Monthly Archive: July 2000
19/07/2000
by
Fred
· Published 19/07/2000
Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long DISPLAY environmental variable. Date published : 2000-07-19 http://archives.neohapsis.com/archives/bugtraq/2000-06/0222.html
19/07/2000
by
Fred
· Published 19/07/2000
Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long USER environmental variable. Date published : 2000-07-19 http://archives.neohapsis.com/archives/bugtraq/2000-06/0222.html
19/07/2000
by
Fred
· Published 19/07/2000
Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded compressed attachments which specify absolute path names for the decompressed output. Date published : 2000-07-19 http://www.securityfocus.com/bid/1450 http://archives.neohapsis.com/archives/vendor/2000-q3/0002.html
19/07/2000
by
Fred
· Published 19/07/2000
Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the cache table. Date published : 2000-07-19 http://www.securityfocus.com/bid/1406 http://www.securityfocus.com/templates/archive.pike?list=1&[email protected]
19/07/2000
by
Fred
· Published 19/07/2000
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to cause a denial of service via a long username parameter. Date published : 2000-07-19 http://www.securityfocus.com/bid/1376 http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-06-15&[email protected]
19/07/2000
by
Fred
· Published 19/07/2000
NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to cause a denial of service via a long POP parameter (pophost). Date published : 2000-07-19 http://www.securityfocus.com/bid/1376 http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-06-15&[email protected]
19/07/2000
by
Fred
· Published 19/07/2000
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings. Date published :...
19/07/2000
by
Fred
· Published 19/07/2000
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter. Date published : 2000-07-19 http://www.securityfocus.com/bid/1371 http://www.securityfocus.com/templates/archive.pike?list=1&[email protected]
19/07/2000
by
Fred
· Published 19/07/2000
Blackboard CourseInfo 4.0 stores the local and SQL administrator user names and passwords in cleartext in a registry key whose access control allows users to access the passwords. Date published : 2000-07-19 http://www.securityfocus.com/bid/1460 http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0007&L=NTBUGTRAQ&P=R1647
19/07/2000
by
Fred
· Published 19/07/2000
Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands. Date published : 2000-07-19 http://www.securityfocus.com/bid/1400 http://www.securityfocus.com/templates/archive.pike?list=1&[email protected]
19/07/2000
by
Fred
· Published 19/07/2000
SawMill 5.0.21 uses weak encryption to store passwords, which allows attackers to easily decrypt the password and modify the SawMill configuration. Date published : 2000-07-19 http://www.securityfocus.com/bid/1403 http://archives.neohapsis.com/archives/bugtraq/2000-06/0271.html
19/07/2000
by
Fred
· Published 19/07/2000
Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization. Date published...
19/07/2000
by
Fred
· Published 19/07/2000
SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled...
19/07/2000
by
Fred
· Published 19/07/2000
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to...