The Razor configuration management tool uses weak encryption for its password file, which allows local users to gain privileges. Date published : 2000-07-19 http://www.securityfocus.com/bid/1424 http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-07-8&msg=613309F30B6DD2118C020000F809376C05CABD49@emss03m09.orl.lmco.com
IRIX startmidi program allows local users to modify arbitrary files via a symlink attack. Date published : 2000-07-12 http://www.securityfocus.com/bid/469
FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands. Date published : 2000-07-12 http://www.securityfocus.com/bid/838
Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router’s TELNET port. Date published : 2000-07-12 http://ciac.llnl.gov/ciac/bulletins/j-034.shtml http://www.cisco.com/warp/public/770/7xxconn-pub.shtml
The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router’s configuration. Date published : 2000-07-12 http://ciac.llnl.gov/ciac/bulletins/j-034.shtml http://www.cisco.com/warp/public/770/7xxconn-pub.shtml
A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords. Date published : 2000-07-12 http://www.securityfocus.com/bid/829 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-052
InterScan VirusWall for Solaris doesn’t scan files for viruses when a single HTTP request includes two GET commands. Date published : 2000-07-12
The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. Date published...
The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection,...
BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower. Date published : 2000-07-12 http://archives.neohapsis.com/archives/bugtraq/2000-06/0190.html
eTrust Intrusion Detection System (formerly SessionWall-3) uses weak encryption (XOR) to store administrative passwords in the registry, which allows local users to easily decrypt the passwords. Date published : 2000-07-12 http://www.securityfocus.com/bid/1341 http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.BSO.4.21.0006072124320.28062-100000@bearclaw.bogus.net
Ceilidh allows remote attackers to obtain the real path of the Ceilidh directory via the translated_path hidden form field. Date published : 2000-07-12 http://www.securityfocus.com/bid/1320 http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0246.html
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the localrealm variable in the process_v4 function. Date published : 2000-07-12 http://www.securityfocus.com/bid/1338 http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function. Date published : 2000-07-12 http://www.securityfocus.com/bid/1338 http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html