Monthly Archive: May 2001

Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment. Date...

Netopia R9100 router version 4.6 allows authenticated users to cause a denial of service by using the router’s telnet program to connect to the router’s IP address, which causes a crash. Date published :...

ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an...

Allaire JRun 3.0 allows remote attackers to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "." Date published : 2001-05-07 http://www.allaire.com/handlers/index.cfm?ID=19546&Method=Full...

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges....

glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. Date published : 2001-05-07 http://www.securityfocus.com/bid/2181 http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html

When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by...

Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file. Date published : 2001-05-07 http://archives.neohapsis.com/archives/bugtraq/2000-12/0491.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5826

Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (process name) argument. Date published : 2001-05-07 http://www.securityfocus.com/bid/2322 http://archives.neohapsis.com/archives/bugtraq/2001-01/0517.html

Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier allows attackers with physical access to a Palm device to bypass access restrictions and obtain passwords, even if the system lockout mechanism...

HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly. Date published : 2001-05-07...

Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands. Date published : 2001-05-07 http://razor.bindview.com/publish/advisories/adv_vbtsql.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-018

The password protection option for the Compressed Folders feature in Plus! for Windows 98 and Windows Me writes password information to a file, which allows local users to recover the passwords and read the...

IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests. Date published : 2001-05-07 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-016 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A90