| OSVDB ID | Disclosure Date | Title |
|---|
|
13255
Description:
(Description Provided by CVE) : VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program.
|
2000-08-10
|
VariCAD Installation Insecure File Permissions
|
|
13721
Description:
(Description Provided by CVE) : The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writeable, which allows local users to replace them with Trojan horses.
|
2000-08-10
|
FSserial FlagShip_c Permission Weakness Local Privilege Escalation
|
|
1497
Description:
(Description Provided by CVE) : WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijcak the session ID and read the user's email.
|
2000-08-09
|
MDaemon HTTP Referer Session ID Hijacking
|
|
1500
Description:
Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability.
|
2000-08-09
|
Microsoft Word / Excel / Powerpoint 2000 Object Tag Buffer Overflow
|
|
1502
Description:
The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability.
|
2000-08-09
|
Microsoft IE Scriptlet Rendering
|
|
1515
Description:
(Description Provided by CVE) : Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges.
|
2000-08-09
|
HP-UX newgrp Local Privilege Escalation
|
|
1516
Description:
(Description Provided by CVE) : Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords.
|
2000-08-09
|
HP OpenView Network Node Manager (OV NNM) Unspecified Password Issue
|
|
7825
Description:
(Description Provided by CVE) : A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.
|
2000-08-09
|
Microsoft IE Domain Frame Arbitrary File Access
|
|
13719
Description:
(Description Provided by CVE) : umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable files.
|
2000-08-09
|
Red Hat Linux umb-scheme Permission Weakness Privilege Escalation
|
|
12008
Description:
Unknown / Incomplete
|
2000-08-08
|
gPS Network Process Polling Overflow
|
|
8679
Description:
Sun Microsystems Solaris AnswerBook2 contains a flaw that may allow a malicious user to create an arbitrary account. The issue is triggered when a malicious user directly accesses the /cgi-bin/admin/admin script and passes it parameters to create a new user account. The new user account can then be used to access the admin functionality of AnswerBook2 resulting in a loss of integrity.
|
2000-08-08
|
Sun AnswerBook2 Web Server dwhttpd Arbitrary Account Creation
|
|
13327
Description:
TotalBill contains a flaw that may allow a remote attacker to execute arbitrary commands without any authentication. The issue is due to the server not using authentication to execute commands and will result in a loss of integrity.
|
2000-08-08
|
Aptis Totalbill sysgen Service Arbitrary Command Execution
|
|
10723
Description:
Unknown / Incomplete
|
2000-08-08
|
BlackBerry Enterprise Server Emsmdb32.dll MAPI Deadlock DoS
|
|
1499
Description:
(Description Provided by CVE) : mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
|
2000-08-08
|
Multiple Vendor mopd User Inputted Data Format String
|
|
19957
Description:
Sun Answerbook2 contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered via unauthenticated requests to @AdminViewError, which will disclose log file contents, resulting in a loss of confidentiality.
|
2000-08-08
|
Sun AnswerBook2 @AdminViewError Log File Disclosure
|
|
1494
Description:
(Description Provided by CVE) : suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence.
|
2000-08-07
|
Perl suidperl mail Error Report Shell Escape Arbitrary Command Execution
|
|
8680
Description:
Sun Solaris Answerbook2 shipped with the dwhttpd package contains a flaw that may allow a malicious user to run commands remotely. The issue is due to the insufficient input validation for cgi scripts in the admininstration interface of Answerbook2. By sending a specially crafted URL request with shell metacharacters to port 8888, a remote attacker can run the commands with web user privileges, resulting in a loss of integrity.
|
2000-08-07
|
Sun AnswerBook2 Web Server dwhttpd shell metacharacters Remote Command Execution
|
|
513
Description:
Check Point FireWall-1/SecureRemote contains a flaw that allows an attacker to easily identify the presence of the firewall. When UDP Port 264 is open, there is a significant chance the system is a FireWall-1 machine. Such knowledge may help an attacker launch more focused attacks against the system or network.
|
2000-08-07
|
Check Point FireWall-1/SecureRemote Remote Detection
|
|
1505
Description:
(Description Provided by CVE) : The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.
|
2000-08-07
|
Microsoft Word Mail Merge Arbitrary Command Execution
|
|
389
Description:
This host appears to be running a version of the HPUX FTP daemon which is vulnerable to a format string vulnerability in the PASS command. A potential intruder could exploit this vulnerability to gain remote access with super-user privileges (root).
|
2000-08-06
|
HP-UX FTP Daemon PASS Command Remote Format String
|
|
1492
Description:
(Description Provided by CVE) : Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.
|
2000-08-05
|
Multiple Vendor JVM ServerSocket Object Privilege Escalation
|
|
13720
Description:
(Description Provided by CVE) : DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file.
|
2000-08-05
|
Red Hat Linux diskcheck.pl Arbitrary File Create / Overwrite
|
|
1493
Description:
(Description Provided by CVE) : Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
|
2000-08-04
|
Netscape Multiple Protocol Java Applet File Disclosure
|
|
387
Description:
(Description Provided by CVE) : FTP Serv-U 2.5e allows remote attackers to cause a denial of service by sending a large number of null bytes.
|
2000-08-04
|
Serv-U FTP Server Null Byte Saturation DoS
|
|
653
Description:
(Description Provided by CVE) : PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.
|
2000-08-04
|
PCCS-Linux MySQL Database Admin Tool Authentication Credential Disclosure
|
|
20777
Description:
A remote overflow exists in NetBSD. The hostname lookup code of the network information service (NIS) fails to check bounds on incoming match responses (IPv4 addresses) from NIS servers, resulting in a buffer overflow. With a specially crafted request, an attacker can hijack an account or gain elevated privileges, resulting in a loss of integrity.
|
2000-08-04
|
NetBSD NIS Hostname Lookup Remote Overflow
|
|
793
Description:
Cisco IOS on Cisco GSR devices contains a flaw that may allow a malicious user to bypass ACLs. The issue is triggered when unspecified types of packets are handled by the device. It is possible that the flaw may allow circumvention of access control lists resulting in a loss of confidentiality, integrity, and/or availability.
|
2000-08-03
|
Cisco Gigabit Switch Routers (GSR) Line Card Failure ACL Bypass
|
|
798
Description:
Cisco IOS on 12000 series routers contains a flaw that may allow a remote denial of service. The issue is triggered by a defect in the code which handles the evaluation of access control lists on specific hardware, and will result in loss of availability for the platform.
|
2000-08-03
|
Cisco Gigabit Switch Routers (GSR) Line Card Failure Remote DoS
|
|
1486
Description:
(Description Provided by CVE) : inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file.
|
2000-08-02
|
IRIX inpview .ilmpAAA Symlink Local Privilege Escalation
|
|
3815
Description:
A local overflow exists in IRIX. The gr_osview program fails to validate user input resulting in a buffer overflow. With a specially crafted request, an attacker can gain root privileges resulting in a loss of confidentiality, integrity, and/or availability.
|
2000-08-02
|
IRIX gr_osview -D Parameter Local Overflow
|
|
5740
Description:
Raptor GFX contains a flaw in the pgxconfig utility that may allow a malicious user to gain root privileges. The issue results from the combination of two issues: 1) pgxconfig is suid root and 2) pgxconfig uses a predictable temporary file name. It is possible that the flaw may allow a malicious user to over write any file on the system, resulting in a loss of integrity, and/or availability.
|
2000-08-02
|
Raptor GFX pgxconfig Symlink Arbitrary File Overwrite
|
|
384
Description:
Windows 2000 contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the Service Control Manager starts services with predictable Named Pipes, which an attacker can use to execute commands as LocalSystem. This flaw may lead to a loss of integrity.
|
2000-08-02
|
Windows 2000 Service Control Manager Named Pipe Impersonation
|
|
1484
Description:
A local overflow exists in IRIX. The dmplay program fails to check bounds on strings passed to the DISPLAY variable via the command line, resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code as root, resulting in a loss of integrity.
|
2000-08-02
|
IRIX dmplay DISPLAY String Local Overflow
|
|
1485
Description:
A local overflow exists in IRIX. The lpstat program fails to check bounds resulting in a buffer overflow. With a specially crafted request at the command line, an attacker may execute arbitrary code resulting in a loss of integrity.
|
2000-08-02
|
IRIX lpstat -n Option Local Overflow
|
|
1488
Description:
A remote overflow exists in Net Tools PKI Server. The "strong.exe" program fails to sanitize input resulting in a buffer overflow. With a specially crafted request, an attacker can cause the execution of arbitrary code resulting in a loss of integrity.
|
2000-08-02
|
NAI Net Tools PKI Server strong.exe Overflow
|
|
1489
Description:
Net Tools PKI Server contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the URI.
|
2000-08-02
|
NAI Net Tools PKI Server Arbitrary File Access
|
|
1490
Description:
Net Tools PKI Server contains a flaw that allows a remote attacker to execute arbitrary code on a vulnerable server. The issue is due to the Strong.exe and XUDAD.EXE not properly sanitizing user input during processing, allowing an attacker to craft a request that will overwrite arbitrary portions of memory allowing a denial of service or code execution.
|
2000-08-02
|
NAI Net Tools PKI Server XUDAD.EXE Execute Arbitrary Code
|
|
1496
Description:
ntop running in web mode (-w) contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the internal web server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the URI.
|
2000-08-02
|
ntop -w Arbitrary File Access
|
|
1501
Description:
Raptor GFX contains a flaw that may allow a local attacker to gain root privileges. The issue is due to the a flaw in the "pgxconfig" utility that allows an attacker to specify an arbitrary path to the "cp" program. If an attacker uses a specially crafted program in its place, it will be called allowing execution of arbitrary commands with root privileges.
|
2000-08-02
|
Raptor GFX pgxconfig Path Subversion Local Privilege Escalation
|
|
8568
Description:
A local overflow exists in IRIX. The gmemusage program and gr_osview programs, which use the libgl.so library, fail to validate the HOME environment variable resulting in a buffer overflow. With a specially crafted request, an attacker can obtain root privileges resulting in a loss of integrity.
|
2000-08-02
|
IRIX libgl.so HOME Variable Privilege Escalation
|
