable.
Status:EntryReference: BID:1115
Reference: URL:http://www.securityfocus.com/bid/1115
Reference: BUGTRAQ:20000411 Back Door in Commercial Shopping Cart
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0051.html
Reference: XF:dansie-shell-metacharacters(4975)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4975
Name: CVE-2000-0253
Description:
The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields.
Status:EntryReference: BID:1115
Reference: URL:http://www.securityfocus.com/bid/1115
Reference: BUGTRAQ:20000411 Re: Back Door in Commercial Shopping Cart
Reference: XF:shopping-cart-form-tampering(4621)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4621
Name: CVE-2000-0254
Description:
The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables.
Status:EntryReference: BID:1115
Reference: URL:http://www.securityfocus.com/bid/1115
Reference: BUGTRAQ:20000411 Re: Back Door in Commercial Shopping Cart
Reference: XF:dansie-form-variables(4954)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4954
Name: CVE-2000-0255
Description:
The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a denial of service via a scan for the FormMail CGI program.
Status:EntryReference: BID:1091
Reference: URL:http://www.securityfocus.com/bid/1091
Reference: BUGTRAQ:20000405 SilverBack Security Advisory: Nbase-Xyplex DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0022.html
Reference: XF:nbase-xyplex-router
Name: CVE-2000-0257
Description:
Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL.
Status:EntryReference: BID:1118
Reference: URL:http://www.securityfocus.com/bid/1118
Reference: BUGTRAQ:20000418 Novell Netware 5.1 (server 5.00h, Dec 11, 1999)...
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0004171825340.10088-100000@nimue.tpi.pl
Reference: XF:netware-remote-admin-overflow
Name: CVE-2000-0258
Description:
IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.
Status:EntryReference: BID:1101
Reference: URL:http://www.securityfocus.com/bid/1101
Reference: MS:MS00-023
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-023
Name: CVE-2000-0260
Description:
Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability.
Status:EntryReference: BID:1109
Reference: URL:http://www.securityfocus.com/bid/1109
Reference: MS:MS00-025
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-025
Reference: OSVDB:282
Reference: URL:http://www.osvdb.org/282
Name: CVE-2000-0261
Description:
The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1103
Reference: URL:http://www.securityfocus.com/bid/1103
Reference: BUGTRAQ:20000415 (no subject)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0073.html
Reference: BUGTRAQ:20000418 AVM's Statement
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=383085010.956159226625.JavaMail.root@web305-mc.mail.com
Reference: OSVDB:1282
Reference: URL:http://www.osvdb.org/1282
Reference: XF:ken-download-files
Name: CVE-2000-0262
Description:
The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request.
Status:EntryReference: BID:1103
Reference: URL:http://www.securityfocus.com/bid/1103
Reference: BUGTRAQ:20000415 (no subject)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0073.html
Reference: BUGTRAQ:20000418 AVM's Statement
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=383085010.956159226625.JavaMail.root@web305-mc.mail.com
Reference: XF:ken-dos
Name: CVE-2000-0263
Description:
The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request.
Status:EntryReference: BID:1111
Reference: URL:http://www.securityfocus.com/bid/1111
Reference: BUGTRAQ:20000416 xfs
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html
Reference: XF:redhat-fontserver-dos
Name: CVE-2000-0264
Description:
Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods.
Status:EntryReference: BID:1119
Reference: URL:http://www.securityfocus.com/bid/1119
Reference: BUGTRAQ:20000417 bugs in Panda Security 3.0
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=38FB45F2.550EA000@teleline.es
Reference: CONFIRM:http://updates.pandasoftware.com/docs/us/Avoidvulnerability.zip
Reference: XF:panda-admin-privileges
Name: CVE-2000-0265
Description:
Panda Security 3.0 allows users to uninstall the Panda software via its Add/Remove Programs applet.
Status:EntryReference: BID:1119
Reference: URL:http://www.securityfocus.com/bid/1119
Reference: BUGTRAQ:20000417 bugs in Panda Security 3.0
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=38FB45F2.550EA000@teleline.es
Reference: CONFIRM:http://updates.pandasoftware.com/docs/us/Avoidvulnerability.zip
Reference: XF:panda-uninstall-program
Name: CVE-2000-0267
Description:
Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password.
Status:EntryReference: BID:1122
Reference: URL:http://www.securityfocus.com/bid/1122
Reference: CISCO:20000419 Cisco Catalyst Enable Password Bypass Vulnerability
Reference: URL:http://www.cisco.com/warp/public/707/catos-enable-bypass-pub.shtml
Reference: OSVDB:1288
Reference: URL:http://www.osvdb.org/1288
Reference: XF:cisco-catalyst-password-bypass
Name: CVE-2000-0268
Description:
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot.
Status:EntryReference: BID:1123
Reference: URL:http://www.securityfocus.com/bid/1123
Reference: CISCO:20000420 Cisco IOS Software TELNET Option Handling Vulnerability
Reference: URL:http://www.cisco.com/warp/public/707/iostelnetopt-pub.shtml
Reference: OSVDB:1289
Reference: URL:http://www.osvdb.org/1289
Reference: XF:cisco-ios-option-handling
Name: CVE-2000-0272
Description:
RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070.
Status:EntryReference: BID:1128
Reference: URL:http://www.securityfocus.com/bid/1128
Reference: BUGTRAQ:20000420 Remote DoS attack in Real Networks Real Server Vulnerability
Reference: URL:http://marc.info/?l=bugtraq&m=95625288231045&w=2
Reference: CONFIRM:http://service.real.com/help/faq/servg270.html
Reference: XF:realserver-remote-dos
Name: CVE-2000-0273
Description:
PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt.
Status:EntryReference: BID:1095
Reference: URL:http://www.securityfocus.com/bid/1095
Reference: BUGTRAQ:20000409 A funny way to DOS pcANYWHERE8.0 and 9.0
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0031.html
Reference: XF:pcanywhere-login-dos
Name: CVE-2000-0274
Description:
The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name.
Status:EntryReference: BID:1096
Reference: URL:http://www.securityfocus.com/bid/1096
Reference: BUGTRAQ:20000410 linux trustees 1.5 long path name vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0035.html
Reference: CONFIRM:http://www.braysystems.com/linux/trustees.html
Reference: XF:linux-trustees-patch-dos
Name: CVE-2000-0276
Description:
BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls using interrupt 37.
Status:EntryReference: BID:1098
Reference: URL:http://www.securityfocus.com/bid/1098
Reference: BUGTRAQ:20000410 BeOS syscall bug
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000410131628.659.qmail@securityfocus.com
Reference: XF:beos-syscall-dos
Name: CVE-2000-0277
Description:
Microsoft Excel 97 and 2000 does not warn the user when executing Excel Macro Language (XLM) macros in external text files, which could allow an attacker to execute a macro virus, aka the "XLM Text Macro" vulnerability.
Status:EntryReference: BID:1087
Reference: URL:http://www.securityfocus.com/bid/1087
Reference: MS:MS00-022
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-022
Reference: OSVDB:1272
Reference: URL:http://www.osvdb.org/1272
Name: CVE-2000-0278
Description:
The SalesLogix Eviewer allows remote attackers to cause a denial of service by accessing the URL for the slxweb.dll administration program, which does not authenticate the user.
Status:EntryReference: BID:1089
Reference: URL:http://www.securityfocus.com/bid/1089
Reference: BUGTRAQ:20000331 SalesLogix Eviewer Web App Bug: URL request crashes eviewer web application
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/current/0006.html
Reference: XF:eviewer-admin-request-dos
Name: CVE-2000-0279
Description:
BeOS allows remote attackers to cause a denial of service via malformed packets whose length field is less than the length of the headers.
Status:EntryReference: BID:1100
Reference: URL:http://www.securityfocus.com/bid/1100
Reference: BUGTRAQ:20000407 BeOS Networking DOS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0029.html
Reference: MISC:http://bebugs.be.com/devbugs/detail.php3?oid=2505312
Reference: XF:beos-networking-dos
Name: CVE-2000-0282
Description:
TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program.
Status:EntryReference: BID:1102
Reference: URL:http://www.securityfocus.com/bid/1102
Reference: BUGTRAQ:20000412 TalentSoft Web+ Input Validation Bug Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0050.html
Reference: CONFIRM:ftp://ftp.talentsoft.com/Download/Webplus/Unix/Patches/Webplus46p%20Read%20me.html
Reference: XF:talentsoft-web-input
Name: CVE-2000-0283
Description:
The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon.
Status:EntryReference: BID:1106
Reference: URL:http://www.securityfocus.com/bid/1106
Reference: BUGTRAQ:20000412 Performance Copilot for IRIX 6.5
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0056.html
Reference: XF:irix-pmcd-info
Name: CVE-2000-0285
Description:
Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap parameter.
Status:EntryReference: BID:1306
Reference: URL:http://www.securityfocus.com/bid/1306
Reference: BUGTRAQ:20000416 XFree86 server overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0076.html
Reference: XF:xfree86-xkbmap-parameter-bo
Name: CVE-2000-0287
Description:
The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the dbname parameter.
Status:EntryReference: BID:1104
Reference: URL:http://www.securityfocus.com/bid/1104
Reference: BUGTRAQ:20000412 BizDB Search Script Enables Shell Command Execution at the Server
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0058.html
Reference: XF:http-cgi-bizdb
Name: CVE-2000-0289
Description:
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
Status:EntryReference: BID:1078
Reference: URL:http://www.securityfocus.com/bid/1078
Reference: BUGTRAQ:20000327 Security Problems with Linux 2.2.x IP Masquerading
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-03/0284.html
Reference: SUSE:20000520 Security hole in kernel < 2.2.15
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_48.html
Reference: XF:linux-masquerading-dos
Name: CVE-2000-0290
Description:
Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request.
Status:EntryReference: BID:1822
Reference: URL:http://www.securityfocus.com/bid/1822
Reference: BUGTRAQ:20000331 Webstar 4.0 Buffer overflow vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0005.html
Reference: XF:macos-webstar-get-bo(4792)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4792
Name: CVE-2000-0292
Description:
The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash.
Status:EntryReference: BID:1129
Reference: URL:http://www.securityfocus.com/bid/1129
Reference: BUGTRAQ:20000418 Adtran DoS
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.10004190908140.32750-100000@localhost.localdomain
Reference: XF:adtran-ping-dos
Name: CVE-2000-0294
Description:
Buffer overflow in healthd for FreeBSD allows local users to gain root privileges.
Status:EntryReference: BID:1107
Reference: URL:http://www.securityfocus.com/bid/1107
Reference: FREEBSD:FreeBSD-SA-00:12
Reference: URL:http://www.securityfocus.com/templates/advisory.html?id=2162
Reference: OSVDB:606
Reference: URL:http://www.osvdb.org/606
Reference: XF:freebsd-healthd
Name: CVE-2000-0296
Description:
fcheck allows local users to gain privileges by embedding shell metacharacters into file names that are processed by fcheck.
Status:EntryReference: BID:1086
Reference: URL:http://www.securityfocus.com/bid/1086
Reference: BUGTRAQ:20000331 fcheck v.2.7.45 and insecure use of Perl's system()
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/current/0011.html
Reference: XF:fcheck-shell
Name: CVE-2000-0297
Description:
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
Status:EntryReference: ALLAIRE:ASB00-06
Reference: URL:http://www2.allaire.com/handlers/index.cfm?ID=15099&Method=Full
Reference: BID:1085
Reference: URL:http://www.securityfocus.com/bid/1085
Reference: OSVDB:1270
Reference: URL:http://www.osvdb.org/1270
Reference: XF:allaire-forums-allaccess
Name: CVE-2000-0298
Description:
The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions for the All Users and Default Users directories.
Status:EntryReference: BID:1758
Reference: URL:http://www.securityfocus.com/bid/1758
Reference: NTBUGTRAQ:20000407 All Users startup folder left open if unattended install and OEMP reinstall=1
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0027.html
Reference: XF:win2k-unattended-install(4278)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4278
Name: CVE-2000-0301
Description:
Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command.
Status:EntryReference: BID:1094
Reference: URL:http://www.securityfocus.com/bid/1094
Reference: BUGTRAQ:20000405 Re: IMAIL (Ipswitch) DoS with Eudora (Qualcomm)
Reference: URL:http://marc.info/?l=bugtraq&m=95505800117143&w=2
Reference: CONFIRM:http://support.ipswitch.com/kb/IM-20000208-DM02.htm
Reference: XF:ipswitch-imail-dos
Name: CVE-2000-0302
Description:
Microsoft Index Server allows remote attackers to view the source code of ASP files by appending a %20 to the filename in the CiWebHitsFile argument to the null.htw URL.
Status:EntryReference: BID:1084
Reference: URL:http://www.securityfocus.com/bid/1084
Reference: BUGTRAQ:20000331 Alert: MS Index Server (CISADV000330)
Reference: URL:http://marc.info/?l=bugtraq&m=95453598317340&w=2
Reference: MS:MS00-006
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-006
Reference: OSVDB:271
Reference: URL:http://www.osvdb.org/271
Reference: XF:http-indexserver-asp-source
Name: CVE-2000-0303
Description:
Quake3 Arena allows malicious server operators to read or modify files on a client via a dot dot (..) attack.
Status:EntryReference: BID:1169
Reference: URL:http://www.securityfocus.com/bid/1169
Reference: CONFIRM:http://www.quake3arena.com/news/index.html
Reference: ISS:20000503 Vulnerability in Quake3Arena Auto-Download Feature
Reference: URL:http://xforce.iss.net/alerts/advise50.php3
Reference: OSVDB:7531
Reference: URL:http://www.osvdb.org/7531
Reference: XF:quake3-auto-download
Name: CVE-2000-0304
Description:
Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability.
Status:EntryReference: BID:1191
Reference: URL:http://www.securityfocus.com/bid/1191
Reference: ISS:20000511 Microsoft IIS Remote Denial of Service Attack
Reference: URL:http://xforce.iss.net/alerts/advise52.php3
Reference: MS:MS00-031
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-031
Reference: XF:iis-authchangeurl-dos
Name: CVE-2000-0305
Description:
Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.
Status:EntryReference: BID:1236
Reference: URL:http://www.securityfocus.com/bid/1236
Reference: BINDVIEW:20000519 jolt2 - Remote DoS against NT, W2K, 9x
Reference: URL:http://www.securityfocus.com/templates/advisory.html?id=2240
Reference: MS:MS00-029
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-029
Reference: XF:ip-fragment-reassembly-dos
Name: CVE-2000-0306
Description:
Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message.
Status:EntryReference: BUGTRAQ:19981229 Local/remote exploit for SCO UNIX.
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&date=1998-12-29&msg=AAh6GYsGU1@leshka.chuvashia.su
Reference: SCO:SB-99.02
Reference: URL:ftp://ftp.sco.com/SSE/security_bulletins/SB-99.02a
Name: CVE-2000-0307
Description:
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.
Status:EntryReference: SCO:SB-99.07
Reference: URL:ftp://ftp.sco.com/SSE/security_bulletins/SB-99.07b
Name: CVE-2000-0308
Description:
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
Status:EntryReference: SCO:SB-99.08
Reference: URL:ftp://ftp.sco.com/SSE/security_bulletins/SB-99.08a
Name: CVE-2000-0309
Description:
The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service.
Status:EntryReference: OPENBSD:19990212 i386 trace-trap handling when DDB was configured could cause a system crash.
Reference: URL:http://www.openbsd.org/errata24.html#trctrap
Reference: OSVDB:6126
Reference: URL:http://www.osvdb.org/6126
Name: CVE-2000-0310
Description:
IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets.
Status:EntryReference: OPENBSD:19990217 IP fragment assembly can bog the machine excessively and cause problems.
Reference: URL:http://www.openbsd.org/errata24.html#maxqueue
Reference: OSVDB:7539
Reference: URL:http://www.osvdb.org/7539
Name: CVE-2000-0311
Description:
The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability.
Status:EntryReference: BID:1145
Reference: URL:http://www.securityfocus.com/bid/1145
Reference: MS:MS00-026
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-026
Reference: XF:ms-mixed-object
Name: CVE-2000-0313
Description:
Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations.
Status:EntryReference: OPENBSD:19991109 Any user can change interface media configurations.
Reference: URL:http://www.openbsd.org/errata.html#ifmedia
Reference: OSVDB:7540
Reference: URL:http://www.osvdb.org/7540
Name: CVE-2000-0314
Description:
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
Status:EntryReference: BUGTRAQ:19990213 traceroute as a flooder
Reference: URL:http://marc.info/?l=bugtraq&m=91893782027835&w=2
Reference: NETBSD:NetBSD-SA1999-004
Reference: URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc
Reference: OSVDB:7574
Reference: URL:http://www.osvdb.org/7574
Name: CVE-2000-0315
Description:
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
Status:EntryReference: BUGTRAQ:19990213 traceroute as a flooder
Reference: URL:http://marc.info/?l=bugtraq&m=91893782027835&w=2
Reference: NETBSD:NetBSD-SA1999-004
Reference: URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc
Reference: OSVDB:7575
Reference: URL:http://www.osvdb.org/7575
Name: CVE-2000-0316
Description:
Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option.
Status:EntryReference: BID:1143
Reference: URL:http://www.securityfocus.com/bid/1143
Reference: BUGTRAQ:20000424 Solaris 7 x86 lp exploit
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0191.html
Reference: SUNBUG:4314312
Reference: XF:solaris-lp-bo
Name: CVE-2000-0318
Description:
Atrium Mercur Mail Server 3.2 allows local attackers to read other user's email and create arbitrary files via a dot dot (..) attack.
Status:EntryReference: BID:1144
Reference: URL:http://www.securityfocus.com/bid/1144
Reference: NTBUGTRAQ:20000413 Security problems with Atrium Mercur Mailserver 3.20
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0057.html
Reference: XF:mercur-remote-dot-attack
Name: CVE-2000-0319
Description:
mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n.
Status:EntryReference: BID:1146
Reference: URL:http://www.securityfocus.com/bid/1146
Reference: BUGTRAQ:20000424 unsafe fgets() in sendmail's mail.local
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=2694.000424@SECURITY.NNOV.RU
Reference: XF:sendmail-maillocal-dos
Name: CVE-2000-0320
Description:
Qpopper 2.53 and 3.0 does not properly identify the \n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 1023 characters long and ends in \n.
Status:EntryReference: BID:1133
Reference: URL:http://www.securityfocus.com/bid/1133
Reference: BUGTRAQ:20000421 unsafe fgets() in qpopper
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=9763.000421@SECURITY.NNOV.RU
Reference: XF:qpopper-fgets-spoofing
Name: CVE-2000-0322
Description:
The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters.
Status:EntryReference: BID:1149
Reference: URL:http://www.securityfocus.com/bid/1149
Reference: BUGTRAQ:20000424 piranha default password/exploit
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Enip.BSO.23.0004241601140.28851-100000@www.whitehats.com
Reference: REDHAT:RHSA-2000:014
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-014.html
Reference: XF:piranha-passwd-execute
Name: CVE-2000-0323
Description:
The Microsoft Jet database engine allows an attacker to modify text files via a database query, aka the "Text I-ISAM" vulnerability.
Status:EntryReference: BID:595
Reference: URL:https://www.securityfocus.com/bid/595
Reference: BUGTRAQ:19990728 Alert : MS Office 97 Vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-08-22&msg=19990729195531.25108.qmail@underground.org
Reference: MS:MS99-030
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-030
Reference: XF:jet-text-isam
Reference: URL:https://web.archive.org/web/20000819203059/http://xforce.iss.net:80/alerts/vol-4_num-7.php#jet-text-isam
Name: CVE-2000-0324
Description:
pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap.
Status:EntryReference: BID:1150
Reference: URL:http://www.securityfocus.com/bid/1150
Reference: BUGTRAQ:20000425 Denial of Service Against pcAnywhere.
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000425150157.13567A-100000@sword.damocles.com
Reference: BUGTRAQ:20010211 Symantec pcAnywhere 9.0 DoS / Buffer Overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0201.html
Reference: BUGTRAQ:20010212 Re: Symantec pcAnywhere 9.0 DoS / Buffer Overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2001-02/0258.html
Reference: OSVDB:1301
Reference: URL:http://www.osvdb.org/1301
Reference: XF:pcanywhere-tcpsyn-dos(4347)
Reference: URL:http://www.iss.net/security_center/static/4347.php
Name: CVE-2000-0327
Description:
Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability.
Status:EntryReference: BUGTRAQ:19991014 Another Microsoft Java Flaw Disovered
Reference: URL:http://marc.info/?l=bugtraq&m=93993545118416&w=2
Reference: MS:MS99-045
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-045
Reference: XF:msvm-verifier-java
Name: CVE-2000-0328
Description:
Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking.
Status:EntryReference: BID:604
Reference: URL:http://www.securityfocus.com/bid/604
Reference: BUGTRAQ:19990824 NT Predictable Initial TCP Sequence numbers - changes observed with SP4
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=4.1.19990824165629.00abcb40@192.168.124.1
Reference: MS:MS99-046
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-046
Reference: XF:nt-sequence-prediction-sp4
Reference: XF:tcp-seq-predict
Name: CVE-2000-0329
Description:
A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.
Status:EntryReference: MS:MS99-048
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-048
Reference: XF:ie-active-setup-control
Name: CVE-2000-0330
Description:
The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.
Status:EntryReference: MS:MS99-049
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-049
Reference: XF:win-fileurl-overflow
Name: CVE-2000-0331
Description:
Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability.
Status:EntryReference: BID:1135
Reference: URL:http://www.securityfocus.com/bid/1135
Reference: BUGTRAQ:20000421 CMD.EXE overflow (CISADV000420)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0147.html
Reference: MS:MS00-027
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-027
Reference: XF:nt-cmd-overflow
Name: CVE-2000-0332
Description:
UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows remote attackers to read arbitrary files via a pathname string that includes a dot dot (..) and ends with a null byte.
Status:EntryReference: BID:1164
Reference: URL:http://www.securityfocus.com/bid/1164
Reference: BUGTRAQ:20000502 Fun with UltraBoard V1.6X
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000503091316.99073.qmail@hotmail.com
Reference: OSVDB:1309
Reference: URL:http://www.osvdb.org/1309
Reference: OSVDB:4065
Reference: URL:http://www.osvdb.org/4065
Reference: XF:ultraboard-printabletopic-fileread
Name: CVE-2000-0334
Description:
The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-method that is added to the container object with a publishing rule.
Status:EntryReference: ALLAIRE:ASB00-10
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=15411&Method=Full
Reference: BID:1181
Reference: URL:http://www.securityfocus.com/bid/1181
Reference: XF:allaire-spectra-container-editor-preview
Name: CVE-2000-0335
Description:
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.
Status:EntryReference: BID:1166
Reference: URL:http://www.securityfocus.com/bid/1166
Reference: BUGTRAQ:20000502 glibc resolver weakness
Reference: XF:glibc-resolver-id-predictable
Name: CVE-2000-0336
Description:
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.
Status:EntryReference: BID:1232
Reference: URL:http://www.securityfocus.com/bid/1232
Reference: CALDERA:CSSA-2000-009.0
Reference: URL:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-009.0.txt
Reference: REDHAT:RHSA-2000:012
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-012.html
Reference: TURBO:TLSA2000010-1
Reference: URL:http://www.turbolinux.com/pipermail/tl-security-announce/2000-May/000009.html
Reference: XF:openldap-symlink-attack
Name: CVE-2000-0337
Description:
Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter.
Status:EntryReference: BID:1140
Reference: URL:http://www.securityfocus.com/bid/1140
Reference: BUGTRAQ:20000424 Solaris x86 Xsun overflow.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0188.html
Reference: SUNBUG:4335411
Reference: XF:solaris-xsun-bo
Name: CVE-2000-0338
Description:
Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate CVS user.
Status:EntryReference: BID:1136
Reference: URL:http://www.securityfocus.com/bid/1136
Reference: BUGTRAQ:20000423 CVS DoS
Reference: URL:http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D20000423174038.A520%40clico.pl
Reference: XF:cvs-tempfile-dos
Name: CVE-2000-0339
Description:
ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules.
Status:EntryReference: BID:1137
Reference: URL:http://www.securityfocus.com/bid/1137
Reference: BUGTRAQ:20000420 ZoneAlarm
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000421044123.2353.qmail@securityfocus.com
Reference: OSVDB:1294
Reference: URL:http://www.osvdb.org/1294
Reference: XF:zonealarm-portscan
Name: CVE-2000-0340
Description:
Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable.
Status:EntryReference: BID:1155
Reference: URL:http://www.securityfocus.com/bid/1155
Reference: BUGTRAQ:20000428 SuSE 6.3 Gnomelib buffer overflow
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=00042902575201.09597@wintermute-pub
Reference: CONFIRM:http://www.suse.com/us/support/download/updates/axp_63.html
Reference: XF:linux-gnomelib-bo
Name: CVE-2000-0341
Description:
ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a denial of service via a long login name.
Status:EntryReference: BID:1156
Reference: URL:http://www.securityfocus.com/bid/1156
Reference: NTBUGTRAQ:20000501 Remote DoS attack in CASSANDRA NNTPServer v1.10 from ATRIUM
Reference: URL:http://marc.info/?l=ntbugtraq&m=95736106504870&w=2
Reference: XF:nntpserver-cassandra-bo
Name: CVE-2000-0342
Description:
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
Status:EntryReference: BID:1157
Reference: URL:http://www.securityfocus.com/bid/1157
Reference: CONFIRM:http://news.cnet.com/news/0-1005-200-1773077.html?tag=st.ne.fd.lthd.1005-200-1773077
Reference: MISC:http://www.peacefire.org/security/stealthattach/explanation.html
Reference: XF:eudora-warning-message
Name: CVE-2000-0344
Description:
The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to cause a denial of service via a negative size value.
Status:EntryReference: BID:1160
Reference: URL:http://www.securityfocus.com/bid/1160
Reference: BUGTRAQ:20000501 Linux knfsd DoS issue
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0005012042550.6419-100000@ferret.lmh.ox.ac.uk
Reference: XF:linux-knfsd-dos
Name: CVE-2000-0346
Description:
AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server.
Status:EntryReference: BID:1162
Reference: URL:http://www.securityfocus.com/bid/1162
Reference: BUGTRAQ:20000502 INFO:AppleShare IP 6.3.2 squashes security bug
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000502133240.21807.qmail@securityfocus.com
Reference: CONFIRM:http://asu.info.apple.com/swupdates.nsf/artnum/n11670
Reference: XF:macos-appleshare-invalid-range
Name: CVE-2000-0347
Description:
Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name.
Status:EntryReference: BID:1163
Reference: URL:http://www.securityfocus.com/bid/1163
Reference: NTBUGTRAQ:20000501 el8.org advisory - Win 95/98 DoS (RFParalyze.c)
Reference: URL:http://marc.info/?l=ntbugtraq&m=95737580922397&w=2
Reference: XF:win-netbios-source-null
Name: CVE-2000-0348
Description:
A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.
Status:EntryReference: SCO:SB-99.10
Reference: URL:ftp://ftp.sco.com/SSE/security_bulletins/SB-99.10a
Name: CVE-2000-0349
Description:
Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service.
Status:EntryReference: SCO:SB-99.13
Reference: URL:ftp://ftp.sco.com/SSE/security_bulletins/SB-99.13a
Name: CVE-2000-0350
Description:
A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled, which allows a remote attacker to bypass the weak authentication and post unencrypted events.
Status:EntryReference: BID:1216
Reference: URL:http://www.securityfocus.com/bid/1216
Reference: CONFIRM:http://advice.networkice.com/advice/Support/KB/q000166/
Reference: MISC:http://www.securityfocus.com/templates/advisory.html?id=2220
Reference: OSVDB:312
Reference: URL:http://www.osvdb.org/312
Reference: XF:netice-icecap-alert-execute
Reference: XF:netice-icecap-default
Name: CVE-2000-0351
Description:
Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to add or remove software packages.
Status:EntryReference: SCO:SB-99.09
Reference: URL:ftp://ftp.sco.com/SSE/security_bulletins/SB-99.09b
Name: CVE-2000-0352
Description:
Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.
Status:EntryReference: BID:810
Reference: URL:http://www.securityfocus.com/bid/810
Reference: BUGTRAQ:19991117 Pine: expanding env vars in URLs (seems to be fixed as of 4.21)
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9911171818220.12375-100000@ray.compu-aid.com
Reference: CALDERA:CSSA-1999-036.0
Reference: URL:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-036.0.txt
Reference: SUSE:19991227 Security hole in Pine < 4.21
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_36.html
Reference: XF:pine-remote-exe
Name: CVE-2000-0353
Description:
Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine.
Status:EntryReference: BID:1247
Reference: URL:http://www.securityfocus.com/bid/1247
Reference: MISC:http://www.securiteam.com/unixfocus/HHP-Pine_remote_exploit.html
Reference: SUSE:19990628 Execution of commands in Pine 4.x
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_6.html
Reference: SUSE:19990911 Update for Pine (fixed IMAP support)
Reference: URL:http://www.novell.com/linux/security/advisories/pine_update_announcement.html
Reference: XF:pine-lynx-execute-commands
Name: CVE-2000-0354
Description:
mirror 2.8.x in Linux systems allows remote attackers to create files one level above the local target directory.
Status:EntryReference: BID:681
Reference: URL:http://www.securityfocus.com/bid/681
Reference: BUGTRAQ:19990928 mirror 2.9 hole
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=15769.990928@tomcat.ru
Reference: DEBIAN:19991018 Incorrect directory name handling in mirror
Reference: URL:http://www.debian.org/security/1999/19991018
Reference: SUSE:19991001 Security hole in mirror
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_22.html
Reference: XF:mirror-perl-remote-file-creation
Name: CVE-2000-0356
Description:
Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts.
Status:EntryReference: BID:697
Reference: URL:http://www.securityfocus.com/bid/697
Reference: REDHAT:RHSA-1999:040
Reference: URL:http://www.securityfocus.com/templates/advisory.html?id=1789
Reference: XF:linux-pam-nis-login
Name: CVE-2000-0359
Description:
Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header.
Status:EntryReference: BID:1248
Reference: URL:http://www.securityfocus.com/bid/1248
Reference: BUGTRAQ:19991113 thttpd 2.04 stack overflow (VD#6)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/1626.html
Reference: SUSE:19991116 Security hole in thttpd 1.90a - 2.04
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_30.html
Reference: XF:thttpd-ifmodifiedsince-header-dos
Name: CVE-2000-0360
Description:
Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article.
Status:EntryReference: BID:1249
Reference: URL:http://www.securityfocus.com/bid/1249
Reference: CALDERA:CSSA-1999-038.0
Reference: URL:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-038.0.txt
Reference: SUSE:19991124 Security hole in inn <= 2.2.1
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_34.html
Reference: XF:inn-remote-dos
Name: CVE-2000-0361
Description:
The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information.
Status:EntryReference: SUSE:19991214 Security hole in wvdial <= 1.4
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_35.html
Reference: XF:wvdial-gain-dialup-info
Name: CVE-2000-0362
Description:
Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges.
Status:EntryReference: BID:738
Reference: URL:http://www.securityfocus.com/bid/738
Reference: SUSE:19991019 Security hole in cdwtools < 093
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_25.html
Reference: XF:linux-cdda2cdr
Name: CVE-2000-0363
Description:
Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory.
Status:EntryReference: BID:738
Reference: URL:http://www.securityfocus.com/bid/738
Reference: SUSE:19991019 Security hole in cdwtools < 093
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_25.html
Reference: XF:linux-cdda2cdr
Name: CVE-2000-0366
Description:
dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which allows a local user to modify the ownership of arbitrary files.
Status:EntryReference: BID:1442
Reference: URL:http://www.securityfocus.com/bid/1442
Reference: DEBIAN:19991202 problem restoring symlinks
Reference: URL:http://www.debian.org/security/1999/19991202
Reference: XF:debian-dump-modify-ownership
Name: CVE-2000-0367
Description:
Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges.
Status:EntryReference: DEBIAN:19990218 Root exploit in eterm
Reference: URL:http://www.debian.org/security/1999/19990218
Reference: XF:linux-eterm
Name: CVE-2000-0368
Description:
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
Status:EntryReference: CIAC:J-009
Reference: URL:http://www.ciac.org/ciac/bulletins/j-009.shtml
Reference: CISCO:19981014 Cisco IOS Command History Release at Login Prompt
Reference: URL:http://www.cisco.com/warp/public/770/ioshist-pub.shtml
Name: CVE-2000-0369
Description:
The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service.
Status:EntryReference: BID:1266
Reference: URL:http://www.securityfocus.com/bid/1266
Reference: CALDERA:CSSA-1999-029.1
Reference: URL:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-029.1.txt
Reference: XF:caldera-ident-server-dos
Name: CVE-2000-0370
Description:
The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command.
Status:EntryReference: BID:1268
Reference: URL:http://www.securityfocus.com/bid/1268
Reference: CALDERA:CSSA-1999-001.0
Reference: URL:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-001.0.txt
Reference: XF:caldera-smail-rmail-command
Name: CVE-2000-0371
Description:
The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack.
Status:EntryReference: BID:1269
Reference: URL:http://www.securityfocus.com/bid/1269
Reference: CALDERA:CSSA-1999-005.0
Reference: URL:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-005.0.txt
Reference: XF:kde-mediatool
Name: CVE-2000-0372
Description:
Vulnerability in Caldera rmt command in the dump package 0.4b4 allows a local user to gain root privileges.
Status:EntryReference: CALDERA:CSSA-1999-014.0
Reference: URL:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-014.0.txt
Reference: OSVDB:7940
Reference: URL:http://www.osvdb.org/7940
Reference: XF:linux-rmt(2268)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2268
Name: CVE-2000-0373
Description:
Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges.
Status:EntryReference: CALDERA:CSSA-1999-015.0
Reference: URL:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-015.0.txt
Reference: REDHAT:RHSA-1999:015-01
Reference: URL:http://www.redhat.com/support/errata/RHSA1999015_01.html
Reference: XF:kde-kvt(2266)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/2266
Name: CVE-2000-0374
Description:
The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions.
Status:EntryReference: BID:1446
Reference: URL:http://www.securityfocus.com/bid/1446
Reference: CALDERA:CSSA-1999-021.0
Reference: URL:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-021.0.txt
Reference: MANDRAKE:MDKSA-2002:025
Reference: URL:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:025
Reference: XF:xdmcp-kdm-default-configuration(4856)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4856
Name: CVE-2000-0375
Description:
The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files.
Status:EntryReference: FREEBSD:FreeBSD-SA-99:04
Reference: OSVDB:6084
Reference: URL:http://www.osvdb.org/6084
Name: CVE-2000-0376
Description:
Buffer overflow in the HTTP proxy server for the i-drive Filo software allows remote attackers to execute arbitrary commands via a long HTTP GET request.
Status:EntryReference: BID:1324
Reference: URL:http://www.securityfocus.com/bid/1324
Reference: ISS:20000607 Buffer Overflow in i-drive Filo (tm) software
Reference: XF:idrive-filo-bo
Name: CVE-2000-0377
Description:
The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability.
Status:EntryReference: BID:1331
Reference: URL:http://www.securityfocus.com/bid/1331
Reference: MS:MS00-040
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-040
Reference: MSKB:Q264684
Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=264684
Reference: OVAL:oval:org.mitre.oval:def:1021
Reference: URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1021
Reference: XF:nt-registry-request-dos
Name: CVE-2000-0378
Description:
The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in.
Status:EntryReference: BID:1176
Reference: URL:http://www.securityfocus.com/bid/1176
Reference: BUGTRAQ:20000502 pam_console bug
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0023.html
Reference: XF:linux-pam-sniff-activities
Name: CVE-2000-0379
Description:
The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so.
Status:EntryReference: BID:1177
Reference: URL:http://www.securityfocus.com/bid/1177
Reference: BUGTRAQ:20000507 Advisory: Netopia R9100 router vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200005082054.NAA32590@linux.mtndew.com
Reference: CONFIRM:http://www.netopia.com/equipment/purchase/fmw_update.html
Reference: XF:netopia-snmp-comm-strings
Name: CVE-2000-0380
Description:
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
Status:EntryReference: BID:1154
Reference: URL:http://www.securityfocus.com/bid/1154
Reference: BUGTRAQ:20000426 Cisco HTTP possible bug:
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-04/0261.html
Reference: CISCO:20000514 Cisco IOS HTTP Server Vulnerability
Reference: URL:http://www.cisco.com/warp/public/707/ioshttpserver-pub.shtml
Reference: OSVDB:1302
Reference: URL:http://www.osvdb.org/1302
Reference: XF:cisco-ios-http-dos
Name: CVE-2000-0381
Description:
The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter.
Status:EntryReference: BID:1178
Reference: URL:http://www.securityfocus.com/bid/1178
Reference: BUGTRAQ:20000505 Black Watch Labs Vulnerability Alert
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0067.html
Reference: MISC:http://www.perfectotech.com/blackwatchlabs/vul5_05.html
Reference: XF:http-cgi-dbman-db
Name: CVE-2000-0382
Description:
ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site.
Status:EntryReference: ALLAIRE:ASB00-12
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=15697&Method=Full
Reference: BID:1179
Reference: URL:http://www.securityfocus.com/bid/1179
Reference: XF:allaire-clustercats-url-redirect
Name: CVE-2000-0387
Description:
The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary files.
Status:EntryReference: BID:1184
Reference: URL:http://www.securityfocus.com/bid/1184
Reference: FREEBSD:FreeBSD-SA-00:16
Reference: URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:16.golddig.asc
Reference: XF:golddig-overwrite-files
Name: CVE-2000-0388
Description:
Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable.
Status:EntryReference: BID:1185
Reference: URL:http://www.securityfocus.com/bid/1185
Reference: FREEBSD:FreeBSD-SA-00:17
Reference: URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A17.libmytinfo.asc
Reference: XF:libmytinfo-bo
Name: CVE-2000-0389
Description:
Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.
Status:EntryReference: BID:1220
Reference: URL:http://www.securityfocus.com/bid/1220
Reference: BUGTRAQ:20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html
Reference: CERT:CA-2000-06
Reference: URL:http://www.cert.org/advisories/CA-2000-06.html
Reference: FREEBSD:FreeBSD-SA-00:20
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html
Reference: REDHAT:RHSA-2000:025
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-025.html
Reference: XF:kerberos-krb-rd-req-bo
Name: CVE-2000-0390
Description:
Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.
Status:EntryReference: BID:1220
Reference: URL:http://www.securityfocus.com/bid/1220
Reference: BUGTRAQ:20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html
Reference: CERT:CA-2000-06
Reference: URL:http://www.cert.org/advisories/CA-2000-06.html
Reference: FREEBSD:FreeBSD-SA-00:20
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html
Reference: OSVDB:4884
Reference: URL:http://www.osvdb.org/4884
Reference: REDHAT:RHSA-2000:025
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-025.html
Reference: XF:kerberos-krb425-conv-principal-bo
Name: CVE-2000-0391
Description:
Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.
Status:EntryReference: BID:1220
Reference: URL:http://www.securityfocus.com/bid/1220
Reference: BUGTRAQ:20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html
Reference: CERT:CA-2000-06
Reference: URL:http://www.cert.org/advisories/CA-2000-06.html
Reference: FREEBSD:FreeBSD-SA-00:20
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html
Reference: OSVDB:4876
Reference: URL:http://www.osvdb.org/4876
Reference: REDHAT:RHSA-2000:025
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-025.html
Reference: XF:kerberos-krshd-bo
Name: CVE-2000-0392
Description:
Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.
Status:EntryReference: BID:1220
Reference: URL:http://www.securityfocus.com/bid/1220
Reference: BUGTRAQ:20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html
Reference: CERT:CA-2000-06
Reference: URL:http://www.cert.org/advisories/CA-2000-06.html
Reference: FREEBSD:FreeBSD-SA-00:20
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html
Reference: REDHAT:RHSA-2000:025
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-025.html
Reference: XF:kerberos-ksu-bo
Name: CVE-2000-0393
Description:
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute.
Status:EntryReference: BID:1206
Reference: URL:http://www.securityfocus.com/bid/1206
Reference: BUGTRAQ:20000516 kscd vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0172.html
Reference: SUSE:20000529 kmulti <= 1.1.2
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_50.html
Reference: XF:kscd-shell-env-variable
Name: CVE-2000-0394
Description:
NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets that trigger NetProwler's Man-in-the-Middle signature.
Status:EntryReference: BID:1225
Reference: URL:http://www.securityfocus.com/bid/1225
Reference: BUGTRAQ:20000519 RFP2K05: NetProwler vs. RFProwler
Reference: URL:http://marc.info/?l=bugtraq&m=95878603510835&w=2
Reference: BUGTRAQ:20000522 RFP2K05 - NetProwler "Fragmentation" Issue
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=392AD3B3.3E9BE3EA@axent.com
Reference: XF:axent-netprowler-ipfrag-dos
Name: CVE-2000-0395
Description:
Buffer overflow in CProxy 3.3 allows remote users to cause a denial of service via a long HTTP request.
Status:EntryReference: BID:1213
Reference: URL:http://www.securityfocus.com/bid/1213
Reference: BUGTRAQ:20000516 CProxy v3.3 SP 2 DoS
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=007d01bfbf48$e44f0e40$01dc11ac@peopletel.org
Reference: XF:cproxy-http-dos
Name: CVE-2000-0396
Description:
The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files.
Status:EntryReference: BID:1245
Reference: URL:http://www.securityfocus.com/bid/1245
Reference: BUGTRAQ:20000524 Alert: Carello File Creation flaw
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0285.html
Reference: XF:carello-file-duplication
Name: CVE-2000-0397
Description:
The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account.
Status:EntryReference: BID:1203
Reference: URL:http://www.securityfocus.com/bid/1203
Reference: BUGTRAQ:20000515 Vulnerability in EMURL-based e-mail providers
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0160.html
Reference: XF:emurl-account-access
Name: CVE-2000-0398
Description:
Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request.
Status:EntryReference: BID:1244
Reference: URL:http://www.securityfocus.com/bid/1244
Reference: BUGTRAQ:20000524 Alert: Buffer overflow in Rockliffe's MailSite
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0286.html
Reference: XF:mailsite-get-overflow
Name: CVE-2000-0399
Description:
Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name.
Status:EntryReference: BID:1250
Reference: URL:http://www.securityfocus.com/bid/1250
Reference: BUGTRAQ:20000524 Deerfield Communications MDaemon Mail Server DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0301.html
Reference: XF:deerfield-mdaemon-dos
Name: CVE-2000-0402
Description:
The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability.
Status:EntryReference: BID:1281
Reference: URL:http://www.securityfocus.com/bid/1281
Reference: MS:MS00-035
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-035
Reference: MSKB:Q263968
Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=263968
Reference: XF:mssql-agent-stored-pw
Reference: XF:mssql-sa-pw-in-sqlsplog
Name: CVE-2000-0403
Description:
The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the "HostAnnouncement Flooding" or "HostAnnouncement Frame" vulnerability.
Status:EntryReference: BID:1261
Reference: URL:http://www.securityfocus.com/bid/1261
Reference: MS:MS00-036
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-036
Reference: MSKB:Q263307
Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=263307
Reference: XF:win-browser-hostannouncement
Name: CVE-2000-0404
Description:
The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability.
Status:EntryReference: BID:1262
Reference: URL:http://www.securityfocus.com/bid/1262
Reference: MS:MS00-036
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-036
Reference: MSKB:Q262694
Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=262694
Reference: XF:win-browser-reset-frame
Name: CVE-2000-0405
Description:
Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet.
Status:EntryReference: BID:1207
Reference: URL:http://www.securityfocus.com/bid/1207
Reference: L0PHT:20000515 AntiSniff version 1.01 and Researchers version 1 DNS overflow
Reference: URL:http://www.l0pht.com/advisories/asniff_advisory.txt
Reference: OSVDB:3179
Reference: URL:http://www.osvdb.org/3179
Reference: XF:antisniff-dns-overflow
Name: CVE-2000-0406
Description:
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
Status:EntryReference: BID:1188
Reference: URL:http://www.securityfocus.com/bid/1188
Reference: CERT:CA-2000-05
Reference: URL:http://www.cert.org/advisories/CA-2000-05.html
Reference: MISC:http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt
Reference: REDHAT:RHSA-2000:028
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-028.html
Reference: XF:netscape-invalid-ssl-sessions
Name: CVE-2000-0407
Description:
Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option.
Status:EntryReference: BID:1200
Reference: URL:http://www.securityfocus.com/bid/1200
Reference: BUGTRAQ:20000512 New Solaris root exploit for /usr/lib/lp/bin/netpr
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0141.html
Reference: XF:sol-netpr-bo
Name: CVE-2000-0408
Description:
IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability.
Status:EntryReference: BID:1190
Reference: URL:http://www.securityfocus.com/bid/1190
Reference: MISC:http://www.ussrback.com/labs40.html
Reference: MS:MS00-030
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-030
Reference: MSKB:Q260205
Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=260205
Reference: XF:iis-url-extension-data-dos
Name: CVE-2000-0409
Description:
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
Status:EntryReference: BID:1201
Reference: URL:http://www.securityfocus.com/bid/1201
Reference: BUGTRAQ:20000510 Possible symlink problems with Netscape 4.73
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html
Reference: XF:netscape-import-certificate-symlink
Name: CVE-2000-0410
Description:
ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory.
Status:EntryReference: BID:1192
Reference: URL:http://www.securityfocus.com/bid/1192
Reference: NTBUGTRAQ:20000510 Cold Fusion Server 4.5.1 DoS Vulnerability.
Reference: URL:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0005&L=ntbugtraq&F=&S=&P=4843
Reference: XF:coldfusion-cfcache-dos
Name: CVE-2000-0411
Description:
Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter.
Status:EntryReference: BID:1187
Reference: URL:http://www.securityfocus.com/bid/1187
Reference: BUGTRAQ:20000510 Black Watch Labs Vulnerability Alert
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0125.html
Reference: MISC:http://www.perfectotech.com/blackwatchlabs/vul5_10.html
Reference: XF:http-cgi-formmail-environment
Name: CVE-2000-0414
Description:
Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables.
Status:EntryReference: BID:1214
Reference: URL:http://www.securityfocus.com/bid/1214
Reference: HP:HPSBUX0005-113
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0047.html
Reference: XF:hp-shutdown-privileges
Name: CVE-2000-0416
Description:
NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server.
Status:EntryReference: BID:1196
Reference: URL:http://www.securityfocus.com/bid/1196
Reference: BUGTRAQ:20000511 NTMail Proxy Exploit
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=NABBJLKKPKIHDIMKFKGCMEFANMAB.georger@nls.net
Reference: CONFIRM:http://www.gordano.com/support/archives/ntmail/2000-05/00001114.htm
Reference: XF:ntmail-bypass-proxy
Name: CVE-2000-0417
Description:
The HTTP administration interface to the Cayman 3220-H DSL router allows remote attackers to cause a denial of service via a long username or password.
Status:EntryReference: BID:1219
Reference: URL:http://www.securityfocus.com/bid/1219
Reference: BUGTRAQ:20000505 Cayman 3220-H DSL Router DOS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0075.html
Reference: BUGTRAQ:20000523 Cayman 3220H DSL Router Software Update and New Bonus Attack
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0280.html
Reference: XF:cayman-router-dos
Name: CVE-2000-0418
Description:
The Cayman 3220-H DSL router allows remote attackers to cause a denial of service via oversized ICMP echo (ping) requests.
Status:EntryReference: BID:1240
Reference: URL:http://www.securityfocus.com/bid/1240
Reference: BUGTRAQ:20000523 Cayman 3220H DSL Router Software Update and New Bonus Attack
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0280.html
Reference: XF:cayman-dsl-dos
Name: CVE-2000-0419
Description:
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
Status:EntryReference: BID:1197
Reference: URL:http://www.securityfocus.com/bid/1197
Reference: CERT:CA-2000-07
Reference: URL:http://www.cert.org/advisories/CA-2000-07.html
Reference: MS:MS00-034
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-034
Reference: MSKB:Q262767
Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=262767
Reference: XF:office-ua-control
Name: CVE-2000-0421
Description:
The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters.
Status:EntryReference: BID:1199
Reference: URL:http://www.securityfocus.com/bid/1199
Reference: BUGTRAQ:20000510 Advisory: Unchecked system(blaat $var blaat) call in Bugzilla 2.8
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0128.html
Reference: XF:bugzilla-unchecked-system-call
Name: CVE-2000-0424
Description:
The CGI counter 4.0.7 by George Burgyan allows remote attackers to execute arbitrary commands via shell metacharacters.
Status:EntryReference: BID:1202
Reference: URL:http://www.securityfocus.com/bid/1202
Reference: BUGTRAQ:20000514 Vulnerability in CGI counter 4.0.7 by George Burgyan
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200005151024.aa01811@blaze.arl.mil
Reference: XF:http-cgi-burgyan-counter
Name: CVE-2000-0425
Description:
Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands.
Status:EntryReference: BID:1167
Reference: URL:http://www.securityfocus.com/bid/1167
Reference: BUGTRAQ:20000505 Alert: Listserv Web Archives (wa) buffer overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0048.html
Reference: CONFIRM:http://www.lsoft.com/news/default.asp?item=Advisory0
Reference: XF:http-cgi-listserv-wa-bo
Name: CVE-2000-0426
Description:
UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself.
Status:EntryReference: BID:1175
Reference: URL:http://www.securityfocus.com/bid/1175
Reference: BUGTRAQ:20000505 Re: Fun with UltraBoard V1.6X
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0059.html
Reference: XF:ultraboard-cgi-dos
Name: CVE-2000-0427
Description:
The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM.
Status:EntryReference: BID:1170
Reference: URL:http://www.securityfocus.com/bid/1170
Reference: L0PHT:20000504 eToken Private Information Extraction and Physical Attack
Reference: URL:http://www.l0pht.com/advisories/etoken-piepa.txt
Reference: OSVDB:3266
Reference: URL:http://www.osvdb.org/3266
Reference: XF:aladdin-etoken-pin-reset
Name: CVE-2000-0428
Description:
Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and earlier allows a remote attacker to execute arbitrary commands via a long filename for a uuencoded attachment.
Status:EntryReference: BID:1168
Reference: URL:http://www.securityfocus.com/bid/1168
Reference: NAI:20000503 Trend Micro InterScan VirusWall Remote Overflow
Reference: URL:http://www.nai.com/nai_labs/asp_set/advisory/39_Trend.asp
Reference: XF:interscan-viruswall-bo
Name: CVE-2000-0430
Description:
Cart32 allows remote attackers to access sensitive debugging information by appending /expdate to the URL request.
Status:EntryReference: BID:1358
Reference: URL:http://www.securityfocus.com/bid/1358
Reference: BUGTRAQ:20000503 Another interesting Cart32 command
Reference: URL:http://marc.info/?l=bugtraq&m=95738697301956&w=2
Reference: XF:cart32-expdate
Name: CVE-2000-0431
Description:
Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files.
Status:EntryReference: BID:1238
Reference: URL:http://www.securityfocus.com/bid/1238
Reference: BUGTRAQ:20000522 Problem with FrontPage on Cobalt RaQ2/RaQ3
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000523100045.B11049@HiWAAY.net
Reference: BUGTRAQ:20000525 Cobalt Networks - Security Advisory - Frontpage
Reference: CONFIRM:http://archives.neohapsis.com/archives/bugtraq/2000-05/0305.html
Reference: OSVDB:1346
Reference: URL:http://www.osvdb.org/1346
Reference: XF:cobalt-cgiwrap-bypass
Name: CVE-2000-0432
Description:
The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters.
Status:EntryReference: BID:1215
Reference: URL:http://www.securityfocus.com/bid/1215
Reference: BUGTRAQ:20000516 Vuln in calender.pl (Matt Kruse calender script)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0173.html
Reference: XF:http-cgi-calendar-execute
Name: CVE-2000-0435
Description:
The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages.
Status:EntryReference: BID:1217
Reference: URL:http://www.securityfocus.com/bid/1217
Reference: BUGTRAQ:20000516 Allmanage.pl Vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0167.html
Reference: OSVDB:1337
Reference: URL:http://www.osvdb.org/1337
Reference: XF:http-cgi-allmanage-account-access
Name: CVE-2000-0436
Description:
MetaProducts Offline Explorer 1.2 and earlier allows remote attackers to access arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1231
Reference: URL:http://www.securityfocus.com/bid/1231
Reference: BUGTRAQ:20000522 MetaProducts Offline Explorer Directory Traversal Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0254.html
Reference: CONFIRM:http://www.metaproducts.com/mpOE-HY.html
Reference: XF:offline-explorer-directory-traversal
Name: CVE-2000-0437
Description:
Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute arbitrary commands.
Status:EntryReference: BID:1234
Reference: URL:http://www.securityfocus.com/bid/1234
Reference: BUGTRAQ:20000522 Gauntlet CyberPatrol Buffer Overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0249.html
Reference: CONFIRM:http://www.pgp.com/jump/gauntlet_advisory.asp
Reference: CONFIRM:http://www.tis.com/support/cyberadvisory.html
Reference: OSVDB:322
Reference: URL:http://www.osvdb.org/322
Reference: XF:gauntlet-cyberdaemon-bo
Name: CVE-2000-0438
Description:
Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.
Status:EntryReference: BID:1239
Reference: URL:http://www.securityfocus.com/bid/1239
Reference: BUGTRAQ:20000522 fdmount buffer overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html
Reference: XF:linux-fdmount-bo
Name: CVE-2000-0439
Description:
Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the "Unauthorized Cookie Access" vulnerability.
Status:EntryReference: BID:1194
Reference: URL:http://www.securityfocus.com/bid/1194
Reference: BUGTRAQ:20000510 IE Domain Confusion Vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000511135609.D7774@securityfocus.com
Reference: BUGTRAQ:20000511 IE Domain Confusion Vulnerability is an Email problem also
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=NDBBKGHPMKBKDDGLDEEHAEHMDIAA.rms2000@bellatlantic.net
Reference: MS:MS00-033
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-033
Reference: OSVDB:1326
Reference: URL:http://www.osvdb.org/1326
Reference: XF:ie-cookie-disclosure(4447)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4447
Name: CVE-2000-0440
Description:
NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option.
Status:EntryReference: BID:1173
Reference: URL:http://www.securityfocus.com/bid/1173
Reference: BUGTRAQ:20000506 [NHC20000504a.0: NetBSD Panics when sent unaligned IP options]
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0088.html
Reference: FREEBSD:FreeBSD-SA-00:23
Reference: NETBSD:NetBSD-SA2000-002
Reference: URL:ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-002.txt.asc
Reference: XF:netbsd-unaligned-ip-options
Name: CVE-2000-0441
Description:
Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems.
Status:EntryReference: BID:1241
Reference: URL:http://www.securityfocus.com/bid/1241
Reference: IBM:ERS-OAR-E01-2000:087.1
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0275.html
Reference: XF:aix-local-filesystem
Name: CVE-2000-0442
Description:
Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command.
Status:EntryReference: BID:1242
Reference: URL:http://www.securityfocus.com/bid/1242
Reference: BUGTRAQ:20000523 Qpopper 2.53 remote problem, user can gain gid=mail
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0267.html
Reference: SUSE:20000608 pop <= 2000.3.4
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_51.html
Reference: XF:qualcomm-qpopper-euidl
Name: CVE-2000-0443
Description:
The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1243
Reference: URL:http://www.securityfocus.com/bid/1243
Reference: BUGTRAQ:20000524 HP Web JetAdmin Version 5.6 Web interface Server Directory Traversal Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0281.html
Reference: OSVDB:1350
Reference: URL:http://www.osvdb.org/1350
Reference: XF:hp-jetadmin-directory-traversal
Name: CVE-2000-0445
Description:
The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys.
Status:EntryReference: BID:1251
Reference: URL:http://www.securityfocus.com/bid/1251
Reference: BUGTRAQ:20000523 Key Generation Security Flaw in PGP 5.0
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0273.html
Reference: CERT:CA-2000-09
Reference: URL:http://www.cert.org/advisories/CA-2000-09.html
Reference: OSVDB:1355
Reference: URL:http://www.osvdb.org/1355
Reference: XF:pgp-key-predictable
Name: CVE-2000-0446
Description:
Buffer overflow in MDBMS database server allows remote attackers to execute arbitrary commands via a long string.
Status:EntryReference: BID:1252
Reference: URL:http://www.securityfocus.com/bid/1252
Reference: BUGTRAQ:20000524 Remote xploit for MDBMS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0274.html
Reference: XF:mdbms-bo
Name: CVE-2000-0447
Description:
Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter to the WebShield remote management service.
Status:EntryReference: BID:1254
Reference: URL:http://www.securityfocus.com/bid/1254
Reference: BUGTRAQ:20000525 DST2K0003 : Buffer Overrun in NAI WebShield SMTP v4.5.44 Managem ent Tool
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=6C740781F92BD411831F0090273A8AB806FD4A@exchange.servers.delphis.net
Reference: OSVDB:327
Reference: URL:http://www.osvdb.org/327
Reference: XF:nai-webshield-bo
Name: CVE-2000-0448
Description:
The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command.
Status:EntryReference: BID:1253
Reference: URL:http://www.securityfocus.com/bid/1253
Reference: BUGTRAQ:20000525 DST2K0003 : Buffer Overrun in NAI WebShield SMTP v4.5.44 Managem ent Tool
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=6C740781F92BD411831F0090273A8AB806FD4A@exchange.servers.delphis.net
Reference: OSVDB:326
Reference: URL:http://www.osvdb.org/326
Reference: XF:nai-webshield-getconfig
Name: CVE-2000-0451
Description:
The Intel express 8100 ISDN router allows remote attackers to cause a denial of service via oversized or fragmented ICMP packets.
Status:EntryReference: BID:1228
Reference: URL:http://www.securityfocus.com/bid/1228
Reference: BUGTRAQ:20000518 Remote Dos attack against Intel express 8100 router
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0229.html
Reference: XF:intel-8100-remote-dos
Name: CVE-2000-0452
Description:
Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command.
Status:EntryReference: BID:1229
Reference: URL:http://www.securityfocus.com/bid/1229
Reference: BUGTRAQ:20000518 Lotus ESMTP Service (Lotus Domino Release 5.0.1 (Intl))
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0219.html
Reference: OSVDB:321
Reference: URL:http://www.osvdb.org/321
Reference: XF:lotus-domino-esmtp-bo
Name: CVE-2000-0453
Description:
XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000.
Status:EntryReference: BID:1235
Reference: URL:http://www.securityfocus.com/bid/1235
Reference: BUGTRAQ:20000518 Nasty XFree Xserver DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0223.html
Reference: CALDERA:CSSA-2000-012.0
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-012.0.txt
Name: CVE-2000-0454
Description:
Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.
Status:EntryReference: BID:1265
Reference: URL:http://www.securityfocus.com/bid/1265
Reference: BUGTRAQ:20000527 Mandrake 7.0: /usr/bin/cdrecord gid=80 (strike #2)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0367.html
Reference: BUGTRAQ:20000603 [Gael Duval ] [Security Announce] cdrecord
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0434.html
Reference: BUGTRAQ:20000607 Conectiva Linux Security Announcement - cdrecord
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0019.html
Reference: XF:linux-cdrecord-execute
Name: CVE-2000-0455
Description:
Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option.
Status:EntryReference: BID:1267
Reference: URL:http://www.securityfocus.com/bid/1267
Reference: NAI:20000529 Initialized Data Overflow in Xlock
Reference: URL:http://www.nai.com/nai_labs/asp_set/advisory/41initialized.asp
Reference: NETBSD:NetBSD-SA2000-003
Reference: URL:ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-003.txt.asc
Reference: TURBO:TLSA2000012-1
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0375.html
Reference: XF:xlock-bo-read-passwd
Name: CVE-2000-0456
Description:
NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog".
Status:EntryReference: BID:1272
Reference: URL:http://www.securityfocus.com/bid/1272
Reference: NETBSD:NetBSD-SA2000-005
Reference: URL:ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-005.txt.asc
Reference: OSVDB:1365
Reference: URL:http://www.osvdb.org/1365
Reference: XF:bsd-syscall-cpu-dos
Name: CVE-2000-0457
Description:
ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability.
Status:EntryReference: BID:1193
Reference: URL:http://www.securityfocus.com/bid/1193
Reference: BUGTRAQ:20000511 Alert: IIS ism.dll exposes file contents
Reference: URL:http://marc.info/?l=bugtraq&m=95810120719608&w=2
Reference: MS:MS00-031
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-031
Reference: XF:iis-ism-file-access(4448)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4448
Name: CVE-2000-0458
Description:
The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information.
Status:EntryReference: BID:1360
Reference: URL:http://www.securityfocus.com/bid/1360
Reference: BUGTRAQ:20000424 Two Problems in IMP 2
Reference: URL:http://marc.info/?l=bugtraq&m=95672120116627&w=2
Reference: XF:imp-tmpfile-view
Name: CVE-2000-0459
Description:
IMP does not remove files properly if the MSWordView application quits, which allows local users to cause a denial of service by filling up the disk space by requesting a large number of documents and prematurely stopping the request.
Status:EntryReference: BID:1361
Reference: URL:http://www.securityfocus.com/bid/1361
Reference: BUGTRAQ:20000424 Two Problems in IMP 2
Reference: URL:http://marc.info/?l=bugtraq&m=95672120116627&w=2
Reference: XF:imp-wordfile-dos
Name: CVE-2000-0460
Description:
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable.
Status:EntryReference: BID:1274
Reference: URL:http://www.securityfocus.com/bid/1274
Reference: BUGTRAQ:20000526 KDE: /usr/bin/kdesud, gid = 0 exploit
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0353.html
Reference: XF:kde-display-environment-overflow
Name: CVE-2000-0461
Description:
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.
Status:EntryReference: BID:1270
Reference: URL:http://www.securityfocus.com/bid/1270
Reference: FREEBSD:FreeBSD-SA-00:19
Reference: URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:19.semconfig.asc
Reference: NETBSD:NetBSD-SA2000-004
Reference: URL:ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-004.txt.asc
Reference: OPENBSD:20000526
Reference: URL:http://www.openbsd.org/errata26.html#semconfig
Reference: XF:bsd-semaphore-dos
Name: CVE-2000-0462
Description:
ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.
Status:EntryReference: BID:1273
Reference: URL:http://www.securityfocus.com/bid/1273
Reference: NETBSD:NetBSD-SA2000-006
Reference: URL:ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-006.txt.asc
Reference: OSVDB:1366
Reference: URL:http://www.osvdb.org/1366
Reference: XF:netbsd-ftpchroot-parsing
Name: CVE-2000-0463
Description:
BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets.
Status:EntryReference: BID:1222
Reference: URL:http://www.securityfocus.com/bid/1222
Reference: BUGTRAQ:20000517 AUX Security Advisory on Be/OS 5.0 (DoS)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0197.html
Reference: XF:beos-tcp-frag-dos
Name: CVE-2000-0464
Description:
Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability.
Status:EntryReference: BID:1223
Reference: URL:http://www.securityfocus.com/bid/1223
Reference: MS:MS00-033
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-033
Reference: MSKB:Q261257
Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=261257
Reference: XF:ie-malformed-component-attribute
Name: CVE-2000-0465
Description:
Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability.
Status:EntryReference: BID:1224
Reference: URL:http://www.securityfocus.com/bid/1224
Reference: MS:MS00-033
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-033
Reference: MSKB:Q251108
Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=251108
Reference: MSKB:Q255676
Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=255676
Reference: XF:ie-frame-domain-verification
Name: CVE-2000-0466
Description:
AIX cdmount allows local users to gain root privileges via shell metacharacters.
Status:EntryReference: BID:1384
Reference: URL:http://www.securityfocus.com/bid/1384
Reference: ISS:20000620 Insecure call of external program in AIX cdmount
Reference: URL:http://xforce.iss.net/alerts/advise55.php
Reference: XF:aix-cdmount-insecure-call
Name: CVE-2000-0467
Description:
Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function.
Status:EntryReference: BID:1346
Reference: URL:http://www.securityfocus.com/bid/1346
Reference: BUGTRAQ:20000614 Splitvt exploit
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0125.html
Reference: DEBIAN:20000605a
Reference: XF:splitvt-screen-lock-bo
Name: CVE-2000-0468
Description:
man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack.
Status:EntryReference: BID:1302
Reference: URL:http://www.securityfocus.com/bid/1302
Reference: BUGTRAQ:20000601 HP Security vulnerability in the man command
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.SOL.4.02.10006021014400.4779-100000@nofud.nwest.attws.com
Reference: XF:hp-man-file-overwrite
Name: CVE-2000-0469
Description:
Selena Sol WebBanner 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1347
Reference: URL:http://www.securityfocus.com/bid/1347
Reference: BUGTRAQ:20000613 CGI: Selena Sol's WebBanner ( Random Banner Generator ) Vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-06-22&msg=ILENKALMCAFBLHBGEOFKGEJCCAAA.jwesterink@jwesterink.daxis.nl
Reference: BUGTRAQ:20000620 Re: CGI: Selena Sol's WebBanner ( Random Banner Generator ) Vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=4.2.0.58.20000620193604.00979950@mail.clark.net
Reference: XF:webbanner-input-validation-exe
Name: CVE-2000-0470
Description:
Allegro RomPager HTTP server allows remote attackers to cause a denial of service via a malformed authentication request.
Status:EntryReference: BID:1290
Reference: URL:http://www.securityfocus.com/bid/1290
Reference: BUGTRAQ:20000601 Hardware Exploit - Gets network Down
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0398.html
Reference: XF:rompager-malformed-dos(4588)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4588
Name: CVE-2000-0471
Description:
Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.
Status:EntryReference: BID:1348
Reference: URL:http://www.securityfocus.com/bid/1348
Reference: BUGTRAQ:20000614 Vulnerability in Solaris ufsrestore
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0114.html
Reference: CERT-VN:VU#36866
Reference: URL:http://www.kb.cert.org/vuls/id/36866
Reference: OSVDB:1398
Reference: URL:http://www.osvdb.org/1398
Reference: SUN:00210
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/210
Reference: SUNBUG:4339366
Reference: XF:sol-ufsrestore-bo(4711)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4711
Name: CVE-2000-0472
Description:
Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID.
Status:EntryReference: BID:1316
Reference: URL:http://www.securityfocus.com/bid/1316
Reference: BUGTRAQ:20000106 innd 2.2.2 remote buffer overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0003.html
Reference: BUGTRAQ:20000707 inn update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0097.html
Reference: BUGTRAQ:20000721 [ANNOUNCE] INN 2.2.3 available
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0298.html
Reference: BUGTRAQ:20000722 MDKSA-2000:023 inn update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0330.html
Reference: CALDERA:CSSA-2000-016.0
Reference: URL:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-016.0.txt
Reference: XF:innd-cancel-overflow(4615)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4615
Name: CVE-2000-0474
Description:
Real Networks RealServer 7.x allows remote attackers to cause a denial of service via a malformed request for a page in the viewsource directory.
Status:EntryReference: BID:1288
Reference: URL:http://www.securityfocus.com/bid/1288
Reference: BUGTRAQ:20000601 Remote DoS attack in Real Networks Real Server (Strike #2) Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0410.html
Reference: BUGTRAQ:20000601 Remote DoS attack in RealServer: USSR-2000043
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0427.html
Reference: XF:realserver-malformed-remote-dos(4587)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4587
Name: CVE-2000-0475
Description:
Windows 2000 allows a local user process to access another user's desktop within the same windows station, aka the "Desktop Separation" vulnerability.
Status:EntryReference: BID:1350
Reference: URL:http://www.securityfocus.com/bid/1350
Reference: MS:MS00-020
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-020
Reference: XF:win2k-desktop-separation(4714)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4714
Name: CVE-2000-0477
Description:
Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a denial of service via a .zip file that contains long file names.
Status:EntryReference: BID:1351
Reference: URL:http://www.securityfocus.com/bid/1351
Reference: BUGTRAQ:20000614 Vulnerabilities in Norton Antivirus for Exchange
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0136.html
Reference: XF:antivirus-nav-zip-bo(4710)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4710
Name: CVE-2000-0478
Description:
In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows viruses to pass through the server.
Status:EntryReference: BID:1351
Reference: URL:http://www.securityfocus.com/bid/1351
Reference: BUGTRAQ:20000614 Vulnerabilities in Norton Antivirus for Exchange
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0136.html
Reference: OSVDB:6266
Reference: URL:http://www.osvdb.org/6266
Reference: XF:antivirus-nav-fail-open(4709)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4709
Name: CVE-2000-0481
Description:
Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name.
Status:EntryReference: BID:1380
Reference: URL:http://www.securityfocus.com/bid/1380
Reference: VULN-DEV:20000601 Kmail heap overflow
Reference: URL:http://securityfocus.com/templates/archive.pike?list=82&date=2000-06-22&msg=00060200422401.01667@lez
Reference: XF:kde-kmail-attachment-dos(4993)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4993
Name: CVE-2000-0482
Description:
Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large number of malformed fragmented IP packets.
Status:EntryReference: BID:1312
Reference: URL:http://www.securityfocus.com/bid/1312
Reference: BUGTRAQ:20000605 FW-1 IP Fragmentation Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0473.html
Reference: CONFIRM:http://www.checkpoint.com/techsupport/alerts/list_vun.html#IP_Fragmentation
Reference: OSVDB:1379
Reference: URL:http://www.osvdb.org/1379
Reference: XF:fw1-packet-fragment-dos(4609)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4609
Name: CVE-2000-0483
Description:
The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization.
Status:EntryReference: BID:1354
Reference: URL:http://www.securityfocus.com/bid/1354
Reference: BUGTRAQ:20000615 [Brian@digicool.com: [Zope] Zope security alert and 2.1.7 update [*important*]]
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0144.html
Reference: BUGTRAQ:20000728 MDKSA-2000:026 Zope update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0412.html
Reference: BUGTRAQ:2000615 Conectiva Linux Security Announcement - ZOPE
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000616103807.A3768@conectiva.com.br
Reference: CONFIRM:http://www.zope.org/Products/Zope/Hotfix_06_16_2000/security_alert
Reference: FREEBSD:FreeBSD-SA-00:38
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00%3A38.zope.asc
Reference: REDHAT:RHSA-2000:038
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-038.html
Reference: XF:zope-dtml-remote-modify(4716)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4716
Name: CVE-2000-0484
Description:
Small HTTP Server ver 3.06 contains a memory corruption bug causing a memory overflow. The overflowed buffer crashes into a Structured Exception Handler resulting in a Denial of Service.
Status:EntryReference: BID:1355
Reference: URL:http://www.securityfocus.com/bid/1355
Reference: BUGTRAQ:20000616 Remote DoS Attack in Small HTTP Server ver. 1.212 Vulnerability
Reference: URL:http://marc.info/?l=bugtraq&m=96113651713414&w=2
Reference: MISC:https://gist.github.com/0xHop/66609ec1e243b913361e1acfa5253806
Reference: NTBUGTRAQ:20000616 Remote DoS Attack in Small HTTP Server ver. 1.212 Vulnerability
Reference: URL:http://marc.info/?l=ntbugtraq&m=96151775004229&w=2
Reference: XF:small-http-get-overflow-dos(4692)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4692
Name: CVE-2000-0485
Description:
Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability.
Status:EntryReference: BID:1292
Reference: URL:http://www.securityfocus.com/bid/1292
Reference: BUGTRAQ:20000530 Fw: Steal Passwords Using SQL Server EM
Reference: URL:http://www.securityfocus.com/archive/1/62771
Reference: MS:MS00-041
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-041
Reference: XF:mssql-dts-reveal-passwords(4582)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4582
Name: CVE-2000-0486
Description:
Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field.
Status:EntryReference: BID:1293
Reference: URL:http://www.securityfocus.com/bid/1293
Reference: BUGTRAQ:20000530 An Analysis of the TACACS+ Protocol and its Implementations
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0369.html
Reference: CONFIRM:http://archives.neohapsis.com/archives/bugtraq/2000-05/0370.html
Reference: XF:tacacsplus-packet-length-dos(4985)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4985
Name: CVE-2000-0488
Description:
Buffer overflow in ITHouse mail server 1.04 allows remote attackers to execute arbitrary commands via a long RCPT TO mail command.
Status:EntryReference: BID:1285
Reference: URL:http://www.securityfocus.com/bid/1285
Reference: BUGTRAQ:20000601 DST2K0007: Buffer Overrun in ITHouse Mail Server v1.04
Reference: URL:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q2/0148.html
Reference: XF:ithouse-rcpt-overflow(4580)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4580
Name: CVE-2000-0489
Description:
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.
Status:EntryReference: BID:622
Reference: URL:http://www.securityfocus.com/bid/622
Reference: BUGTRAQ:19990826 Local DoS in FreeBSD
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9908270039010.16315-100000@thetis.deor.org
Reference: BUGTRAQ:20000601 Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability - Mac OS X affected
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=NCBBKFKDOLAGKIAPMILPCEJLCEAA.labs@ussrback.com
Reference: XF:bsd-setsockopt-dos(3298)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3298
Name: CVE-2000-0490
Description:
Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a long ETRN request.
Status:EntryReference: BID:1297
Reference: URL:http://www.securityfocus.com/bid/1297
Reference: BUGTRAQ:20000601 Netwin's Dmail package
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0407.html
Reference: CONFIRM:http://netwinsite.com/dmail/security.htm
Reference: XF:dmail-etrn-dos(4579)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4579
Name: CVE-2000-0493
Description:
Buffer overflow in Simple Network Time Sync (SMTS) daemon allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long string.
Status:EntryReference: BID:1289
Reference: URL:http://www.securityfocus.com/bid/1289
Reference: VULN-DEV:20000601 Vulnerability in SNTS
Reference: URL:http://archives.neohapsis.com/archives/vuln-dev/2000-q2/0843.html
Reference: XF:timesync-bo-execute(4602)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4602
Name: CVE-2000-0494
Description:
Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script.
Status:EntryReference: BID:1356
Reference: URL:http://www.securityfocus.com/bid/1356
Reference: BUGTRAQ:20000616 Veritas Volume Manager 3.0.x hole
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0151.html
Reference: CONFIRM:http://seer.support.veritas.com/tnotes/volumeman/230053.htm
Reference: XF:veritas-volume-manager
Name: CVE-2000-0495
Description:
Microsoft Windows Media Encoder allows remote attackers to cause a denial of service via a malformed request, aka the "Malformed Windows Media Encoder Request" vulnerability.
Status:EntryReference: BID:1282
Reference: URL:http://www.securityfocus.com/bid/1282
Reference: MS:MS00-038
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-038
Reference: XF:ms-malformed-media-dos(4585)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4585
Name: CVE-2000-0497
Description:
IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
Status:EntryReference: BID:1328
Reference: URL:http://www.securityfocus.com/bid/1328
Reference: CONFIRM:http://www-4.ibm.com/software/webservers/appserv/efix.html
Reference: NTBUGTRAQ:20000612 IBM WebSphere JSP showcode vulnerability
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0263.html
Reference: XF:websphere-jsp-source-read
Name: CVE-2000-0498
Description:
Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
Status:EntryReference: BID:1328
Reference: URL:http://www.securityfocus.com/bid/1328
Reference: NTBUGTRAQ:20000608 Potential vulnerability in Unify eWave ServletExec
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0250.html
Reference: XF:ewave-servletexec-jsp-source-read(4649)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4649
Name: CVE-2000-0499
Description:
The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
Status:EntryReference: BID:1328
Reference: URL:http://www.securityfocus.com/bid/1328
Reference: CONFIRM:http://developer.bea.com/alerts/security_000612.html
Reference: NTBUGTRAQ:20000612 BEA WebLogic JSP showcode vulnerability
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0262.htm
Reference: XF:weblogic-jsp-source-read(4694)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4694
Name: CVE-2000-0500
Description:
The default configuration of BEA WebLogic 5.1.0 allows a remote attacker to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing.
Status:EntryReference: BID:1378
Reference: URL:http://www.securityfocus.com/bid/1378
Reference: BUGTRAQ:20000621 BEA WebLogic /file/ showcode vulnerability
Reference: URL:http://marc.info/?l=bugtraq&m=96161462915381&w=2
Reference: CONFIRM:http://www.weblogic.com/docs51/admindocs/http.html#file
Reference: XF:weblogic-file-source-read(4775)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4775
Name: CVE-2000-0501
Description:
Race condition in MDaemon 2.8.5.0 POP server allows local users to cause a denial of service by entering a UIDL command and quickly exiting the server.
Status:EntryReference: BID:1366
Reference: URL:http://www.securityfocus.com/bid/1366
Reference: NTBUGTRAQ:20000616 mdaemon 2.8.5.0 WinNT and Win9x remote DoS
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0277.html
Reference: XF:mdaemon-pass-dos(4745)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4745
Name: CVE-2000-0502
Description:
Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion.
Status:EntryReference: BID:1326
Reference: URL:http://www.securityfocus.com/bid/1326
Reference: BUGTRAQ:20000607 Mcafee Alerting DOS vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0038.html
Reference: OSVDB:6287
Reference: URL:http://www.osvdb.org/6287
Reference: XF:mcafee-alerting-dos(4641)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4641
Name: CVE-2000-0504
Description:
libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro.
Status:EntryReference: BID:1369
Reference: URL:http://www.securityfocus.com/bid/1369
Reference: BUGTRAQ:20000619 XFree86: libICE DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0170.html
Reference: CONFIRM:http://www.xfree86.org/security/
Reference: XF:linux-libice-dos
Name: CVE-2000-0505
Description:
The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters.
Status:EntryReference: BID:1284
Reference: URL:http://www.securityfocus.com/bid/1284
Reference: BUGTRAQ:20000603 Re: IBM HTTP SERVER / APACHE
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.BSF.4.20.0006031912360.45740-100000@alive.znep.com
Reference: MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
Reference: URL:https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
Reference: MLIST:[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
Reference: URL:https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
Reference: MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
Reference: URL:https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
Reference: MLIST:[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
Reference: URL:https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E
Reference: MLIST:[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
Reference: URL:https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E
Reference: MLIST:[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
Reference: URL:https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
Reference: XF:ibm-http-file-retrieve(4575)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4575
Name: CVE-2000-0506
Description:
The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability."
Status:EntryReference: BID:1322
Reference: URL:http://www.securityfocus.com/bid/1322
Reference: BUGTRAQ:20000608 CONECTIVA LINUX SECURITY ANNOUNCEMENT - kernel
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0063.html
Reference: BUGTRAQ:20000609 Sendmail & procmail local root exploits on Linux kernel up to 2.2.16pre5
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0006090852340.3475-300000@alfa.elzabsoft.pl
Reference: BUGTRAQ:20000609 Trustix Security Advisory
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0062.html
Reference: REDHAT:RHSA-2000:037
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-037.html
Reference: SGI:20000802-01-P
Reference: URL:ftp://sgigate.sgi.com/security/20000802-01-P
Reference: TURBO:TLSA2000013-1
Reference: XF:linux-kernel-capabilities
Name: CVE-2000-0507
Description:
Imate Webmail Server 2.5 allows remote attackers to cause a denial of service via a long HELO command.
Status:EntryReference: BID:1286
Reference: URL:http://www.securityfocus.com/bid/1286
Reference: BUGTRAQ:20000601 DST2K0006: Denial of Service Possibility in Imate WebMail Server
Reference: URL:http://marc.info/?l=bugtraq&m=95990195708509&w=2
Reference: XF:nt-webmail-dos(4586)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4586
Name: CVE-2000-0508
Description:
rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
Status:EntryReference: BID:1372
Reference: URL:http://www.securityfocus.com/bid/1372
Reference: BUGTRAQ:20000608 Remote DOS in linux rpc.lockd
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0073.html
Reference: XF:linux-lockd-remote-dos(5050)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5050
Name: CVE-2000-0510
Description:
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a malformed IPP request.
Status:EntryReference: BID:1373
Reference: URL:http://www.securityfocus.com/bid/1373
Reference: BUGTRAQ:20000620 CUPS DoS Bugs
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0188.html
Reference: CONFIRM:ftp://ftp.easysw.com/pub/cups/1.0.5/cups-DoS.patch
Reference: XF:debian-cups-malformed-ipp(4846)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4846
Name: CVE-2000-0511
Description:
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a CGI POST request.
Status:EntryReference: BID:1373
Reference: URL:http://www.securityfocus.com/bid/1373
Reference: BUGTRAQ:20000620 CUPS DoS Bugs
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0188.html
Reference: CONFIRM:ftp://ftp.easysw.com/pub/cups/1.0.5/cups-DoS.patch
Reference: XF:debian-cups-posts(4846)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4846
Name: CVE-2000-0512
Description:
CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which allows a remote attacker to cause a denial of service.
Status:EntryReference: BID:1373
Reference: URL:http://www.securityfocus.com/bid/1373
Reference: BUGTRAQ:20000620 CUPS DoS Bugs
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0188.html
Reference: CONFIRM:ftp://ftp.easysw.com/pub/cups/1.0.5/cups-DoS.patch
Reference: XF:debian-cups-posts(4846)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4846
Name: CVE-2000-0513
Description:
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password.
Status:EntryReference: BID:1373
Reference: URL:http://www.securityfocus.com/bid/1373
Reference: BUGTRAQ:20000620 CUPS DoS Bugs
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0188.html
Reference: CONFIRM:ftp://ftp.easysw.com/pub/cups/1.0.5/cups-DoS.patch
Reference: XF:debian-cups-posts(4846)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4846
Name: CVE-2000-0514
Description:
GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges.
Status:EntryReference: BID:1374
Reference: URL:http://www.securityfocus.com/bid/1374
Reference: BUGTRAQ:20000614 Security Advisory: REMOTE ROOT VULNERABILITY IN GSSFTP DAEMON
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=ldvsnufao18.fsf@saint-elmos-fire.mit.edu
Reference: CONFIRM:http://web.mit.edu/kerberos/www/advisories/ftp.txt
Reference: OSVDB:4885
Reference: URL:http://www.osvdb.org/4885
Reference: XF:kerberos-gssftpd-dos(4734)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4734
Name: CVE-2000-0515
Description:
The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges.
Status:EntryReference: BID:1327
Reference: URL:http://www.securityfocus.com/bid/1327
Reference: BUGTRAQ:20000607 [ Hackerslab bug_paper ] HP-UX SNMP daemon vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200006070511.OAA05492@dogfoot.hackerslab.org
Reference: BUGTRAQ:20000608 Re: HP-UX SNMP daemon vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200006090640.XAA00779@hpchs.cup.hp.com
Reference: XF:hpux-snmp-daemon(4643)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4643
Name: CVE-2000-0516
Description:
When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 stores the root DN (Distinguished Name) name and password in cleartext in a file that is world readable, which allows local users to compromise the LDAP server.
Status:EntryReference: BID:1329
Reference: URL:http://www.securityfocus.com/bid/1329
Reference: BUGTRAQ:20000606 Shiva Access Manager 5.0.0 Plaintext LDAP root password.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0008.html
Reference: XF:shiva-plaintext-ldap-password(4612)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4612
Name: CVE-2000-0517
Description:
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.
Status:EntryReference: BID:1260
Reference: URL:http://www.securityfocus.com/bid/1260
Reference: CERT:CA-2000-08
Reference: URL:http://www.cert.org/advisories/CA-2000-08.html
Reference: XF:netscape-ssl-certificate(4550)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4550
Name: CVE-2000-0518
Description:
Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities.
Status:EntryReference: BID:1309
Reference: URL:http://www.securityfocus.com/bid/1309
Reference: CERT:CA-2000-10
Reference: URL:http://www.cert.org/advisories/CA-2000-10.html
Reference: MISC:http://www.acrossecurity.com/aspr/ASPR-1999-12-15-1-PUB.txt
Reference: MS:MS00-039
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-039
Reference: XF:ie-invalid-frame-image-certificate(4624)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4624
Name: CVE-2000-0519
Description:
Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different "SSL Certificate Validation" vulnerabilities.
Status:EntryReference: BID:1309
Reference: URL:http://www.securityfocus.com/bid/1309
Reference: CERT:CA-2000-10
Reference: URL:http://www.cert.org/advisories/CA-2000-10.html
Reference: MISC:http://www.acrossecurity.com/aspr/ASPR-1999-12-15-1-PUB.txt
Reference: MS:MS00-039
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-039
Reference: XF:ie-revalidate-certificate(4627)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4627
Name: CVE-2000-0521
Description:
Savant web server allows remote attackers to read source code of CGI scripts via a GET request that does not include the HTTP version number.
Status:EntryReference: BID:1313
Reference: URL:http://www.securityfocus.com/bid/1313
Reference: BUGTRAQ:20000605 MDMA Advisory #5: Reading of CGI Scripts under Savant Webserver
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0469.html
Reference: XF:savant-source-read(4616)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4616
Name: CVE-2000-0522
Description:
RSA ACE/Server allows remote attackers to cause a denial of service by flooding the server's authentication request port with UDP packets, which causes the server to crash.
Status:EntryReference: BID:1332
Reference: URL:http://www.securityfocus.com/bid/1332
Reference: BUGTRAQ:20000608 Potential DoS Attack on RSA's ACE/Server
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=011a01bfd14c$3c206960$050010ac@xtranet.co.uk
Reference: BUGTRAQ:20000714 Re: RSA Aceserver UDP Flood Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0197.html
Reference: CONFIRM:ftp://ftp.securid.com/support/outgoing/dos/readme.txt
Reference: XF:aceserver-udp-packet-dos(5053)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5053
Name: CVE-2000-0523
Description:
Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command.
Status:EntryReference: BID:1315
Reference: URL:http://www.securityfocus.com/bid/1315
Reference: BUGTRAQ:20000606 MDMA Advisory #6: EServ Logging Heap Overflow Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0009.html
Reference: XF:eserv-logging-overflow(4614)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4614
Name: CVE-2000-0525
Description:
OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon.
Status:EntryReference: BID:1334
Reference: URL:http://www.securityfocus.com/bid/1334
Reference: BUGTRAQ:20000609 OpenSSH's UseLogin option allows remote access with root privilege.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0065.html
Reference: OPENBSD:20000606 The non-default UseLogin feature in /etc/sshd_config is broken and should not be used.
Reference: URL:http://www.openbsd.org/errata.html#uselogin
Reference: OSVDB:341
Reference: URL:http://www.osvdb.org/341
Reference: XF:openssh-uselogin-remote-exec(4646)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4646
Name: CVE-2000-0528
Description:
Net Tools PKI Server does not properly restrict access to remote attackers when the XUDA template files do not contain absolute pathnames for other files.
Status:EntryReference: BID:1364
Reference: URL:http://www.securityfocus.com/bid/1364
Reference: BUGTRAQ:20000619 Net Tools PKI server exploits
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0166.html
Reference: CONFIRM:ftp://ftp.tis.com/gauntlet/hide/pki/hotfix.txt
Reference: OSVDB:4353
Reference: URL:http://www.osvdb.org/4353
Reference: XF:nettools-pki-unauthenticated-access(4743)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4743
Name: CVE-2000-0529
Description:
Net Tools PKI Server allows remote attackers to cause a denial of service via a long HTTP request.
Status:EntryReference: BID:1363
Reference: URL:http://www.securityfocus.com/bid/1363
Reference: BUGTRAQ:20000619 Net Tools PKI server exploits
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0166.html
Reference: CONFIRM:ftp://ftp.tis.com/gauntlet/hide/pki/hotfix.txt
Reference: OSVDB:4352
Reference: URL:http://www.osvdb.org/4352
Reference: XF:nettools-pki-http-bo(4744)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4744
Name: CVE-2000-0530
Description:
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
Status:EntryReference: BID:1291
Reference: URL:http://www.securityfocus.com/bid/1291
Reference: BUGTRAQ:20000531 KDE::KApplication feature?
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html
Reference: CALDERA:CSSA-2000-015.0
Reference: URL:ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt
Reference: REDHAT:RHSA-2000:032
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-032.html
Reference: XF:kde-configuration-file-creation(4583)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4583
Name: CVE-2000-0532
Description:
A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port 722 as well as port 22, which might allow remote attackers to access SSH through port 722 even if port 22 is otherwise filtered.
Status:EntryReference: BID:1323
Reference: URL:http://www.securityfocus.com/bid/1323
Reference: FREEBSD:FreeBSD-SA-00:21
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-06/0031.html
Reference: OSVDB:1387
Reference: URL:http://www.osvdb.org/1387
Reference: XF:freebsd-ssh-ports(4638)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4638
Name: CVE-2000-0533
Description:
Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to overwrite arbitrary files.
Status:EntryReference: BID:1379
Reference: URL:http://www.securityfocus.com/bid/1379
Reference: SGI:20000601-01-P
Reference: URL:ftp://sgigate.sgi.com/security/20000601-01-P
Reference: XF:irix-workshop-cvconnect-overwrite(4725)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4725
Name: CVE-2000-0534
Description:
The apsfilter software in the FreeBSD ports package does not properly read user filter configurations, which allows local users to execute commands as the lpd user.
Status:EntryReference: BID:1325
Reference: URL:http://www.securityfocus.com/bid/1325
Reference: FREEBSD:FreeBSD-SA-00:22
Reference: OSVDB:1389
Reference: URL:http://www.osvdb.org/1389
Reference: XF:apsfilter-elevate-privileges(4617)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4617
Name: CVE-2000-0536
Description:
xinetd 2.1.8.x does not properly restrict connections if hostnames are used for access control and the connecting host does not have a reverse DNS entry.
Status:EntryReference: BID:1381
Reference: URL:http://www.securityfocus.com/bid/1381
Reference: CONFIRM:http://www.synack.net/xinetd/
Reference: DEBIAN:20000619 xinetd: bug in access control mechanism
Reference: URL:http://www.debian.org/security/2000/20000619
Reference: XF:xinetd-improper-restrictions(4986)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4986
Name: CVE-2000-0537
Description:
BRU backup software allows local users to append data to arbitrary files by specifying an alternate configuration file with the BRUEXECLOG environmental variable.
Status:EntryReference: BID:1321
Reference: URL:http://www.securityfocus.com/bid/1321
Reference: BUGTRAQ:20000606 BRU Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0013.html
Reference: CALDERA:CSSA-2000-018.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-018.0.txt
Reference: XF:bru-execlog-env-variable(4644)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4644
Name: CVE-2000-0538
Description:
ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password.
Status:EntryReference: ALLAIRE:ASB00-14
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=16122&Method=Full
Reference: BID:1314
Reference: URL:http://www.securityfocus.com/bid/1314
Reference: BUGTRAQ:20000607 New Allaire ColdFusion DoS
Reference: URL:http://marc.info/?l=bugtraq&m=96045469627806&w=2
Reference: OSVDB:3399
Reference: URL:http://www.osvdb.org/3399
Reference: XF:coldfusion-parse-dos(4611)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4611
Name: CVE-2000-0539
Description:
Servlet examples in Allaire JRun 2.3.x allow remote attackers to obtain sensitive information, e.g. listing HttpSession ID's via the SessionServlet servlet.
Status:EntryReference: ALLAIRE:ASB00-015
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=16290&Method=Full
Reference: BID:1386
Reference: URL:http://www.securityfocus.com/bid/1386
Reference: OSVDB:818
Reference: URL:http://www.osvdb.org/818
Reference: XF:jrun-read-sample-files(4774)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4774
Name: CVE-2000-0540
Description:
JSP sample files in Allaire JRun 2.3.x allow remote attackers to access arbitrary files (e.g. via viewsource.jsp) or obtain configuration information.
Status:EntryReference: ALLAIRE:ASB00-015
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=16290&Method=Full
Reference: BID:1386
Reference: URL:http://www.securityfocus.com/bid/1386
Reference: OSVDB:2713
Reference: URL:http://www.osvdb.org/2713
Reference: XF:jrun-read-sample-files(4774)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4774
Name: CVE-2000-0541
Description:
The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command.
Status:EntryReference: BID:1359
Reference: URL:http://www.securityfocus.com/bid/1359
Reference: BUGTRAQ:20000617 Infosec.20000617.panda.a
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0164.html
Reference: XF:panda-antivirus-remote-admin(4707)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4707
Name: CVE-2000-0542
Description:
Tigris remote access server before 11.5.4.22 does not properly record Radius accounting information when a user fails the initial login authentication but subsequently succeeds.
Status:EntryReference: BID:1345
Reference: URL:http://www.securityfocus.com/bid/1345
Reference: BUGTRAQ:20000612 ACC/Ericsson Tigris Accounting Failure
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0104.html
Reference: XF:tigris-radius-login-failure(4705)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4705
Name: CVE-2000-0548
Description:
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.
Status:EntryReference: BUGTRAQ:20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html
Reference: CERT:CA-2000-11
Reference: URL:http://www.cert.org/advisories/CA-2000-11.html
Reference: CIAC:K-051
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/k-051.shtml
Reference: CONFIRM:http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt
Reference: OSVDB:4875
Reference: URL:http://www.osvdb.org/4875
Reference: REDHAT:RHSA-2000:031
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-031.html
Reference: XF:kerberos-emsg-bo
Name: CVE-2000-0549
Description:
Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.
Status:EntryReference: BUGTRAQ:20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html
Reference: CERT:CA-2000-11
Reference: URL:http://www.cert.org/advisories/CA-2000-11.html
Reference: CIAC:K-051
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/k-051.shtml
Reference: CONFIRM:http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt
Reference: REDHAT:RHSA-2000:031
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-031.html
Name: CVE-2000-0550
Description:
Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service.
Status:EntryReference: BID:1465
Reference: URL:http://www.securityfocus.com/bid/1465
Reference: BUGTRAQ:20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html
Reference: CERT:CA-2000-11
Reference: URL:http://www.cert.org/advisories/CA-2000-11.html
Reference: CIAC:K-051
Reference: URL:http://ciac.llnl.gov/ciac/bulletins/k-051.shtml
Reference: CONFIRM:http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt
Reference: REDHAT:RHSA-2000:031
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-031.html
Reference: XF:kerberos-free-memory
Name: CVE-2000-0551
Description:
The file transfer mechanism in Danware NetOp 6.0 does not provide authentication, which allows remote attackers to access and modify arbitrary files.
Status:EntryReference: BID:1263
Reference: URL:http://www.securityfocus.com/bid/1263
Reference: BUGTRAQ:20000523 I think
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0339.html
Reference: XF:danware-netop-bypass-security(4569)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4569
Name: CVE-2000-0552
Description:
ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information.
Status:EntryReference: BID:1307
Reference: URL:http://www.securityfocus.com/bid/1307
Reference: NTBUGTRAQ:20000606 ICQ2000A ICQmail temparary internet link vulnearbility
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0237.html
Reference: XF:icq-temp-link(4607)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4607
Name: CVE-2000-0553
Description:
Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping "return-rst" and "keep state" rules, allows remote attackers to bypass access restrictions.
Status:EntryReference: BID:1308
Reference: URL:http://www.securityfocus.com/bid/1308
Reference: BUGTRAQ:20000525 Security Vulnerability in IPFilter 3.3.15 and 3.4.3
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0326.html
Reference: OSVDB:1377
Reference: URL:http://www.osvdb.org/1377
Reference: XF:ipfilter-firewall-race-condition(4994)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4994
Name: CVE-2000-0555
Description:
Ceilidh allows remote attackers to cause a denial of service via a large number of POST requests.
Status:EntryReference: BID:1320
Reference: URL:http://www.securityfocus.com/bid/1320
Reference: NTBUGTRAQ:20000608 DST2K0010: DoS & Path Revealing Vulnerability in Ceilidh v2.60a
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0246.html
Reference: XF:ceilidh-post-dos(4622)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4622
Name: CVE-2000-0556
Description:
Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to cause a denial of service by sending a large user name to the user dialog running on port 8002.
Status:EntryReference: BID:1319
Reference: URL:http://www.securityfocus.com/bid/1319
Reference: CONFIRM:http://www.computalynx.net/news/Jun2000/news0806200001.html
Reference: NTBUGTRAQ:20000608 DST2K0011: DoS & BufferOverrun in CMail v2.4.7 WebMail
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0248.html
Reference: XF:cmail-long-username-dos(4625)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4625
Name: CVE-2000-0557
Description:
Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to execute arbitrary commands via a long GET request.
Status:EntryReference: BID:1318
Reference: URL:http://www.securityfocus.com/bid/1318
Reference: NTBUGTRAQ:20000608 DST2K0011: DoS & BufferOverrun in CMail v2.4.7 WebMail
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0248.html
Reference: XF:cmail-get-overflow-execute(4626)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4626
Name: CVE-2000-0558
Description:
Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm service (OVALARMSRV) on port 2345.
Status:EntryReference: BID:1317
Reference: URL:http://www.securityfocus.com/bid/1317
Reference: NTBUGTRAQ:20000608 DST2K0012: BufferOverrun in HP Openview Network Node Manager v6.1
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0249.html
Name: CVE-2000-0561
Description:
Buffer overflow in WebBBS 1.15 allows remote attackers to execute arbitrary commands via a long HTTP GET request.
Status:EntryReference: BID:1365
Reference: URL:http://www.securityfocus.com/bid/1365
Reference: BUGTRAQ:20000620 DST2K0018: Multiple BufferOverruns in WebBBS HTTP Server v1.15
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0175.html
Reference: OSVDB:3544
Reference: URL:http://www.osvdb.org/3544
Reference: XF:webbbs-get-request-overflow(4742)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4742
Name: CVE-2000-0565
Description:
SmartFTP Daemon 0.2 allows a local user to access arbitrary files by uploading and specifying an alternate user configuration file via a .. (dot dot) attack.
Status:EntryReference: BID:1344
Reference: URL:http://www.securityfocus.com/bid/1344
Reference: BUGTRAQ:20000613 SmartFTP Daemon v0.2 Beta Build 9 - Remote Exploit
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0100.html
Reference: OSVDB:1394
Reference: URL:http://www.osvdb.org/1394
Reference: XF:smartftp-directory-traversal(4706)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4706
Name: CVE-2000-0566
Description:
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
Status:EntryReference: BID:1434
Reference: URL:http://www.securityfocus.com/bid/1434
Reference: BUGTRAQ:20000707 [Security Announce] man update
Reference: BUGTRAQ:20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - MAN
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0390.html
Reference: CALDERA:CSSA-2000-021.0
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-021.0.txt
Reference: ISS:20000712 Insecure temporary file handling in Linux makewhatis
Reference: MANDRAKE:MDKSA-2000:015
Reference: URL:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:015
Reference: REDHAT:RHSA-2000:041
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-041.html
Reference: XF:linux-man-makewhatis-tmp(4900)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4900
Name: CVE-2000-0567
Description:
Buffer overflow in Microsoft Outlook and Outlook Express allows remote attackers to execute arbitrary commands via a long Date field in an email header, aka the "Malformed E-mail Header" vulnerability.
Status:EntryReference: BID:1481
Reference: URL:http://www.securityfocus.com/bid/1481
Reference: BUGTRAQ:20000719 Aaron Drew - Security Advisory: Buffer Overflow in MS Outlook & Outlook Express Email Clients
Reference: BUGTRAQ:20000719 Buffer Overflow in MS Outlook Email Clients
Reference: MS:MS00-043
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-043
Reference: XF:outlook-date-overflow(4953)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4953
Name: CVE-2000-0568
Description:
Sybergen Secure Desktop 2.1 does not properly protect against false router advertisements (ICMP type 9), which allows remote attackers to modify default routes.
Status:EntryReference: BID:1417
Reference: URL:http://www.securityfocus.com/bid/1417
Reference: BUGTRAQ:20000630 Multiple vulnerabilities in Sybergen Secure Desktop
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=4125690E.00524395.00@guardianit.se
Reference: XF:sybergen-routing-table-modify
Name: CVE-2000-0569
Description:
Sybergen Sygate allows remote attackers to cause a denial of service by sending a malformed DNS UDP packet to its internal interface.
Status:EntryReference: BID:1420
Reference: URL:http://www.securityfocus.com/bid/1420
Reference: WIN2KSEC:20000630 Any LAN user can crash Sygate
Reference: URL:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q2/0189.html
Reference: XF:sygate-udp-packet-dos(5049)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5049
Name: CVE-2000-0570
Description:
FirstClass Internet Services server 5.770, and other versions before 6.1, allows remote attackers to cause a denial of service by sending an email with a long To: mail header.
Status:EntryReference: BID:1421
Reference: URL:http://www.securityfocus.com/bid/1421
Reference: BUGTRAQ:20000627 DoS in FirstClass Internet Services 5.770
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0295.html
Reference: OSVDB:5718
Reference: URL:http://www.osvdb.org/5718
Reference: XF:firstclass-large-bcc-dos(4843)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4843
Name: CVE-2000-0571
Description:
LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial of service via a long GET request.
Status:EntryReference: BID:1423
Reference: URL:http://www.securityfocus.com/bid/1423
Reference: BUGTRAQ:20000703 Remote DoS Attack in LocalWEB HTTP Server 1.2.0 Vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-07-8&msg=NCBBKFKDOLAGKIAPMILPCEIHCFAA.labs@ussrback.com
Reference: XF:localweb-get-bo(4896)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4896
Name: CVE-2000-0573
Description:
The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.
Status:EntryReference: AUSCERT:AA-2000.02
Reference: URL:ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-2000.02
Reference: BID:1387
Reference: URL:http://www.securityfocus.com/bid/1387
Reference: BUGTRAQ:20000622 WuFTPD: Providing *remote* root since at least1994
Reference: URL:http://marc.info/?l=bugtraq&m=96171893218000&w=2
Reference: BUGTRAQ:20000623 WUFTPD 2.6.0 remote root exploit
Reference: URL:http://marc.info/?l=bugtraq&m=96179429114160&w=2
Reference: BUGTRAQ:20000623 ftpd: the advisory version
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000623091822.3321.qmail@fiver.freemessage.com
Reference: BUGTRAQ:20000702 [Security Announce] wu-ftpd update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0017.html
Reference: BUGTRAQ:20000707 New Released Version of the WuFTPD Sploit
Reference: URL:http://marc.info/?l=bugtraq&m=96299933720862&w=2
Reference: BUGTRAQ:20000723 CONECTIVA LINUX SECURITY ANNOUNCEMENT - WU-FTPD (re-release)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0244.html
Reference: BUGTRAQ:20000929 [slackware-security] wuftpd vulnerability - Slackware 4.0, 7.0, 7.1, -current
Reference: CALDERA:CSSA-2000-020.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-020.0.txt
Reference: CERT:CA-2000-13
Reference: URL:http://www.cert.org/advisories/CA-2000-13.html
Reference: DEBIAN:20000623
Reference: FREEBSD:FreeBSD-SA-00:29
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:29.wu-ftpd.asc.v1.1
Reference: NETBSD:NetBSD-SA2000-009
Reference: URL:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2000-009.txt.asc
Reference: REDHAT:RHSA-2000:039
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-039.html
Reference: XF:wuftp-format-string-stack-overwrite
Reference: XF:wuftp-format-string-stack-overwrite(4773)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4773
Name: CVE-2000-0575
Description:
SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS.
Status:EntryReference: BID:1426
Reference: URL:http://www.securityfocus.com/bid/1426
Reference: BUGTRAQ:20000630 Kerberos security vulnerability in SSH-1.2.27
Reference: URL:http://marc.info/?l=bugtraq&m=96256265914116&w=2
Reference: XF:ssh-kerberos-tickets-disclosure(4903)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4903
Name: CVE-2000-0576
Description:
Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows remote attackers to cause a denial of service via a malformed URL.
Status:EntryReference: BID:1427
Reference: URL:http://www.securityfocus.com/bid/1427
Reference: BUGTRAQ:20000704 Oracle Web Listener for AIX DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0027.html
Name: CVE-2000-0577
Description:
Netscape Professional Services FTP Server 1.3.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1411
Reference: URL:http://www.securityfocus.com/bid/1411
Reference: BUGTRAQ:20000621 Netscape FTP Server - "Professional" as hell :>
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0006211351280.23780-100000@nimue.tpi.pl
Reference: BUGTRAQ:20000629 (forw) Re: Netscape ftp Server (fwd)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0345.html
Reference: XF:netscape-ftpserver-chroot
Name: CVE-2000-0579
Description:
IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited.
Status:EntryReference: BID:1413
Reference: URL:http://www.securityfocus.com/bid/1413
Reference: BUGTRAQ:20000621 Predictability Problems in IRIX Cron and Compilers
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0204.html
Reference: XF:irix-cron-modify-crontab
Name: CVE-2000-0581
Description:
Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros, which causes the server to crash.
Status:EntryReference: BID:1414
Reference: URL:http://www.securityfocus.com/bid/1414
Reference: BUGTRAQ:20000630 SecureXpert Advisory [SX-20000620-1]
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000630161841.4619A-100000@fjord.fscinternet.com
Reference: XF:win2k-telnetserver-dos
Name: CVE-2000-0582
Description:
Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy.
Status:EntryReference: BID:1416
Reference: URL:http://www.securityfocus.com/bid/1416
Reference: BUGTRAQ:20000630 SecureXpert Advisory [SX-20000620-3]
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000630162106.4619C-100000@fjord.fscinternet.com
Reference: CONFIRM:http://www.checkpoint.com/techsupport/alerts/list_vun.html#SMTP_Security
Reference: OSVDB:1438
Reference: URL:http://www.osvdb.org/1438
Reference: XF:fw1-resource-overload-dos
Name: CVE-2000-0583
Description:
vchkpw program in vpopmail before version 4.8 does not properly cleanse an untrusted format string used in a call to syslog, which allows remote attackers to cause a denial of service via a USER or PASS command that contains arbitrary formatting directives.
Status:EntryReference: BID:1418
Reference: URL:http://www.securityfocus.com/bid/1418
Reference: BUGTRAQ:20000626 vpopmail-3.4.11 problems
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=395BD2A8.5D3396A7@secureaustin.com
Reference: CONFIRM:http://www.vpopmail.cx/vpopmail-ChangeLog
Reference: XF:vpopmail-format-string
Name: CVE-2000-0584
Description:
Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name.
Status:EntryReference: BID:1445
Reference: URL:http://www.securityfocus.com/bid/1445
Reference: DEBIAN:20000702
Reference: FREEBSD:FreeBSD-SA-00:31
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:31.canna.asc.v1.1
Reference: MISC:http://shadowpenguin.backsection.net/advisories/advisory038.html
Reference: XF:canna-bin-execute-bo(4912)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4912
Name: CVE-2000-0585
Description:
ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters.
Status:EntryReference: BID:1388
Reference: URL:http://www.securityfocus.com/bid/1388
Reference: BUGTRAQ:20000624 Possible root exploit in ISC DHCP client.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0247.html
Reference: BUGTRAQ:20000702 [Security Announce] dhcp update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0014.html
Reference: DEBIAN:20000628 dhcp client: remote root exploit in dhcp client
Reference: URL:http://www.debian.org/security/2000/20000628
Reference: FREEBSD:FreeBSD-SA-00:34
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:34.dhclient.asc
Reference: NETBSD:NetBSD-SA2000-008
Reference: URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-008.txt.asc
Reference: OPENBSD:20000624 A serious bug in dhclient(8) could allow strings from a malicious dhcp server to be executed in the shell as root.
Reference: SUSE:20000711 Security Hole in dhclient < 2.0
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_56.html
Reference: XF:openbsd-isc-dhcp(4772)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4772
Name: CVE-2000-0586
Description:
Buffer overflow in Dalnet IRC server 4.6.5 allows remote attackers to cause a denial of service or execute arbitrary commands via the SUMMON command.
Status:EntryReference: BID:1404
Reference: URL:http://www.securityfocus.com/bid/1404
Reference: VULN-DEV:20000628 dalnet 4.6.5 remote vulnerability
Reference: URL:http://archives.neohapsis.com/archives/vuln-dev/2000-q2/1092.html
Reference: XF:ircd-dalnet-summon-bo
Name: CVE-2000-0587
Description:
The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for directories by using the file name completion capability.
Status:EntryReference: BID:1401
Reference: URL:http://www.securityfocus.com/bid/1401
Reference: BUGTRAQ:20000626 Glftpd privpath bugs... +fix
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.10006261041360.31907-200000@twix.thrijswijk.nl
Reference: BUGTRAQ:20000627 Re: Glftpd privpath bugs... +fix
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0317.html
Reference: XF:glftpd-privpath-directive
Name: CVE-2000-0588
Description:
SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands.
Status:EntryReference: BID:1402
Reference: URL:http://www.securityfocus.com/bid/1402
Reference: BUGTRAQ:20000626 sawmill5.0.21 old path bug & weak hash algorithm
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0271.html
Reference: BUGTRAQ:20000706 Patch for Flowerfire Sawmill Vulnerabilities Available
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0080.html
Reference: XF:sawmill-file-access
Name: CVE-2000-0590
Description:
Poll It 2.0 CGI script allows remote attackers to read arbitrary files by specifying the file name in the data_dir parameter.
Status:EntryReference: BID:1431
Reference: URL:http://www.securityfocus.com/bid/1431
Reference: BUGTRAQ:20000706 Vulnerability in Poll_It cgi v2.0
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0076.html
Reference: XF:http-cgi-pollit-variable-overwrite(4878)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4878
Name: CVE-2000-0591
Description:
Novell BorderManager 3.0 and 3.5 allows remote attackers to bypass URL filtering by encoding characters in the requested URL.
Status:EntryReference: BID:1432
Reference: URL:http://www.securityfocus.com/bid/1432
Reference: BUGTRAQ:20000705 Novell BorderManager 3.0 EE - Encoded URL rule bypass
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0038.html
Reference: XF:bordermanager-bypass-url-restriction
Name: CVE-2000-0593
Description:
WinProxy 2.0 and 2.0.1 allows remote attackers to cause a denial of service by sending an HTTP GET request without listing an HTTP version number.
Status:EntryReference: BID:1400
Reference: URL:http://www.securityfocus.com/bid/1400
Reference: BUGTRAQ:20000627 [SPSadvisory #37]WinProxy 2.0.0/2.0.1 DoS and Exploitable Buffer Overflow
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200006271417.GFE84146.-BJXON@lac.co.jp
Reference: XF:winproxy-get-dos(4831)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4831
Name: CVE-2000-0594
Description:
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.
Status:EntryReference: BID:1436
Reference: URL:http://www.securityfocus.com/bid/1436
Reference: BUGTRAQ:20000704 BitchX exploit possibly waiting to happen, certain DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0026.html
Reference: BUGTRAQ:20000707 BitchX update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0105.html
Reference: BUGTRAQ:20000707 CONECTIVA LINUX SECURITY ANNOUNCEMENT - BitchX
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0098.html
Reference: CALDERA:CSSA-2000-022.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-022.0.txt
Reference: FREEBSD:FreeBSD-SA-00:32
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-07/0042.html
Reference: REDHAT:RHSA-2000:042
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-042.html
Reference: VULN-DEV:20000704 BitchX /ignore bug
Reference: URL:http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0018.html
Reference: XF:irc-bitchx-invite-dos(4897)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4897
Name: CVE-2000-0595
Description:
libedit searches for the .editrc file in the current directory instead of the user's home directory, which may allow local users to execute arbitrary commands by installing a modified .editrc in another directory.
Status:EntryReference: BID:1437
Reference: URL:http://www.securityfocus.com/bid/1437
Reference: FREEBSD:FreeBSD-SA-00:24
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-07/0035.html
Reference: OSVDB:1446
Reference: URL:http://www.osvdb.org/1446
Reference: XF:bsd-libedit-editrc
Name: CVE-2000-0596
Description:
Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the "IE Script" vulnerability.
Status:EntryReference: BID:1398
Reference: URL:http://www.securityfocus.com/bid/1398
Reference: BUGTRAQ:20000627 FW: IE 5 and Access 2000 vulnerability - executing programs
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=000d01bfe0fb$418f59b0$96217aa8@src.bu.edu
Reference: BUGTRAQ:20000627 IE 5 and Access 2000 vulnerability - executing programs
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589359.762392DB@nat.bg
Reference: CERT:CA-2000-16
Reference: URL:http://www.cert.org/advisories/CA-2000-16.html
Reference: MS:MS00-049
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049
Reference: XF:ie-access-vba-code-execute
Name: CVE-2000-0597
Description:
Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability.
Status:EntryReference: BID:1399
Reference: URL:http://www.securityfocus.com/bid/1399
Reference: BUGTRAQ:20000627 IE 5 and Excel 2000, PowerPoint 2000 vulnerability - executing programs
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=39589349.ED9DBCAB@nat.bg
Reference: MS:MS00-049
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-049
Reference: XF:ie-powerpoint-activex-object-execute
Name: CVE-2000-0598
Description:
Fortech Proxy+ allows remote attackers to bypass access restrictions for to the administration service by redirecting their connections through the telnet proxy.
Status:EntryReference: BID:1395
Reference: URL:http://www.securityfocus.com/bid/1395
Reference: BUGTRAQ:20000626 Proxy+ Telnet Gateway Problems
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0268.html
Reference: MISC:http://www.proxyplus.cz/faq/articles/EN/art01002.htm
Reference: XF:fortech-proxy-telnet-gateway
Name: CVE-2000-0599
Description:
Buffer overflow in iMesh 1.02 allows remote attackers to execute arbitrary commands via a long string to the iMesh port.
Status:EntryReference: BID:1407
Reference: URL:http://www.securityfocus.com/bid/1407
Reference: BUGTRAQ:20000629 iMesh 1.02 vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0335.html
Reference: MISC:http://www.imesh.com/download/download.html
Reference: XF:imesh-tcp-port-overflow
Name: CVE-2000-0600
Description:
Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL.
Status:EntryReference: BID:1393
Reference: URL:http://www.securityfocus.com/bid/1393
Reference: BUGTRAQ:20000626 Netscape Enterprise Server for NetWare Virtual Directory Vulnerab ility
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0264.html
Reference: XF:netscape-virtual-directory-bo(4780)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4780
Name: CVE-2000-0601
Description:
LeafChat 1.7 IRC client allows a remote IRC server to cause a denial of service by rapidly sending a large amount of error messages.
Status:EntryReference: BID:1396
Reference: URL:http://www.securityfocus.com/bid/1396
Reference: BUGTRAQ:20000625 LeafChat Denial of Service
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.BSF.4.10.10006252056110.74551-100000@unix.za.net
Reference: CONFIRM:http://www.leafdigital.com/Software/leafChat/history.html
Reference: XF:irc-leafchat-dos
Name: CVE-2000-0602
Description:
Secure Locate (slocate) in Red Hat Linux allows local users to gain privileges via a malformed configuration file that is specified in the LOCATE_PATH environmental variable.
Status:EntryReference: BID:1385
Reference: URL:http://www.securityfocus.com/bid/1385
Reference: BUGTRAQ:20000621 rh 6.2 - gid compromises, etc
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0006211209500.22969-100000@nimue.tpi.pl
Reference: XF:redhat-secure-locate-path
Name: CVE-2000-0603
Description:
Microsoft SQL Server 7.0 allows a local user to bypass permissions for stored procedures by referencing them via a temporary stored procedure, aka the "Stored Procedure Permissions" vulnerability.
Status:EntryReference: BID:1444
Reference: URL:http://www.securityfocus.com/bid/1444
Reference: MS:MS00-048
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-048
Reference: XF:mssql-procedure-perms(4921)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4921
Name: CVE-2000-0604
Description:
gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp.
Status:EntryReference: BID:1383
Reference: URL:http://www.securityfocus.com/bid/1383
Reference: BUGTRAQ:20000621 rh 6.2 - gid compromises, etc
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0006211209500.22969-100000@nimue.tpi.pl
Reference: XF:redhat-gkermit
Name: CVE-2000-0610
Description:
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return.
Status:EntryReference: BID:1390
Reference: URL:http://www.securityfocus.com/bid/1390
Reference: BUGTRAQ:20000623 NetWin dMailWeb Unrestricted Mail Relay
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0243.html
Reference: XF:netwin-dmailweb-newline(4770)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4770
Name: CVE-2000-0611
Description:
The default configuration of NetWin dMailWeb and cwMail trusts all POP servers, which allows attackers to bypass normal authentication and cause a denial of service.
Status:EntryReference: BID:1391
Reference: URL:http://www.securityfocus.com/bid/1391
Reference: BUGTRAQ:20000623 NetWin dMailWeb Unrestricted Mail Relay
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0243.html
Reference: XF:netwin-dmailweb-auth(4771)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4771
Name: CVE-2000-0613
Description:
Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections.
Status:EntryReference: BID:1454
Reference: URL:http://www.securityfocus.com/bid/1454
Reference: BUGTRAQ:20000320 PIX DMZ Denial of Service - TCP Resets
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=B3D6883199DBD311868100A0C9FC2CDC046B72@protea.citec.net
Reference: CISCO:20000711 Cisco Secure PIX Firewall TCP Reset Vulnerability
Reference: URL:http://www.cisco.com/warp/public/707/pixtcpreset-pub.shtml
Reference: OSVDB:1457
Reference: URL:http://www.osvdb.org/1457
Reference: XF:cisco-pix-firewall-tcp(4928)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4928
Name: CVE-2000-0615
Description:
LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files.
Status:EntryReference: BID:1447
Reference: URL:http://www.securityfocus.com/bid/1447
Reference: BUGTRAQ:20000709 LPRng lpd should not be SETUID root
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0117.html
Reference: XF:lpd-suid-root(7361)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7361
Name: CVE-2000-0616
Description:
Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain additional privileges via DBUTIL.PUB.SYS.
Status:EntryReference: BID:1405
Reference: URL:http://www.securityfocus.com/bid/1405
Reference: HP:HPSBMP0006-007
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0294.html
Reference: XF:hp-turboimage-dbutil
Name: CVE-2000-0619
Description:
Top Layer AppSwitch 2500 allows remote attackers to cause a denial of service via malformed ICMP packets.
Status:EntryReference: BID:1258
Reference: URL:http://www.securityfocus.com/bid/1258
Reference: VULN-DEV:20000520 TopLayer layer 7 switch Advisory
Reference: URL:http://archives.neohapsis.com/archives/vuln-dev/2000-q2/0680.html
Reference: VULN-DEV:20000614 Update on TopLayer Advisory
Reference: URL:http://archives.neohapsis.com/archives/vuln-dev/2000-q2/0921.html
Reference: XF:toplayer-icmp-dos(7364)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7364
Name: CVE-2000-0620
Description:
libX11 X library allows remote attackers to cause a denial of service via a resource mask of 0, which causes libX11 to go into an infinite loop.
Status:EntryReference: BID:1409
Reference: URL:http://www.securityfocus.com/bid/1409
Reference: BUGTRAQ:20000619 XFree86: Various nasty libX11 holes
Reference: URL:http://marc.info/?l=bugtraq&m=96146116627474&w=2
Reference: XF:libx11-infinite-loop-dos(4996)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4996
Name: CVE-2000-0621
Description:
Microsoft Outlook 98 and 2000, and Outlook Express 4.0x and 5.0x, allow remote attackers to read files on the client's system via a malformed HTML message that stores files outside of the cache, aka the "Cache Bypass" vulnerability.
Status:EntryReference: BID:1501
Reference: URL:http://www.securityfocus.com/bid/1501
Reference: CERT:CA-2000-14
Reference: URL:http://www.cert.org/advisories/CA-2000-14.html
Reference: MS:MS00-046
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-046
Reference: XF:outlook-cache-bypass(5013)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5013
Name: CVE-2000-0622
Description:
Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter.
Status:EntryReference: BID:1487
Reference: URL:http://www.securityfocus.com/bid/1487
Reference: CONFIRM:http://website.oreilly.com/support/software/wspro25_releasenotes.txt
Reference: NAI:20000719 O'Reilly WebSite Professional Overflow
Reference: URL:http://www.nai.com/research/covert/advisories/043.asp
Reference: XF:website-webfind-bo(4962)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4962
Name: CVE-2000-0624
Description:
Buffer overflow in Winamp 2.64 and earlier allows remote attackers to execute arbitrary commands via a long #EXTINF: extension in the M3U playlist.
Status:EntryReference: BID:1496
Reference: URL:http://www.securityfocus.com/bid/1496
Reference: BUGTRAQ:20000720 Winamp M3U playlist parser buffer overflow security vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0289.html
Reference: CONFIRM:http://www.winamp.com/getwinamp/newfeatures.jhtml
Reference: XF:winamp-playlist-parser-bo(4956)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4956
Name: CVE-2000-0627
Description:
BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as user_update_passwd.pl and user_update_admin.pl.
Status:EntryReference: BID:1486
Reference: URL:http://www.securityfocus.com/bid/1486
Reference: BUGTRAQ:20000718 Blackboard Courseinfo v4.0 User Authentication
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0254.html
Reference: BUGTRAQ:20000719 Security Fix for Blackboard CourseInfo 4.0
Reference: URL:http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D20000719151904.I17986@securityfocus.com
Reference: XF:blackboard-courseinfo-dbase-modification(4946)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4946
Name: CVE-2000-0628
Description:
The source.asp example script in the Apache ASP module Apache::ASP 1.93 and earlier allows remote attackers to modify files.
Status:EntryReference: BID:1457
Reference: URL:http://www.securityfocus.com/bid/1457
Reference: BUGTRAQ:20000710 ANNOUNCE Apache::ASP v1.95 - Security Hole Fixed
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0142.html
Reference: CONFIRM:http://www.nodeworks.com/asp/changes.html
Reference: XF:apache-source-asp-file-write(4931)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4931
Name: CVE-2000-0630
Description:
IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability.
Status:EntryReference: BID:1488
Reference: URL:http://www.securityfocus.com/bid/1488
Reference: MS:MS00-044
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-044
Reference: XF:iis-htr-obtain-code(5104)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5104
Name: CVE-2000-0631
Description:
An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to cause a denial of service by accessing the script without a particular argument, aka the "Absent Directory Browser Argument" vulnerability.
Status:EntryReference: BID:1476
Reference: URL:http://www.securityfocus.com/bid/1476
Reference: BUGTRAQ:20000718 ISBASE Security Advisory(SA2000-02)
Reference: URL:http://marc.info/?l=bugtraq&m=96390444022878&w=2
Reference: MS:MS00-044
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-044
Reference: XF:iis-absent-directory-dos(4951)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4951
Name: CVE-2000-0632
Description:
Buffer overflow in the web archive component of L-Soft Listserv 1.8d and earlier allows remote attackers to execute arbitrary commands via a long query string.
Status:EntryReference: BID:1490
Reference: URL:http://www.securityfocus.com/bid/1490
Reference: CONFIRM:http://www.lsoft.com/news/default.asp?item=Advisory1
Reference: NAI:20000717 [COVERT-2000-07] LISTSERV Web Archive Remote Overflow
Reference: URL:http://www.nai.com/nai_labs/asp_set/advisory/43_Advisory.asp
Reference: XF:lsoft-listserv-querystring-bo(4952)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4952
Name: CVE-2000-0633
Description:
Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.
Status:EntryReference: BID:1489
Reference: URL:http://www.securityfocus.com/bid/1489
Reference: BUGTRAQ:20000718 MDKSA-2000:020 usermode update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0251.html
Reference: BUGTRAQ:20000812 Conectiva Linux security announcement - usermode
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0117.html
Reference: REDHAT:RHSA-2000:053
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-053.html
Reference: XF:linux-usermode-dos(4944)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4944
Name: CVE-2000-0634
Description:
The web administration interface for CommuniGate Pro 3.2.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1493
Reference: URL:http://www.securityfocus.com/bid/1493
Reference: BUGTRAQ:20000717 S21SEC-003: Vulnerabilities in CommuniGate Pro v3.2.4
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0223.html
Reference: OSVDB:5774
Reference: URL:http://www.osvdb.org/5774
Reference: XF:communigate-pro-file-read(5105)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5105
Name: CVE-2000-0635
Description:
The view_page.html sample page in the MiniVend shopping cart program allows remote attackers to execute arbitrary commands via shell metacharacters.
Status:EntryReference: BID:1449
Reference: URL:http://www.securityfocus.com/bid/1449
Reference: BUGTRAQ:20000711 Akopia MiniVend Piped Command Execution Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0150.html
Reference: CONFIRM:http://www.zdnet.com/zdnn/stories/news/0,4586,2600258,00.html
Reference: XF:minivend-viewpage-sample(4880)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4880
Name: CVE-2000-0636
Description:
HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow remote attackers to cause a denial of service via a malformed FTP quote command.
Status:EntryReference: BID:1491
Reference: URL:http://www.securityfocus.com/bid/1491
Reference: BUGTRAQ:20000719 HP Jetdirect - Invalid FTP Command DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0265.html
Reference: XF:hp-jetdirect-quote-dos(4947)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4947
Name: CVE-2000-0637
Description:
Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability.
Status:EntryReference: BID:1451
Reference: URL:http://www.securityfocus.com/bid/1451
Reference: BUGTRAQ:20000711 Excel 2000 vulnerability - executing programs
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=396B3F8F.9244D290@nat.bg
Reference: MS:MS00-051
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-051
Reference: XF:excel-register-function(5016)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5016
Name: CVE-2000-0638
Description:
bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HOSTSVC parameter.
Status:EntryReference: BID:1455
Reference: URL:http://www.securityfocus.com/bid/1455
Reference: BUGTRAQ:20000711 BIG BROTHER EXPLOIT
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0146.html
Reference: BUGTRAQ:20000711 REMOTE EXPLOIT IN ALL CURRENT VERSIONS OF BIG BROTHER
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0147.html
Reference: CONFIRM:http://bb4.com/README.CHANGES
Reference: XF:http-cgi-bigbrother-bbhostsvc(4879)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4879
Name: CVE-2000-0639
Description:
The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server.
Status:EntryReference: BID:1494
Reference: URL:http://www.securityfocus.com/bid/1494
Reference: BUGTRAQ:20000711 Big Brother filename extension vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0171.html
Reference: OSVDB:1472
Reference: URL:http://www.osvdb.org/1472
Reference: XF:big-brother-filename-extension(5103)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5103
Name: CVE-2000-0640
Description:
Guild FTPd allows remote attackers to determine the existence of files outside the FTP root via a .. (dot dot) attack, which provides different error messages depending on whether the file exists or not.
Status:EntryReference: BID:1452
Reference: URL:http://www.securityfocus.com/bid/1452
Reference: BUGTRAQ:20000708 gnu-pop3d (FTGate problem), Savant Webserver, Guild FTPd
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0114.html
Reference: OSVDB:573
Reference: URL:http://www.osvdb.org/573
Reference: XF:guild-ftpd-disclosure(4922)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4922
Name: CVE-2000-0641
Description:
Savant web server allows remote attackers to execute arbitrary commands via a long GET request.
Status:EntryReference: BID:1453
Reference: URL:http://www.securityfocus.com/bid/1453
Reference: BUGTRAQ:20000708 gnu-pop3d (FTGate problem), Savant Webserver, Guild FTPd
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0114.html
Reference: XF:savant-get-bo(4901)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4901
Name: CVE-2000-0642
Description:
The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the document root, which allows remote attackers to view the logs by directly requesting the page.
Status:EntryReference: BID:1497
Reference: URL:http://www.securityfocus.com/bid/1497
Reference: BUGTRAQ:20000711 Lame DoS in WEBactive win65/NT server
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200007130827.BAA32671@Rage.Resentment.org
Reference: XF:webactive-active-log(5184)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5184
Name: CVE-2000-0643
Description:
Buffer overflow in WebActive HTTP Server 1.00 allows remote attackers to cause a denial of service via a long URL.
Status:EntryReference: BID:1470
Reference: URL:http://www.securityfocus.com/bid/1470
Reference: BUGTRAQ:20000711 Lame DoS in WEBactive win65/NT server
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200007130827.BAA32671@Rage.Resentment.org
Reference: XF:webactive-long-get-dos(4949)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4949
Name: CVE-2000-0644
Description:
WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing a STAT command while the LIST command is still executing.
Status:EntryReference: BID:1506
Reference: URL:http://www.securityfocus.com/bid/1506
Reference: BUGTRAQ:20000721 WFTPD/WFTPD Pro 2.41 RC11 vulnerabilities.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0295.html
Reference: OSVDB:1477
Reference: URL:http://www.osvdb.org/1477
Reference: XF:wftpd-stat-dos(5003)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5003
Name: CVE-2000-0650
Description:
The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Trojan Horse.
Status:EntryReference: BID:1458
Reference: URL:http://www.securityfocus.com/bid/1458
Reference: NTBUGTRAQ:20000711 Potential Vulnerability in McAfee Netshield and VirusScan 4.5
Reference: URL:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0007&L=ntbugtraq&F=&S=&P=2753
Reference: OSVDB:1458
Reference: URL:http://www.osvdb.org/1458
Reference: OSVDB:4200
Reference: URL:http://www.osvdb.org/4200
Reference: XF:nai-virusscan-netshield-autoupgrade(5177)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5177
Name: CVE-2000-0651
Description:
The ClientTrust program in Novell BorderManager does not properly verify the origin of authentication requests, which could allow remote attackers to impersonate another user by replaying the authentication requests and responses from port 3024 of the victim's machine.
Status:EntryReference: BID:1440
Reference: URL:http://www.securityfocus.com/bid/1440
Reference: BUGTRAQ:20000707 Novell Border Manger - Anyone can pose as an authenticated user
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=06256915.00591E18.00@uprrsmtp2.notes.up.com
Reference: XF:novell-bordermanager-verification(5186)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5186
Name: CVE-2000-0652
Description:
IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string.
Status:EntryReference: BID:1500
Reference: URL:http://www.securityfocus.com/bid/1500
Reference: BUGTRAQ:20000723 IBM WebSphere default servlet handler showcode vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0342.html
Reference: XF:websphere-showcode(5012)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5012
Name: CVE-2000-0654
Description:
Microsoft Enterprise Manager allows local users to obtain database passwords via the Data Transformation Service (DTS) package Registered Servers Dialog dialog, aka a variant of the "DTS Password" vulnerability.
Status:EntryReference: BID:1466
Reference: URL:http://www.securityfocus.com/bid/1466
Reference: MS:MS00-041
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-041
Reference: XF:mssql-dts-reveal-passwords(4582)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4582
Name: CVE-2000-0655
Description:
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.
Status:EntryReference: BID:1503
Reference: URL:http://www.securityfocus.com/bid/1503
Reference: BUGTRAQ:20000724 JPEG COM Marker Processing Vulnerability in Netscape Browsers
Reference: URL:http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com
Reference: BUGTRAQ:20000801 MDKSA-2000:027-1 netscape update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html
Reference: BUGTRAQ:20000810 Conectiva Linux Security Announcement - netscape
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html
Reference: FREEBSD:FreeBSD-SA-00:39
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc
Reference: NETBSD:NetBSD-SA2000-011
Reference: URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc
Reference: REDHAT:RHSA-2000:046
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-046.html
Reference: SUSE:20000823 Security Hole in Netscape, Versions 4.x, possibly others
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_60.html
Reference: TURBO:TLSA2000017-1
Reference: URL:http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html
Reference: XF:netscape-jpg-comment
Name: CVE-2000-0660
Description:
The WDaemon web server for WorldClient 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1462
Reference: URL:http://www.securityfocus.com/bid/1462
Reference: BUGTRAQ:20000712 Infosec.20000712.worldclient.2.1
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0173.html
Reference: CONFIRM:http://www.altn.com/Downloads/WorldClient/Release/RelNotes.txt
Reference: OSVDB:1459
Reference: URL:http://www.osvdb.org/1459
Reference: XF:worldclient-dir-traverse(4913)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4913
Name: CVE-2000-0661
Description:
WircSrv IRC Server 5.07s allows remote attackers to cause a denial of service via a long string to the server port.
Status:EntryReference: BID:1448
Reference: URL:http://www.securityfocus.com/bid/1448
Reference: BUGTRAQ:20000710 Remote DoS Attack in WircSrv Irc Server v5.07s Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0120.html
Reference: XF:wircsrv-character-flood-dos(4914)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4914
Name: CVE-2000-0662
Description:
Internet Explorer 5.x and Microsoft Outlook allows remote attackers to read arbitrary files by redirecting the contents of an IFRAME using the DHTML Edit Control (DHTMLED).
Status:EntryReference: BID:1474
Reference: URL:http://www.securityfocus.com/bid/1474
Reference: BUGTRAQ:20000714 IE 5.5 and 5.01 vulnerability - reading at least local and from any host text and parsed html files
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=396EF9D5.62EEC625@nat.bg
Reference: XF:ie-dhtmled-file-read(5107)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5107
Name: CVE-2000-0663
Description:
The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability.
Status:EntryReference: BID:1507
Reference: URL:http://www.securityfocus.com/bid/1507
Reference: MS:MS00-052
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-052
Reference: MSKB:Q269049
Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=269049
Reference: XF:explorer-relative-path-name(5040)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5040
Name: CVE-2000-0664
Description:
AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack that uses the %2E URL encoding for the dots.
Status:EntryReference: BID:1508
Reference: URL:http://www.securityfocus.com/bid/1508
Reference: BUGTRAQ:20000726 AnalogX "SimpleServer:WWW" dot dot bug
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0374.html
Reference: CONFIRM:http://www.analogx.com/contents/download/network/sswww.htm
Reference: OSVDB:388
Reference: URL:http://www.osvdb.org/388
Reference: XF:analogx-simpleserver-directory-path(4999)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4999
Name: CVE-2000-0665
Description:
GAMSoft TelSrv telnet server 1.5 and earlier allows remote attackers to cause a denial of service via a long username.
Status:EntryReference: BID:1478
Reference: URL:http://www.securityfocus.com/bid/1478
Reference: NTBUGTRAQ:20000717 DoS in Gamsoft TelSrv telnet server for MS Windows 95/98/NT/2k.
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0031.html
Reference: NTBUGTRAQ:20000729 TelSrv Reveals Usernames & Passwords After DoS Attack
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0056.html
Reference: OSVDB:373
Reference: URL:http://www.osvdb.org/373
Reference: XF:gamsoft-telsrv-dos(4945)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4945
Name: CVE-2000-0666
Description:
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
Status:EntryReference: BID:1480
Reference: URL:http://www.securityfocus.com/bid/1480
Reference: BUGTRAQ:20000716 Lots and lots of fun with rpc.statd
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html
Reference: BUGTRAQ:20000717 CONECTIVA LINUX SECURITY ANNOUNCEMENT - nfs-utils
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html
Reference: BUGTRAQ:20000718 Trustix Security Advisory - nfs-utils
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html
Reference: BUGTRAQ:20000718 [Security Announce] MDKSA-2000:021 nfs-utils update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html
Reference: CALDERA:CSSA-2000-025.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt
Reference: CERT:CA-2000-17
Reference: URL:http://www.cert.org/advisories/CA-2000-17.html
Reference: DEBIAN:20000719a
Reference: REDHAT:RHSA-2000:043
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-043.html
Reference: XF:linux-rpcstatd-format-overwrite(4939)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4939
Name: CVE-2000-0668
Description:
pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.
Status:EntryReference: BID:1513
Reference: URL:http://www.securityfocus.com/bid/1513
Reference: BUGTRAQ:20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - PAM
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0398.html
Reference: BUGTRAQ:20000801 MDKSA-2000:029 pam update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0455.html
Reference: REDHAT:RHSA-2000:044
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-044.html
Reference: XF:linux-pam-console(5001)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5001
Name: CVE-2000-0669
Description:
Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data.
Status:EntryReference: BID:1467
Reference: URL:http://www.securityfocus.com/bid/1467
Reference: BUGTRAQ:20000711 Remote Denial Of Service -- NetWare 5.0 with SP 5
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=000501bfeab5$9330c3d0$d801a8c0@dimuthu.baysidegrp.com.au
Reference: XF:netware-port40193-dos
Name: CVE-2000-0670
Description:
The cvsweb CGI script in CVSWeb 1.80 allows remote attackers with write access to a CVS repository to execute arbitrary commands via shell metacharacters.
Status:EntryReference: BID:1469
Reference: URL:http://www.securityfocus.com/bid/1469
Reference: BUGTRAQ:20000712 cvsweb: remote shell for cvs committers
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0178.html
Reference: BUGTRAQ:20000714 MDKSA-2000:019 cvsweb update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0196.html
Reference: DEBIAN:20000719b
Reference: FREEBSD:FreeBSD-SA-00:37
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:37.cvsweb.asc
Reference: TURBO:TLSA2000016-1
Reference: URL:http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000015.html
Reference: XF:cvsweb-shell-access(4925)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4925
Name: CVE-2000-0671
Description:
Roxen web server earlier than 2.0.69 allows allows remote attackers to bypass access restrictions, list directory contents, and read source code by inserting a null character (%00) to the URL.
Status:EntryReference: BID:1510
Reference: URL:http://www.securityfocus.com/bid/1510
Reference: BUGTRAQ:20000721 Roxen Web Server Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0307.html
Reference: BUGTRAQ:20000721 Roxen security alert: Problems with URLs containing null characters.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0321.html
Reference: XF:roxen-null-char-url(4965)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4965
Name: CVE-2000-0672
Description:
The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
Status:EntryReference: BID:1548
Reference: URL:http://www.securityfocus.com/bid/1548
Reference: BUGTRAQ:20000721 Jakarta-tomcat.../admin
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0309.html
Reference: XF:jakarta-tomcat-admin(5160)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5160
Name: CVE-2000-0673
Description:
The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability.
Status:EntryReference: BID:1514
Reference: URL:http://www.securityfocus.com/bid/1514
Reference: BID:1515
Reference: URL:http://www.securityfocus.com/bid/1515
Reference: MS:MS00-047
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-047
Reference: NAI:20000727 Windows NetBIOS Name Conflicts
Reference: URL:http://www.nai.com/research/covert/advisories/044.asp
Reference: XF:netbios-name-server-spoofing(5035)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5035
Name: CVE-2000-0674
Description:
ftp.pl CGI program for Virtual Visions FTP browser allows remote attackers to read directories outside of the document root via a .. (dot dot) attack.
Status:EntryReference: BID:1471
Reference: URL:http://www.securityfocus.com/bid/1471
Reference: BUGTRAQ:20000712 ftp.pl vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0177.html
Reference: XF:virtualvision-ftp-browser(5187)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5187
Name: CVE-2000-0675
Description:
Buffer overflow in Infopulse Gatekeeper 3.5 and earlier allows remote attackers to execute arbitrary commands via a long string.
Status:EntryReference: BID:1477
Reference: URL:http://www.securityfocus.com/bid/1477
Reference: BUGTRAQ:20000713 The MDMA Crew's GateKeeper Exploit
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=00af01bfece2$a52cbd80$367e1ec4@kungphusion
Reference: XF:gatekeeper-long-string-bo(4948)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4948
Name: CVE-2000-0676
Description:
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
Status:EntryReference: BID:1546
Reference: URL:http://www.securityfocus.com/bid/1546
Reference: BUGTRAQ:20000804 Dangerous Java/Netscape Security Hole
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html
Reference: BUGTRAQ:20000810 MDKSA-2000:033 Netscape Java vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html
Reference: BUGTRAQ:20000818 Conectiva Linux Security Announcement - netscape
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html
Reference: BUGTRAQ:20000821 MDKSA-2000:036 - netscape update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html
Reference: CALDERA:CSSA-2000-027.1
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt
Reference: CERT:CA-2000-15
Reference: URL:http://www.cert.org/advisories/CA-2000-15.html
Reference: FREEBSD:FreeBSD-SA-00:39
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc
Reference: REDHAT:RHSA-2000:054
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-054.html
Reference: SUSE:20000823 Security Hole in Netscape, Versions 4.x, possibly others
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_60.html
Reference: XF:java-brownorifice
Name: CVE-2000-0677
Description:
Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable.
Status:EntryReference: ISS:20000907 Buffer Overflow in IBM Net.Data db2www CGI program.
Reference: URL:http://xforce.iss.net/alerts/advise60.php
Reference: XF:ibm-netdata-db2www-bo(4976)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/4976
Name: CVE-2000-0678
Description:
PGP 5.5.x through 6.5.3 does not properly check if an Additional Decryption Key (ADK) is stored in the signed portion of a public certificate, which allows an attacker who can modify a victim's public certificate to decrypt any data that has been encrypted with the modified certificate.
Status:EntryReference: BID:1606
Reference: URL:http://www.securityfocus.com/bid/1606
Reference: CERT:CA-2000-18
Reference: URL:http://www.cert.org/advisories/CA-2000-18.html
Reference: OSVDB:4354
Reference: URL:http://www.osvdb.org/4354
Name: CVE-2000-0679
Description:
The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.
Status:EntryReference: BID:1523
Reference: URL:http://www.securityfocus.com/bid/1523
Reference: BUGTRAQ:20000728 cvs security problem
Reference: URL:http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3Dhvou2daoebb.fsf%40serein.m17n.org
Reference: XF:cvs-client-creates-file
Name: CVE-2000-0681
Description:
Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension.
Status:EntryReference: BID:1570
Reference: URL:http://www.securityfocus.com/bid/1570
Reference: BUGTRAQ:20000815 BEA Weblogic server proxy library vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0186.html
Reference: XF:weblogic-plugin-bo
Name: CVE-2000-0682
Description:
BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet.
Status:EntryReference: BID:1518
Reference: URL:http://www.securityfocus.com/bid/1518
Reference: BUGTRAQ:20000728 BEA's WebLogic force handlers show code vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0410.html
Reference: CONFIRM:http://developer.bea.com/alerts/security_000731.html
Reference: OSVDB:1481
Reference: URL:http://www.osvdb.org/1481
Reference: XF:weblogic-fileservlet-show-code
Name: CVE-2000-0683
Description:
BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet.
Status:EntryReference: BID:1517
Reference: URL:http://www.securityfocus.com/bid/1517
Reference: BUGTRAQ:20000728 BEA's WebLogic force handlers show code vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0410.html
Reference: CONFIRM:http://developer.bea.com/alerts/security_000728.html
Reference: OSVDB:1480
Reference: URL:http://www.osvdb.org/1480
Name: CVE-2000-0684
Description:
BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file.
Status:EntryReference: BID:1525
Reference: URL:http://www.securityfocus.com/bid/1525
Reference: BUGTRAQ:20000731 BEA's WebLogic *.jsp/*.jhtml remote command execution
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0434.html
Reference: CONFIRM:http://developer.bea.com/alerts/security_000731.html
Reference: XF:html-malicious-tags
Name: CVE-2000-0685
Description:
BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file.
Status:EntryReference: BID:1525
Reference: URL:http://www.securityfocus.com/bid/1525
Reference: BUGTRAQ:20000731 BEA's WebLogic *.jsp/*.jhtml remote command execution
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0434.html
Reference: CONFIRM:http://developer.bea.com/alerts/security_000731.html
Reference: XF:html-malicious-tags
Name: CVE-2000-0693
Description:
pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "cp" program, which allows local users to execute arbitrary commands by modifying their path to point to an alternate "cp" program.
Status:EntryReference: BID:1563
Reference: URL:http://www.securityfocus.com/bid/1563
Reference: BUGTRAQ:20000802 Local root compromise in PGX Config Sun Sparc Solaris
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0463.html
Reference: OSVDB:1501
Reference: URL:http://www.osvdb.org/1501
Name: CVE-2000-0694
Description:
pgxconfig in the Raptor GFX configuration tool allows local users to gain privileges via a symlink attack.
Status:EntryReference: BUGTRAQ:20000802 Local root compromise in PGX Config Sun Sparc Solaris
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0463.html
Reference: OSVDB:5740
Reference: URL:http://www.osvdb.org/5740
Name: CVE-2000-0698
Description:
Minicom 1.82.1 and earlier on some Linux systems allows local users to create arbitrary files owned by the uucp user via a symlink attack.
Status:EntryReference: BID:1599
Reference: URL:http://www.securityfocus.com/bid/1599
Reference: BUGTRAQ:20000819 RH 6.1 / 6.2 minicom vulnerability
Reference: URL:http://www.securityfocus.com/archive/1/77361
Reference: XF:minicom-capture-groupown(5151)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5151
Name: CVE-2000-0699
Description:
Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.
Status:EntryReference: BID:1560
Reference: URL:http://www.securityfocus.com/bid/1560
Reference: BUGTRAQ:20000806 HPUX FTPd vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0028.html
Name: CVE-2000-0700
Description:
Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets.
Status:EntryReference: BID:1541
Reference: URL:http://www.securityfocus.com/bid/1541
Reference: CISCO:20000803 Possible Access Control Bypass and Denial of Service in Gigabit Switch Routers Using Gigabit Ethernet or Fast Ethernet Cards
Reference: URL:http://www.cisco.com/warp/public/707/gsraclbypassdos-pub.shtml
Reference: OSVDB:793
Reference: URL:http://www.osvdb.org/793
Reference: OSVDB:798
Reference: URL:http://www.osvdb.org/798
Name: CVE-2000-0702
Description:
The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file.
Status:EntryReference: BID:1602
Reference: URL:http://www.securityfocus.com/bid/1602
Reference: BUGTRAQ:20000821 [HackersLab bugpaper] HP-UX net.init rc script
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0261.html
Reference: XF:hp-netinit-symlink(5131)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5131
Name: CVE-2000-0703
Description:
suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence.
Status:EntryReference: BID:1547
Reference: URL:http://www.securityfocus.com/bid/1547
Reference: BUGTRAQ:20000805 sperl 5.00503 (and newer ;) exploit
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0022.html
Reference: BUGTRAQ:20000808 MDKSA-2000:031 perl update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0086.html
Reference: BUGTRAQ:20000810 Conectiva Linux security announcemente - PERL
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0113.html
Reference: BUGTRAQ:20000814 Trustix Security Advisory - perl and mailx
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0153.html
Reference: CALDERA:CSSA-2000-026.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-026.0.txt
Reference: DEBIAN:20000810
Reference: REDHAT:RHSA-2000:048
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-048.html
Reference: SUSE:20000810 Security Hole in perl, all versions
Reference: URL:http://www.novell.com/linux/security/advisories/suse_security_announce_59.html
Reference: TURBO:TLSA2000018-1
Reference: URL:http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000017.html
Reference: XF:perl-shell-escape
Name: CVE-2000-0705
Description:
ntop running in web mode allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1550
Reference: URL:http://www.securityfocus.com/bid/1550
Reference: BUGTRAQ:20000802 [ Hackerslab bug_paper ] ntop web mode vulnerabliity
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0459.html
Reference: OSVDB:1496
Reference: URL:http://www.osvdb.org/1496
Reference: REDHAT:RHSA-2000:049
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-049.html
Reference: XF:ntop-remote-file-access
Name: CVE-2000-0706
Description:
Buffer overflows in ntop running in web mode allows remote attackers to execute arbitrary commands.
Status:EntryReference: BID:1576
Reference: URL:http://www.securityfocus.com/bid/1576
Reference: DEBIAN:20000830 ntop: Still remotely exploitable using buffer overflows
Reference: URL:http://www.debian.org/security/2000/20000830
Reference: FREEBSD:FreeBSD-SA-00:36
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:36.ntop.asc
Reference: OSVDB:1513
Reference: URL:http://www.osvdb.org/1513
Reference: XF:ntop-bo
Name: CVE-2000-0707
Description:
PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.
Status:EntryReference: BID:1557
Reference: URL:http://www.securityfocus.com/bid/1557
Reference: BUGTRAQ:20000804 PCCS MySQL DB Admin Tool v1.2.3- Advisory
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0015.html
Reference: CONFIRM:http://pccs-linux.com/public/view.php3?bn=agora_pccslinux&key=965951324
Reference: XF:pccs-mysql-admin-tool
Name: CVE-2000-0708
Description:
Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows remote attackers to cause a denial of service via a long series of null characters to the rexec port.
Status:EntryReference: BID:1605
Reference: URL:http://www.securityfocus.com/bid/1605
Reference: CONFIRM:http://www.pragmasys.com/TelnetServer/
Reference: NTBUGTRAQ:20000824 Remote DoS Attack in Pragma TelnetServer 2000 (Remote Execute Daemon) Vulnerability
Reference: URL:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0008&L=NTBUGTRAQ&P=R4247
Reference: XF:telnetserver-rpc-bo
Name: CVE-2000-0711
Description:
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.
Status:EntryReference: BID:1545
Reference: URL:http://www.securityfocus.com/bid/1545
Reference: BUGTRAQ:20000805 Dangerous Java/Netscape Security Hole
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000805020429.11774.qmail@securityfocus.com
Reference: BUGTRAQ:20000816 JDK 1.1.x Listening Socket Vulnerability (was Re: BrownOrifice can break firewalls!)
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=3999922128E.EE84TAKAGI@java-house.etl.go.jp
Reference: CERT:CA-2000-15
Reference: URL:http://www.cert.org/advisories/CA-2000-15.html
Name: CVE-2000-0712
Description:
Linux Intrusion Detection System (LIDS) 0.9.7 allows local users to gain root privileges when LIDS is disabled via the security=0 boot option.
Status:EntryReference: BID:1549
Reference: URL:http://www.securityfocus.com/bid/1549
Reference: BUGTRAQ:2000803 LIDS severe bug
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0486.html
Reference: CONFIRM:http://www.lids.org/changelog.html
Reference: MISC:http://www.egroups.com/message/lids/1038
Reference: OSVDB:1495
Reference: URL:http://www.osvdb.org/1495
Name: CVE-2000-0716
Description:
WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email.
Status:EntryReference: BID:1553
Reference: URL:http://www.securityfocus.com/bid/1553
Reference: NTBUGTRAQ:20000809 Session hijacking in Alt-N's MDaemon 2.8
Reference: URL:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0008&L=ntbugtraq&F=&S=&P=459
Reference: XF:mdaemon-session-id-hijack(5070)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5070
Name: CVE-2000-0717
Description:
GoodTech FTP server allows remote attackers to cause a denial of service via a large number of RNTO commands.
Status:EntryReference: BID:1619
Reference: URL:http://www.securityfocus.com/bid/1619
Reference: BUGTRAQ:20000830 [EXPL] GoodTech's FTP Server vulnerable to a DoS (RNTO)
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=02ff01c0124c$e9387660$0201a8c0@aviram
Reference: XF:ftp-goodtech-rnto-dos(5166)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5166
Name: CVE-2000-0718
Description:
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.
Status:EntryReference: BID:1567
Reference: URL:http://www.securityfocus.com/bid/1567
Reference: BUGTRAQ:20000812 MDKSA-2000:034 MandrakeUpdate update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0146.html
Name: CVE-2000-0720
Description:
news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program.
Status:EntryReference: BID:1621
Reference: URL:http://www.securityfocus.com/bid/1621
Reference: BUGTRAQ:20000829 News Publisher CGI Vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=003301c0123b$18f8c1a0$953b29d4@e8s9s4
Reference: XF:news-publisher-add-author(5169)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5169
Name: CVE-2000-0725
Description:
Zope before 2.2.1 does not properly restrict access to the getRoles method, which allows users who can edit DTML to add or modify roles by modifying the roles list that is included in a request.
Status:EntryReference: BID:1577
Reference: URL:http://www.securityfocus.com/bid/1577
Reference: BUGTRAQ:20000816 MDKSA-2000:035 Zope update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0198.html
Reference: BUGTRAQ:20000821 Conectiva Linux Security Announcement - Zope
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0259.html
Reference: CONFIRM:http://www.zope.org/Products/Zope/Hotfix_08_09_2000/security_alert
Reference: DEBIAN:20000821 zope: unauthorized escalation of privilege (update)
Reference: URL:http://www.debian.org/security/2000/20000821
Reference: REDHAT:RHSA-2000:052
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-052.html
Name: CVE-2000-0726
Description:
CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable.
Status:EntryReference: BID:1623
Reference: URL:http://www.securityfocus.com/bid/1623
Reference: BUGTRAQ:20000829 Stalker's CGImail Gives Read Access to All Server Files
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000829194618.H7744@thathost.com
Reference: XF:mailers-cgimail-spoof(5165)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5165
Name: CVE-2000-0727
Description:
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters.
Status:EntryReference: BID:1624
Reference: URL:http://www.securityfocus.com/bid/1624
Reference: BUGTRAQ:20000829 MDKSA-2000:041 - xpdf update
Reference: URL:http://marc.info/?l=bugtraq&m=96766355023239&w=2
Reference: BUGTRAQ:20000913 Conectiva Linux Security Announcement - xpdf
Reference: URL:http://marc.info/?l=bugtraq&m=96886599829687&w=2
Reference: CALDERA:CSSA-2000-031.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt
Reference: DEBIAN:20000910 xpdf: local exploit
Reference: URL:http://www.debian.org/security/2000/20000910a
Reference: REDHAT:RHSA-2000:060
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-060.html
Name: CVE-2000-0728
Description:
xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack.
Status:EntryReference: BID:1624
Reference: URL:http://www.securityfocus.com/bid/1624
Reference: BUGTRAQ:20000829 MDKSA-2000:041 - xpdf update
Reference: URL:http://marc.info/?l=bugtraq&m=96766355023239&w=2
Reference: BUGTRAQ:20000913 Conectiva Linux Security Announcement - xpdf
Reference: URL:http://marc.info/?l=bugtraq&m=96886599829687&w=2
Reference: CALDERA:CSSA-2000-031.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-031.0.txt
Reference: DEBIAN:20000910a
Reference: REDHAT:RHSA-2000:060
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-060.html
Name: CVE-2000-0729
Description:
FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header.
Status:EntryReference: BID:1625
Reference: URL:http://www.securityfocus.com/bid/1625
Reference: FREEBSD:FreeBSD-SA-00:41
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-08/0337.html
Reference: OSVDB:1534
Reference: URL:http://www.osvdb.org/1534
Reference: XF:freebsd-elf-dos(5967)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5967
Name: CVE-2000-0730
Description:
Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges.
Status:EntryReference: BID:1580
Reference: URL:http://www.securityfocus.com/bid/1580
Reference: HP:HPSBUX0008-118
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0144.html
Name: CVE-2000-0731
Description:
Directory traversal vulnerability in Worm HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1626
Reference: URL:http://www.securityfocus.com/bid/1626
Reference: NTBUGTRAQ:20000825 DST2K0023: Directory Traversal Possible & Denial of Service in Wo rm HTTP Server
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0111.html
Reference: OSVDB:1535
Reference: URL:http://www.osvdb.org/1535
Reference: XF:wormhttp-dir-traverse(5148)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5148
Name: CVE-2000-0732
Description:
Worm HTTP server allows remote attackers to cause a denial of service via a long URL.
Status:EntryReference: BID:1626
Reference: URL:http://www.securityfocus.com/bid/1626
Reference: NTBUGTRAQ:20000825 DST2K0023: Directory Traversal Possible & Denial of Service in Wo rm HTTP Server
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0111.html
Reference: XF:wormhttp-filename-dos(5149)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5149
Name: CVE-2000-0733
Description:
Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.
Status:EntryReference: BID:1572
Reference: URL:http://www.securityfocus.com/bid/1572
Reference: BUGTRAQ:20000814 [LSD] IRIX telnetd remote vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0154.html
Reference: SGI:20000801-02-P
Reference: URL:ftp://sgigate.sgi.com/security/20000801-02-P
Name: CVE-2000-0737
Description:
The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability.
Status:EntryReference: BID:1535
Reference: URL:http://www.securityfocus.com/bid/1535
Reference: MS:MS00-053
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-053
Name: CVE-2000-0738
Description:
WebShield SMTP 4.5 allows remote attackers to cause a denial of service by sending e-mail with a From: address that has a . (period) at the end, which causes WebShield to continuously send itself copies of the e-mail.
Status:EntryReference: BID:1589
Reference: URL:http://www.securityfocus.com/bid/1589
Reference: NTBUGTRAQ:20000818 WebShield SMTP infinite loop DoS Attack
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0101.html
Reference: XF:webshield-smtp-dos(5100)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5100
Name: CVE-2000-0739
Description:
Directory traversal vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTPS request to the enrollment server.
Status:EntryReference: BID:1537
Reference: URL:http://www.securityfocus.com/bid/1537
Reference: BUGTRAQ:20000802 NAI Net Tools PKI Server vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0473.html
Reference: CONFIRM:http://download.nai.com/products/licensed/pgp/hf3pki10.txt
Reference: OSVDB:1489
Reference: URL:http://www.osvdb.org/1489
Reference: XF:nettools-pki-dir-traverse(5066)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5066
Name: CVE-2000-0740
Description:
Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary commands via a long URL in the HTTPS port.
Status:EntryReference: BID:1536
Reference: URL:http://www.securityfocus.com/bid/1536
Reference: BUGTRAQ:20000802 NAI Net Tools PKI Server vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0473.html
Reference: CONFIRM:http://download.nai.com/products/licensed/pgp/hf3pki10.txt
Reference: OSVDB:1488
Reference: URL:http://www.osvdb.org/1488
Reference: XF:nai-nettools-strong-bo(5026)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5026
Name: CVE-2000-0741
Description:
Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension.
Status:EntryReference: BID:1538
Reference: URL:http://www.securityfocus.com/bid/1538
Reference: BUGTRAQ:20000802 NAI Net Tools PKI Server vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0473.html
Reference: CONFIRM:http://download.nai.com/products/licensed/pgp/hf3pki10.txt
Reference: OSVDB:1490
Reference: URL:http://www.osvdb.org/1490
Name: CVE-2000-0742
Description:
The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the "Malformed IPX Ping Packet" vulnerability.
Status:EntryReference: BID:1544
Reference: URL:http://www.securityfocus.com/bid/1544
Reference: BUGTRAQ:20000602 ipx storm
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&mid=63120
Reference: MS:MS00-054
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-054
Reference: XF:win-ipx-ping-packet(5079)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5079
Name: CVE-2000-0743
Description:
Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows remote attackers to execute arbitrary commands via a DES key generation request (GDESkey) that contains a long ticket value.
Status:EntryReference: BID:1569
Reference: URL:http://www.securityfocus.com/bid/1569
Reference: BUGTRAQ:20000810 Remote vulnerability in Gopherd 2.x
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0112.html
Name: CVE-2000-0744
Description:
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0743. Reason: This candidate is a duplicate of CVE-2000-0743. Notes: All CVE users should reference CVE-2000-0743 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Status:EntryName: CVE-2000-0745
Description:
admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote attackers to gain privileges by requesting a URL that does not specify the aid or pwd parameter.
Status:EntryReference: BID:1592
Reference: URL:http://www.securityfocus.com/bid/1592
Reference: BUGTRAQ:20000821 Vuln. in all sites using PHP-Nuke, versions less than 3
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0243.html
Reference: OSVDB:1521
Reference: URL:http://www.osvdb.org/1521
Name: CVE-2000-0747
Description:
The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it.
Status:EntryReference: BUGTRAQ:20000726 CONECTIVA LINUX SECURITY ANNOUNCEMENT - OPENLDAP
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0379.html
Reference: XF:openldap-logrotate-script-dos(5036)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5036
Name: CVE-2000-0749
Description:
Buffer overflow in the Linux binary compatibility module in FreeBSD 3.x through 5.x allows local users to gain root privileges via long filenames in the linux shadow file system.
Status:EntryReference: BID:1628
Reference: URL:http://www.securityfocus.com/bid/1628
Reference: FREEBSD:FreeBSD-SA-00:42
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-08/0338.html
Reference: OSVDB:1536
Reference: URL:http://www.osvdb.org/1536
Reference: XF:freebsd-linux-module-bo(5968)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5968
Name: CVE-2000-0750
Description:
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.
Status:EntryReference: BID:1558
Reference: URL:http://www.securityfocus.com/bid/1558
Reference: BUGTRAQ:20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html
Reference: FREEBSD:FreeBSD-SA-00:40
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html
Reference: MISC:http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7&r2=1.8&f=h
Reference: OPENBSD:20000705 Mopd contained a buffer overflow.
Reference: URL:http://www.openbsd.org/errata.html#mopd
Reference: REDHAT:RHSA-2000:050
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-050.html
Name: CVE-2000-0751
Description:
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
Status:EntryReference: BID:1559
Reference: URL:http://www.securityfocus.com/bid/1559
Reference: BUGTRAQ:20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html
Reference: FREEBSD:FreeBSD-SA-00:40
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html
Reference: MISC:http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7&r2=1.8&f=h
Reference: OPENBSD:20000705 Mopd contained a buffer overflow.
Reference: URL:http://www.openbsd.org/errata.html#mopd
Reference: REDHAT:RHSA-2000:050
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-050.html
Name: CVE-2000-0753
Description:
The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files.
Status:EntryReference: BID:1631
Reference: URL:http://www.securityfocus.com/bid/1631
Reference: BUGTRAQ:20000824 Outlook winmail.dat
Reference: URL:http://www.securityfocus.com/archive/1/78240
Reference: BUGTRAQ:20010802 Outlook 2000 Rich Text information disclosure
Reference: URL:http://www.securityfocus.com/archive/1/201422
Reference: XF:outlook-reveal-path(5508)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5508
Name: CVE-2000-0754
Description:
Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords.
Status:EntryReference: BID:1581
Reference: URL:http://www.securityfocus.com/bid/1581
Reference: HP:HPSBUX0008-119
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0144.html
Name: CVE-2000-0758
Description:
The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative access by modifying the value of the list_admin hidden form field.
Status:EntryReference: BID:1584
Reference: URL:http://www.securityfocus.com/bid/1584
Reference: BUGTRAQ:20000811 Lyris List Manager Administration Hole
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0149.html
Reference: CONFIRM:http://www.lyris.com/lm/lm_updates.html
Name: CVE-2000-0761
Description:
OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username.
Status:EntryReference: BID:1582
Reference: URL:http://www.securityfocus.com/bid/1582
Reference: BUGTRAQ:20000815 OS/2 Warp 4.5 FTP Server DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0166.html
Reference: CONFIRM:ftp://ftp.software.ibm.com/ps/products/tcpip/fixes/v4.3os2/ic27721/README
Name: CVE-2000-0762
Description:
The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges.
Status:EntryReference: BID:1583
Reference: URL:http://www.securityfocus.com/bid/1583
Reference: BUGTRAQ:20000811 eTrust Access Control - Root compromise for default install
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=004601c003a1$ba473260$ddeaa2cd@itradefair.net
Reference: CONFIRM:http://support.ca.com/techbases/eTrust/etrust_access_control-response.html
Reference: OSVDB:1517
Reference: URL:http://www.osvdb.org/1517
Reference: XF:etrust-access-control-default(5076)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5076
Name: CVE-2000-0763
Description:
xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option.
Status:EntryReference: BID:1585
Reference: URL:http://www.securityfocus.com/bid/1585
Reference: BUGTRAQ:20000816 xlock vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000815231724.A14694@subterrain.net
Reference: BUGTRAQ:20000817 Conectiva Linux Security Announcement - xlockmore
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0212.html
Reference: BUGTRAQ:20000823 MDKSA-2000:038 - xlockmore update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0294.html
Reference: DEBIAN:20000816 xlockmore: possible shadow file compromise
Reference: URL:http://www.debian.org/security/2000/20000816
Reference: FREEBSD:FreeBSD-SA-00:44.xlockmore
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-08/0340.html
Name: CVE-2000-0764
Description:
Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed IP packet.
Status:EntryReference: BID:1609
Reference: URL:http://www.securityfocus.com/bid/1609
Reference: BUGTRAQ:20000828 Intel Express Switch 500 series DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0338.html
Reference: XF:intel-express-switch-dos(5154)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5154
Name: CVE-2000-0765
Description:
Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability.
Status:EntryReference: BID:1561
Reference: URL:http://www.securityfocus.com/bid/1561
Reference: MS:MS00-056
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-056
Name: CVE-2000-0766
Description:
Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to cause a denial of service or possibly gain privileges via a long HTTP GET request.
Status:EntryReference: BID:1610
Reference: URL:http://www.securityfocus.com/bid/1610
Reference: BUGTRAQ:20000819 D.o.S Vulnerability in vqServer
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200008270354.UAA10952@user4.hushmail.com
Reference: XF:vqserver-get-dos(5152)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5152
Name: CVE-2000-0767
Description:
The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability.
Status:EntryReference: BID:1564
Reference: URL:http://www.securityfocus.com/bid/1564
Reference: MS:MS00-055
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-055
Name: CVE-2000-0768
Description:
A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.
Status:EntryReference: BID:1564
Reference: URL:http://www.securityfocus.com/bid/1564
Reference: MS:MS00-055
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-055
Name: CVE-2000-0770
Description:
IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability.
Status:EntryReference: BID:1565
Reference: URL:http://www.securityfocus.com/bid/1565
Reference: MS:MS00-057
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-057
Name: CVE-2000-0771
Description:
Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability.
Status:EntryReference: BID:1613
Reference: URL:http://www.securityfocus.com/bid/1613
Reference: MS:MS00-062
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-062
Name: CVE-2000-0773
Description:
Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack.
Status:EntryReference: BID:1522
Reference: URL:http://www.securityfocus.com/bid/1522
Reference: BUGTRAQ:20000731 Two security flaws in Bajie Webserver
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0426.html
Reference: XF:bajie-view-arbitrary-files(5021)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5021
Name: CVE-2000-0776
Description:
Mediahouse Statistics Server 5.02x allows remote attackers to execute arbitrary commands via a long HTTP GET request.
Status:EntryReference: BID:1568
Reference: URL:http://www.securityfocus.com/bid/1568
Reference: BUGTRAQ:20000810 [DeepZone Advisory] Statistics Server 5.02x stack overflow (Win2k remote exploit)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0118.html
Reference: XF:mediahouse-stats-livestats-bo(5113)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5113
Name: CVE-2000-0777
Description:
The password protection feature of Microsoft Money can store the password in plaintext, which allows attackers with physical access to the system to obtain the password, aka the "Money Password" vulnerability.
Status:EntryReference: BID:1615
Reference: URL:http://www.securityfocus.com/bid/1615
Reference: MS:MS00-061
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-061
Name: CVE-2000-0778
Description:
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
Status:EntryReference: BID:1578
Reference: URL:http://www.securityfocus.com/bid/1578
Reference: BUGTRAQ:20000815 Translate:f summary, history and thoughts
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=080D5336D882D211B56B0060080F2CD696A7C9@beta.mia.cz
Reference: MS:MS00-058
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-058
Reference: NTBUGTRAQ:20000816 Translate: f
Reference: URL:http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0008&L=ntbugtraq&F=&S=&P=5212
Reference: OVAL:oval:org.mitre.oval:def:927
Reference: URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A927
Name: CVE-2000-0779
Description:
Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests.
Status:EntryReference: BID:1534
Reference: URL:http://www.securityfocus.com/bid/1534
Reference: CONFIRM:http://www.checkpoint.com/techsupport/alerts/list_vun.html#Improper_stderr
Reference: OSVDB:1487
Reference: URL:http://www.osvdb.org/1487
Name: CVE-2000-0780
Description:
The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1617
Reference: URL:http://www.securityfocus.com/bid/1617
Reference: BUGTRAQ:20000830 Vulnerability Report On IPSWITCH's IMail
Reference: URL:http://marc.info/?l=bugtraq&m=96767207207553&w=2
Reference: CONFIRM:http://www.ipswitch.com/Support/IMail/news.html
Name: CVE-2000-0781
Description:
uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local users to execute arbitrary commands by modifying the temporary file before it is moved.
Status:EntryReference: BID:1519
Reference: URL:http://www.securityfocus.com/bid/1519
Reference: BUGTRAQ:20000728 Client Agent 6.62 for Unix Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0431.html
Reference: XF:arcserveit-clientagent-temp-file(5023)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5023
Name: CVE-2000-0782
Description:
netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1587
Reference: URL:http://www.securityfocus.com/bid/1587
Reference: BUGTRAQ:20000817 Netauth: Web Based Email Management System
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=NEBBJCLKGNOGCOIOBJNAGEHLCPAA.marc@eeye.com
Reference: CONFIRM:http://netwinsite.com/netauth/updates.htm
Reference: XF:netwin-netauth-dir-traverse(5090)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5090
Name: CVE-2000-0783
Description:
Watchguard Firebox II allows remote attackers to cause a denial of service by sending a malformed URL to the authentication service on port 4100.
Status:EntryReference: BID:1573
Reference: URL:http://www.securityfocus.com/bid/1573
Reference: BUGTRAQ:20000815 Watchguard Firebox Authentication DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0162.html
Reference: XF:firebox-url-dos(5098)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5098
Name: CVE-2000-0786
Description:
GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions.
Status:EntryReference: BID:1516
Reference: URL:http://www.securityfocus.com/bid/1516
Reference: BUGTRAQ:20000726 userv security boundary tool 1.0.1 (SECURITY FIX)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-07/0389.html
Reference: CONFIRM:http://marc.info/?l=bugtraq&m=96473640717095&w=2
Reference: DEBIAN:20000727 userv: local exploit
Reference: URL:http://www.debian.org/security/2000/20000727
Name: CVE-2000-0787
Description:
IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser.
Status:EntryReference: BID:1601
Reference: URL:http://www.securityfocus.com/bid/1601
Reference: BUGTRAQ:20000817 XChat URL handler vulnerabilty
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0215.html
Reference: BUGTRAQ:20000824 MDKSA-2000:039 - xchat update
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0301.html
Reference: BUGTRAQ:20000825 Conectiva Linux Security Announcement - xchat
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0305.html
Reference: REDHAT:RHSA-2000:055
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-055.html
Name: CVE-2000-0788
Description:
The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.
Status:EntryReference: BID:1566
Reference: URL:http://www.securityfocus.com/bid/1566
Reference: BUGTRAQ:20000807 MS Word and MS Access vulnerability - executing arbitrary programs, may be exploited by IE/Outlook
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=398EB9CA.27E03A9C@nat.bg
Reference: MS:MS00-071
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-071
Reference: XF:word-mail-merge(5322)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5322
Name: CVE-2000-0790
Description:
The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder.
Status:EntryReference: BID:1571
Reference: URL:http://www.securityfocus.com/bid/1571
Reference: BUGTRAQ:20000828 IE 5.5/5.x for Win98 may execute arbitrary files that can be accessed thru Microsoft Networking. Also local Administrator compromise at least on default Windows 2000.
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=3998370D.732A03F1@nat.bg
Reference: XF:ie-folder-remote-exe(5097)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5097
Name: CVE-2000-0792
Description:
Gnome Lokkit firewall package before 0.41 does not properly restrict access to some ports, even if a user does not make any services available.
Status:EntryReference: BID:1590
Reference: URL:http://www.securityfocus.com/bid/1590
Reference: BUGTRAQ:20000819 Security update for Gnome-Lokkit
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0252.html
Reference: OSVDB:1520
Reference: URL:http://www.osvdb.org/1520
Name: CVE-2000-0795
Description:
Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long -n option.
Status:EntryReference: BID:1529
Reference: URL:http://www.securityfocus.com/bid/1529
Reference: BUGTRAQ:20000802 [LSD] some unpublished LSD exploit codes
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200008021924.e72JOVs12558@ix.put.poznan.pl
Reference: OSVDB:1485
Reference: URL:http://www.osvdb.org/1485
Name: CVE-2000-0796
Description:
Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long command line option.
Status:EntryReference: BID:1528
Reference: URL:http://www.securityfocus.com/bid/1528
Reference: BUGTRAQ:20000802 [LSD] some unpublished LSD exploit codes
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200008021924.e72JOVs12558@ix.put.poznan.pl
Reference: OSVDB:1484
Reference: URL:http://www.osvdb.org/1484
Reference: XF:irix-dmplay-bo(5064)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5064
Name: CVE-2000-0797
Description:
Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option.
Status:EntryReference: BID:1526
Reference: URL:http://www.securityfocus.com/bid/1526
Reference: BUGTRAQ:20000802 [LSD] some unpublished LSD exploit codes
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200008021924.e72JOVs12558@ix.put.poznan.pl
Reference: OSVDB:3815
Reference: URL:http://www.osvdb.org/3815
Reference: SGI:20040104-01-P
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/20040104-01-P.asc
Reference: XF:irix-grosview-bo(5062)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5062
Name: CVE-2000-0799
Description:
inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file.
Status:EntryReference: BID:1530
Reference: URL:http://www.securityfocus.com/bid/1530
Reference: BUGTRAQ:20000802 [LSD] some unpublished LSD exploit codes
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=200008021924.e72JOVs12558@ix.put.poznan.pl
Reference: SGI:20001101-01-I
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/20001101-01-I
Reference: XF:irix-inpview-symlink(5065)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5065
Name: CVE-2000-0803
Description:
GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.
Status:EntryReference: ISS:20001004 GNU Groff utilities read untrusted commands from current working directory
Reference: XF:gnu-groff-utilities(5280)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5280
Name: CVE-2000-0804
Description:
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass."
Status:EntryReference: CONFIRM:http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-way_Connection
Reference: OSVDB:4419
Reference: URL:http://www.osvdb.org/4419
Reference: XF:fw1-remote-bypass(5468)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5468
Name: CVE-2000-0805
Description:
Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets."
Status:EntryReference: CONFIRM:http://www.checkpoint.com/techsupport/alerts/list_vun.html#Retransmission_of
Reference: OSVDB:4415
Reference: URL:http://www.osvdb.org/4415
Reference: XF:fw1-client-spoof(5469)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5469
Name: CVE-2000-0806
Description:
The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass."
Status:EntryReference: CONFIRM:http://www.checkpoint.com/techsupport/alerts/list_vun.html#Inter-module_Communications
Reference: OSVDB:4413
Reference: URL:http://www.osvdb.org/4413
Reference: XF:fw1-fwa1-auth-replay(5162)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5162
Name: CVE-2000-0807
Description:
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability."
Status:EntryReference: CONFIRM:http://www.checkpoint.com/techsupport/alerts/list_vun.html#OPSEC_Authentication
Reference: OSVDB:4420
Reference: URL:http://www.osvdb.org/4420
Reference: XF:fw1-opsec-auth-spoof(5471)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5471
Name: CVE-2000-0808
Description:
The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication."
Status:EntryReference: CONFIRM:http://www.checkpoint.com/techsupport/alerts/list_vun.html#One-time_Password
Reference: OSVDB:4421
Reference: URL:http://www.osvdb.org/4421
Reference: XF:fw1-localhost-auth(5137)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5137
Name: CVE-2000-0809
Description:
Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service.
Status:EntryReference: CONFIRM:http://www.checkpoint.com/techsupport/alerts/list_vun.html#Getkey_Buffer
Reference: OSVDB:4422
Reference: URL:http://www.osvdb.org/4422
Reference: XF:fw1-getkey-bo(5139)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5139
Name: CVE-2000-0810
Description:
Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack.
Status:EntryReference: BID:1782
Reference: URL:http://www.securityfocus.com/bid/1782
Reference: BUGTRAQ:20001016 File deletion and other bugs in Auction Weaver LITE 1.0 - 1.04
Reference: OSVDB:1600
Reference: URL:http://www.osvdb.org/1600
Reference: XF:auction-weaver-delete-files(5371)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5371
Name: CVE-2000-0811
Description:
Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields.
Status:EntryReference: BID:1783
Reference: URL:http://www.securityfocus.com/bid/1783
Reference: BUGTRAQ:20001016 File deletion and other bugs in Auction Weaver LITE 1.0 - 1.04
Reference: OSVDB:4053
Reference: URL:http://www.osvdb.org/4053
Reference: XF:auction-weaver-username-bidfile(5372)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5372
Name: CVE-2000-0813
Description:
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers ("FTP Bounce") via invalid FTP commands that are processed improperly by FireWall-1, aka "FTP Connection Enforcement Bypass."
Status:EntryReference: CONFIRM:http://www.checkpoint.com/techsupport/alerts/list_vun.html#FTP_Connection
Reference: OSVDB:4434
Reference: URL:http://www.osvdb.org/4434
Reference: XF:fw1-ftp-redirect(5474)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5474
Name: CVE-2000-0816
Description:
Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters.
Status:EntryReference: BID:1785
Reference: URL:http://www.securityfocus.com/bid/1785
Reference: ISS:20001006 Insecure call of external programs in Red Hat Linux tmpwatch
Reference: URL:http://xforce.iss.net/alerts/advise64.php
Reference: MANDRAKE:MDKSA-2000:056
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-056.php3?dis=7.1
Reference: REDHAT:RHSA-2000:080
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-080.html
Reference: XF:linux-tmpwatch-fuser(5320)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5320
Name: CVE-2000-0818
Description:
The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands.
Status:EntryReference: CONFIRM:http://otn.oracle.com/deploy/security/pdf/listener_alert.pdf
Reference: ISS:20001025 Vulnerability in the Oracle Listener Program
Reference: URL:http://xforce.iss.net/alerts/advise66.php
Reference: XF:oracle-listener-connect-statements(5380)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5380
Name: CVE-2000-0824
Description:
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
Status:EntryReference: BID:1639
Reference: URL:http://www.securityfocus.com/bid/1639
Reference: BID:648
Reference: URL:http://www.securityfocus.com/bid/648
Reference: BUGTRAQ:19990917 A few bugs...
Reference: URL:http://marc.info/?l=bugtraq&m=93760201002154&w=2
Reference: BUGTRAQ:20000831 glibc unsetenv bug
Reference: URL:http://www.securityfocus.com/archive/1/79537
Reference: BUGTRAQ:20000902 Conectiva Linux Security Announcement - glibc
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html
Reference: BUGTRAQ:20000905 Conectiva Linux Security Announcement - glibc
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0509.html
Reference: BUGTRAQ:20000906 [slackware-security]: glibc 2.1.3 vulnerabilities patched
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0525.html
Reference: CALDERA:CSSA-2000-028.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-028.0.txt
Reference: DEBIAN:20000902 glibc: local root exploit
Reference: URL:http://www.debian.org/security/2000/20000902
Reference: MANDRAKE:MDKSA-2000:040
Reference: URL:http://www.linux-mandrake.com/en/updates/MDKSA-2000-040.php3
Reference: MANDRAKE:MDKSA-2000:045
Reference: URL:http://www.linux-mandrake.com/en/updates/MDKSA-2000-045.php3
Reference: REDHAT:RHSA-2000:057
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-057.html
Reference: SUSE:20000924 glibc locale security problem
Reference: URL:http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html
Reference: TURBO:TLSA2000020-1
Reference: URL:http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html
Reference: XF:glibc-ld-unsetenv(5173)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5173
Name: CVE-2000-0825
Description:
Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash.
Status:EntryReference: BID:2011
Reference: URL:http://www.securityfocus.com/bid/2011
Reference: BUGTRAQ:20000817 Imail Web Service Remote DoS Attack v.2
Reference: URL:http://marc.info/?l=bugtraq&m=96659012127444&w=2
Reference: NTBUGTRAQ:20000817 Imail Web Service Remote DoS Attack v.2
Reference: URL:http://marc.info/?l=ntbugtraq&m=96654521004571&w=2
Reference: WIN2KSEC:20000817 Imail Web Service Remote DoS Attack v.2
Reference: URL:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0071.html
Reference: XF:ipswitch-imail-remote-dos(5475)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5475
Name: CVE-2000-0829
Description:
The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/.
Status:EntryReference: BID:1664
Reference: URL:http://www.securityfocus.com/bid/1664
Reference: BUGTRAQ:20000909 tmpwatch: local DoS : fork()bomb as root
Reference: URL:http://www.securityfocus.com/archive/1/81364
Reference: REDHAT:RHSA-2000:080
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-080.html
Reference: XF:linux-tmpwatch-fork-dos(5217)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5217
Name: CVE-2000-0830
Description:
annclist.exe in webTV for Windows allows remote attackers to cause a denial of service by via a large, malformed UDP packet to ports 22701 through 22705.
Status:EntryReference: BID:1671
Reference: URL:http://www.securityfocus.com/bid/1671
Reference: BUGTRAQ:20000913 trivial DoS in webTV
Reference: URL:http://www.securityfocus.com/archive/1/81852
Reference: MS:MS00-074
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-074
Reference: XF:webtv-udp-dos(5216)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5216
Name: CVE-2000-0834
Description:
The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability.
Status:EntryReference: ATSTAKE:A091400-1
Reference: URL:http://www.atstake.com/research/advisories/2000/a091400-1.txt
Reference: BID:1683
Reference: URL:http://www.securityfocus.com/bid/1683
Reference: MS:MS00-067
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-067
Reference: XF:win2k-telnet-ntlm-authentication(5242)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5242
Name: CVE-2000-0837
Description:
FTP Serv-U 2.5e allows remote attackers to cause a denial of service by sending a large number of null bytes.
Status:EntryReference: BID:1543
Reference: URL:http://www.securityfocus.com/bid/1543
Reference: BUGTRAQ:20000804 FTP Serv-U 2.5e vulnerability.
Reference: URL:http://www.securityfocus.com/archive/1/73843
Reference: XF:servu-null-character-dos(5029)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5029
Name: CVE-2000-0838
Description:
Fastream FUR HTTP server 1.0b allows remote attackers to cause a denial of service via a long GET request.
Status:EntryReference: WIN2KSEC:20000914 DST2K0028: DoS in FUR HTTP Server v1.0b
Reference: URL:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0111.html
Reference: XF:fur-get-dos(5237)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5237
Name: CVE-2000-0839
Description:
WinCOM LPD 1.00.90 allows remote attackers to cause a denial of service via a large number of LPD options to the LPD port (515).
Status:EntryReference: BID:1701
Reference: URL:http://www.securityfocus.com/bid/1701
Reference: BUGTRAQ:20000919 VIGILANTE-2000013: WinCOM LPD DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0212.html
Reference: XF:wincom-lpd-dos(5258)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5258
Name: CVE-2000-0844
Description:
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
Status:EntryReference: AIXAPAR:IY13753
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html
Reference: BID:1634
Reference: URL:http://www.securityfocus.com/bid/1634
Reference: BUGTRAQ:20000902 Conectiva Linux Security Announcement - glibc
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html
Reference: BUGTRAQ:20000904 UNIX locale format string vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html
Reference: CALDERA:CSSA-2000-030.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt
Reference: COMPAQ:SSRT0689U
Reference: URL:http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html
Reference: DEBIAN:20000902 glibc: local root exploit
Reference: URL:http://www.debian.org/security/2000/20000902
Reference: REDHAT:RHSA-2000:057
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-057.html
Reference: SGI:20000901-01-P
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P
Reference: SUSE:20000906 glibc locale security problem
Reference: URL:http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html
Reference: TURBO:TLSA2000020-1
Reference: URL:http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html
Reference: XF:unix-locale-format-string(5176)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5176
Name: CVE-2000-0846
Description:
Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to execute arbitrary commands via a long username or password.
Status:EntryReference: BID:1598
Reference: URL:http://www.securityfocus.com/bid/1598
Reference: BUGTRAQ:20000821 Darxite daemon remote exploit/DoS problem
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0256.html
Reference: XF:darxite-login-bo(5134)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5134
Name: CVE-2000-0847
Description:
Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands via a long X-Keywords header.
Status:EntryReference: BID:1646
Reference: URL:http://www.securityfocus.com/bid/1646
Reference: BID:1687
Reference: URL:http://www.securityfocus.com/bid/1687
Reference: BUGTRAQ:20000901 More about UW c-client library
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0437.html
Reference: BUGTRAQ:20000901 UW c-client library vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0425.html
Reference: FREEBSD:FreeBSD-SA-00:47.pine
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-09/0108.html
Reference: XF:c-client-dos(5223)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5223
Name: CVE-2000-0848
Description:
Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header.
Status:EntryReference: BID:1691
Reference: URL:http://www.securityfocus.com/bid/1691
Reference: BUGTRAQ:20000915 WebSphere application server plugin issue & vendor fix
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0192.html
Reference: MISC:http://www-4.ibm.com/software/webservers/appserv/doc/v3022/fxpklst.htm#Security
Reference: XF:websphere-header-dos(5252)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5252
Name: CVE-2000-0849
Description:
Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of service in the Windows Media Unicast Service via a malformed request, aka the "Unicast Service Race Condition" vulnerability.
Status:EntryReference: BID:1655
Reference: URL:http://www.securityfocus.com/bid/1655
Reference: MS:MS00-064
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-064
Reference: XF:unicast-service-dos(5193)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5193
Name: CVE-2000-0850
Description:
Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" (where ext is .ccc, .class, or .jpg) to the requested URL.
Status:EntryReference: ATSTAKE:A091100-1
Reference: URL:http://www.atstake.com/research/advisories/2000/a091100-1.txt
Reference: BID:1681
Reference: URL:http://www.securityfocus.com/bid/1681
Reference: XF:siteminder-bypass-authentication(5230)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5230
Name: CVE-2000-0851
Description:
Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability.
Status:EntryReference: ATSTAKE:A090700-1
Reference: URL:http://www.atstake.com/research/advisories/2000/a090700-1.txt
Reference: BID:1651
Reference: URL:http://www.securityfocus.com/bid/1651
Reference: MS:MS00-065
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-065
Reference: XF:w2k-still-image-service(5203)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5203
Name: CVE-2000-0852
Description:
Multiple buffer overflows in eject on FreeBSD and possibly other OSes allows local users to gain root privileges.
Status:EntryReference: BID:1686
Reference: URL:http://www.securityfocus.com/bid/1686
Reference: FREEBSD:FreeBSD-SA-00:49
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-09/0110.html
Reference: OSVDB:1559
Reference: URL:http://www.osvdb.org/1559
Reference: XF:freebsd-eject-port(5248)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5248
Name: CVE-2000-0853
Description:
YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1668
Reference: URL:http://www.securityfocus.com/bid/1668
Reference: BUGTRAQ:20000909 YaBB 1.9.2000 Vulnerabilitie
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0072.html
Reference: XF:yabb-file-access(5254)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5254
Name: CVE-2000-0854
Description:
When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document.
Status:EntryReference: BID:1699
Reference: URL:http://www.securityfocus.com/bid/1699
Reference: BUGTRAQ:20000922 Eudora + riched20.dll affects WinZip v8.0 as well
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0277.html
Reference: NTBUGTRAQ:20000921 Mitigators for possible exploit of Eudora via Guninski #21,2000
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0155.html
Reference: WIN2KSEC:20000918 Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases
Reference: URL:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0117.html
Reference: XF:office-dll-execution(5263)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5263
Name: CVE-2000-0856
Description:
Buffer overflow in SunFTP build 9(1) allows remote attackers to cause a denial of service or possibly execute arbitrary commands via a long GET request.
Status:EntryReference: BID:1638
Reference: URL:http://www.securityfocus.com/bid/1638
Reference: BUGTRAQ:20000901 [EXPL] SunFTP vulnerable to two Denial-of-Service attacks (long buffer, half-open)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0408.html
Name: CVE-2000-0858
Description:
Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in IIS by sending it a series of malformed requests which cause INETINFO.EXE to fail, aka the "Invalid URL" vulnerability.
Status:EntryReference: BID:1642
Reference: URL:http://www.securityfocus.com/bid/1642
Reference: BUGTRAQ:20000906 VIGILANTE-2000009: "Invalid URL" DoS
Reference: URL:http://www.securityfocus.com/archive/1/80413
Reference: MS:MS00-063
Reference: URL:http://archives.neohapsis.com/archives/vendor/2000-q3/0065.html
Reference: XF:iis-invald-url-dos(5202)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5202
Name: CVE-2000-0859
Description:
The web configuration server for NTMail V5 and V6 allows remote attackers to cause a denial of service via a series of partial HTTP requests.
Status:EntryReference: BID:1640
Reference: URL:http://www.securityfocus.com/bid/1640
Reference: BUGTRAQ:20000904 VIGILANTE-2000008: NTMail Configuration Service DoS
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0471.html
Reference: XF:ntmail-incomplete-http-requests(5182)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5182
Name: CVE-2000-0860
Description:
The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.
Status:EntryReference: BID:1649
Reference: URL:http://www.securityfocus.com/bid/1649
Reference: BUGTRAQ:20000903 (SRADV00001) Arbitrary file disclosure through PHP file upload
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0455.html
Reference: BUGTRAQ:20000904 Re: [PHP-DEV] RE: (SRADV00001) Arbitrary file disclosure through PHP file upload
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0477.html
Reference: CONFIRM:http://cvsweb.php.net/viewcvs.cgi/php4/main/rfc1867.c.diff?r1=1.38%3Aphp_4_0_2&tr1=1.1&r2=text&tr2=1.45&diff_format=u
Reference: MANDRAKE:MDKSA-2000:048
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0150.html
Reference: XF:php-file-upload(5190)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5190
Name: CVE-2000-0861
Description:
Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion.
Status:EntryReference: BID:1667
Reference: URL:http://www.securityfocus.com/bid/1667
Reference: BUGTRAQ:20000907 Mailman 1.1 + external archiver vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0040.html
Reference: FREEBSD:FreeBSD-SA-00:51
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-09/0112.html
Reference: XF:mailman-execute-external-commands(5493)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5493
Name: CVE-2000-0862
Description:
Vulnerability in an administrative interface utility for Allaire Spectra 1.0.1 allows remote attackers to read and modify sensitive configuration information.
Status:EntryReference: ALLAIRE:ASB00-23
Reference: URL:http://archives.neohapsis.com/archives/vendor/2000-q3/0059.html
Reference: XF:allaire-spectra-admin-access(5466)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5466
Name: CVE-2000-0863
Description:
Buffer overflow in listmanager earlier than 2.105.1 allows local users to gain additional privileges.
Status:EntryReference: FREEBSD:FreeBSD-SA-00:50
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-09/0111.html
Reference: XF:listmanager-port-bo(5503)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5503
Name: CVE-2000-0864
Description:
Race condition in the creation of a Unix domain socket in GNOME esound 0.2.19 and earlier allows a local user to change the permissions of arbitrary files and directories, and gain additional privileges, via a symlink attack.
Status:EntryReference: BID:1659
Reference: URL:http://www.securityfocus.com/bid/1659
Reference: BUGTRAQ:20000911 Patch for esound-0.2.19
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0095.html
Reference: BUGTRAQ:20001006 Immunix OS Security Update for esound
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0118.html
Reference: DEBIAN:20001008 esound: race condition
Reference: URL:http://www.debian.org/security/2000/20001008
Reference: FREEBSD:FreeBSD-SA-00:45
Reference: URL:http://archives.neohapsis.com/archives/freebsd/2000-08/0365.html
Reference: MANDRAKE:MDKSA-2000:051
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0328.htm
Reference: REDHAT:RHSA-2000:077
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-077.html
Reference: SUSE:20001012 esound daemon race condition
Reference: URL:http://www.novell.com/linux/security/advisories/esound_daemon_race_condition.html
Reference: XF:gnome-esound-symlink(5213)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5213
Name: CVE-2000-0865
Description:
Buffer overflow in dvtermtype in Tridia Double Vision 3.07.00 allows local users to gain root privileges via a long terminal type argument.
Status:EntryReference: BID:1697
Reference: URL:http://www.securityfocus.com/bid/1697
Reference: BUGTRAQ:20000916 Advisory: Tridia DoubleVision / SCO UnixWare
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0185.html
Reference: XF:doublevision-dvtermtype-bo(5261)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5261
Name: CVE-2000-0867
Description:
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
Status:EntryReference: BUGTRAQ:20000917 klogd format bug
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html
Reference: BUGTRAQ:20000918 Conectiva Linux Security Announcement - sysklogd
Reference: URL:http://marc.info/?l=bugtraq&m=97726239017741&w=2
Reference: CALDERA:CSSA-2000-032.0
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt
Reference: DEBIAN:20000919
Reference: MANDRAKE:MDKSA-2000:050
Reference: URL:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050
Reference: OSVDB:5824
Reference: URL:http://www.osvdb.org/5824
Reference: REDHAT:RHSA-2000:061
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-061.html
Reference: SUSE:20000920 syslogd + klogd format string parsing error
Reference: URL:http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html
Reference: TURBO:TLSA2000022-2
Reference: URL:http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html
Reference: XF:klogd-format-string(5259)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5259
Name: CVE-2000-0868
Description:
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.
Status:EntryReference: ATSTAKE:A090700-2
Reference: URL:http://www.atstake.com/research/advisories/2000/a090700-2.txt
Reference: BID:1658
Reference: URL:http://www.securityfocus.com/bid/1658
Reference: SUSE:20000907
Reference: URL:http://archives.neohapsis.com/archives/linux/suse/2000-q3/0906.html
Reference: XF:suse-apache-cgi-source-code(5197)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5197
Name: CVE-2000-0869
Description:
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.
Status:EntryReference: ATSTAKE:A090700-3
Reference: URL:http://www.atstake.com/research/advisories/2000/a090700-3.txt
Reference: BID:1656
Reference: URL:http://www.securityfocus.com/bid/1656
Reference: SUSE:20000907
Reference: URL:http://archives.neohapsis.com/archives/linux/suse/2000-q3/0906.html
Reference: XF:apache-webdav-directory-listings(5204)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5204
Name: CVE-2000-0870
Description:
Buffer overflow in EFTP allows remote attackers to cause a denial of service via a long string.
Status:EntryReference: BID:1675
Reference: URL:http://www.securityfocus.com/bid/1675
Reference: BUGTRAQ:20000911[EXPL] EFTP vulnerable to two DoS attacks
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0089.html
Reference: OSVDB:1555
Reference: URL:http://www.osvdb.org/1555
Reference: XF:eftp-bo(5219)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5219
Name: CVE-2000-0871
Description:
Buffer overflow in EFTP allows remote attackers to cause a denial of service by sending a string that does not contain a newline, then disconnecting from the server.
Status:EntryReference: BID:1677
Reference: URL:http://www.securityfocus.com/bid/1677
Reference: BUGTRAQ:20000911[EXPL] EFTP vulnerable to two DoS attacks
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0089.html
Reference: OSVDB:409
Reference: URL:http://www.osvdb.org/409
Reference: XF:eftp-newline-dos(5220)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5220
Name: CVE-2000-0873
Description:
netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities.
Status:EntryReference: BID:1660
Reference: URL:http://www.securityfocus.com/bid/1660
Reference: BUGTRAQ:20000903 aix allows clearing the interface stats
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0454.html
Reference: XF:aix-clear-netstat(5214)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5214
Name: CVE-2000-0874
Description:
Eudora mail client includes the absolute path of the sender's host within a virtual card (VCF).
Status:EntryReference: BID:1653
Reference: URL:http://www.securityfocus.com/bid/1653
Reference: BUGTRAQ:20000907 Eudora disclosure
Reference: URL:http://www.securityfocus.com/archive/1/80888
Reference: OSVDB:1545
Reference: URL:http://www.osvdb.org/1545
Reference: XF:eudora-path-disclosure(5206)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5206
Name: CVE-2000-0875
Description:
WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a denial of service by sending a long string of unprintable characters.
Status:EntryReference: BUGTRAQ:20000905 WFTPD/WFTPD Pro 2.41 RC12 vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0488.html
Reference: CONFIRM:http://www.wftpd.com/bug_gpf.htm
Reference: XF:wftpd-long-string-dos(5194)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5194
Name: CVE-2000-0876
Description:
WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the full pathname of the server via a "%C" command, which generates an error message that includes the pathname.
Status:EntryReference: BUGTRAQ:20000905 WFTPD/WFTPD Pro 2.41 RC12 vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0488.html
Reference: OSVDB:5829
Reference: URL:http://www.osvdb.org/5829
Reference: XF:wftpd-path-disclosure(5196)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5196
Name: CVE-2000-0877
Description:
mailform.pl CGI script in MailForm 2.0 allows remote attackers to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker.
Status:EntryReference: BID:1670
Reference: URL:http://www.securityfocus.com/bid/1670
Reference: BUGTRAQ:20000911 Unsafe passing of variables to mailform.pl in MailForm V2.0
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0092.html
Reference: XF:mailform-attach-file(5224)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5224
Name: CVE-2000-0878
Description:
The mailto CGI script allows remote attacker to execute arbitrary commands via shell metacharacters in the emailadd form field.
Status:EntryReference: BID:1669
Reference: URL:http://www.securityfocus.com/bid/1669
Reference: BUGTRAQ:20000911 Fwd: Poor variable checking in mailto.cgi
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0088.html
Reference: XF:mailto-piped-address(5241)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5241
Name: CVE-2000-0883
Description:
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
Status:EntryReference: BID:1678
Reference: URL:http://www.securityfocus.com/bid/1678
Reference: MANDRAKE:MDKSA-2000:046
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0111.html
Reference: XF:linux-mod-perl(5257)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5257
Name: CVE-2000-0884
Description:
IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Status:EntryReference: BID:1806
Reference: URL:http://www.securityfocus.com/bid/1806
Reference: BUGTRAQ:20001017 IIS %c1%1c remote command execution
Reference: MS:MS00-078
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-078
Reference: OSVDB:436
Reference: URL:http://www.osvdb.org/436
Reference: OVAL:oval:org.mitre.oval:def:44
Reference: URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A44
Reference: XF:iis-unicode-translation(5377)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5377
Name: CVE-2000-0886
Description:
IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Status:EntryReference: BID:1912
Reference: URL:http://www.securityfocus.com/bid/1912
Reference: BUGTRAQ:20001107 NSFOCUS SA2000-07 : Microsoft IIS 4.0/5.0 CGI File Name Inspection Vulnerability
Reference: URL:http://www.securityfocus.com/templates/archive.pike?mid=143604&list=1&fromthread=0&end=2000-11-11&threads=0&start=2000-11-05&
Reference: MS:MS00-086
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-086
Reference: OVAL:oval:org.mitre.oval:def:191
Reference: URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A191
Reference: XF:iis-invalid-filename-passing(5470)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5470
Name: CVE-2000-0887
Description:
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug."
Status:EntryReference: BID:1923
Reference: URL:http://www.securityfocus.com/bid/1923
Reference: BUGTRAQ:20001107 BIND 8.2.2-P5 Possible DOS
Reference: URL:http://www.securityfocus.com/archive/1/143843
Reference: BUGTRAQ:20001115 Trustix Security Advisory - bind and openssh (and modutils)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0217.html
Reference: CERT:CA-2000-20
Reference: URL:http://www.cert.org/advisories/CA-2000-20.html
Reference: CONECTIVA:CLSA-2000:338
Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000338
Reference: CONECTIVA:CLSA-2000:339
Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000339
Reference: DEBIAN:20001112 bind: remote Denial of Service
Reference: URL:http://www.debian.org/security/2000/20001112
Reference: IBM:ERS-SVA-E01-2000:005.1
Reference: MANDRAKE:MDKSA-2000:067
Reference: URL:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:067
Reference: REDHAT:RHSA-2000:107
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-107.html
Reference: SUSE:SuSE-SA:2000:45
Reference: URL:http://archives.neohapsis.com/archives/linux/suse/2000-q4/0657.html
Reference: VULN-DEV:20001107 Possible DOS in Bind 8.2.2-P5
Reference: VULN-DEV:20001109 Re: Possible DOS in Bind 8.2.2-P5
Reference: XF:bind-zxfr-dos(5540)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5540
Name: CVE-2000-0888
Description:
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug."
Status:EntryReference: CERT:CA-2000-20
Reference: URL:http://www.cert.org/advisories/CA-2000-20.html
Reference: CONECTIVA:CLSA-2000:338
Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000338
Reference: CONECTIVA:CLSA-2000:339
Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000339
Reference: DEBIAN:20001112 bind: remote Denial of Service
Reference: URL:http://www.debian.org/security/2000/20001112
Reference: IBM:ERS-SVA-E01-2000:005.1
Reference: MANDRAKE:MDKSA-2000:067
Reference: URL:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:067
Reference: REDHAT:RHSA-2000:107
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-107.html
Reference: SUSE:SuSE-SA:2000:45
Reference: URL:http://archives.neohapsis.com/archives/linux/suse/2000-q4/0657.html
Reference: XF:bind-srv-dos(5814)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5814
Name: CVE-2000-0890
Description:
periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack.
Status:EntryReference: BID:2325
Reference: URL:http://www.securityfocus.com/bid/2325
Reference: CERT-VN:VU#626919
Reference: URL:http://www.kb.cert.org/vuls/id/626919
Reference: FREEBSD:FreeBSD-SA-01:12
Reference: OSVDB:1754
Reference: URL:http://www.osvdb.org/1754
Reference: XF:periodic-temp-file-symlink(6047)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/6047
Name: CVE-2000-0891
Description:
A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email.
Status:EntryReference: CERT-VN:VU#5962
Reference: URL:http://www.kb.cert.org/vuls/id/5962
Reference: CONFIRM:http://www.notes.net/R5FixList.nsf/Search!SearchView&Query=CBAT45TU9S
Reference: XF:lotus-notes-bypass-ecl(5045)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5045
Name: CVE-2000-0892
Description:
Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL.
Status:EntryReference: CERT-VN:VU#22404
Reference: URL:http://www.kb.cert.org/vuls/id/22404
Reference: XF:telnet-obtain-env-variable(6644)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/6644
Name: CVE-2000-0894
Description:
HTTP server on the WatchGuard SOHO firewall does not properly restrict access to administrative functions such as password resets or rebooting, which allows attackers to cause a denial of service or conduct unauthorized activities.
Status:EntryReference: BID:2119
Reference: URL:http://www.securityfocus.com/bid/2119
Reference: ISS:20001214 Multiple vulnerabilities in the WatchGuard SOHO Firewall
Reference: URL:http://xforce.iss.net/alerts/advise70.php
Reference: OSVDB:4404
Reference: URL:http://www.osvdb.org/4404
Reference: XF:watchguard-soho-web-auth(5554)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5554
Name: CVE-2000-0895
Description:
Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long GET request.
Status:EntryReference: BID:2114
Reference: URL:http://www.securityfocus.com/bid/2114
Reference: ISS:20001214 Multiple vulnerabilities in the WatchGuard SOHO Firewall
Reference: URL:http://xforce.iss.net/alerts/advise70.php
Reference: OSVDB:4403
Reference: URL:http://www.osvdb.org/4403
Reference: XF:watchguard-soho-web-dos(5218)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5218
Name: CVE-2000-0896
Description:
WatchGuard SOHO firewall allows remote attackers to cause a denial of service via a flood of fragmented IP packets, which causes the firewall to drop connections and stop forwarding packets.
Status:EntryReference: BID:2113
Reference: URL:http://www.securityfocus.com/bid/2113
Reference: ISS:20001214 Multiple vulnerabilities in the WatchGuard SOHO Firewall
Reference: URL:http://xforce.iss.net/alerts/advise70.php
Reference: OSVDB:1690
Reference: URL:http://www.osvdb.org/1690
Reference: XF:watchguard-soho-fragmented-packets(5749)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5749
Name: CVE-2000-0897
Description:
Small HTTP Server 2.03 and earlier allows remote attackers to cause a denial of service by repeatedly requesting a URL that references a directory that does not contain an index.html file, which consumes memory that is not released after the request is completed.
Status:EntryReference: BID:1941
Reference: URL:http://www.securityfocus.com/bid/1941
Reference: BUGTRAQ:20001114 Vulnerabilites in SmallHTTP Server
Reference: URL:http://marc.info/?l=bugtraq&m=97421834001092&w=2
Reference: CONFIRM:http://home.lanck.net/mf/srv/index.htm
Reference: XF:small-http-nofile-dos(5524)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5524
Name: CVE-2000-0900
Description:
Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a "%2e%2e" string, a variation of the .. (dot dot) attack.
Status:EntryReference: BID:1737
Reference: URL:http://www.securityfocus.com/bid/1737
Reference: BUGTRAQ:20001002 thttpd ssi: retrieval of arbitrary world-readable files
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0025.html
Reference: FREEBSD:FreeBSD-SA-00:73
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:73.thttpd.asc
Reference: XF:acme-thttpd-ssi(5313)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5313
Name: CVE-2000-0901
Description:
Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbell_msg initialization variable.
Status:EntryReference: BID:1641
Reference: URL:http://www.securityfocus.com/bid/1641
Reference: BUGTRAQ:20000905 screen 3.9.5 root vulnerability
Reference: URL:http://www.securityfocus.com/archive/1/80178
Reference: BUGTRAQ:20000906 Screen-3.7.6 local compromise
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-08/0530.html
Reference: DEBIAN:20000902a
Reference: FREEBSD:FreeBSD-SA-00:46
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:46.screen.asc
Reference: MANDRAKE:MDKSA-2000:044
Reference: URL:http://www.linux-mandrake.com/en/updates/MDKSA-2000-044.php3
Reference: REDHAT:RHSA-2000:058
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-058.html
Reference: SUSE:20000906 screen format string parsing security problem
Reference: URL:http://www.novell.com/linux/security/advisories/adv6_draht_screen_txt.html
Reference: XF:screen-format-string(5188)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5188
Name: CVE-2000-0908
Description:
BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request.
Status:EntryReference: BID:1702
Reference: URL:http://www.securityfocus.com/bid/1702
Reference: BUGTRAQ:20000921 DST2K0031: DoS in BrowseGate(Home) v2.80(H)
Reference: URL:http://marc.info/?l=bugtraq&m=96956211605302&w=2
Reference: CONFIRM:http://www.netcplus.com/browsegate.htm#BGLatest
Reference: WIN2KSEC:20000921 DST2K0031: DoS in BrowseGate(Home) v2.80(H)
Reference: URL:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0128.html
Reference: XF:browsegate-http-dos(5270)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5270
Name: CVE-2000-0909
Description:
Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header.
Status:EntryReference: BID:1709
Reference: URL:http://www.securityfocus.com/bid/1709
Reference: BUGTRAQ:20000922 [ no subject ]
Reference: URL:http://www.securityfocus.com/archive/1/84901
Reference: BUGTRAQ:20001031 FW: Pine 4.30 now available
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0441.html
Reference: FREEBSD:FreeBSD-SA-00:59
Reference: URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc
Reference: MANDRAKE:MDKSA-2000:073
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-073.php3
Reference: REDHAT:RHSA-2000:102
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-102.html
Reference: XF:pine-check-mail-bo(5283)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5283
Name: CVE-2000-0910
Description:
Horde library 1.02 allows attackers to execute arbitrary commands via shell metacharacters in the "from" address.
Status:EntryReference: BID:1674
Reference: URL:http://www.securityfocus.com/bid/1674
Reference: BUGTRAQ:20000908 horde library bug - unchecked from-address
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0051.html
Reference: CONFIRM:http://ssl.coc-ag.de/sec/hordelib-1.2.0.frombug.patch
Reference: DEBIAN:20000910 imp: remote compromise
Reference: URL:http://www.debian.org/security/2000/20000910
Reference: XF:horde-imp-sendmail-command(5278)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5278
Name: CVE-2000-0911
Description:
IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachment_name hidden form variable, which causes IMP to send the file to the attacker as an attachment.
Status:EntryReference: BID:1679
Reference: URL:http://www.securityfocus.com/bid/1679
Reference: BUGTRAQ:20000912 (SRADV00003) Arbitrary file disclosure through IMP
Reference: URL:http://www.securityfocus.com/archive/1/82088
Reference: XF:imp-attach-file(5227)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5227
Name: CVE-2000-0912
Description:
MultiHTML CGI script allows remote attackers to read arbitrary files and possibly execute arbitrary commands by specifying the file name to the "multi" parameter.
Status:EntryReference: BUGTRAQ:20000913 MultiHTML vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0146.html
Reference: XF:http-cgi-multihtml(5285)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5285
Name: CVE-2000-0913
Description:
mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
Status:EntryReference: BID:1728
Reference: URL:http://www.securityfocus.com/bid/1728
Reference: BUGTRAQ:20000929 Security vulnerability in Apache mod_rewrite
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0352.html
Reference: BUGTRAQ:20001011 Conectiva Linux Security Announcement - apache
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0174.html
Reference: CALDERA:CSSA-2000-035.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-035.0.txt
Reference: HP:HPSBUX0010-126
Reference: URL:http://archives.neohapsis.com/archives/hp/2000-q4/0021.html
Reference: MANDRAKE:MDKSA-2000:060
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-060-2.php3?dis=7.1
Reference: MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
Reference: URL:https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
Reference: MLIST:[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
Reference: URL:https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
Reference: MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
Reference: URL:https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
Reference: MLIST:[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
Reference: URL:https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E
Reference: MLIST:[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
Reference: URL:https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E
Reference: MLIST:[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
Reference: URL:https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
Reference: REDHAT:RHSA-2000:088
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-088.html
Reference: REDHAT:RHSA-2000:095
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-095.html
Reference: XF:apache-rewrite-view-files(5310)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5310
Name: CVE-2000-0914
Description:
OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests.
Status:EntryReference: BID:1759
Reference: URL:http://www.securityfocus.com/bid/1759
Reference: BUGTRAQ:20001005 obsd_fun.c
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0078.html
Reference: OSVDB:1592
Reference: URL:http://www.osvdb.org/1592
Reference: XF:bsd-arp-request-dos(5340)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5340
Name: CVE-2000-0915
Description:
fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target file name instead of a regular user name.
Status:EntryReference: BID:1803
Reference: URL:http://www.securityfocus.com/bid/1803
Reference: BUGTRAQ:20001002 [sa2c@and.or.jp: bin/21704: enabling fingerd makes files world readable]
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0017.html
Reference: FREEBSD:FreeBSD-SA-00:54
Reference: URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:54.fingerd.asc
Reference: OSVDB:433
Reference: URL:http://www.osvdb.org/433
Reference: XF:freebsd-fingerd-files(5385)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5385
Name: CVE-2000-0917
Description:
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
Status:EntryReference: BID:1712
Reference: URL:http://www.securityfocus.com/bid/1712
Reference: BUGTRAQ:20000925 Format strings: bug #2: LPRng
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html
Reference: CALDERA:CSSA-2000-033.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt
Reference: CERT:CA-2000-22
Reference: URL:http://www.cert.org/advisories/CA-2000-22.html
Reference: FREEBSD:FreeBSD-SA-00:56
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc
Reference: REDHAT:RHSA-2000:065
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-065.html
Reference: XF:lprng-format-string(5287)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5287
Name: CVE-2000-0919
Description:
Directory traversal vulnerability in PHPix Photo Album 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1773
Reference: URL:http://www.securityfocus.com/bid/1773
Reference: BUGTRAQ:20001007 PHPix advisory
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0117.html
Reference: OSVDB:472
Reference: URL:http://www.osvdb.org/472
Reference: XF:phpix-dir-traversal(5331)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5331
Name: CVE-2000-0920
Description:
Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "."
Status:EntryReference: BID:1770
Reference: URL:http://www.securityfocus.com/bid/1770
Reference: BUGTRAQ:20001006 Vulnerability in BOA web server v0.94.8.2
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0092.html
Reference: DEBIAN:20001009 boa: exposes contents of local files
Reference: URL:http://www.debian.org/security/2000/20001009
Reference: FREEBSD:FreeBSD-SA-00:60
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:60.boa.asc
Reference: XF:boa-webserver-get-dir-traversal(5330)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5330
Name: CVE-2000-0921
Description:
Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.
Status:EntryReference: BID:1777
Reference: URL:http://www.securityfocus.com/bid/1777
Reference: BUGTRAQ:20001007 Security Advisory: Hassan Consulting's shop.cgi Directory Traversal Vulnerability.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0115.html
Reference: OSVDB:1596
Reference: URL:http://www.osvdb.org/1596
Reference: XF:hassan-shopping-cart-dir-traversal(5342)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5342
Name: CVE-2000-0922
Description:
Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage parameter.
Status:EntryReference: BID:1776
Reference: URL:http://www.securityfocus.com/bid/1776
Reference: BUGTRAQ:20001008 Security Advisory: Bytes Interactive's Web Shopper (shopper.cgi) Directory Traversal Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0120.html
Reference: XF:web-shopper-directory-traversal(5351)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5351
Name: CVE-2000-0923
Description:
authenticate.cgi CGI program in Aplio PRO allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter.
Status:EntryReference: BID:1784
Reference: URL:http://www.securityfocus.com/bid/1784
Reference: BUGTRAQ:20001006 Fwd: APlio PRO web shell
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0107.html
Reference: XF:uclinux-apliophone-bin-execute(5333)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5333
Name: CVE-2000-0924
Description:
Directory traversal vulnerability in search.cgi CGI script in Armada Master Index allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catigory" parameter.
Status:EntryReference: BID:1772
Reference: URL:http://www.securityfocus.com/bid/1772
Reference: BUGTRAQ:20001009 Master Index traverse advisory
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0141.html
Reference: OSVDB:461
Reference: URL:http://www.osvdb.org/461
Reference: XF:master-index-directory-traversal(5355)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5355
Name: CVE-2000-0925
Description:
The default installation of SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) installs the _private directory with world readable permissions, which allows remote attackers to obtain sensitive information.
Status:EntryReference: BID:1734
Reference: URL:http://www.securityfocus.com/bid/1734
Reference: BUGTRAQ:20001002 DST2K0035: Credit card (customer) details exposed within CyberOff ice Shopping Cart v2
Reference: URL:http://marc.info/?l=bugtraq&m=97050819812055&w=2
Reference: WIN2KSEC:20001002 DST2K0035: Credit card (customer) details exposed within CyberOff ice Shopping Cart v2
Reference: URL:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0001.html
Reference: XF:cyberoffice-world-readable-directory(5318)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5318
Name: CVE-2000-0926
Description:
SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) allows remote attackers to modify price information by changing the "Price" hidden form variable.
Status:EntryReference: BID:1733
Reference: URL:http://www.securityfocus.com/bid/1733
Reference: BUGTRAQ:20001002 DST2K0036: Price modification possible in CyberOffice Shopping Cart
Reference: URL:http://marc.info/?l=bugtraq&m=97050627707128&w=2
Reference: WIN2KSEC:20001002 DST2K0036: Price modification possible in CyberOffice Shopping Ca rt
Reference: URL:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0000.html
Reference: XF:cyberoffice-price-modification(5319)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5319
Name: CVE-2000-0927
Description:
WQuinn QuotaAdvisor 4.1 does not properly record file sizes if they are stored in alternative data streams, which allows users to bypass quota restrictions.
Status:EntryReference: BID:1724
Reference: URL:http://www.securityfocus.com/bid/1724
Reference: BUGTRAQ:20000928 DST2K0037: QuotaAdvisor 4.1 by WQuinn is susceptible to alternati ve datastreams to bypass quotas.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09//0331.html
Reference: NTBUGTRAQ:20000928 DST2K0037: QuotaAdvisor 4.1 by WQuinn is susceptible to alternati ve datastreams to bypass quotas.
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0173.html
Reference: XF:quotaadvisor-quota-bypass(5302)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5302
Name: CVE-2000-0928
Description:
WQuinn QuotaAdvisor 4.1 allows users to list directories and files by running a report on the targeted shares.
Status:EntryReference: BID:1765
Reference: URL:http://www.securityfocus.com/bid/1765
Reference: BUGTRAQ:20001006 DST2K0040: QuotaAdvisor 4.1 by WQuinn susceptible to any user bei ng able to list (not read) all files on any server running QuotaAdvisor.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0091.html
Reference: XF:quotaadvisor-list-files(5327)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5327
Name: CVE-2000-0929
Description:
Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerability.
Status:EntryReference: BID:1714
Reference: URL:http://www.securityfocus.com/bid/1714
Reference: BUGTRAQ:20000929 Malformed Embedded Windows Media Player 7 "OCX Attachment"
Reference: URL:http://marc.info/?l=bugtraq&m=97024839222747&w=2
Reference: MS:MS00-068
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-068
Reference: XF:mediaplayer-outlook-dos(5309)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5309
Name: CVE-2000-0930
Description:
Pegasus Mail 3.12 allows remote attackers to read arbitrary files via an embedded URL that calls the mailto: protocol with a -F switch.
Status:EntryReference: BID:1738
Reference: URL:http://www.securityfocus.com/bid/1738
Reference: BUGTRAQ:20001003 Pegasus mail file reading vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0039.html
Reference: BUGTRAQ:20001030 Pegasus Mail file reading vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0436.html
Reference: XF:pegasus-file-forwarding(5326)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5326
Name: CVE-2000-0932
Description:
MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service.
Status:EntryReference: NTBUGTRAQ:20000926 FW: DOS for Content Technologies' MAILsweeper for SMTP.
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0181.html
Reference: XF:mailsweeper-smtp-dos(5641)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5641
Name: CVE-2000-0933
Description:
The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable access to privileged functionality that should normally be restricted, which allows local users to gain privileges, aka the "Simplified Chinese IME State Recognition" vulnerability.
Status:EntryReference: BID:1729
Reference: URL:http://www.securityfocus.com/bid/1729
Reference: MS:MS00-069
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-069
Reference: XF:win2k-simplified-chinese-ime(5301)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5301
Name: CVE-2000-0934
Description:
Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack.
Status:EntryReference: BID:1703
Reference: URL:http://www.securityfocus.com/bid/1703
Reference: REDHAT:RHSA-2000:062
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-062.html
Reference: XF:glint-symlink(5271)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5271
Name: CVE-2000-0935
Description:
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file.
Status:EntryReference: BID:1872
Reference: URL:http://www.securityfocus.com/bid/1872
Reference: BUGTRAQ:20001030 Samba 2.0.7 SWAT vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html
Reference: XF:samba-swat-logging-sym-link(5443)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5443
Name: CVE-2000-0936
Description:
Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords.
Status:EntryReference: BID:1874
Reference: URL:http://www.securityfocus.com/bid/1874
Reference: BUGTRAQ:20001030 Samba 2.0.7 SWAT vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html
Reference: XF:samba-swat-logfile-info(5445)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5445
Name: CVE-2000-0937
Description:
Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks.
Status:EntryReference: BID:1873
Reference: URL:http://www.securityfocus.com/bid/1873
Reference: BUGTRAQ:20001030 Samba 2.0.7 SWAT vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html
Reference: XF:samba-swat-brute-force(5442)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5442
Name: CVE-2000-0938
Description:
Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server.
Status:EntryReference: BUGTRAQ:20001030 Samba 2.0.7 SWAT vulnerabilities
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0430.html
Reference: XF:samba-swat-brute-force(5442)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5442
Name: CVE-2000-0941
Description:
Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter.
Status:EntryReference: BID:1883
Reference: URL:http://www.securityfocus.com/bid/1883
Reference: BUGTRAQ:20001029 Re: Remote command execution via KW Whois 1.0 (addition)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0420.html
Reference: BUGTRAQ:20001029 Remote command execution via KW Whois 1.0
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0419.html
Reference: MISC:http://www.kootenayweb.bc.ca/scripts/whois.txt
Reference: XF:kw-whois-meta(5438)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5438
Name: CVE-2000-0942
Description:
The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability.
Status:EntryReference: BID:1861
Reference: URL:http://www.securityfocus.com/bid/1861
Reference: BUGTRAQ:20001028 IIS 5.0 cross site scripting vulnerability - using .htw
Reference: URL:http://www.securityfocus.com/archive/1/141903
Reference: MS:MS00-084
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-084
Reference: XF:iis-htw-cross-scripting(5441)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5441
Name: CVE-2000-0943
Description:
Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER command.
Status:EntryReference: BID:1858
Reference: URL:http://www.securityfocus.com/bid/1858
Reference: BUGTRAQ:20001027 Potential Security Problem in bftpd-1.0.11
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0397.html
Reference: XF:bftpd-user-bo(5426)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5426
Name: CVE-2000-0944
Description:
CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without knowing the original password.
Status:EntryReference: BID:1881
Reference: URL:http://www.securityfocus.com/bid/1881
Reference: BUGTRAQ:20001027 CGI-Bug: News Update 1.1 administration password bug
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0402.html
Reference: XF:news-update-bypass-password(5433)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5433
Name: CVE-2000-0945
Description:
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.
Status:EntryReference: BID:1846
Reference: URL:http://www.securityfocus.com/bid/1846
Reference: BUGTRAQ:20001026 Advisory def-2000-02: Cisco Catalyst remote command execution
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0380.html
Reference: BUGTRAQ:20001113 Re: 3500XL
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0194.html
Reference: OSVDB:444
Reference: URL:http://www.osvdb.org/444
Reference: XF:cisco-catalyst-remote-commands(5415)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5415
Name: CVE-2000-0946
Description:
Compaq Easy Access Keyboard software 1.3 does not properly disable access to custom buttons when the screen is locked, which could allow an attacker to gain privileges or execute programs without authorization.
Status:EntryReference: CONFIRM:http://www5.compaq.com/support/files/desktops/us/revision/1723.html
Reference: NTBUGTRAQ:20001012 Security issue with Compaq Easy Access Keyboard software
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q4/0023.html
Reference: OSVDB:5831
Reference: URL:http://www.osvdb.org/5831
Reference: XF:compaq-ea-elevate-privileges(5718)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5718
Name: CVE-2000-0947
Description:
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.
Status:EntryReference: BID:1757
Reference: URL:http://www.securityfocus.com/bid/1757
Reference: BUGTRAQ:20001002 Very probable remote root vulnerability in cfengine
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0004.html
Reference: MANDRAKE:MDKSA-2000:061
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-061.php3?dis=7.1
Reference: NETBSD:NetBSD-SA2000-013
Reference: URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-013.txt.asc
Reference: XF:cfengine-cfd-format-string(5630)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5630
Name: CVE-2000-0948
Description:
GnoRPM before 0.95 allows local users to modify arbitrary files via a symlink attack.
Status:EntryReference: BID:1761
Reference: URL:http://www.securityfocus.com/bid/1761
Reference: BUGTRAQ:20001002 GnoRPM local /tmp vulnerability
Reference: URL:http://www.securityfocus.com/archive/1/136866
Reference: BUGTRAQ:20001003 Conectiva Linux Security Announcement - gnorpm
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0043.html
Reference: BUGTRAQ:20001011 Immunix OS Security Update for gnorpm package
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0184.html
Reference: MANDRAKE:MDKSA-2000:055
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-055.php3?dis=7.0
Reference: REDHAT:RHSA-2000:072
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-072.html
Reference: XF:gnorpm-temp-symlink(5317)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5317
Name: CVE-2000-0949
Description:
Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option.
Status:EntryReference: BID:1739
Reference: URL:http://www.securityfocus.com/bid/1739
Reference: BUGTRAQ:20000928 Very interesting traceroute flaw
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0344.html
Reference: BUGTRAQ:20000930 Conectiva Linux Security Announcement - traceroute
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0357.html
Reference: CALDERA:CSSA-2000-034.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-034.0.txt
Reference: DEBIAN:20001013 traceroute: local root exploit
Reference: URL:http://www.debian.org/security/2000/20001013
Reference: MANDRAKE:MDKSA-2000:053
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-053.php3?dis=7.1
Reference: REDHAT:RHSA-2000:078
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-078.html
Reference: TURBO:TLSA2000023-1
Reference: URL:http://www.turbolinux.com/pipermail/tl-security-announce/2000-October/000025.html
Reference: XF:traceroute-heap-overflow(5311)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5311
Name: CVE-2000-0951
Description:
A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote attackers to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search.
Status:EntryReference: ATSTAKE:A100400-1
Reference: URL:http://www.atstake.com/research/advisories/2000/a100400-1.txt
Reference: BID:1756
Reference: URL:http://www.securityfocus.com/bid/1756
Reference: MSKB:Q272079
Reference: URL:http://www.microsoft.com/technet/support/kb.asp?ID=272079
Reference: XF:iis-index-dir-traverse(5335)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5335
Name: CVE-2000-0952
Description:
global.cgi CGI program in Global 3.55 and earlier on NetBSD allows remote attackers to execute arbitrary commands via shell metacharacters.
Status:EntryReference: FREEBSD:FreeBSD-SA-00:64
Reference: NETBSD:NetBSD-SA2000-014
Reference: URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-014.txt.asc
Reference: OSVDB:6486
Reference: URL:http://www.osvdb.org/6486
Reference: XF:global-execute-remote-commands(5424)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5424
Name: CVE-2000-0953
Description:
Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a connection.
Status:EntryReference: BID:1778
Reference: URL:http://www.securityfocus.com/bid/1778
Reference: BUGTRAQ:20001009 Shambala 4.5 vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0134.html
Reference: XF:shambala-connection-dos(5345)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5345
Name: CVE-2000-0956
Description:
cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions.
Status:EntryReference: BID:1875
Reference: URL:http://www.securityfocus.com/bid/1875
Reference: REDHAT:RHSA-2000:094
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-094.html
Reference: XF:cyrus-sasl-gain-access(5427)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5427
Name: CVE-2000-0957
Description:
The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes.
Status:EntryReference: BUGTRAQ:20001026 (SRADV00004) Remote and local vulnerabilities in pam_mysql
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0374.html
Reference: XF:pammysql-auth-input(5447)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5447
Name: CVE-2000-0958
Description:
HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window.
Status:EntryReference: BUGTRAQ:20001025 HotJava Browser 3.0 JavaScript security vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0349.html
Reference: XF:hotjava-browser-dom-access(5428)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5428
Name: CVE-2000-0959
Description:
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.
Status:EntryReference: BID:1719
Reference: URL:http://www.securityfocus.com/bid/1719
Reference: BUGTRAQ:20000926 ld.so bug - LD_DEBUG_OUTPUT follows symlinks
Reference: URL:http://www.securityfocus.com/archive/1/85028
Reference: XF:glibc-unset-symlink(5299)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5299
Name: CVE-2000-0960
Description:
The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse.
Status:EntryReference: BID:1787
Reference: URL:http://www.securityfocus.com/bid/1787
Reference: BUGTRAQ:20001011 Netscape Messaging server 4.15 poor error strings
Reference: URL:http://marc.info/?l=bugtraq&m=97138100426121&w=2
Reference: XF:netscape-messaging-email-verify(5364)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5364
Name: CVE-2000-0961
Description:
Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command.
Status:EntryReference: BID:1721
Reference: URL:http://www.securityfocus.com/bid/1721
Reference: BUGTRAQ:20000928 commercial products and security [ + new bug ]
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0334.html
Reference: XF:netscape-messaging-list-dos(5292)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5292
Name: CVE-2000-0962
Description:
The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service.
Status:EntryReference: BID:1723
Reference: URL:http://www.securityfocus.com/bid/1723
Reference: BUGTRAQ:20000925 Nmap Protocol Scanning DoS against OpenBSD IPSEC
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0299.html
Reference: OPENBSD:20000918 Bad ESP/AH packets could cause a crash under certain conditions.
Reference: OSVDB:1574
Reference: URL:http://www.osvdb.org/1574
Reference: XF:openbsd-nmap-dos(5634)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5634
Name: CVE-2000-0964
Description:
Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.
Status:EntryReference: BID:1727
Reference: URL:http://www.securityfocus.com/bid/1727
Reference: BUGTRAQ:20000928 Another thingy.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0336.html
Reference: XF:hinet-ipphone-get-bo(5298)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5298
Name: CVE-2000-0965
Description:
The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10.24 and 11.04 allows an attacker to cause a denial of service (high CPU utilization).
Status:EntryReference: HP:HPSBUX0010-124
Reference: URL:http://archives.neohapsis.com/archives/hp/2000-q4/0012.html
Reference: XF:hp-virtualvault-nsapi-dos(5361)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5361
Name: CVE-2000-0966
Description:
Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of HP-UX 11.0 and earlier allows local users to gain privileges.
Status:EntryReference: HP:HPSBUX0010-125
Reference: URL:http://archives.neohapsis.com/archives/hp/2000-q4/0020.html
Reference: OSVDB:7244
Reference: URL:http://www.osvdb.org/7244
Reference: XF:hp-lpspooler-bo(5379)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5379
Name: CVE-2000-0967
Description:
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs.
Status:EntryReference: ATSTAKE:A101200-1
Reference: URL:http://www.atstake.com/research/advisories/2000/a101200-1.txt
Reference: BID:1786
Reference: URL:http://www.securityfocus.com/bid/1786
Reference: BUGTRAQ:20001012 Conectiva Linux Security Announcement - mod_php3
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0204.html
Reference: CALDERA:CSSA-2000-037.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-037.0.txt
Reference: DEBIAN:20001014a
Reference: DEBIAN:20001014b
Reference: FREEBSD:FreeBSD-SA-00:75
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:75.php.asc
Reference: MANDRAKE:MDKSA-2000:062
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-062.php3?dis=7.1
Reference: REDHAT:RHSA-2000:088
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-088.html
Reference: REDHAT:RHSA-2000:095
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-095.html
Reference: XF:php-logging-format-string(5359)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5359
Name: CVE-2000-0968
Description:
Buffer overflow in Half Life dedicated server before build 3104 allows remote attackers to execute arbitrary commands via a long rcon command.
Status:EntryReference: BID:1799
Reference: URL:http://www.securityfocus.com/bid/1799
Reference: BUGTRAQ:20001016 Half-Life Dedicated Server Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html
Reference: BUGTRAQ:20001024 Tamandua Sekure Labs Security Advisory 2000-01
Reference: URL:http://www.securityfocus.com/archive/1/141060
Reference: BUGTRAQ:20001027 Re: Half Life dedicated server Patch
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html
Reference: XF:halflife-server-changelevel-bo(5375)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5375
Name: CVE-2000-0969
Description:
Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon.
Status:EntryReference: BUGTRAQ:20001016 Half-Life Dedicated Server Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0254.html
Reference: BUGTRAQ:20001024 Tamandua Sekure Labs Security Advisory 2000-01
Reference: URL:http://www.securityfocus.com/archive/1/141060
Reference: BUGTRAQ:20001027 Re: Half Life dedicated server Patch
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0409.html
Reference: OSVDB:6983
Reference: URL:http://www.osvdb.org/6983
Reference: XF:halflife-rcon-format-string(5413)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5413
Name: CVE-2000-0970
Description:
IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote attackers to hijack the secure web session of the user if that user moves to an insecure session, aka the "Session ID Cookie Marking" vulnerability.
Status:EntryReference: MISC:http://www.acrossecurity.com/aspr/ASPR-2000-07-22-1-PUB.txt
Reference: MS:MS00-080
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-080
Reference: OSVDB:7265
Reference: URL:http://www.osvdb.org/7265
Reference: XF:session-cookie-remote-retrieval(5396)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5396
Name: CVE-2000-0972
Description:
HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates.
Status:EntryReference: BUGTRAQ:20001020 [ Hackerslab bug_paper ] HP-UX crontab temporary file symbolic link vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0317.html
Reference: XF:hp-crontab-read-files(5410)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5410
Name: CVE-2000-0973
Description:
Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated.
Status:EntryReference: BID:1804
Reference: URL:http://www.securityfocus.com/bid/1804
Reference: DEBIAN:20001013a
Reference: FREEBSD:FreeBSD-SA-00:72
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:72.curl.asc
Reference: REDHAT:RHBA-2000:092-01
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0331.html
Reference: XF:curl-error-bo(5374)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5374
Name: CVE-2000-0974
Description:
GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection.
Status:EntryReference: BID:1797
Reference: URL:http://www.securityfocus.com/bid/1797
Reference: BUGTRAQ:20001011 GPG 1.0.3 doesn't detect modifications to files with multiple signatures
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0201.html
Reference: BUGTRAQ:20001025 Immunix OS Security Update for gnupg package
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0361.html
Reference: CALDERA:CSSA-2000-038.0
Reference: URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-038.0.txt
Reference: CONECTIVA:CLSA-2000:334
Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000334
Reference: DEBIAN:20001111 gnupg: incorrect signature verification
Reference: URL:http://www.debian.org/security/2000/20001111
Reference: FREEBSD:FreeBSD-SA-00:67
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:67.gnupg.asc
Reference: MANDRAKE:MDKSA-2000:063-1
Reference: OSVDB:1608
Reference: URL:http://www.osvdb.org/1608
Reference: REDHAT:RHSA-2000:089
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-089.html
Reference: XF:gnupg-message-modify(5386)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5386
Name: CVE-2000-0975
Description:
Directory traversal vulnerability in apexec.pl in Anaconda Foundation Directory allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BUGTRAQ:20001012 Anaconda Advisory
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0210.html
Reference: OSVDB:435
Reference: URL:http://www.osvdb.org/435
Reference: XF:anaconda-apexec-directory-traversal(5750)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5750
Name: CVE-2000-0976
Description:
Buffer overflow in xlib in XFree 3.3.x possibly allows local users to execute arbitrary commands via a long DISPLAY environment variable or a -display command line parameter.
Status:EntryReference: BID:1805
Reference: URL:http://www.securityfocus.com/bid/1805
Reference: BUGTRAQ:20001012 another Xlib buffer overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0211.html
Reference: SGI:20020502-01-I
Reference: URL:ftp://patches.sgi.com/support/free/security/advisories/20020502-01-I
Reference: XF:xfree-xlib-bo(5751)
Reference: URL:http://www.iss.net/security_center/static/5751.php
Name: CVE-2000-0977
Description:
mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to read arbitrary files by specifying the target file name in the "filename" parameter in a POST request, which is then sent by email to the address specified in the "email" parameter.
Status:EntryReference: BID:1807
Reference: URL:http://www.securityfocus.com/bid/1807
Reference: BUGTRAQ:20001011 Mail File POST Vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0172.html
Reference: XF:mailfile-post-file-read(5358)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5358
Name: CVE-2000-0978
Description:
bbd server in Big Brother System and Network Monitor before 1.5c2 allows remote attackers to execute arbitrary commands via the "&" shell metacharacter.
Status:EntryReference: BID:1779
Reference: URL:http://www.securityfocus.com/bid/1779
Reference: BUGTRAQ:20001010 Big Brother Systems and Network Monitor vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0162.html
Reference: XF:bb4-netmon-execute-commands(5719)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5719
Name: CVE-2000-0979
Description:
File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the password for a file share, which allows remote attackers to bypass share access controls by sending a 1-byte password that matches the first character of the real password, aka the "Share Level Password" vulnerability.
Status:EntryReference: BID:1780
Reference: URL:http://www.securityfocus.com/bid/1780
Reference: BUGTRAQ:20001012 NSFOCUS SA2000-05: Microsoft Windows 9x NETBIOS password
Reference: URL:http://marc.info/?l=bugtraq&m=97147777618139&w=2
Reference: MS:MS00-072
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-072
Reference: OVAL:oval:org.mitre.oval:def:996
Reference: URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A996
Reference: XF:win9x-share-level-password(5395)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5395
Name: CVE-2000-0980
Description:
NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets from a broadcast address, which allows remote attackers to cause a broadcast storm and flood the network.
Status:EntryReference: BID:1781
Reference: URL:http://www.securityfocus.com/bid/1781
Reference: MS:MS00-073
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-073
Reference: XF:win-nmpi-packet-dos(5357)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5357
Name: CVE-2000-0981
Description:
MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password.
Status:EntryReference: BUGTRAQ:20001023 [CORE SDI ADVISORY] MySQL weak authentication
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0318.html
Reference: CONFIRM:http://www.mysql.com/documentation/mysql/commented/manual.php?section=Security
Reference: XF:mysql-authentication(5409)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5409
Name: CVE-2000-0982
Description:
Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability.
Status:EntryReference: BID:1793
Reference: URL:http://www.securityfocus.com/bid/1793
Reference: MISC:http://www.acrossecurity.com/aspr/ASPR-2000-07-22-2-PUB.txt
Reference: MS:MS00-076
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-076
Reference: XF:ie-cache-info(5367)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5367
Name: CVE-2000-0983
Description:
Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service (CPU utilization) via a sequence of null bytes to the NetMeeting port, aka the "NetMeeting Desktop Sharing" vulnerability.
Status:EntryReference: BID:1798
Reference: URL:http://www.securityfocus.com/bid/1798
Reference: BUGTRAQ:20001018 Denial of Service attack against computers running Microsoft NetMeeting
Reference: URL:http://www.securityfocus.com/archive/1/140341
Reference: MS:MS00-077
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-077
Reference: MSKB:Q273854
Reference: URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];Q273854
Reference: XF:netmeeting-desktop-sharing-dos(5368)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5368
Name: CVE-2000-0984
Description:
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.
Status:EntryReference: BID:1838
Reference: URL:http://www.securityfocus.com/bid/1838
Reference: BUGTRAQ:20001026 [CORE SDI ADVISORY] Cisco IOS HTTP server DoS
Reference: CISCO:20001025 Cisco IOS HTTP Server Query Vulnerability
Reference: URL:http://www.cisco.com/warp/public/707/ioshttpserverquery-pub.shtml
Reference: XF:cisco-ios-query-dos(5412)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5412
Name: CVE-2000-0989
Description:
Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP service allows remote attackers to cause a denial of service and possibly execute commands via a long username.
Status:EntryReference: BUGTRAQ:20001020 DoS in Intel corporation 'InBusiness eMail Station'
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0293.html
Reference: OSVDB:6488
Reference: URL:http://www.osvdb.org/6488
Reference: XF:intel-email-username-bo(5414)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5414
Name: CVE-2000-0990
Description:
cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial of service via an "SMTP AUTH" command with an unknown username.
Status:EntryReference: BID:1809
Reference: URL:http://www.securityfocus.com/bid/1809
Reference: BUGTRAQ:20001016 Authentication failure in cmd5checkpw 0.21
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0258.html
Reference: CONFIRM:http://members.elysium.pl/brush/cmd5checkpw/changes.html
Reference: XF:cmd5checkpw-qmail-bypass-authentication(5382)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5382
Name: CVE-2000-0991
Description:
Buffer overflow in Hilgraeve, Inc. HyperTerminal client on Windows 98, ME, and 2000 allows remote attackers to execute arbitrary commands via a long telnet URL, aka the "HyperTerminal Buffer Overflow" vulnerability.
Status:EntryReference: BID:1815
Reference: URL:http://www.securityfocus.com/bid/1815
Reference: MS:MS00-079
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-079
Reference: XF:win-hyperterminal-telnet-bo(5387)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5387
Name: CVE-2000-0992
Description:
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
Status:EntryReference: BID:1742
Reference: URL:http://www.securityfocus.com/bid/1742
Reference: BUGTRAQ:20000930 scp file transfer hole
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0359.html
Reference: BUGTRAQ:20001001 openssh2.2.p1 - Re: scp file transfer hole
Reference: MANDRAKE:MDKSA-2000:057
Reference: URL:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:057
Reference: XF:scp-overwrite-files(5312)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5312
Name: CVE-2000-0993
Description:
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
Status:EntryReference: BID:1744
Reference: URL:http://www.securityfocus.com/bid/1744
Reference: BUGTRAQ:20001004 Re: OpenBSD Security Advisory
Reference: URL:http://marc.info/?l=bugtraq&m=97068555106135&w=2
Reference: FREEBSD:FreeBSD-SA-00:58
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:58.chpass.asc
Reference: NETBSD:NetBSD-SA2000-015
Reference: URL:ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-015.txt.asc
Reference: OPENBSD:20001003 A format string vulnerability exists in the pw_error(3) function.
Reference: URL:http://www.openbsd.org/errata27.html#pw_error
Reference: XF:bsd-libutil-format(5339)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5339
Name: CVE-2000-0994
Description:
Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable.
Status:EntryReference: BID:1746
Reference: URL:http://www.securityfocus.com/bid/1746
Reference: BUGTRAQ:20001004 Re: OpenBSD Security Advisory
Reference: URL:http://marc.info/?l=bugtraq&m=97068555106135&w=2
Reference: MISC:ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch
Reference: OPENBSD:20001006 There are printf-style format string bugs in several privileged programs.
Reference: XF:bsd-fstat-format(5338)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5338
Name: CVE-2000-0995
Description:
Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name.
Status:EntryReference: MISC:ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch
Reference: OPENBSD:20001006 There are printf-style format string bugs in several privileged programs.
Reference: OSVDB:6125
Reference: URL:http://www.osvdb.org/6125
Reference: XF:bsd-yp-passwd-format(5635)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5635
Name: CVE-2000-0996
Description:
Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell.
Status:EntryReference: MISC:ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch
Reference: OPENBSD:20001006 There are printf-style format string bugs in several privileged programs.
Reference: OSVDB:6124
Reference: URL:http://www.osvdb.org/6124
Reference: XF:bsd-su-format(5636)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5636
Name: CVE-2000-1000
Description:
Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by transferring a file whose name includes format characters.
Status:EntryReference: BID:1747
Reference: URL:http://www.securityfocus.com/bid/1747
Reference: BUGTRAQ:20001003 AOL Instant Messenger DoS
Reference: URL:http://www.securityfocus.com/archive/1/137374
Reference: XF:aim-file-transfer-dos(5314)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5314
Name: CVE-2000-1001
Description:
add_2_basket.asp in Element InstantShop allows remote attackers to modify price information via the "price" hidden form variable.
Status:EntryReference: BUGTRAQ:20001024 Price modification in Element InstantShop
Reference: URL:http://marc.info/?l=bugtraq&m=97240616129614&w=2
Reference: OSVDB:6487
Reference: URL:http://www.osvdb.org/6487
Reference: XF:instantshop-modify-price(5402)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5402
Name: CVE-2000-1002
Description:
POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks.
Status:EntryReference: BID:1792
Reference: URL:http://www.securityfocus.com/bid/1792
Reference: BUGTRAQ:20001012 Re: Netscape Messaging server 4.15 poor error strings
Reference: URL:http://www.securityfocus.com/archive/1/139523
Reference: XF:communigate-email-verify(5363)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5363
Name: CVE-2000-1003
Description:
NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by changing a file sharing service to return an unknown driver type, which causes the client to crash.
Status:EntryReference: BID:1794
Reference: URL:http://www.securityfocus.com/bid/1794
Reference: BUGTRAQ:20001012 NSFOCUS SA2000-04: Microsoft Win9x client driver type comparing vulnerability
Reference: URL:http://www.securityfocus.com/archive/1/139511
Reference: XF:win-netbios-driver-type-dos(5370)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5370
Name: CVE-2000-1004
Description:
Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands via a configuration file directory name that contains formatting characters.
Status:EntryReference: BUGTRAQ:20001004 Re: OpenBSD Security Advisory
Reference: URL:http://marc.info/?l=bugtraq&m=97068555106135&w=2
Reference: OSVDB:6123
Reference: URL:http://www.osvdb.org/6123
Reference: XF:bsd-photurisd-format(5336)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5336
Name: CVE-2000-1005
Description:
Directory traversal vulnerability in html_web_store.cgi and web_store.cgi CGI programs in eXtropia WebStore allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter.
Status:EntryReference: BID:1774
Reference: URL:http://www.securityfocus.com/bid/1774
Reference: BUGTRAQ:20001009 Security Advisory : eXtropia WebStore (web_store.cgi) Directory Traversal Vulnerability
Reference: URL:http://www.securityfocus.com/archive/1/138495
Reference: XF:extropia-webstore-fileread(5347)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5347
Name: CVE-2000-1006
Description:
Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified, which allows remote attackers to cause a denial of service via a charset="" command, aka the "Malformed MIME Header" vulnerability.
Status:EntryReference: BID:1869
Reference: URL:http://www.securityfocus.com/bid/1869
Reference: MS:MS00-082
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-082
Reference: XF:ms-exchange-mime-dos(5448)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5448
Name: CVE-2000-1007
Description:
I-gear 3.5.7 and earlier does not properly process log entries in which a URL is longer than 255 characters, which allows an attacker to cause reporting errors.
Status:EntryReference: NTBUGTRAQ:20001025 I-gear 3.5.x for Microsoft Proxy logging vulnerability + temporary fix.
Reference: URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q4/0048.html
Reference: XF:igear-invalid-log(5791)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5791
Name: CVE-2000-1010
Description:
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.
Status:EntryReference: BID:1764
Reference: URL:http://www.securityfocus.com/bid/1764
Reference: BUGTRAQ:20001006 talkd [WAS: Re: OpenBSD Security Advisory]
Reference: URL:http://www.securityfocus.com/archive/1/137890
Reference: XF:linux-talkd-overwrite-root(5344)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5344
Name: CVE-2000-1011
Description:
Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable.
Status:EntryReference: FREEBSD:FreeBSD-SA-00:53
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:53.catopen.asc
Reference: OSVDB:6070
Reference: URL:http://www.osvdb.org/6070
Reference: XF:freebsd-catopen-bo(5638)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5638
Name: CVE-2000-1014
Description:
Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 allows remote attackers to execute arbitrary commands via format characters in the queryText parameter.
Status:EntryReference: BID:1717
Reference: URL:http://www.securityfocus.com/bid/1717
Reference: BUGTRAQ:20000927 Unixware SCOhelp http server format string vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0325.html
Reference: OSVDB:3240
Reference: URL:http://www.osvdb.org/3240
Reference: XF:unixware-scohelp-format(5291)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5291
Name: CVE-2000-1016
Description:
The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.
Status:EntryReference: BID:1707
Reference: URL:http://www.securityfocus.com/bid/1707
Reference: BUGTRAQ:20000921 httpd.conf in Suse 6.4
Reference: URL:http://www.securityfocus.com/archive/1/84360
Reference: XF:suse-installed-packages-exposed(5276)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5276
Name: CVE-2000-1018
Description:
shred 1.0 file wiping utility does not properly open a file for overwriting or flush its buffers, which prevents shred from properly replacing the file's data and allows local users to recover the file.
Status:EntryReference: BID:1788
Reference: URL:http://www.securityfocus.com/bid/1788
Reference: BUGTRAQ:20001010 Shred 1.0 Bug Report
Reference: URL:http://marc.info/?l=bugtraq&m=97119799515246&w=2
Reference: BUGTRAQ:20001011 Shred v1.0 Fix
Reference: URL:http://marc.info/?l=bugtraq&m=97131166004145&w=2
Reference: XF:shred-recover-files(5722)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5722
Name: CVE-2000-1019
Description:
Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows remote attackers to cause a denial of service via a malformed URL.
Status:EntryReference: BID:1866
Reference: URL:http://www.securityfocus.com/bid/1866
Reference: BUGTRAQ:20001030 Ultraseek 3.1.x Remote DoS Vulnerability
Reference: URL:http://marc.info/?l=bugtraq&m=97301487015664&w=2
Reference: XF:ultraseek-malformed-url-dos(5439)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5439
Name: CVE-2000-1022
Description:
The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands.
Status:EntryReference: BID:1698
Reference: URL:http://www.securityfocus.com/bid/1698
Reference: BUGTRAQ:20000919 Cisco PIX Firewall (smtp content filtering hack)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0222.html
Reference: BUGTRAQ:20000920 Re: Cisco PIX Firewall (smtp content filtering hack) - Version 4.2(1) not exploitable
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0241.html
Reference: CISCO:20001005 Cisco Secure PIX Firewall Mailguard Vulnerability
Reference: URL:http://www.cisco.com/warp/public/707/PIXfirewallSMTPfilter-pub.shtml
Reference: XF:cisco-pix-smtp-filtering(5277)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5277
Name: CVE-2000-1024
Description:
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands.
Status:EntryReference: BID:1876
Reference: URL:http://www.securityfocus.com/bid/1876
Reference: BUGTRAQ:20001101 Unify eWave ServletExec upload
Reference: URL:http://marc.info/?l=bugtraq&m=97306581513537&w=2
Reference: XF:ewave-servletexec-file-upload(5450)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5450
Name: CVE-2000-1026
Description:
Multiple buffer overflows in LBNL tcpdump allow remote attackers to execute arbitrary commands.
Status:EntryReference: BID:1870
Reference: URL:http://www.securityfocus.com/bid/1870
Reference: DEBIAN:20001120a
Reference: FREEBSD:FreeBSD-SA-00:61
Reference: URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:61.tcpdump.v1.1.asc
Reference: SUSE:SuSE-SA:2000:46
Reference: URL:http://archives.neohapsis.com/archives/linux/suse/2000-q4/0681.html
Reference: XF:tcpdump-afs-packet-overflow(5480)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5480
Name: CVE-2000-1027
Description:
Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established.
Status:EntryReference: BID:1877
Reference: URL:http://www.securityfocus.com/bid/1877
Reference: BUGTRAQ:20001003 Cisco PIX Firewall allow external users to discover internal IPs
Reference: URL:http://marc.info/?l=bugtraq&m=97059440000367&w=2
Reference: OSVDB:1623
Reference: URL:http://www.osvdb.org/1623
Reference: XF:cisco-pix-reveal-address(5646)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5646
Name: CVE-2000-1031
Description:
Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option.
Status:EntryReference: BID:1889
Reference: URL:http://www.securityfocus.com/bid/1889
Reference: BUGTRAQ:20000810 Re: Possible vulnerability in HPUX ( Add vulnerability List )
Reference: URL:http://www.securityfocus.com/archive/1/75188
Reference: BUGTRAQ:20020902 Happy Labor Day from Snosoft
Reference: URL:http://www.securityfocus.com/archive/1/290115
Reference: BUGTRAQ:20020919 iDEFENSE OSF1/Tru64 3.x vuln clarification
Reference: URL:http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Reference: CERT-VN:VU#320067
Reference: URL:http://www.kb.cert.org/vuls/id/320067
Reference: FULLDISC:20020919 iDEFENSE OSF1/Tru64 3.x vuln clarification
Reference: URL:http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html
Reference: HP:HPSBUX0011-128
Reference: URL:http://archives.neohapsis.com/archives/hp/2000-q4/0034.html
Reference: HP:SSRT2275
Reference: URL:http://wwss1pro.compaq.com/support/reference_library/viewdocument.asp?source=SRB0039W.xml&dt=11
Reference: HP:SSRT2280
Reference: XF:hp-dtterm(5461)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5461
Name: CVE-2000-1032
Description:
The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall.
Status:EntryReference: BID:1890
Reference: URL:http://www.securityfocus.com/bid/1890
Reference: BUGTRAQ:20001101 Re: Samba 2.0.7 SWAT vulnerabilities
Reference: URL:http://www.securityfocus.com/archive/1/142808
Reference: OSVDB:1632
Reference: URL:http://www.osvdb.org/1632
Reference: XF:fw1-login-response(5816)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5816
Name: CVE-2000-1034
Description:
Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.
Status:EntryReference: BID:1899
Reference: URL:http://www.securityfocus.com/bid/1899
Reference: BUGTRAQ:20001106 System Monitor ActiveX Buffer Overflow Vulnerability
Reference: URL:http://marc.info/?l=bugtraq&m=97349782305448&w=2
Reference: MS:MS00-085
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-085
Reference: XF:system-monitor-activex-bo(5467)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5467
Name: CVE-2000-1036
Description:
Directory traversal vulnerability in Extent RBS ISP web server allows remote attackers to read sensitive information via a .. (dot dot) attack on the Image parameter.
Status:EntryReference: BID:1704
Reference: URL:http://www.securityfocus.com/bid/1704
Reference: BUGTRAQ:20000920 Extent RBS directory Transversal.
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0252.html
Reference: XF:rbs-isp-directory-traversal(5275)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5275
Name: CVE-2000-1038
Description:
The web administration interface for IBM AS/400 Firewall allows remote attackers to cause a denial of service via an empty GET request.
Status:EntryReference: AIXAPAR:SA90544
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=SA90544&apar=only
Reference: CONFIRM:http://as400service.rochester.ibm.com/n_dir/nas4apar.NSF/5ec6cdc6ab42894a862568f90073c74a/9ce636030a58807186256955003d128d?OpenDocument
Reference: XF:as400-firewall-dos(5266)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5266
Name: CVE-2000-1040
Description:
Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service.
Status:EntryReference: BID:1820
Reference: URL:http://www.securityfocus.com/bid/1820
Reference: BUGTRAQ:20001025 Immunix OS Security Update for ypbind package
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0356.html
Reference: BUGTRAQ:20001030 Trustix Security Advisory - ping gnupg ypbind
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html
Reference: CALDERA:CSSA-2000-039.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-039.0.txt
Reference: DEBIAN:20001014 nis: local exploit
Reference: URL:http://www.debian.org/security/2000/20001014
Reference: MANDRAKE:MDKSA-2000:064
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-064.php3?dis=7.1
Reference: REDHAT:RHSA-2000:086
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-086.html
Reference: SUSE:SuSE-SA:2000:042
Reference: URL:http://archives.neohapsis.com/archives/linux/suse/2000-q4/0262.html
Reference: XF:ypbind-printf-format-string(5394)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5394
Name: CVE-2000-1041
Description:
Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root privileges.
Status:EntryReference: CALDERA:CSSA-2000-039.0
Reference: URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-039.0.txt
Reference: MANDRAKE:MDKSA-2000:064
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-064.php3?dis=7.1
Reference: SUSE:SuSE-SA:2000:042
Reference: URL:http://archives.neohapsis.com/archives/linux/suse/2000-q4/0262.html
Reference: XF:ypbind-remote-bo(5759)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5759
Name: CVE-2000-1042
Description:
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
Status:EntryReference: MANDRAKE:MDKSA-2000:064
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-064.php3?dis=7.1
Reference: XF:linux-ypserv-bo(5730)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5730
Name: CVE-2000-1043
Description:
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
Status:EntryReference: MANDRAKE:MDKSA-2000:064
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-064.php3?dis=7.1
Reference: XF:linux-ypserv-format-string(5731)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5731
Name: CVE-2000-1044
Description:
Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges.
Status:EntryReference: BID:1820
Reference: URL:http://www.securityfocus.com/bid/1820
Reference: SUSE:SuSE-SA:2000:042
Reference: URL:http://archives.neohapsis.com/archives/linux/suse/2000-q4/0262.html
Reference: XF:ypbind-printf-format-string(5394)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5394
Name: CVE-2000-1045
Description:
nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests.
Status:EntryReference: BID:1863
Reference: URL:http://www.securityfocus.com/bid/1863
Reference: MANDRAKE:MDKSA-2000-066
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-066-1.php3
Reference: REDHAT:RHSA-2000:024
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-024.html
Reference: XF:nssldap-nscd-dos(5449)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5449
Name: CVE-2000-1047
Description:
Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command.
Status:EntryReference: BID:1905
Reference: URL:http://www.securityfocus.com/bid/1905
Reference: BUGTRAQ:20001103 [SAFER] Buffer overflow in Lotus Domino SMTP Server
Reference: URL:http://www.securityfocus.com/archive/1/143071
Reference: OSVDB:442
Reference: URL:http://www.osvdb.org/442
Reference: XF:lotus-domino-smtp-envid(5488)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5488
Name: CVE-2000-1049
Description:
Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL that contains a long string of "." characters.
Status:EntryReference: ALLAIRE:ASB00-030
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=18085&Method=Full
Reference: BUGTRAQ:20001101 Allaire's JRUN DoS
Reference: URL:http://marc.info/?l=bugtraq&m=97310314724964&w=2
Reference: XF:allaire-jrun-servlet-dos(5452)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5452
Name: CVE-2000-1050
Description:
Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash").
Status:EntryReference: ALLAIRE:ASB00-027
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=17966&Method=Full
Reference: BUGTRAQ:20001023 Allaire's JRUN Unauthenticated Access to WEB-INF directory
Reference: URL:http://marc.info/?l=bugtraq&m=97236316510117&w=2
Reference: OSVDB:500
Reference: URL:http://www.osvdb.org/500
Reference: XF:allaire-jrun-webinf-access(5407)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5407
Name: CVE-2000-1051
Description:
Directory traversal vulnerability in Allaire JRun 2.3 server allows remote attackers to read arbitrary files via the SSIFilter servlet.
Status:EntryReference: ALLAIRE:ASB00-028
Reference: URL:http://www.allaire.com/handlers/index.cfm?ID=17968&Method=Full
Reference: BUGTRAQ:20001023 Allaire JRUN 2.3 Arbitrary File Retrieval
Reference: URL:http://marc.info/?l=bugtraq&m=97236692714978&w=2
Reference: XF:allaire-jrun-ssifilter-url(5405)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5405
Name: CVE-2000-1054
Description:
Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet.
Status:EntryReference: BID:1705
Reference: URL:http://www.securityfocus.com/bid/1705
Reference: CISCO:20000921 Multiple Vulnerabilities in CiscoSecure ACS for Windows NT Server
Reference: URL:http://www.cisco.com/warp/public/707/csecureacsnt-pub.shtml
Reference: XF:ciscosecure-csadmin-bo(5272)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5272
Name: CVE-2000-1055
Description:
Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large TACACS+ packet.
Status:EntryReference: BID:1706
Reference: URL:http://www.securityfocus.com/bid/1706
Reference: CISCO:20000921 Multiple Vulnerabilities in CiscoSecure ACS for Windows NT Server
Reference: URL:http://www.cisco.com/warp/public/707/csecureacsnt-pub.shtml
Reference: OSVDB:1569
Reference: URL:http://www.osvdb.org/1569
Reference: XF:ciscosecure-tacacs-dos(5273)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5273
Name: CVE-2000-1056
Description:
CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords.
Status:EntryReference: BID:1708
Reference: URL:http://www.securityfocus.com/bid/1708
Reference: CISCO:20000921 Multiple Vulnerabilities in CiscoSecure ACS for Windows NT Server
Reference: URL:http://www.cisco.com/warp/public/707/csecureacsnt-pub.shtml
Reference: XF:ciscosecure-ldap-bypass-authentication(5274)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5274
Name: CVE-2000-1057
Description:
Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows local users to gain privileges, possibly via insecure permissions.
Status:EntryReference: BID:1682
Reference: URL:http://www.securityfocus.com/bid/1682
Reference: HP:HPSBUX0009-120
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0140.html
Reference: XF:hp-openview-nnm-scripts(5229)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5229
Name: CVE-2000-1058
Description:
Buffer overflow in OverView5 CGI program in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, in the SNMP service (snmp.exe), aka the "Java SNMP MIB Browser Object ID parsing problem."
Status:EntryReference: BUGTRAQ:20000926 DST2K0014: BufferOverrun in HP Openview Network Node Manager v6.1 (Round2)
Reference: URL:http://marc.info/?l=bugtraq&m=97004856403173&w=2
Reference: HP:HPSBUX0009-121
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-09/0274.html
Reference: XF:openview-nmm-snmp-bo(5282)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5282
Name: CVE-2000-1059
Description:
The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges.
Status:EntryReference: BID:1735
Reference: URL:http://www.securityfocus.com/bid/1735
Reference: BUGTRAQ:20000929 Mandrake 7.1 bypasses Xauthority X session security.
Reference: URL:http://www.securityfocus.com/archive/1/136495
Reference: MANDRAKE:MDKSA-2000:052
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-052.php3
Reference: XF:xinitrc-bypass-xauthority(5305)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5305
Name: CVE-2000-1060
Description:
The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges.
Status:EntryReference: BID:1736
Reference: URL:http://www.securityfocus.com/bid/1736
Reference: BUGTRAQ:20001002 Local vulnerability in XFCE 3.5.1
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0022.html
Reference: FREEBSD:FreeBSD-SA-00:65
Reference: XF:xinitrc-bypass-xauthority(5305)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5305
Name: CVE-2000-1061
Description:
Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM ActiveX Component" vulnerability.
Status:EntryReference: MS:MS00-075
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-075
Reference: XF:java-vm-applet(5127)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5127
Name: CVE-2000-1068
Description:
pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the poll_options parameter.
Status:EntryReference: BUGTRAQ:20001023 Re: Poll It v2.0 cgi (again)
Reference: URL:http://marc.info/?l=bugtraq&m=97236719315352&w=2
Reference: CONFIRM:http://www.cgi-world.com/pollit.html
Reference: XF:pollit-polloptions-execute-commands(5792)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5792
Name: CVE-2000-1069
Description:
pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions without knowing the real password by specifying the same value to the entered_password and admin_password parameters.
Status:EntryReference: BUGTRAQ:20001023 Re: Poll It v2.0 cgi (again)
Reference: URL:http://marc.info/?l=bugtraq&m=97236719315352&w=2
Reference: XF:pollit-admin-password-var(5419)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5419
Name: CVE-2000-1070
Description:
pollit.cgi in Poll It 2.01 and earlier uses data files that are located under the web document root, which allows remote attackers to access sensitive or private information.
Status:EntryReference: BUGTRAQ:20001023 Re: Poll It v2.0 cgi (again)
Reference: URL:http://marc.info/?l=bugtraq&m=97236719315352&w=2
Reference: XF:pollit-webroot-gain-access(5794)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5794
Name: CVE-2000-1071
Description:
The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges.
Status:EntryReference: ATSTAKE:A100900-1
Reference: URL:http://www.atstake.com/research/advisories/2000/a100900-1.txt
Reference: BID:1767
Reference: URL:http://www.securityfocus.com/bid/1767
Reference: OSVDB:7213
Reference: URL:http://www.osvdb.org/7213
Reference: XF:ical-xhost-gain-privileges(5752)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5752
Name: CVE-2000-1072
Description:
iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse.
Status:EntryReference: ATSTAKE:A100900-1
Reference: URL:http://www.atstake.com/research/advisories/2000/a100900-1.txt
Reference: BID:1768
Reference: URL:http://www.securityfocus.com/bid/1768
Reference: OSVDB:7212
Reference: URL:http://www.osvdb.org/7212
Reference: XF:ical-iplncal-gain-access(5756)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5756
Name: CVE-2000-1073
Description:
csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory.
Status:EntryReference: ATSTAKE:A100900-1
Reference: URL:http://www.atstake.com/research/advisories/2000/a100900-1.txt
Reference: BID:1769
Reference: URL:http://www.securityfocus.com/bid/1769
Reference: OSVDB:7210
Reference: URL:http://www.osvdb.org/7210
Reference: XF:ical-csstart-gain-access(5757)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5757
Name: CVE-2000-1074
Description:
csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory.
Status:EntryReference: ATSTAKE:A100900-1
Reference: URL:http://www.atstake.com/research/advisories/2000/a100900-1.txt
Reference: BID:1769
Reference: URL:http://www.securityfocus.com/bid/1769
Reference: OSVDB:7209
Reference: URL:http://www.osvdb.org/7209
Reference: XF:ical-csstart-gain-access(5757)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5757
Name: CVE-2000-1075
Description:
Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.
Status:EntryReference: BID:1839
Reference: URL:http://www.securityfocus.com/bid/1839
Reference: BUGTRAQ:20001026 [CORE SDI ADVISORY] iPlanet Certificate Management System 4.2 path traversal bug
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-10/0383.html
Reference: CONFIRM:http://www.iplanet.com/downloads/patches/0122.html
Reference: OSVDB:4086
Reference: URL:http://www.osvdb.org/4086
Reference: OSVDB:486
Reference: URL:http://www.osvdb.org/486
Reference: XF:iplanet-netscape-directory-traversal(5421)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5421
Name: CVE-2000-1077
Description:
Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml extension.
Status:EntryReference: BUGTRAQ:20001026 Buffer overflow in iPlanet Web Server 4 server side SHTML parsing module
Reference: URL:http://www.securityfocus.com/archive/1/141435
Reference: XF:iplanet-web-server-shtml-bo(5446)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5446
Name: CVE-2000-1080
Description:
Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers to cause a denial of service via a malformed (empty) UDP packet.
Status:EntryReference: BID:1900
Reference: URL:http://www.securityfocus.com/bid/1900
Reference: BUGTRAQ:20001102 dos on quake1 servers
Reference: URL:http://marc.info/?l=bugtraq&m=97318797630246&w=2
Reference: CONFIRM:http://proquake.ai.mit.edu/
Reference: XF:quake-empty-udp-dos(5527)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5527
Name: CVE-2000-1089
Description:
Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability.
Status:EntryReference: ATSTAKE:A120400-1
Reference: URL:http://www.stake.com/research/advisories/2000/a120400-1.txt
Reference: BID:2048
Reference: URL:http://www.securityfocus.com/bid/2048
Reference: MS:MS00-094
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-094
Reference: XF:phone-book-service-bo(5623)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5623
Name: CVE-2000-1094
Description:
Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument.
Status:EntryReference: ATSTAKE:A121200-1
Reference: URL:http://www.atstake.com/research/advisories/2000/a121200-1.txt
Reference: BUGTRAQ:20001213 Administrivia & AOL IM Advisory
Reference: URL:http://marc.info/?l=bugtraq&m=97668265628917&w=2
Reference: BUGTRAQ:20001214 Re: AIM & @stake's advisory
Reference: URL:http://marc.info/?l=bugtraq&m=97683774417132&w=2
Reference: OSVDB:1692
Reference: URL:http://www.osvdb.org/1692
Reference: XF:aolim-buddyicon-bo
Name: CVE-2000-1095
Description:
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
Status:EntryReference: BID:1936
Reference: URL:http://www.securityfocus.com/bid/1936
Reference: BUGTRAQ:20001112 RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0179.html
Reference: CONECTIVA:CLSA-2000:340
Reference: URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000340
Reference: DEBIAN:20001120 modutils: local exploit
Reference: URL:http://www.debian.org/security/2000/20001120
Reference: MANDRAKE:MDKSA-2000:071
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-071-1.php3?dis=7.1
Reference: REDHAT:RHSA-2000:108
Reference: URL:http://www.redhat.com/support/errata/RHSA-2000-108.html
Reference: SUSE:SuSE-SA:2000:44
Reference: URL:http://archives.neohapsis.com/archives/linux/suse/2000-q4/0596.html
Reference: XF:linux-modprobe-execute-code(5516)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5516
Name: CVE-2000-1096
Description:
crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating world-writeable temporary files and modifying them while the victim is editing the file.
Status:EntryReference: BID:1960
Reference: URL:http://www.securityfocus.com/bid/1960
Reference: BUGTRAQ:20001116 vixie cron...
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0237.html
Reference: DEBIAN:20001118a
Reference: XF:vixie-cron-execute-commands(5543)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5543
Name: CVE-2000-1097
Description:
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page.
Status:EntryReference: BID:2013
Reference: URL:http://www.securityfocus.com/bid/2013
Reference: BUGTRAQ:20001129 DoS in Sonicwall SOHO firewall
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0406.html
Reference: BUGTRAQ:20001201 FW: SonicWALL SOHO Vulnerability (fwd)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0435.html
Reference: OSVDB:1667
Reference: URL:http://www.osvdb.org/1667
Reference: XF:sonicwall-soho-dos(5596)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5596
Name: CVE-2000-1099
Description:
Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities.
Status:EntryReference: HP:HPSBUX0011-132
Reference: URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0011-132
Reference: OSVDB:7255
Reference: URL:http://www.osvdb.org/7255
Reference: SUN:00199
Reference: URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/199&type=0&nav=sec.sba
Reference: XF:jdk-untrusted-java-class(5605)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5605
Name: CVE-2000-1101
Description:
Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. (dot dot) attack.
Status:EntryReference: BID:2005
Reference: URL:http://www.securityfocus.com/bid/2005
Reference: BUGTRAQ:20001127 Vulnerability in Winsock FTPD 2.41/3.00 (Pro)
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0386.html
Reference: XF:wftpd-dir-traverse(5608)
Reference: URL:http://www.iss.net/security_center/static/5608.php
Name: CVE-2000-1106
Description:
Trend Micro InterScan VirusWall creates an "Intscan" share to the "InterScan" directory with permissions that grant Full Control permissions to the Everyone group, which allows attackers to gain privileges by modifying the VirusWall programs.
Status:EntryReference: BID:2014
Reference: URL:http://www.securityfocus.com/bid/2014
Reference: BUGTRAQ:20001128 TrendMicro InterScan VirusWall shared folder problem
Reference: URL:http://www.securityfocus.com/archive/1/147563
Reference: BUGTRAQ:20001201 Responding to BugTraq ID 2014 - "Trend Micro InterScan VirusWall Shared Directory Vulnerability"
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-12/0016.html
Reference: XF:interscan-viruswall-unauth-access(5606)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5606
Name: CVE-2000-1107
Description:
in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash.
Status:EntryReference: BID:2015
Reference: URL:http://www.securityfocus.com/bid/2015
Reference: BUGTRAQ:20001128 SuSE Linux 6.x 7.0 Ident buffer overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0387.html
Reference: XF:linux-ident-bo(5590)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5590
Name: CVE-2000-1108
Description:
cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument.
Status:EntryReference: BID:1945
Reference: URL:http://www.securityfocus.com/bid/1945
Reference: BUGTRAQ:20001113 Problems with cons.saver
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0192.html
Reference: DEBIAN:20001125 mc: local DoS
Reference: URL:http://www.debian.org/security/2000/20001125
Reference: MANDRAKE:MDKSA-2000:078
Reference: URL:http://www.linux-mandrake.com/en/security/MDKSA-2000-078.php3
Reference: XF:midnight-commander-conssaver-symlink(5519)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5519
Name: CVE-2000-1109
Description:
Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.
Status:EntryReference: BID:2016
Reference: URL:http://www.securityfocus.com/bid/2016
Reference: BUGTRAQ:20001127 Midnight Commander
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0373.html
Reference: DEBIAN:DSA-036
Reference: URL:http://www.debian.org/security/2001/dsa-036
Reference: SUSE:SuSE-SA:2001:11
Reference: URL:http://www.novell.com/linux/security/advisories/2001_011_mc.html
Reference: XF:midnight-commander-elevate-privileges(5929)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5929
Name: CVE-2000-1111
Description:
Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input.
Status:EntryReference: BID:2018
Reference: URL:http://www.securityfocus.com/bid/2018
Reference: BUGTRAQ:20001129 Windows 2000 Telnet Service DoS
Reference: URL:http://www.securityfocus.com/archive/1/147914
Reference: XF:win2k-telnet-dos(5598)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5598
Name: CVE-2000-1112
Description:
Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability.
Status:EntryReference: BID:1976
Reference: URL:http://www.securityfocus.com/bid/1976
Reference: MS:MS00-090
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-090
Reference: XF:mediaplayer-wms-script-exe(5575)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5575
Name: CVE-2000-1113
Description:
Buffer overflow in Microsoft Windows Media Player allows remote attackers to execute arbitrary commands via a malformed Active Stream Redirector (.ASX) file, aka the ".ASX Buffer Overrun" vulnerability.
Status:EntryReference: ATSTAKE:A112300-1
Reference: URL:http://www.atstake.com/research/advisories/2000/a112300-1.txt
Reference: BID:1980
Reference: URL:http://www.securityfocus.com/bid/1980
Reference: MS:MS00-090
Reference: URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-090
Reference: XF:mediaplayer-asx-bo(5574)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5574
Name: CVE-2000-1115
Description:
Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000.0.1.33 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.
Status:EntryReference: BID:1979
Reference: URL:http://www.securityfocus.com/bid/1979
Reference: BUGTRAQ:20001122 602Pro Lan Suite Web Admin Overflow
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0299.html
Reference: CONFIRM:http://www.software602.com/products/ls/support/newbuild.html
Reference: XF:software602-lan-suite-bo(5583)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5583
Name: CVE-2000-1119
Description:
Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument.
Status:EntryReference: AIXAPAR:IY08812
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IY08812&apar=only
Reference: AIXAPAR:IY10721
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IY10721&apar=only
Reference: BID:2032
Reference: URL:http://www.securityfocus.com/bid/2032
Reference: BUGTRAQ:20001201 Fixed local AIX V43 vulnerabilities
Reference: URL:http://marc.info/?l=bugtraq&m=97569466809056&w=2
Reference: OSVDB:1676
Reference: URL:http://www.osvdb.org/1676
Reference: XF:aix-setsenv-bo(5621)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5621
Name: CVE-2000-1120
Description:
Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands.
Status:EntryReference: AIXAPAR:IY08143
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IY08143&apar=only
Reference: AIXAPAR:IY08287
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IY08287&apar=only
Reference: BID:2033
Reference: URL:http://www.securityfocus.com/bid/2033
Reference: BUGTRAQ:20001201 Fixed local AIX V43 vulnerabilities
Reference: URL:http://marc.info/?l=bugtraq&m=97569466809056&w=2
Reference: XF:aix-digest-bo(5620)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5620
Name: CVE-2000-1121
Description:
Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument.
Status:EntryReference: AIXAPAR:IY08143
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IY08143&apar=only
Reference: AIXAPAR:IY08287
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IY08287&apar=only
Reference: BID:2034
Reference: URL:http://www.securityfocus.com/bid/2034
Reference: BUGTRAQ:20001201 Fixed local AIX V43 vulnerabilities
Reference: URL:http://marc.info/?l=bugtraq&m=97569466809056&w=2
Reference: XF:aix-enq-bo(5619)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5619
Name: CVE-2000-1122
Description:
Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long argument.
Status:EntryReference: AIXAPAR:IY07790
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IY07790&apar=only
Reference: AIXAPAR:IY07831
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IY07831&apar=only
Reference: BID:2035
Reference: URL:http://www.securityfocus.com/bid/2035
Reference: BUGTRAQ:20001201 Fixed local AIX V43 vulnerabilities
Reference: URL:http://marc.info/?l=bugtraq&m=97569466809056&w=2
Name: CVE-2000-1123
Description:
Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands.
Status:EntryReference: AIXAPAR:IY12638
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IY12638&apar=only
Reference: BID:2036
Reference: URL:http://www.securityfocus.com/bid/2036
Reference: BUGTRAQ:20001201 Fixed local AIX V43 vulnerabilities
Reference: URL:http://marc.info/?l=bugtraq&m=97569466809056&w=2
Reference: XF:aix-pioout-bo(5617)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5617
Name: CVE-2000-1124
Description:
Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables.
Status:EntryReference: AIXAPAR:IY12638
Reference: URL:http://www-1.ibm.com/support/search.wss?rs=0&q=IY12638&apar=only
Reference: BID:2037
Reference: URL:http://www.securityfocus.com/bid/2037
Reference: BUGTRAQ:20001201 Fixed local AIX V43 vulnerabilities
Reference: URL:http://marc.info/?l=bugtraq&m=97569466809056&w=2
Reference: XF:aix-piobe-bo(5616)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5616
Name: CVE-2000-1131
Description:
Bill Kendrick web site guestbook (GBook) allows remote attackers to execute arbitrary commands via shell metacharacters in the _MAILTO form variable.
Status:EntryReference: BID:1940
Reference: URL:http://www.securityfocus.com/bid/1940
Reference: BUGTRAQ:20001110 [hacksware] gbook.cgi remote command execution vulnerability
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0144.html
Reference: XF:gbook-cgi-remote-execution(5509)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5509
Name: CVE-2000-1132
Description:
DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable.
Status:EntryReference: BID:1951
Reference: URL:http://www.securityfocus.com/bid/1951
Reference: BUGTRAQ:20001114 Cgisecurity.com advisory on dcforum
Reference: URL:http://archives.neohapsis.com/archives/bugtraq/2000-11/0218.html
Reference: CONFIRM:http://www.dcscripts.com/dcforum/dcfNews/124.html#1
Reference: OSVDB:1646
Reference: URL:http://www.osvdb.org/1646
Reference: XF:dcforum-cgi-view-files(5533)
Reference: URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/5533
Name: CVE-2000-1135
Description:
fshd (fsh d