Monthly Archive: September 1999

Buffer overflow in SGI IRIX mailx program. Date published : 1999-09-29 ftp://patches.sgi.com/support/free/security/advisories/19980605-01-PX

Buffer overflow in AIX lchangelv gives root access. Date published : 1999-09-29

Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root. Date published : 1999-09-29 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/126

AIX passwd allows local users to gain root access. Date published : 1999-09-29

Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood. Date published : 1999-09-29 ftp://patches.sgi.com/support/free/security/advisories/19961202-01-PX

Some implementations of rlogin allow root access if given a -froot parameter. Date published : 1999-09-29 http://www.securityfocus.com/bid/458

Buffer overflow in AIX dtterm program for the CDE. Date published : 1999-09-29 https://exchange.xforce.ibmcloud.com/vulnerabilities/878

RIP v1 is susceptible to spoofing. Date published : 1999-09-29

Buffer overflow in ffbconfig in Solaris 2.5.1. Date published : 1999-09-29 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/140

The printers program in IRIX has a buffer overflow that gives root access to local users. Date published : 1999-09-29 http://seclists.org/bugtraq/1997/May/191

Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm. Date published : 1999-09-29 https://ics-cert.us-cert.gov/advisories/ICSMA-18-233-01

Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line. Date published : 1999-09-29

Remote access in AIX innd 1.5.1, using control messages. Date published : 1999-09-29

Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. Date published : 1999-09-29