Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices. Date published : 2000-05-24 http://www.securityfocus.com/bid/308 http://marc.info/?l=bugtraq&m=92877527701347&w=2
screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys. Date published : 2000-05-24 http://www.securityfocus.com/bid/309 http://marc.info/?l=bugtraq&m=92877527701347&w=2
ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program. Date published : 2000-05-24 http://www.redhat.com/corp/support/errata/RHSA1999058-01.html
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys. Date published : 2000-05-24 http://www.redhat.com/corp/support/errata/RHSA1999058-01.html
pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files. Date published : 2000-05-24 http://www.novell.com/linux/security/advisories/suse_security_announce_21.html
The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command. Date published : 2000-05-18 http://www.securityfocus.com/bid/1161 http://www.securityfocus.com/templates/archive.pike?list=1&[email protected]
Buffer overflow in Sniffit 0.3.x with the -L logging option enabled allows remote attackers to execute arbitrary commands via a long MAIL FROM mail header. Date published : 2000-05-18 http://www.securityfocus.com/bid/1158 http://www.securityfocus.com/templates/archive.pike?list=1&msg=200005021736.TAA01991@ALuSSi
tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite...
Meeting Maker uses weak encryption (a polyalphabetic substitution cipher) for passwords, which allows remote attackers to sniff and decrypt passwords for Meeting Maker accounts. Date published : 2000-05-18 http://www.securityfocus.com/bid/1151 http://support.on.com/support/mmxp.nsf/31af51e08bcc93eb852565a90056138b/11af70407a16b165852568c50056a952?OpenDocument
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability. Date published : 2000-05-18 http://www.securityfocus.com/bid/548 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-030
Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name. Date published : 2000-05-18 http://www.securityfocus.com/bid/1147 http://archives.neohapsis.com/archives/bugtraq/2000-04/0190.html
Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option. Date published : 2000-05-18 http://www.securityfocus.com/bid/1138 http://archives.neohapsis.com/archives/bugtraq/2000-04/0192.html