The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts. Date published : 2000-04-26 http://www.securityfocus.com/bid/1093 http://www.securityfocus.com/templates/archive.pike?list=1&[email protected]
Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 package allows remote attackers to cause a denial of service via an HTTP request with long headers such as Accept. Date published : 2000-04-26 http://archives.neohapsis.com/archives/bugtraq/2000-04/0020.html
Buffer overflow in LCDproc allows remote attackers to gain root privileges via the screen_add command. Date published : 2000-04-26 http://www.securityfocus.com/bid/1131 http://www.securityfocus.com/templates/archive.pike?list=1&[email protected]
aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes...
Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. Date published : 2000-04-26 http://www.securityfocus.com/bid/1112 http://archives.neohapsis.com/archives/bugtraq/2000-04/0077.html
Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents via a modified form variable. Date published : 2000-04-26 http://archives.neohapsis.com/archives/bugtraq/2000-04/0049.html
X fontserver xfs allows local users to cause a denial of service via malformed input to the server. Date published : 2000-04-26 http://www.securityfocus.com/bid/1111 http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands. Date published : 2000-04-26 http://www.securityfocus.com/bid/1110 http://archives.neohapsis.com/archives/bugtraq/2000-04/0074.html
Buffer overflow in the Napster client beta 5 allows remote attackers to cause a denial of service via a long message. Date published : 2000-04-26 http://archives.neohapsis.com/archives/bugtraq/2000-03/0277.html http://archives.neohapsis.com/archives/bugtraq/2000-03/0299.html
Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL. Date published : 2000-04-26 http://www.securityfocus.com/bid/1088 http://archives.neohapsis.com/archives/bugtraq/2000-04/0018.html
CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user’s PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN. Date published...
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords. Date published : 2000-04-26 http://www.securityfocus.com/bid/1125 http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-04-15&[email protected]
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack. Date published : 2000-04-26 http://www.securityfocus.com/bid/1126 http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-04-15&[email protected]
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess. Date published :...