BEA Systems Weblogic Server 6.1 allows remote attackers to cause a denial of service via a series of requests to .JSP files that contain an MS-DOS device name. Date published : 2002-03-15 http://www.securityfocus.com/bid/3816 http://marc.info/?l=bugtraq&m=101050440629269&w=2
CDE dtlogin in Caldera UnixWare 7.1.0, and possibly other operating systems, allows local users to gain privileges via a symlink attack on /var/dt/Xerrors since /var/dt is world-writable. Date published : 2002-03-15 http://www.securityfocus.com/bid/3818 http://marc.info/?l=bugtraq&m=101060400802428&w=2
AFTPD 5.4.4 allows remote attackers to gain sensitive information via a CD (CWD) ~ (tilde) command, which causes a core dump. Date published : 2002-03-15 http://www.securityfocus.com/bid/3806 http://marc.info/?l=bugtraq&m=101041333323486&w=2
An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from...
Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2)...
Microsoft Internet Explorer 6.0 and earlier allows local users to cause a denial of service via an infinite loop for modeless dialogs showModelessDialog, which causes CPU usage while the focus for the dialog is...
AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass authentication and read password-protected files via a URL that directly references the file. Date published : 2002-03-15 http://www.securityfocus.com/bid/3791 http://marc.info/?l=bugtraq&m=101038936305397&w=2
Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP request to the cgi-bin directory in which the CGI program name...
Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file. Date published : 2002-03-09 http://www.securityfocus.com/archive/1/24784 http://www.osvdb.org/6291
bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter. Date published : 2002-03-09 http://www.securityfocus.com/bid/778 http://marc.info/?l=bugtraq&m=94217006208374&w=2
RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command. Date published : 2002-03-09 http://marc.info/?l=bugtraq&m=93915641729415&w=2 http://marc.info/?l=bugtraq&m=93923853105687&w=2
Buffer overflow in AspUpload.dll in Persits Software AspUpload before 1.4.0.2 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument in the HTTP request. Date published...
Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer’s system via a long IMG_SRC HTML tag. Date published : 2002-03-09 http://www.securityfocus.com/bid/763 http://marc.info/?l=bugtraq&m=94157187815629&w=2
cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another...