NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileges, aka "Spoofed LPC Port Request." Date published : 2000-04-25 http://www.securityfocus.com/bid/934 http://www.bindview.com/security/advisory/adv_NtImpersonate.html
The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL. Date published : 2000-04-25 http://www.allaire.com/handlers/index.cfm?ID=13977&Method=Full http://www.securityfocus.com/bid/916
The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs. Date published : 2000-04-25 http://www.allaire.com/handlers/index.cfm?ID=13976&Method=Full http://www.securityfocus.com/bid/915
Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request. Date published : 2000-04-25 http://www.securityfocus.com/bid/905
Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command. Date published : 2000-04-25 http://www.securityfocus.com/bid/895
InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments. Date published : 2000-04-25 http://www.securityfocus.com/bid/899
IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability. Date published : 2000-04-25
DNS PRO allows remote attackers to conduct a denial of service via a large number of connections. Date published : 2000-04-25
Denial of service in Savant web server via a null character in the requested URL. Date published : 2000-04-25 http://www.securityfocus.com/bid/897
Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands. Date published : 2000-04-25 http://www.securityfocus.com/bid/898
WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter. Date published : 2000-04-25
xsoldier program allows local users to gain root access via a long argument. Date published : 2000-04-18 http://www.securityfocus.com/bid/871
HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation. Date published : 2000-04-18 http://marc.info/?l=bugtraq&m=87602167419906&w=2
sudo 1.5.x allows local users to execute arbitrary commands via a .. (dot dot) attack. Date published : 2000-04-18 http://marc.info/?l=bugtraq&m=88465708614896&w=2