Monthly Archive: January 2000

The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack. Date published : 2000-01-04

Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. Date published : 2000-01-04 http://www.securityfocus.com/bid/611

The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment. Date published : 2000-01-04 http://www.securityfocus.com/bid/600 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-031

SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor. Date published : 2000-01-04 http://www.securityfocus.com/bid/262

NetBSD allows ARP packets to overwrite static ARP entries. Date published : 2000-01-04 http://www.osvdb.org/6539

NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network. Date published : 2000-01-04 http://www.osvdb.org/6540

When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information. Date published : 2000-01-04

Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program. Date published : 2000-01-04 http://www.securityfocus.com/bid/644

Windows NT RRAS and RAS clients cache a user’s password even if the user has not selected the "Save password" option. Date published : 2000-01-04 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-017 http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q230681

Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake. Date published : 2000-01-04

Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch. Date published : 2000-01-04 http://www.securityfocus.com/bid/631

Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument. Date published : 2000-01-04 http://www.securityfocus.com/bid/586

Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler. Date published : 2000-01-04 http://www.securityfocus.com/bid/590 http://www.ciac.org/ciac/bulletins/j-059.shtml

Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request. Date published : 2000-01-04 http://www.securityfocus.com/bid/603