Monthly Archive: February 2000

CVE-2000-0160

The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software’s manufacturer is Microsoft. Date published...

CVE-2000-0143

The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP. Date...

CVE-2000-0142

The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417. Date published : 2000-02-16

CVE-2000-0138

A system has a distributed denial of service (DDOS) attack master, agent, or zombie installed, such as (1) Trinoo, (2) Tribe Flood Network (TFN), (3) Tribe Flood Network 2000 (TFN2K), (4) stacheldraht, (5) mstream,...

CVE-2000-0137

The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. Date published : 2000-02-08

CVE-2000-0136

The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. Date published : 2000-02-08