Microsoft Enterprise Manager allows local users to obtain database passwords via the Data Transformation Service (DTS) package Registered Servers Dialog dialog, aka a variant of the "DTS Password" vulnerability. Date published : 2000-10-13 http://www.securityfocus.com/bid/1466...
IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string. Date published : 2000-10-13 http://www.securityfocus.com/bid/1500 http://archives.neohapsis.com/archives/bugtraq/2000-07/0342.html
The ClientTrust program in Novell BorderManager does not properly verify the origin of authentication requests, which could allow remote attackers to impersonate another user by replaying the authentication requests and responses from port 3024...
WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing a STAT command while the LIST command is still executing. Date published : 2000-10-13 http://www.securityfocus.com/bid/1506 http://archives.neohapsis.com/archives/bugtraq/2000-07/0295.html
Buffer overflow in WebActive HTTP Server 1.00 allows remote attackers to cause a denial of service via a long URL. Date published : 2000-10-13 http://www.securityfocus.com/bid/1470 http://www.securityfocus.com/templates/archive.pike?list=1&msg=200007130827.BAA32671@Rage.Resentment.org
The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the document root, which allows remote attackers to view the logs by directly requesting the page. Date published :...
Savant web server allows remote attackers to execute arbitrary commands via a long GET request. Date published : 2000-10-13 http://www.securityfocus.com/bid/1453 http://archives.neohapsis.com/archives/bugtraq/2000-07/0114.html
Guild FTPd allows remote attackers to determine the existence of files outside the FTP root via a .. (dot dot) attack, which provides different error messages depending on whether the file exists or not....
The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause...
bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HOSTSVC parameter. Date published : 2000-10-13 http://www.securityfocus.com/bid/1455 http://archives.neohapsis.com/archives/bugtraq/2000-07/0146.html
Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability. Date published : 2000-10-13 http://www.securityfocus.com/bid/1451 http://www.securityfocus.com/templates/archive.pike?list=1&msg=396B3F8F.9244D290@nat.bg
HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow remote attackers to cause a denial of service via a malformed FTP quote command. Date published : 2000-10-13 http://www.securityfocus.com/bid/1491 http://archives.neohapsis.com/archives/bugtraq/2000-07/0265.html
The view_page.html sample page in the MiniVend shopping cart program allows remote attackers to execute arbitrary commands via shell metacharacters. Date published : 2000-10-13 http://www.securityfocus.com/bid/1449 http://archives.neohapsis.com/archives/bugtraq/2000-07/0150.html
The web administration interface for CommuniGate Pro 3.2.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack. Date published : 2000-10-13 http://www.securityfocus.com/bid/1493 http://archives.neohapsis.com/archives/bugtraq/2000-07/0223.html