Monthly Archive: March 2002

The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR). Date published : 2002-03-09...

FPF kernel module 1.0 allows a remote attacker to cause a denial of service via fragmented packets. Date published : 2002-03-09 http://www.securityfocus.com/bid/2816 http://marc.info/?l=bugtraq&m=99167206319643&w=2

A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large ‘To:’ field in an email header. Date published : 2002-03-09 http://www.securityfocus.com/bid/2877 http://www.caldera.com/support/security/advisories/CSSA-2001-022.1.txt

OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands. Date published : 2002-03-09 http://archives.neohapsis.com/archives/bugtraq/2001-09/0153.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000431

Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension. Date published :...

Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user’s desktop folder via insecure default permissions for the Desktop when it is created in some languages. Date...

Directory traversal vulnerability in ttawebtop.cgi in Tarantella Enterprise 3.00 and 3.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the pg parameter. Date published : 2002-03-09 http://www.securityfocus.com/bid/2890 http://www.securityfocus.com/archive/1/3B2E37D0.81D9ED9D@snosoft.com

Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. (dot dot) attack on the "next" parameter. Date published : 2002-03-09 http://www.securityfocus.com/bid/3028 http://www.securityfocus.com/archive/1/4.3.2.7.2.20010715184257.00b20100@compumodel.com

Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands. Date published : 2002-03-09 http://www.securityfocus.com/bid/3517 ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.30/

lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library. Date published : 2002-03-09 http://www.lsd-pl.net/files/get?IRIX/irx_lpstat2 ftp://patches.sgi.com/support/free/security/advisories/20011003-02-P

SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay. Date published...

LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges. Date published : 2002-03-09 http://www.securityfocus.com/bid/2865 http://www.ciac.org/ciac/bulletins/l-096.shtml

Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters. Date published : 2002-03-09 http://www.securityfocus.com/bid/2932 http://archives.neohapsis.com/archives/bugtraq/2001-06/0353.html

Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username. Date published : 2002-03-09 http://www.securityfocus.com/bid/2763 http://www.securityfocus.com/archive/1/187086