Monthly Archive: January 2000

Cisco Cache Engine allows a remote attacker to gain access via a null username and password. Date published : 2000-01-18

Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet. Date published : 2000-01-18 http://www.securityfocus.com/bid/817 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-059

Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request." Date published...

Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords. Date published : 2000-01-18 http://www.securityfocus.com/bid/873

HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP). Date published : 2000-01-18 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9912-107

Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command. Date published : 2000-01-18

Denial of service in Axent Raptor firewall via malformed zero-length IP options. Date published : 2000-01-18 http://www.securityfocus.com/bid/736

The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider. Date published : 2000-01-18 http://www.securityfocus.com/bid/769 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-047

Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request. Date published : 2000-01-18 http://www.securityfocus.com/bid/768 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-047

Falcon web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. Date published : 2000-01-18 http://www.securityfocus.com/bid/743

DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. Date published : 2000-01-18 http://www.securityfocus.com/bid/578

Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure. Date published : 2000-01-18 http://www.securityfocus.com/bid/847

Buffer overflow in free internet chess server (FICS) program, xboard. Date published : 2000-01-18

Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library. Date published : 2000-01-18 http://www.securityfocus.com/bid/843