[CLOSE] OSVDB ID : 11633 - Disclosed: 1997-07-31

Description:

(Description Provided by CVE) : The Perl fingerd program allows arbitrary command execution from remote users.

[CLOSE] OSVDB ID : 938 - Disclosed: 1997-07-30

Description:

(Description Provided by CVE) : Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges.

[CLOSE] OSVDB ID : 5862 - Disclosed: 1997-07-26

Description:

(Description Provided by CVE) : The Java Web Server would allow remote users to obtain the source code for CGI programs.

[CLOSE] OSVDB ID : 9413 - Disclosed: 1997-07-23

Description:

(Description Provided by CVE) : Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request.

[CLOSE] OSVDB ID : 989 - Disclosed: 1997-07-21

Description:

(Description Provided by CVE) : Buffer overflow in AIX lchangelv gives root access.

[CLOSE] OSVDB ID : 7969 - Disclosed: 1997-07-21

Description:

A local overflow exists in AIX ping. The AIX ping fails to check command line arguments length resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary commands resulting in a loss of integrity.

[CLOSE] OSVDB ID : 7160 - Disclosed: 1997-07-21

Description:

(Description Provided by CVE) : Buffer overflow in Exim allows local users to gain root privileges via a long :include: option in a .forward file.

[CLOSE] OSVDB ID : 1450 - Disclosed: 1997-07-21

Description:

(Description Provided by CVE) : Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands.

[CLOSE] OSVDB ID : 1247 - Disclosed: 1997-07-17

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 8218 - Disclosed: 1997-07-17

Description:

A local overflow exists in the 'ld.so' dynamic linkers in some Linux distributions. By forcing an error while calling a dynamically linked setuid program with a long program name (argv[0]), a local attacker can overflow a buffer and execute arbitrary code on the system and use this vulnerability to gain root privileges on the system.

[CLOSE] OSVDB ID : 8219 - Disclosed: 1997-07-17

Description:

A local overflow exists in the 'ld-linux.so' dynamic linkers in some Linux distributions. By forcing an error while calling a dynamically linked setuid program with a long program name (argv[0]), a local attacker can overflow a buffer and execute arbitrary code on the system gaining root privileges.

[CLOSE] OSVDB ID : 83126 - Disclosed: 1997-07-16

Description:

Microsoft Windows NT contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by the HKeyLocalMachine\SECURITY\Policy\Secrets\ registry key containing plaintext passwords to running services. This may allow a local attacker to gain information to password information.

[CLOSE] OSVDB ID : 29 - Disclosed: 1997-07-15

Description:

(Description Provided by CVE) : The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file.

[CLOSE] OSVDB ID : 164 - Disclosed: 1997-07-14

Description:

IRIX contains a flaw that may allow a malicious attacker to obtain a complete listing of files and directories on vulnerable systems. The issue is triggered when the File Altercation Monitor (fam) daemon is instructed by a program to monitor the root directory. It is possible that the flaw may allow retrieval of all files under the root directory, resulting in a loss of confidentiality.

[CLOSE] OSVDB ID : 8423 - Disclosed: 1997-07-10

Description:

A local overflow exists in SGI IRIX. The pset program fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a malicious user can cause arbitrary commands execution with root privileges resulting in a loss of integrity.

[CLOSE] OSVDB ID : 236 - Disclosed: 1997-07-10

Description:

(Description Provided by CVE) : The Webgais program allows a remote user to execute arbitrary commands.

[CLOSE] OSVDB ID : 2917 - Disclosed: 1997-07-09

Description:

Microsoft Access has a flaw in the encryption used to protect databases. The RC4 based encryption uses the same key for both encryption and decryption with no password/phrase. By creating a database equal in size as the target database, an attacker can use the XOR'd key stream from the newly created database to decrypt the target database.

[CLOSE] OSVDB ID : 7873 - Disclosed: 1997-07-08

Description:

(Description Provided by CVE) : JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.

[CLOSE] OSVDB ID : 11289 - Disclosed: 1997-07-08

Description:

(Description Provided by CVE) : A remote attacker can read information from a Netscape user's cache via JavaScript.

[CLOSE] OSVDB ID : 237 - Disclosed: 1997-07-04

Description:

(Description Provided by CVE) : websendmail in Webgais 1.0 allows a remote user to access arbitrary files and execute arbitrary code via the receiver parameter ($VAR_receiver variable).

[CLOSE] OSVDB ID : 82 - Disclosed: 1997-07-02

Description:

(Description Provided by CVE) : The aglimpse CGI program of the Glimpse package allows remote execution of arbitrary commands.

[CLOSE] OSVDB ID : 957 - Disclosed: 1997-07-01

Description:

(Description Provided by CVE) : Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command.

[CLOSE] OSVDB ID : 8422 - Disclosed: 1997-07-01

Description:

A local overflow exists in SGI IRIX. The df program fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a malicious user can cause arbitrary commands execution with root privileges resulting in a loss of integrity.

[CLOSE] OSVDB ID : 8426 - Disclosed: 1997-07-01

Description:

A local overflow exists in SGI IRIX. The ordist program fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a malicious user can cause arbitrary commands execution with root privileges resulting in a loss of integrity.

[CLOSE] OSVDB ID : 198 - Disclosed: 1997-07-01

Description:

Sendmail contains a flaw that may allow a remote attacker to relay mail through the server. In older versions of sendmail, default configurations allowed many methods of e-mail relay. This allowed a remote attacker to send mail through the server and cause the email to appear to come from the victim server. This makes it more difficult to easily spot where the mail comes from and allows basic e-mail spoofing. This practice is typically referred to "sending spam" or "spamming".

[CLOSE] OSVDB ID : 958 - Disclosed: 1997-07-01

Description:

Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports.

[CLOSE] OSVDB ID : 5873 - Disclosed: 1997-07-01

Description:

(Description Provided by CVE) : wu-ftpd FTP daemon allows any user and password combination.

[CLOSE] OSVDB ID : 8425 - Disclosed: 1997-07-01

Description:

A local overflow exists in SGI IRIX. The scheme program fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a malicious user can cause arbitrary commands execution with root privileges resulting in a loss of integrity.

[CLOSE] OSVDB ID : 9735 - Disclosed: 1997-07-01

Description:

(Description Provided by CVE) : When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records.

[CLOSE] OSVDB ID : 10604 - Disclosed: 1997-07-01

Description:

(Description Provided by CVE) : The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories.

[CLOSE] OSVDB ID : 10616 - Disclosed: 1997-07-01

Description:

(Description Provided by CVE) : Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial of service (crash) by sending improperly fragmented IP packets without the first fragment, which the TCP/IP stack incorrectly reassembles into a valid session.

[CLOSE] OSVDB ID : 59250 - Disclosed: 1997-07-01

Description:

(Description Provided by CVE) : Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service.

[CLOSE] OSVDB ID : 59251 - Disclosed: 1997-07-01

Description:

(Description Provided by CVE) : Buffer overflow in ircd allows arbitrary command execution.