Monthly Archive: March 2001

Directory traversal vulnerability in Free Java Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack. Date published : 2001-03-09 http://archives.neohapsis.com/archives/bugtraq/2001-02/0061.html

eEye Iris 1.01 beta allows remote attackers to cause a denial of service via a malformed packet, which causes Iris to crash when a user views the packet. Date published : 2001-03-09 http://www.securityfocus.com/bid/2278 http://archives.neohapsis.com/archives/bugtraq/2001-01/0343.html

Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands. Date published : 2001-03-09 http://www.securityfocus.com/bid/2215 http://www.calderasystems.com/support/security/advisories/CSSA-2001-003.0.txt

Lars Ellingsen guestserver.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the "email" parameter. Date published : 2001-03-09 http://archives.neohapsis.com/archives/bugtraq/2001-01/0471.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6027

WebMaster ConferenceRoom 1.8.1 allows remote attackers to cause a denial of service via a buddy relationship between the IRC server and a server clone. Date published : 2001-03-09 http://www.securityfocus.com/bid/2178 http://www.securityfocus.com/archive/1/155388

Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header. Date published : 2001-03-09...

Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name. Date published : 2001-03-09 http://www.securityfocus.com/bid/2180 http://archives.neohapsis.com/archives/bugtraq/2001-01/0127.html

Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request. Date published : 2001-03-09 http://www.securityfocus.com/bid/2318 http://archives.neohapsis.com/archives/bugtraq/2001-01/0505.html

Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0....

Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string. Date published : 2001-03-09 http://www.securityfocus.com/bid/2305...

IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL’s. Date published : 2001-03-09 http://www.securityfocus.com/bid/2440 http://www.securityfocus.com/bid/2441