Monthly Archive: September 1999

Linux ftpwatch program allows local users to gain root privileges. Date published : 1999-09-29 http://www.securityfocus.com/bid/317

The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. Date published...

IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. Date published : 1999-09-29

Local users can gain privileges using the debug utility in the MPE/iX operating system. Date published : 1999-09-29 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMP9904-006

Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS. Date published : 1999-09-29 http://www.osvdb.org/7051

In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. Date published : 1999-09-29 http://www.osvdb.org/1104

Solaris ff.core allows local users to modify files. Date published : 1999-09-29 http://www.securityfocus.com/bid/327

Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service. Date published : 1999-09-29 http://www.securityfocus.com/bid/509 http://www.eeye.com/html/Research/Advisories/AD02221999.html

Remote attackers can perform a denial of service in WebRamp systems by sending a malicious UDP packet to port 5353, changing its IP address. Date published : 1999-09-29

Remote attackers can perform a denial of service in WebRamp systems by sending a malicious string to the HTTP port. Date published : 1999-09-29

Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges. Date published : 1999-09-29 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-095

XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. Date published : 1999-09-29

ftp on HP-UX 11.00 allows local users to gain privileges. Date published : 1999-09-29 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-094

Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload. Date published : 1999-09-29