Monthly Archive: June 2000

Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE command. Date published : 2000-06-02 http://www.securityfocus.com/bid/859

UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack. Date published : 2000-06-02 http://www.securityfocus.com/bid/842 http://www.securityfocus.com/templates/archive.pike?list=1&msg=19991202160111.20553.qmail@nwcst282.netaddress.usa.net

Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname. Date published : 2000-06-02 http://www.securityfocus.com/bid/782 http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.20.9911091058140.12964-100000@mail.zigzag.pl

NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. Date published : 2000-06-02 http://marc.info/?l=bugtraq&m=94398141118586&w=2

The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable. Date published : 2000-06-02 http://www.securityfocus.com/bid/255

The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. Date published : 2000-06-02 http://www.securityfocus.com/bid/563

Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). Date published : 2000-06-02

The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. Date published : 2000-06-02 http://www.securityfocus.com/bid/598

rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd....

The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute. Date published : 2000-06-02 http://www.securityfocus.com/bid/119 http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9904202114070.6623-100000@smooth.Operator.org

Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames. Date published : 2000-06-02 http://marc.info/?l=bugtraq&m=91553066310826&w=2 http://marc.info/?l=bugtraq&m=91592136122066&w=2

By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. Date published :...

FreeBSD mmap function allows users to modify append-only or immutable files. Date published : 2000-06-02 ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1998-003.txt.asc

Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size. Date published : 2000-06-02...