Monthly Archive: February 2000

Denial of service of inetd on Linux through SYN and RST packets. Date published : 2000-02-04

libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. Date published : 2000-02-04

Denial of service in Sendmail 8.6.11 and 8.6.12. Date published : 2000-02-04

Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password. Date published : 2000-02-04

finger .@host on some systems may print information on some user accounts. Date published : 2000-02-04

finger 0@host on some systems may print information on some user accounts. Date published : 2000-02-04

Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. Date published : 2000-02-04

Denial of service in Ascend and 3com routers, which can be rebooted by sending a zero length TCP option. Date published : 2000-02-04

In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. Date published : 2000-02-04 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10080762.htm

Denial of service in syslog by sending it a large number of superfluous messages. Date published : 2000-02-04

NFS allows attackers to read and write any file on the system by specifying a false UID. Date published : 2000-02-04

NFS cache poisoning. Date published : 2000-02-04

In older versions of Sendmail, an attacker could use a pipe character to execute root commands. Date published : 2000-02-04

wu-ftpd FTP daemon allows any user and password combination. Date published : 2000-02-04