The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writeable, which allows local users to replace them with Trojan horses. Date published : 2000-09-21 http://www.securityfocus.com/bid/1586 http://archives.neohapsis.com/archives/bugtraq/2000-08/0114.html
VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program. Date published : 2000-09-21 http://archives.neohapsis.com/archives/bugtraq/2000-08/0126.html
DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file. Date published : 2000-09-21 http://www.securityfocus.com/bid/1552 http://seclists.org/bugtraq/2000/Jun/0298.html
umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable files. Date published : 2000-09-21 http://www.securityfocus.com/bid/1551 http://www.redhat.com/support/errata/RHSA-2000-047.html
Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier. Date published : 2000-09-21...
The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device...
The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name....
Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to execute arbitrary commands via long JS_OPEN, JS_MKDIR, or JS_FILE_INFO commands. Date published : 2000-09-21 http://www.securityfocus.com/bid/1603 http://www.osvdb.org/11080
The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges. Date published : 2000-09-21 http://www.securityfocus.com/bid/1539 http://www.securityfocus.com/archive/1/73220
The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters. Date published : 2000-09-21 http://www.securityfocus.com/bid/1556 http://seclists.org/bugtraq/2000/Aug/0105.html
The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly...
Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privileges via command line options. Date published : 2000-09-21 http://archives.neohapsis.com/archives/bugtraq/2000-07/0463.html
ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a denial of service via a flood of fragmented packets with the SYN flag set. Date published : 2000-09-21 http://www.securityfocus.com/bid/1597 http://archives.neohapsis.com/archives/bugtraq/2000-08/0267.html
The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file. Date published...