The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root. Date published : 2002-03-09 http://www.securityfocus.com/bid/20 http://www.cert.org/advisories/CA-1991-06.html
Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. Date published : 2002-03-09 http://www.securityfocus.com/bid/206 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/143
Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. Date published : 2002-03-09 ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-97.18.solaris.chkey.buffer.overflow.vul http://www.securityfocus.com/bid/207
mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database. Date published : 2002-03-09 http://marc.info/?l=bugtraq&m=91479159617803&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/1568
Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges. Date published : 2002-03-09 http://ciac.llnl.gov/ciac/bulletins/j-003.shtml ftp://patches.sgi.com/support/free/security/advisories/19980901-01-PX
Directory traversal vulnerability in nph-publish before 1.2 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the pathname for an upload operation. Date published : 2002-03-09 http://www-genome.wi.mit.edu/WWW/tools/CGI_scripts/server_publish/nph-publish http://www.w3.org/Security/Faq/wwwsf4.html
Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to...
Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation. Date...
Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation. Date published : 2002-03-09 http://marc.info/?l=bugtraq&m=94347039929958&w=2 http://www.iss.net/security_center/static/7439.php
Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers to cause a denial of service by preventing users from being able to log into the system. Date published : 2002-03-09 http://www.cert.org/advisories/CA-1993-08.html http://www.iss.net/security_center/static/542.php
Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump. Date published : 2002-03-09 http://marc.info/?l=bugtraq&m=87602167420102&w=2
Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges. Date published : 2002-03-09 http://ciac.llnl.gov/ciac/bulletins/h-33.shtml http://marc.info/?l=bugtraq&m=87602167420581&w=2
SSH 2.0.11 and earlier allows local users to request remote forwarding from privileged ports without being root. Date published : 2002-03-09 http://marc.info/?l=bugtraq&m=91495920911490&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/1471
Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same...