Monthly Archive: March 2000

CVE-1999-0786

The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack. Date published : 2000-03-22 http://www.securityfocus.com/bid/659

CVE-1999-0746

A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service. Date published : 2000-03-22 http://www.securityfocus.com/bid/587

CVE-1999-0678

A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server. Date published : 2000-03-22 http://www.securityfocus.com/bid/318

CVE-2000-0220

ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event. Date published : 2000-03-22