| OSVDB ID | Disclosure Date | Title |
|---|
|
7163
Description:
(Description Provided by CVE) : exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
|
2000-12-31
|
exmh exmhErrorMsg Symlink Overwrite Arbitrary File
|
|
5561
Description:
(Description Provided by CVE) : ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting.
|
2000-12-30
|
ZoneAlarm Local Mutex Object Initialization DoS
|
|
61199
Description:
Unknown / Incomplete
|
2000-12-30
|
Solaris mailx Username Lockfile Local DoS
|
|
489
Description:
Unknown / Incomplete
|
2000-12-29
|
IBM Informix webdriver CGI Unauthenticated Database Access
|
|
6135
Description:
(Description Provided by CVE) : Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file.
|
2000-12-29
|
Macromedia Shockwave Flash SWF Tag Length DoS
|
|
14742
Description:
(Description Provided by CVE) : "Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password.
|
2000-12-29
|
Apple Mac OS 9 Multiple Users Control Panel Privilege Escalation
|
|
6326
Description:
Ikonboard contains a flaw that may allow an remote attacker to execute arbitrary commands. The issue is triggered due to insufficient checking of user-supplied input in the register.cgi script. It is possible that the flaw may allow an remote attacker to use the $SEND_MAIL variable in a URL and execute arbitrary commands with the privileges of the web server, resulting in a loss of integrity.
|
2000-12-28
|
Ikonboard register.cgi SEND_MAIL Variable Arbitrary Command Execution
|
|
481
Description:
(Description Provided by CVE) : Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter.
|
2000-12-27
|
Technote main.cgi filename Parameter Traversal Arbitrary File Access
|
|
7682
Description:
(Description Provided by CVE) : Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux, which may allow attackers to modify critical data in memory.
|
2000-12-26
|
NSA Security-enhanced Linux libsecure find_default_type Function Overflow
|
|
13795
Description:
(Description Provided by CVE) : Buffer overflow in 1st Up Mail Server 4.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long MAIL FROM command.
|
2000-12-26
|
1st Up Mail Server MAIL FROM Command Remote Overflow
|
|
1701
Description:
dialog allows local users to overwrite arbitrary files via a symlink attack to gain privileges on the system. The dialog program creates lock-files in the /tmp directory insecurely. A local attacker could leverage this vulnerability to create a symbolic link in /tmp and overwrite or corrupt sensitive files owned by another user.
|
2000-12-25
|
dialog /tmp File Race Condition
|
|
6327
Description:
Technote contains a flaw that allows a remote attacker to view arbitrary files outside of the web path. The issue is due to the print.cgi script not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "board" variable.
|
2000-12-23
|
Technote print.cgi board Parameter Traversal Arbitrary File Access
|
|
482
Description:
(Description Provided by CVE) : FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability.
|
2000-12-22
|
Microsoft IIS FrontPage Server Extensions (FPSE) Malformed Form DoS
|
|
59510
Description:
(Description Provided by CVE) : oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack.
|
2000-12-22
|
Oracle Internet Directory oidldapd ldaplog Permission Weakness Symlink Arbitrary File Overwrite
|
|
19893
Description:
Unknown / Incomplete
|
2000-12-21
|
PHProjekt Unspecified Contacts Issue
|
|
54588
Description:
Unknown / Incomplete
|
2000-12-21
|
Oracle Jserv Nonexistent File Request XSS
|
|
6024
Description:
The catman utility contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is due to the program creating insecure temporary files with predictable names, allowing for symlink attacks. This flaw may lead to a loss of confidentiality and/or integrity.
|
2000-12-21
|
Solaris catman Temporary File Prediction Symlink Arbitrary File Overwrite
|
|
7161
Description:
(Description Provided by CVE) : bslist.cgi mailing list script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address.
|
2000-12-21
|
Brian Stanback bslist.cgi Email Address Variable Arbitrary Command Execution
|
|
7162
Description:
(Description Provided by CVE) : bsguest.cgi guestbook script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address.
|
2000-12-21
|
Brian Stanback bsguest.cgi Guestbook Email Address Field Arbitrary Command Execution
|
|
13799
Description:
(Description Provided by CVE) : The Web interface for Infinite Interchange 3.6.1 allows remote attackers to cause a denial of service (application crash) via a large POST request.
|
2000-12-21
|
Infinite Interchange Web Interface Large POST Request Handling Remote DoS
|
|
1704
Description:
(Description Provided by CVE) : Buffer overflow in Kermit communications software in HP-UX 11.0 and earlier allows local users to cause a denial of service and possibly execute arbitrary commands.
|
2000-12-21
|
HP-UX kermit Local Overflow
|
|
19768
Description:
Unknown / Incomplete
|
2000-12-20
|
JCraft JZlib com.jcraft.jzlib.ZOutputStream Overflow
|
|
19766
Description:
(Description Provided by CVE) : InfBlocks.java in JCraft JZlib before 0.0.7 allow remote attackers to cause a denial of service (NullPointerException) via an invalid block of deflated data.
|
2000-12-20
|
JCraft JZlib InfBlocks.java Invalid Block Remote DoS
|
|
1699
Description:
GnuPG contains a flaw that may allow a malicious user to modify the contents of a file without being detected. The issue is triggered when a file is signed with a detached signature. If the detached signature is replaced with clearsigned text, GnuPG will still report a successfully verified signature. It is possible that the flaw may allow false positives in the verification mechanism, resulting in a loss of integrity.
|
2000-12-20
|
GnuPG Detached Signature Verification False-Positive
|
|
1702
Description:
GnuPG contains a flaw that may allow a malicious user to compromise the web of trust. The issue is triggered when the user retrieves keys from a public keyserver. GnuPG will import private keys as well as public ones, and will not warn the user about the import of private keys. An attacker can upload a private key to the keyserver as well as a public one, with malicious intent. Since private keys are implicitly trusted, it is possible that the flaw may allow a change in the trust relationships of the web of trust, resulting in a loss of integrity.
|
2000-12-20
|
GnuPG Private Key Silent Import
|
|
20190
Description:
(Description Provided by CVE) : SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL.
|
2000-12-20
|
Oracle Internet Application Server (IAS) WebDB/Portal Component mod_sql URL Query String SQL Injection
|
|
13762
Description:
(Description Provided by CVE) : The "Configure Your Server" tool in Microsoft 2000 domain controllers installs a blank password for the Directory Service Restore Mode, which allows attackers with physical access to the controller to install malicious programs, aka the "Directory Service Restore Mode Password" vulnerability.
|
2000-12-20
|
Microsoft 2000 Domain Controller Directory Service Restore Mode Blank Password
|
|
7166
Description:
(Description Provided by CVE) : Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
|
2000-12-19
|
ProFTPD SIZE Command Memory Leak Remote DoS
|
|
10067
Description:
(Description Provided by CVE) : Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote attackers to execute arbitrary commands via a long URL that begins with a ".." string.
|
2000-12-19
|
BEA WebLogic Double Dot GET Request Remote Overflow
|
|
13797
Description:
(Description Provided by CVE) : itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program.
|
2000-12-19
|
itetris PATH Environment Variable Subversion Privilege Escalation
|
|
522
Description:
Unknown / Incomplete
|
2000-12-19
|
PHP IMAP Module imap_open() Function Overflow
|
|
706
Description:
(Description Provided by CVE) : The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files.
|
2000-12-19
|
Oracle Internet Application Server (IAS) WebDB/Portal Component mod_plsql Request DAD File Disclosure
|
|
7165
Description:
(Description Provided by CVE) : Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
|
2000-12-19
|
ProFTPD USER Command Memory Leak DoS
|
|
12041
Description:
(Description Provided by CVE) : Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allows remote attackers to cause a denial of service via a long URL terminated by a "\r\n" string.
|
2000-12-19
|
MDaemon Webconfig IMAP Malformed URL DoS
|
|
13798
Description:
(Description Provided by CVE) : itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program.
|
2000-12-19
|
xitetris PATH Environment Variable Subversion Privilege Escalation
|
|
20187
Description:
(Description Provided by CVE) : The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files.
|
2000-12-19
|
Oracle Internet Application Server (IAS) WebDB/Portal Component Port Listener HTTP Request DAD File Disclosure
|
|
1694
Description:
(Description Provided by CVE) : The setuid doroot program in Voyant Sonata 3.x executes arbitrary command line arguments, which allows local users to gain root privileges.
|
2000-12-18
|
Sonata /opt/TK/tk4.1/library/demos/doroot Local Privilege Escalation
|
|
1691
Description:
FreeBSD contains a flaw that may allow a users to break out of jail virtual machines. The issue is due to an unchecked buffer in the kernel that can be exploited by jailed users. By overflowing this buffer with specially crafted code, a jailed user could bypass any restrictions normally enforced by the jailed environment and execute arbitrary code or commands, including lowering the system security level.
|
2000-12-18
|
FreeBSD procfs jail() Access Restriction Bypass Local Privilege Escalation
|
|
1693
Description:
(Description Provided by CVE) : One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.
|
2000-12-18
|
Multiple BSD ftpd replydirname() Function Single Byte Remote Overflow
|
|
1695
Description:
(Description Provided by CVE) : patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack.
|
2000-12-18
|
Solaris patchadd Symlink Local Privilege Escalation
|
