The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attackers to execute arbitrary commands as root via an infected mail message with shell metacharacters in the reply-to field. Date published : 2002-03-09 http://www.securityfocus.com/bid/527 http://marc.info/?l=bugtraq&m=93219846414732&w=2
Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash. Date published : 2002-03-09 http://www.securityfocus.com/bid/59 http://www.cert.org/advisories/CA-1993-03.html
colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument. Date published : 2002-03-09 http://www.securityfocus.com/bid/336 http://www.securityfocus.com/archive/1/675
sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication. Date published : 2002-03-09 http://www.securityfocus.com/bid/371 http://ciac.llnl.gov/ciac/bulletins/i-079a.shtml
Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair. Date published : 2002-03-09 http://www.securityfocus.com/bid/741 http://www.securityfocus.com/archive/1/33295
The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character. Date published : 2002-03-09 http://www.securityfocus.com/bid/522...
A bug in Intel Pentium processor (MMX and Overdrive) allows local users to cause a denial of service (hang) in Intel-based operating systems such as Windows NT and Windows 95, via an invalid instruction,...
When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue." Date published : 2002-03-09 http://support.microsoft.com/support/kb/articles/q176/6/97.asp http://www.osvdb.org/7818
Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user’s machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka...
thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename. Date published : 2002-03-09 http://www.securityfocus.com/archive/1/10368 http://www.acme.com/software/thttpd/thttpd.html#releasenotes
RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users...
GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt....
ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml. Date published : 2002-03-09 http://www.securityfocus.com/bid/151 http://marc.info/?l=bugtraq&m=90221104525890&w=2
HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file. Date published : 2002-03-09 http://www.securityfocus.com/bid/157 http://marc.info/?l=bugtraq&m=90221104525988&w=2