The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability." Date published : 2001-01-22 http://www.checkpoint.com/techsupport/alerts/list_vun.html#OPSEC_Authentication http://www.osvdb.org/4420
The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass." Date published : 2001-01-22 http://www.checkpoint.com/techsupport/alerts/list_vun.html#Inter-module_Communications http://www.osvdb.org/4413
Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets." Date published : 2001-01-22 http://www.checkpoint.com/techsupport/alerts/list_vun.html#Retransmission_of http://www.osvdb.org/4415
Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass." Date published : 2001-01-22...
Watchguard Firebox II allows remote attackers to cause a denial of service by sending a malformed URL to the authentication service on port 4100. Date published : 2001-01-22 http://www.securityfocus.com/bid/1573 http://archives.neohapsis.com/archives/bugtraq/2000-08/0162.html
Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to cause a denial of service or possibly gain privileges via a long HTTP GET request. Date published : 2001-01-22 http://www.securityfocus.com/bid/1610 http://www.securityfocus.com/templates/archive.pike?list=1&msg=200008270354.UAA10952@user4.hushmail.com
Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed IP packet. Date published : 2001-01-22 http://www.securityfocus.com/bid/1609 http://archives.neohapsis.com/archives/bugtraq/2000-08/0338.html
The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges. Date published : 2001-01-22 http://www.securityfocus.com/bid/1583 http://www.securityfocus.com/templates/archive.pike?list=1&msg=004601c003a1$ba473260$ddeaa2cd@itradefair.net
Buffer overflow in the Linux binary compatibility module in FreeBSD 3.x through 5.x allows local users to gain root privileges via long filenames in the linux shadow file system. Date published : 2001-01-22 http://www.securityfocus.com/bid/1628...
WebShield SMTP 4.5 allows remote attackers to cause a denial of service by sending e-mail with a From: address that has a . (period) at the end, which causes WebShield to continuously send itself...
Worm HTTP server allows remote attackers to cause a denial of service via a long URL. Date published : 2001-01-22 http://www.securityfocus.com/bid/1626 http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0111.html
FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header. Date published : 2001-01-22 http://www.securityfocus.com/bid/1625 http://archives.neohapsis.com/archives/freebsd/2000-08/0337.html
WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the...
The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file. Date published : 2001-01-22 http://www.securityfocus.com/bid/1602 http://archives.neohapsis.com/archives/bugtraq/2000-08/0261.html