Monthly Archive: September 1999

Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. Date published : 1999-09-29

The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage. Date published : 1999-09-29 http://www.osvdb.org/7559

Attackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool. Date published : 1999-09-29

IRIX fam service allows an attacker to obtain a list of all files on the server. Date published : 1999-09-29 http://www.securityfocus.com/bid/353

Buffer overflow in PHP cgi program, php.cgi allows shell access. Date published : 1999-09-29 http://www.securityfocus.com/bid/712

Vacation program allows command execution by remote users through a sendmail command. Date published : 1999-09-29 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9811-087

Buffer overflow in Sun’s ping program can give root access to local users. Date published : 1999-09-29 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/174

Buffer overflows in Sun libnsl allow root access. Date published : 1999-09-29 http://www-1.ibm.com/support/search.wss?rs=0&q=IX80543&apar=only

Sun’s ftpd daemon can be subjected to a denial of service. Date published : 1999-09-29 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/171

TCP RST denial of service in FreeBSD. Date published : 1999-09-29 http://www.osvdb.org/6094

IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. Date published : 1999-09-29 http://www.osvdb.org/908

Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. Date published : 1999-09-29

Buffer overflow in HP-UX newgrp program. Date published : 1999-09-29

Csetup under IRIX allows arbitrary file creation or overwriting. Date published : 1999-09-29