Monthly Archive: January 2000

KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories. Date published : 2000-01-04 http://www.securityfocus.com/bid/300

The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links. Date published : 2000-01-04

The KDE klock program allows local users to unlock a session using malformed input. Date published : 2000-01-04 http://www.securityfocus.com/bid/489

The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack. Date published : 2000-01-04

A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them. Date published : 2000-01-04 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-024 http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q236359

An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header. Date published : 2000-01-04 http://www.securityfocus.com/bid/499 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-023

When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page". Date published :...

Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function. Date published : 2000-01-04 http://www.osvdb.org/6128

The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input. Date published : 2000-01-04 http://www.securityfocus.com/bid/478 http://www.ciac.org/ciac/bulletins/j-049.shtml

The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages. Date published : 2000-01-04 http://www.securityfocus.com/bid/558

Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. Date published : 2000-01-04 http://www.ciac.org/ciac/bulletins/j-049.shtml

A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. Date published : 2000-01-04 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-014 http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q231304

Buffer overflow in Windows NT 4.0 help file utility via a malformed help file. Date published : 2000-01-04 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-015 http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q231605

Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry. Date published : 2000-01-04 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-016