Monthly Archive: March 2000

The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics. Date published : 2000-03-22

Cisco Cache Engine allows an attacker to replace content in the cache. Date published : 2000-03-22

Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request. Date published : 2000-03-22 http://www.eeye.com/html/Research/Advisories/AD19991215.html

Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0]. Date published : 2000-03-22

Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code via a long PATH_LOCALE environment variable. Date published : 2000-03-22 http://www.osvdb.org/6086

Buffer overflow in Mediahouse Statistics Server allows remote attackers to execute commands. Date published : 2000-03-22 http://www.securityfocus.com/bid/734

Buffer overflow in the pop-2d POP daemon in the IMAP package allows remote attackers to gain privileges via the FOLD command. Date published : 2000-03-22 http://www.securityfocus.com/bid/283

WebTrends software stores account names and passwords in a file which does not have restricted access permissions. Date published : 2000-03-22

Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter. Date published : 2000-03-22 http://www.securityfocus.com/bid/655

Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password. Date published : 2000-03-22 http://www.securityfocus.com/bid/767

userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack. Date published : 2000-03-22

iHTML Merchant allows remote attackers to obtain sensitive information or execute commands via a code parsing error. Date published : 2000-03-22 http://www.securityfocus.com/bid/694

Buffer overflow in Solaris dtprintinfo program. Date published : 2000-03-22 http://www.osvdb.org/6552

NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries. Date published : 2000-03-22 http://www.ciac.org/ciac/bulletins/i-070.shtml