Monthly Archive: September 1999

Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service. Date published : 1999-09-29 http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q154087

Denial of service in Windows NT messenger service through a long username. Date published : 1999-09-29

Denial of service of Ascend routers through port 150 (remote administration). Date published : 1999-09-29

Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command. Date published : 1999-09-29 http://www.securityfocus.com/bid/269

Livingston portmaster machines could be rebooted via a series of commands. Date published : 1999-09-29

Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. Date published : 1999-09-29

Routed allows attackers to append data to files. Date published : 1999-09-29 http://www.ciac.org/ciac/bulletins/j-012.shtml ftp://patches.sgi.com/support/free/security/advisories/19981004-01-PX

Denial of service by sending forged ICMP unreachable packets. Date published : 1999-09-29

Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone. Date published : 1999-09-29 http://www.securityfocus.com/bid/24

The SunView (SunTools) selection_svc facility allows remote users to read files. Date published : 1999-09-29 http://www.securityfocus.com/bid/8

rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. Date published : 1999-09-29

Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command. Date published : 1999-09-29

MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. Date published : 1999-09-29

Sendmail 8.6.9 allows remote attackers to execute root commands, using ident. Date published : 1999-09-29