| OSVDB ID | Disclosure Date | Title |
|---|
|
56518
Description:
Unknown / Incomplete
|
1997-01-30
|
Vi tags File Handling Local Privilege Escalation
|
|
56519
Description:
Unknown / Incomplete
|
1997-01-30
|
Ex tags File Handling Local Privilege Escalation
|
|
8026
Description:
(Description Provided by CVE) : Certain files in MPower in HP-UX 10.x are installed with insecure permissions, which allows local users to gain privileges.
|
1997-01-30
|
HP-UX MPower Local Privilege Escalation
|
|
8734
Description:
(Description Provided by CVE) : Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0].
|
1997-01-27
|
Solaris libc getopt Argv Local Overflow
|
|
11472
Description:
(Description Provided by CVE) : Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made.
|
1997-01-26
|
Microsoft Windows NT DNS Server Malformed Response DoS
|
|
45423
Description:
Unknown / Incomplete
|
1997-01-20
|
Ladder-DES Cipher Chosen-plaintext Attack Weakness
|
|
45424
Description:
Unknown / Incomplete
|
1997-01-20
|
SHARK Cipher (5 Round) Higher Order Differential Cryptanalysis Weakness
|
|
45425
Description:
Unknown / Incomplete
|
1997-01-20
|
KN-Cipher Higher Order Differential Cryptanalysis Compromise
|
|
8203
Description:
A remote overflow exists in talkd. The talkd fails to check bounds on the buffer where the hostname is stored resulting in a stack space overflow. With a specially crafted DNS entry, an attacker can cause remote execution of arbitrary commands with root privileges resulting in a loss of integrity.
|
1997-01-18
|
NetKit (ntalk) talkd Crafted DNS Response Remote Overflow
|
|
8569
Description:
IRIX contains a flaw that may allow a malicious user to truncate arbitrary files. The issue is triggered when the truncate system call fails to check whether the user is privileged. It is possible that the flaw may allow file damage resulting in a loss of integrity.
|
1997-01-09
|
IRIX XFS File System Truncate Function Arbitrary File Content Deletion
|
|
9597
Description:
(Description Provided by CVE) : Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges.
|
1997-01-09
|
HP-UX chsh Local Privilege Escalation
|
|
897
Description:
IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious attacker with a local system account uses LicenseManager to manipulate root-owned files to gain root privileges. This flaw may lead to a loss of integrity.
|
1997-01-07
|
IRIX LicenseManager NETLS_LICENSE_FILE Local Privilege Escalation
|
|
8025
Description:
(Description Provided by CVE) : Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges.
|
1997-01-07
|
HP-UX GlancePlus Local Privilege Escalation
|
|
9607
Description:
(Description Provided by CVE) : Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows local users to bypass authentication and gain privileges.
|
1997-01-07
|
HP-UX dtlogin Local Authentication Bypass
|
|
9608
Description:
(Description Provided by CVE) : Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows local users to bypass authentication and gain privileges.
|
1997-01-07
|
HP-UX dtsession Local Authentication Bypass
|
|
8
Description:
O'Reilly WebSite contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is due to the 'win-c-sample' program containing a remote overflow. The program fails to validate unspecified user-supplied input resulting in a buffer overflow. With a specially crafted request, an attacker can execute custom code under the privileges of the web server process.
|
1997-01-06
|
O'Reilly WebSite win-c-sample Remote Overflow
|
|
898
Description:
IRIX contains a flaw that may allow a malicious local user to manipulate arbitrary files on the system. The issue is due to the LicenseManager creating files insecurely. It is possible for a user to set an environment variable and use a symlink style attack, resulting in a loss of integrity.
|
1997-01-06
|
IRIX LicenseManager LICENSEMGR_FILE_ROOT
|
|
8099
Description:
HP-UX movemail contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when installation occurs. The permissions on /opt/wt/bin/movemail were set incorrectly. This flaw may lead to a loss of Confidentiality and Integrity.
|
1997-01-06
|
HP-UX movemail Local Privilege Escalation
|
|
8718
Description:
wu-ftpd contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an ftp client is transferring a file, then closes the connection and sends an ABOR command, which causes the server to execute the dologout() function, allowing the user to gain root privileges. This flaw may lead to a loss of confidentiality and/or integrity.
|
1997-01-04
|
WU-FTPD ABOR Command Arbitrary File Access
|
|
6415
Description:
HP-UX passwd command contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a command line buffer overflow occurs in the passwd utility. This flaw may lead to a loss of integrity.
|
1997-01-03
|
HP-UX passwd Command Line Overflow
|
|
52421
Description:
Unknown / Incomplete
|
1997-01-02
|
SHARK Algorithm (5 Round) Interpolation Attack Cryptanalysis Weakness
|
|
84988
Description:
SCO UnixWare contains a flaw related xdm. The issue is triggered when an error occurs during the handling of xdm-config. This may allow an attacker to create arbitrary files with increased privileges.
|
1997-01-01
|
SCO UnixWare xdm xdm-config Handling Arbitrary Privileged File Creation
|
|
1091
Description:
(Description Provided by CVE) : Buffer overflow in HP-UX newgrp program.
|
1997-01-01
|
HP-UX newgrp Local Overflow
|
|
1684
Description:
(Description Provided by CVE) : FormMail CGI program can be used by web servers other than the host server that the program resides on.
|
1997-01-01
|
Matt Wright FormMail Arbitrary Command Execution CSRF
|
|
82200
Description:
Cyrus IMAP Server contains a flaw that may allow an attacker to bypass ACL and deliver to an arbitrary mailbox via a specially crafted address form.
|
1997-01-01
|
Cyrus IMAP Server Crafted Address Form ACL Bypass Arbitrary Mailbox Delivery
|
|
1092
Description:
(Description Provided by CVE) : Csetup under IRIX allows arbitrary file creation or overwriting.
|
1997-01-01
|
IRIX csetup Arbitrary File Creation/Deletion
|
|
1095
Description:
(Description Provided by CVE) : Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT.
|
1997-01-01
|
Microsoft Windows NT RPC Locator (RPCSS.EXE) CPU Utilization DoS
|
|
5858
Description:
(Description Provided by CVE) : Windows NT RSHSVC program allows remote users to execute arbitrary commands.
|
1997-01-01
|
Microsoft Windows NT Rshsvc.exe Arbitrary Command Execution
|
|
9309
Description:
(Description Provided by CVE) : MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
|
1997-01-01
|
Sendmail MIME Conversion Malformed Header Overflow
|
|
9579
Description:
(Description Provided by CVE) : Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.
|
1997-01-01
|
Microsoft Windows NT GetThreadContext/SetThreadContext Kernel Mode Address DoS
|
|
11473
Description:
(Description Provided by CVE) : Denial of service in Windows NT messenger service through a long username.
|
1997-01-01
|
Microsoft Windows NT Messenger Service Long Username DoS
|
|
11475
Description:
(Description Provided by CVE) : A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.
|
1997-01-01
|
Microsoft Windows NT NtOpenProcessToken Permission Failure
|
