IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory. Date published : 2000-02-23 http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0002&L=ntbugtraq&F=&S=&P=8800
asmon and ascpu in FreeBSD allow local users to gain root privileges via a configuration file. Date published : 2000-02-23 http://www.securityfocus.com/bid/996 http://www.securityfocus.com/templates/advisory.html?id=2092
The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software’s manufacturer is Microsoft. Date published...
Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon. Date published : 2000-02-23 http://www.securityfocus.com/bid/997 http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=200002181449.JAA03436@dragonfly.corp.home.net
Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attackers to specify an alternate program to execute when other users access a drive. Date published : 2000-02-23 http://www.securityfocus.com/bid/993 http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=000701bf79cd$fdb5a620$4c4342a6@mightye.org
The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack. Date published : 2000-02-23 http://www.securityfocus.com/bid/988 http://www.sco.com/security/
FrontPage Personal Web Server (PWS) allows remote attackers to read files via a …. (dot dot) attack. Date published : 2000-02-23 http://www.securityfocus.com/bid/989 http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-15&msg=000801bf780a$9ad4b2e0$0100007f@localhost
GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands. Date published : 2000-02-16 http://www.securityfocus.com/bid/981
snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host’s configuration. Date published : 2000-02-16 http://www.securityfocus.com/bid/973 http://archives.neohapsis.com/archives/bugtraq/2000-02/0045.html
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP. Date...
The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417. Date published : 2000-02-16
A system has a distributed denial of service (DDOS) attack master, agent, or zombie installed, such as (1) Trinoo, (2) Tribe Flood Network (TFN), (3) Tribe Flood Network 2000 (TFN2K), (4) stacheldraht, (5) mstream,...
The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. Date published : 2000-02-08
The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. Date published : 2000-02-08