[CLOSE] OSVDB ID : 1169 - Disclosed: 1999-12-21

Description:

WMMon, a FreeBSD port, contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when WMMon is setgid kmem and configured to execute arbitrary commands via the .wmmonrc configuration file. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 50 - Disclosed: 1999-12-21

Description:

Lotus Domino HTTP Server contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a URL with a non-existent cgi-bin program is called, which will disclose the actual path information resulting in a loss of confidentiality.

[CLOSE] OSVDB ID : 51 - Disclosed: 1999-12-21

Description:

Lotus Domino HTTP Service contains a flaw that may allow a remote denial of service. The issue is triggered when a very long URL is called in the /cgi-bin directory for a non-existent page, and will result in loss of availability for the platform. A hard reboot is required to recover.

[CLOSE] OSVDB ID : 1167 - Disclosed: 1999-12-21

Description:

(Description Provided by CVE) : Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.

[CLOSE] OSVDB ID : 3327 - Disclosed: 1999-12-21

Description:

Lotus Domino HTTP Service contains a flaw that may allow a malicious user to gain inappropriate access to the cgi-bin directory. The issue is triggered when anonymous access to the cgi-bin directory is disabled. It is possible that the flaw may allow anonymous access to cgi-bin even when it has been turned off resulting in a loss of confidentiality.

[CLOSE] OSVDB ID : 7580 - Disclosed: 1999-12-21

Description:

(Description Provided by CVE) : DNS PRO allows remote attackers to conduct a denial of service via a large number of connections.

[CLOSE] OSVDB ID : 8098 - Disclosed: 1999-12-21

Description:

Microsoft IIS and Site Server contain a flaw that may allow a remote attacker to gain access to ASP page source code. The issue is triggered when ASP files are stored in virtual directories whose names include extensions such as .com, .exe, .sh, .cgi, or .dll. When an attacker requests such a file, the server will return the source code instead of processing the file normally.

[CLOSE] OSVDB ID : 92016 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains a flaw in the /bin/hello binary that leads to unauthorized privileges being gained. The issue is due to the device not properly restricting access to privileged devices. This will allow a local attacker to gain access to the device.

[CLOSE] OSVDB ID : 92017 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an flaw in the /bin/hello binary that is triggered during the handling of unspecified 'dangerous' characters, which may allow a local attacker to have an unspecified impact. No further details have been provided by the researcher.

[CLOSE] OSVDB ID : 92018 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an flaw in the /bin/write binary that is triggered during the handling of unspecified 'dangerous' characters, which may allow a local attacker to have an unspecified impact. No further details have been provided by the researcher.

[CLOSE] OSVDB ID : 92019 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an unspecified flaw in the /bin/login binary that may allow an attacker to have an unspecified impact. No further details have been provided by the researcher.

[CLOSE] OSVDB ID : 92009 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /etc/popper binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 92008 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/bin/rlogin binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 92007 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/lib/sysadm/termsh binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 92006 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/lib/libX11.so.5.0 binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 92005 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/lib/libXt.so.5.0 binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 92004 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/lib/libXmu.so.5.0 binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 92003 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/lib/libXaw.so.5.0 binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 92002 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/lib/libX11.a binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 92001 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/lib/libXt.a binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 92000 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/lib/libXmu.a binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 91999 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/lib/libXaw.a binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 91998 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/bin/X11/xload binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 91997 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/bin/X11/scolock binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 91996 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/bin/X11/scologin binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 91995 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/lpd/remote/rlpstat binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 91994 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/lpd/remote/cancel binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 91993 - Disclosed: 1999-12-21

Description:

SCO OpenServer contains an overflow condition in the /usr/lpd/remote/lpmove binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 91991 - Disclosed: 1999-12-20

Description:

SCO OpenServer contains an overflow condition in the /usr/mmdf/chans/smtpsrvr binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 92020 - Disclosed: 1999-12-20

Description:

SCO OpenServer contains a flaw in the /usr/bin/X11/Xsco binary. The issue is due to an error in the -config variable. This may allow a local attacker to gain limited access to arbitrary files.

[CLOSE] OSVDB ID : 91992 - Disclosed: 1999-12-20

Description:

SCO OpenServer contains an overflow condition in the etc/killall binary. The issue is triggered as user-supplied input is not properly validated via the command line. With a specially crafted command, a local attacker can cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

[CLOSE] OSVDB ID : 85842 - Disclosed: 1999-12-20

Description:

X.Org X Window System (X11) is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a multiple overflow. With a specially crafted call to the LibX11, LibXt, LibXaw or LibXmu libraries, a local attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 48430 - Disclosed: 1999-12-19

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 1143 - Disclosed: 1999-12-19

Description:

(Description Provided by CVE) : Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.

[CLOSE] OSVDB ID : 1736 - Disclosed: 1999-12-19

Description:

(Description Provided by CVE) : wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.

[CLOSE] OSVDB ID : 3413 - Disclosed: 1999-12-19

Description:

Novell Groupwise contains a vulnerability that allows a remote attacker to read arbitrary files in the web path. The issue is due to a lack of sanity checking for input passed to the HELP variable in the GWWEB.EXE program. By providing a .htm or .html file name and ../../ traversal attack, anyone can view any document within the web server path.

[CLOSE] OSVDB ID : 3415 - Disclosed: 1999-12-19

Description:

Novell Groupwise contains a flaw that allows a remote attacker to overflow the GWWEB.EXE program. By appending 512 or more characters to the end of a request, the program may crash or execute arbitrary code.

[CLOSE] OSVDB ID : 3416 - Disclosed: 1999-12-19

Description:

Novell Groupwise contains a flaw that allows a remote attacker to discover the physical path of the web server installation. By providing any bad input for the HELP variable of the GWWEB.EXE program, the attacker will receive an error page with the physical path.

[CLOSE] OSVDB ID : 9783 - Disclosed: 1999-12-19

Description:

(Description Provided by CVE) : Netscape Navigator uses weak encryption for storing a user's Netscape mail password.

[CLOSE] OSVDB ID : 7413 - Disclosed: 1999-12-16

Description:

KAME contains a flaw related to the default directory that many of its daemons write dump files and trace files to, which may allow an attacker to access sensitive system information, or possibly to modify that data. The bgpd, hroute6d, pim6dd, pim6sd, route6d, and rtsold daemons used the world-writeable /var/tmp directory for dump and trace files. No further details have been provided.