| OSVDB ID | Disclosure Date | Title |
|---|
|
5821
Description:
(Description Provided by CVE) : Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.
|
1997-12-30
|
Apache HTTP Server Multiple / GET Remote Overflow DoS
|
|
8787
Description:
(Description Provided by CVE) : iPass RoamServer 3.1 creates temporary files with world-writable permissions.
|
1997-12-29
|
iPass RoamServer Temporary File Information Disclosure
|
|
9843
Description:
(Description Provided by CVE) : Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself.
|
1997-12-24
|
Quake 2 Server Spoofed Localhost UDP Packet DoS
|
|
19006
Description:
(Description Provided by CVE) : Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Service Pack 4 allows remote attackers to cause a denial of service (memory consumption) via a large number of SNMP packets with Object Identifiers (OIDs) that cannot be decoded.
|
1997-12-23
|
Microsoft Windows NT snmp.exe Malformed OID Packet Saturation DoS
|
|
83610
Description:
libc on multiple Linux installs is prone to an overflow condition. The vsslog() function fails to properly sanitize user-supplied input resulting in a buffer overflow. This may allow a local attacker to execute arbitrary code and gain root access.
|
1997-12-21
|
Multiple Linux libc vsyslog() Function Local Overflow
|
|
14789
Description:
(Description Provided by CVE) : Land IP denial of service.
|
1997-12-17
|
Multiple Vendor Malformed TCP SYN Loopback Packet Remote DoS (land)
|
|
11487
Description:
(Description Provided by CVE) : Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root.
|
1997-12-17
|
Livingston RADIUS rad_accounting Overflow
|
|
5728
Description:
Windows NT contains a flaw that may allow a remote denial of service. The issue is triggered when specially crafted packet fragments are sent to a target, and will result in loss of availability for the platform.
|
1997-12-16
|
Modified Teardrop IP Fragment Re-Assembly DoS
|
|
1102
Description:
IOS/700 contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker uses a very long password string during telnet login, and will result in loss of availability for the platform.
|
1997-12-15
|
Cisco 700 Router Telnet Password Overflow DoS
|
|
8109
Description:
(Description Provided by CVE) : Buffer overflow in CrackLib 2.5 may allow local users to gain root privileges via a long GECOS field.
|
1997-12-14
|
CrackLib GECOS Field Overflow
|
|
57409
Description:
Unknown / Incomplete
|
1997-12-09
|
Check Point FireWall-1 External SNMP Information Disclosure
|
|
87
Description:
Unknown / Incomplete
|
1997-12-08
|
HP JetDirect Remote LCD Display Manipulation
|
|
11498
Description:
(Description Provided by CVE) : Buffer overflow in Linux Slackware crond program allows local users to gain root access.
|
1997-12-06
|
Dillon Cron (dcron) Local Overflow
|
|
8420
Description:
(Description Provided by CVE) : Buffer overflow in statd allows root privileges.
|
1997-12-05
|
Multiple Unix Vendor rpc.statd Remote Overflow
|
|
39595
Description:
(Description Provided by CVE) : Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.
|
1997-12-03
|
Sendmail on SunOS Multiple Unspecified Issues
|
|
12265
Description:
Unknown / Incomplete
|
1997-12-02
|
Sendmail Arbitrary File Append Privilege Escalation
|
|
12977
Description:
(Description Provided by CVE) : Xyplex terminal server 6.0.1S1, and possibly other versions, allows remote attackers to bypass the password prompt by entering (1) a CTRL-Z character, or (2) a ? (question mark).
|
1997-12-01
|
Xyplex Terminal Server Password Prompt Special Character Bypass
|
|
947
Description:
(Description Provided by CVE) : Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.
|
1997-11-26
|
Sun automountd Shell Metacharacter Arbitrary Command Execution
|
|
7629
Description:
(Description Provided by CVE) : Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges.
|
1997-11-20
|
SCO OpenServer scoterm Privilege Escalation
|
|
8760
Description:
(Description Provided by CVE) : Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges.
|
1997-11-18
|
OSF Advanced File System Utility (advfs) fstab.advfsd.lockfile Symlink Privilege Escalation
|
|
8759
Description:
Unknown / Incomplete
|
1997-11-18
|
OSF fstab fstab.advfsd.lockfile Symlink Privilege Escalation
|
|
17112
Description:
LISTSERV contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote attacker sends the "lists" command (and possibly others). The list manager will return mail with valid mail lists, as well as other system information including the CPU type and machine load. This may disclose the remote operating system which can assist an attacker in more focused attacks.
|
1997-11-14
|
L-Soft LISTSERV Mail Command Output Information Disclosure
|
|
89136
Description:
Digital Unix contains a flaw as dbx creates core dump files insecurely. It is possible for a local attacker to use a symlink attack against a 'core' file to allow a local attacker to gain escalated privileges.
|
1997-11-14
|
Digital Unix dbx Core Dump Symlink Local Privilege Escalation
|
|
5727
Description:
Multiple products contain a flaw that may allow a remote denial of service. The issue is triggered when specially crafted IP packet fragments are sent to a target, and will result in loss of availability for the platform.
|
1997-11-13
|
Multiple Vendor IP Fragment Re-Assembly Remote DoS (teardrop)
|
|
52422
Description:
Unknown / Incomplete
|
1997-11-12
|
TEA Algorithm Related-key Attack Cryptanalysis Weakness
|
|
8762
Description:
(Description Provided by CVE) : xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access.
|
1997-11-12
|
Digital Unix xterm DISPLAY Variable Symlink Arbitrary File Overwrite
|
|
83068
Description:
AIX contains a flaw that may allow a local user to gain root privileges. The issue is due to the /usr/bin/clear binary allowing a user to set an environment variable (IFS) to / temporarily. With this internal field separator changed, a system call to /usr/bin/uncompress -f is executed. This may allow a local attacker to gain escalated privileges by executing commands as servinfo which has root privileges.
|
1997-11-12
|
IBM AIX servinfo IFS Variable Local Privilege Escalation
|
|
7833
Description:
(Description Provided by CVE) : Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.
|
1997-11-10
|
Microsoft IE/OE res: Protocol Library Overflow
|
|
93
Description:
(Description Provided by CVE) : Directory traversal vulnerability in carbo.dll in iCat Carbo Server 3.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the icatcommand parameter.
|
1997-11-08
|
Icat carbo.dll icatcommand Parameter Traversal Arbitrary File Access
|
|
2916
Description:
CyberCash has a flaw that causes all credit card information processed to be logged to a file that is world readable. This flaw occurs on default installations due to the DEBUG flag being set to '0' and ignoring alternate settings.
|
1997-11-07
|
CyberCash Local Information Disclosure
|
|
7392
Description:
(Description Provided by CVE) : A bug in Intel Pentium processor (MMX and Overdrive) allows local users to cause a denial of service (hang) in Intel-based operating systems such as Windows NT and Windows 95, via an invalid instruction, aka the "Invalid Operand with Locked CMPXCHG8B Instruction" problem.
|
1997-11-06
|
Intel Pentium MMX / Overdrive Processors Local DoS (F00F)
|
|
83585
Description:
netkit-ftp contains a flaw related to the FTP client. The issue is triggered when a remote attacker uploads a file that starts with the '|' (pipe) character, which will cause the contents of the file to be executed as a shell script.
|
1997-11-04
|
NetKit FTP Client (netkit-ftp) Pipe Character Arbitrary Command Execution
|
|
83567
Description:
Microsoft NT Advanced Server (NTAS) contains a flaw related to the FTP client. The issue is triggered when a remote attacker uploads a file that starts with the '|' (pipe) character, which will cause the contents of the file to be executed as a shell script.
|
1997-11-03
|
Microsoft NT Advanced Server (NTAS) FTP Client Pipe Character Arbitrary Command Execution
|
|
83584
Description:
Linux Slackware contains a flaw related to the FTP client. The issue is triggered when a remote attacker uploads a file that starts with the '|' (pipe) character, which will cause the contents of the file to be executed as a shell script.
|
1997-11-03
|
Linux Slackware FTP Client Pipe Character Arbitrary Command Execution
|
|
83583
Description:
Solaris contains a flaw related to the FTP client. The issue is triggered when a remote attacker uploads a file that starts with the '|' (pipe) character, which will cause the contents of the file to be executed as a shell script.
|
1997-11-03
|
Solaris FTP Client Pipe Character Arbitrary Command Execution
|
|
83582
Description:
HP-UX contains a flaw related to the FTP client. The issue is triggered when a remote attacker uploads a file that starts with the '|' (pipe) character, which will cause the contents of the file to be executed as a shell script.
|
1997-11-03
|
HP-UX FTP Client Pipe Character Arbitrary Command Execution
|
|
45119
Description:
Unknown / Incomplete
|
1997-11-01
|
TEA Algorithm Related-key Cryptanalysis Weakness
|
|
45117
Description:
Unknown / Incomplete
|
1997-11-01
|
RC2 Algorithm Related-key Cryptanalysis Weakness
|
|
45113
Description:
Unknown / Incomplete
|
1997-11-01
|
NewDES Algorithm Related-key Cryptanalysis Weakness
|
|
45114
Description:
Unknown / Incomplete
|
1997-11-01
|
DES-X Algorithm Related-key Cryptanalysis Weakness
|
