Buffer overflow in Microsoft Windows Media Player allows remote attackers to execute arbitrary commands via a malformed Active Stream Redirector (.ASX) file, aka the ".ASX Buffer Overrun" vulnerability. Date published : 2001-01-22 http://www.atstake.com/research/advisories/2000/a112300-1.txt http://www.securityfocus.com/bid/1980
Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability....
in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash. Date...
Trend Micro InterScan VirusWall creates an "Intscan" share to the "InterScan" directory with permissions that grant Full Control permissions to the Everyone group, which allows attackers to gain privileges by modifying the VirusWall programs....
Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and...
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page. Date published : 2001-01-22 http://www.securityfocus.com/bid/2013 http://archives.neohapsis.com/archives/bugtraq/2000-11/0406.html
crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users...
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters. Date published : 2001-01-22 http://www.securityfocus.com/bid/1936 http://archives.neohapsis.com/archives/bugtraq/2000-11/0179.html
Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument. Date published : 2001-01-22 http://www.atstake.com/research/advisories/2000/a121200-1.txt http://marc.info/?l=bugtraq&m=97668265628917&w=2
Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, aka the "Phone Book Service Buffer Overflow" vulnerability. Date published : 2001-01-22 http://www.stake.com/research/advisories/2000/a120400-1.txt http://www.securityfocus.com/bid/2048
Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers to cause a denial of service via a malformed (empty) UDP packet. Date published : 2001-01-22 http://www.securityfocus.com/bid/1900 http://marc.info/?l=bugtraq&m=97318797630246&w=2
Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml extension. Date published : 2001-01-22 http://www.securityfocus.com/archive/1/141435 https://exchange.xforce.ibmcloud.com/vulnerabilities/5446
csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in...
csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a...