template.cgi in Free On-Line Dictionary of Computing (FOLDOC) allows remote attackers to read files and execute commands via shell metacharacters in the argument to template.cgi. Date published : 2002-03-09 http://archives.neohapsis.com/archives/bugtraq/2001-03/0109.html http://wombat.doc.ic.ac.uk/foldoc/index.html
Buffer overflow in WinZip 8.0 allows attackers to execute arbitrary commands via a long file name that is processed by the /zipandemail command line option. Date published : 2002-03-09 http://www.securityfocus.com/archive/1/166211 https://exchange.xforce.ibmcloud.com/vulnerabilities/6191
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user...
Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long APOP command. Date published :...
Buffer overflow in Xsun in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable. Date published : 2002-03-09 http://www.securityfocus.com/bid/2561 http://archives.neohapsis.com/archives/bugtraq/2001-04/0158.html
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools. Date published : 2002-03-09 http://www.securityfocus.com/bid/2506 http://www.securityfocus.com/bid/2683
Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot). Date published : 2002-03-09 http://www.securityfocus.com/bid/2522 http://archives.neohapsis.com/archives/bugtraq/2001-03/0237.html
Remote manager service in Website Pro 3.0.37 allows remote attackers to cause a denial of service via a series of malformed HTTP requests to the /dyn directory. Date published : 2002-03-09 http://archives.neohapsis.com/archives/bugtraq/2001-03/0425.html http://www.osvdb.org/5669
AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory. Date published : 2002-03-09 http://www.securityfocus.com/bid/2608 http://www.securityfocus.com/archive/1/177156
The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information....
Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a...
saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the PATH environmental variable to find and execute the expand program, which allows local users to obtain root access by modifying the PATH...
Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the ‘Use Microsoft Viewer’ and ‘allow executables in HTML content’ options are enabled, via an HTML email message containing Javascript, with ActiveX...
SSH Communications Security sshd 2.4 for Windows allows remote attackers to create a denial of service via a large number of simultaneous connections. Date published : 2002-03-09 http://www.securityfocus.com/bid/2477 http://marc.info/?l=bugtraq&m=98467799732241&w=2