Monthly Archive: May 2001

The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/....

The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET...

Linux tmpwatch –fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters. Date published : 2001-05-07 http://www.securityfocus.com/bid/1785 http://xforce.iss.net/alerts/advise64.php

GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is...

The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address,...

Directory traversal vulnerability in Worm HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack. Date published : 2001-05-07 http://www.securityfocus.com/bid/1626 http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0111.html

CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable. Date published : 2001-05-07 http://www.securityfocus.com/bid/1623 http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000829194618.H7744@thathost.com

news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the...

GoodTech FTP server allows remote attackers to cause a denial of service via a large number of RNTO commands. Date published : 2001-05-07 http://www.securityfocus.com/bid/1619 http://www.securityfocus.com/templates/archive.pike?list=1&msg=02ff01c0124c$e9387660$0201a8c0@aviram

pgxconfig in the Raptor GFX configuration tool allows local users to gain privileges via a symlink attack. Date published : 2001-05-07 http://archives.neohapsis.com/archives/bugtraq/2000-07/0463.html http://www.osvdb.org/5740

pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "cp" program, which allows local users to execute arbitrary commands by modifying their path to point...

The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that...

Buffer overflow in Webfind CGI program in O’Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter. Date published : 2001-05-07 http://www.securityfocus.com/bid/1487 http://website.oreilly.com/support/software/wspro25_releasenotes.txt

Netscape Professional Services FTP Server 1.3.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack. Date published : 2001-05-07 http://www.securityfocus.com/bid/1411 http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.21.0006211351280.23780-100000@nimue.tpi.pl