Monthly Archive: September 2000

The BAIR program does not properly restrict access to the Internet Explorer Internet options menu, which allows local users to obtain access to the menu by modifying the registry key that starts BAIR. Date...

Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option. Date published : 2000-09-21 http://www.securityfocus.com/bid/1520 http://archives.neohapsis.com/archives/bugtraq/2000-07/0388.html

String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges. Date published : 2000-09-21 http://www.novell.com/linux/security/advisories/suse_security_announce_58.html

The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files. Date published...

Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME variable to programs such as (1) gmemusage and (2) gr_osview. Date published : 2000-09-21 http://www.securityfocus.com/bid/1527 http://www.securityfocus.com/templates/archive.pike?list=1&msg=200008021924.e72JOVs12558@ix.put.poznan.pl

Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system. Date published : 2000-09-21 http://www.securityfocus.com/bid/1533 http://www.securityfocus.com/templates/archive.pike?list=1&msg=398222C5@zathras.cc.vt.edu

Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse. Date published : 2000-09-21 http://www.securityfocus.com/bid/1575 http://archives.neohapsis.com/archives/bugtraq/2000-08/0179.html

WinU 5.x and earlier uses weak encryption to store its configuration password, which allows local users to decrypt the password and gain privileges. Date published : 2000-09-21 http://archives.neohapsis.com/archives/bugtraq/2000-08/0201.html

WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files via the importmotd command, which sets the Message of the Day (MOTD) to the specified file. Date published : 2000-09-21 http://marc.info/?l=bugtraq&m=96353027909756&w=2

sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-coded "rsadmin" account with a null password, which allows remote attackers to execute arbitrary commands via ssh. Date published : 2000-09-21 http://www.securityfocus.com/bid/1574 http://archives.neohapsis.com/archives/bugtraq/2000-08/0216.html

Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a denial of service or execute arbitrary commands via a long HTTP GET request, or long Unless-Modified-Since, If-Range, or If-Modified-Since...

The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root. Date published : 2000-09-21 http://www.securityfocus.com/bid/1521 http://archives.neohapsis.com/archives/bugtraq/2000-07/0426.html

The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account "sa" with no password. Date published : 2000-09-21 http://www.securityfocus.com/bid/1562 http://archives.neohapsis.com/archives/bugtraq/2000-08/0098.html

O’Reilly WebSite Pro 2.3.7 installs the uploader.exe program with execute permissions for all users, which allows remote attackers to create and execute arbitrary files by directly calling uploader.exe. Date published : 2000-09-21 http://www.securityfocus.com/bid/1611 http://marc.info/?l=bugtraq&m=96715834610888&w=2