Monthly Archive: July 2001

Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a ‘..’ (dot dot) attack in the sample script ‘codebrws.asp’. Date...

Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges. Date published : 2001-07-27...

QNX 2.4 allows a local user to read arbitrary files by directly accessing the mount point for the FAT disk partition, e.g. /fs-dos. Date published : 2001-07-27 http://archives.neohapsis.com/archives/vuln-dev/2001-q2/0266.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6437

sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges. Date published : 2001-07-27 http://www.debian.org/security/2001/dsa-050...

iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to gain access to the Netscape Admin Server (NAS) LDAP database and read arbitrary files by obtaining the cleartext administrator username and password from...

The Lucent Closed Network protocol can allow remote attackers to join Closed Network networks which they do not have access to. The ‘Network Name’ or SSID, which is used as a shared secret to...

Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of the ‘Network Name’ or SSID as the default Wired Equivalent Privacy (WEP) encryption key. Since the SSID occurs in the clear during communications,...

Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the portmapper and the ‘Virtual Server’ enabled can allow a remote attacker to gain access to mapped services even though the single portmappings may be...

Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain additional privileges and execute arbitrary commands via a specially constructed URL. Date published : 2001-07-27 http://marc.info/?l=bugtraq&m=98991352402073&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/6532

kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. Date published : 2001-07-27 http://archives.neohapsis.com/archives/bugtraq/2001-04/0336.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6428

Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function. Date published : 2001-07-27 http://www.securityfocus.com/bid/2576...

HP architected interface facility (AIF) as includes with MPE/iX 5.5 through 6.5 running on a HP3000 allows an attacker to gain additional privileges and gain access to databases via the AIF – AIFCHANGELOGON program....

asecure as included with HP-UX 10.01 through 11.00 can allow a local attacker to create a denial of service and gain additional privileges via unsafe permissions on the asecure program, a different vulnerability than...

Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service. Date published : 2001-07-27 http://archives.neohapsis.com/archives/hp/2001-q1/0041.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6110