|
Aug 3 2001
|
Oracle Database Component (dbsnmp) Lets Local Users with Oracle Group Privileges Obtain Root Privileges
|
|
Aug 3 2001
|
Roxen Web Server Discloses Files on the Server to Remote Users and May, in Certain Configurations, Let Remote Users Execute Any Program on the Server
|
|
Aug 3 2001
|
Identix BioLogon Client for Windows Fails to Secure Screen Saver Logins in Certain Multi-monitor Configurations, Allowing Physically Local Users to Access the System Without Requiring Biometric Authentication
|
|
Aug 2 2001
|
HP JetDirect Print Servers Fail to Set an Administrator Password for the Telnet Interface When the Administrator Sets Passwords Via the Web Interface
|
|
Aug 2 2001
|
1st Choice FTPPro Discloses Unencrypted Passwords to Local Users
|
|
Aug 2 2001
|
Oracle Database dbsnmp Component Lets Local Users Obtain Root Privileges
|
|
Aug 2 2001
|
WvDial Linux Dialer Discloses Sensitive Dialing Information to Local Users
|
|
Aug 2 2001
|
Locate Utility (/usr/bin/locate) on Slackware Linux May Allow Certain Local Users to Obtain Elevated Privileges, Incluing Root Level Privileges
|
|
Aug 1 2001
|
phpMyAdmin May Execute Arbitrary Code Supplied by Remote Users Because of Unchecked Variables in 'tbl_copy.php' and 'tbl_rename.php' Scripts
|
|
Aug 1 2001
|
Microsoft Windows 98 Operating System Can Be Crashed When Running a Web Server or Other Servers And the AUX Device is Accessed By the Program
|
|
Aug 1 2001
|
Critical Path's InJoin LDAP Directory Server Can Be Crashed By Remote Users and May Allow Remote Users to Execute Arbitrary Code and Gain Elevated Privileges
|
|
Aug 1 2001
|
Cold Fusion Server on Linux Lets Local Users Crash the Server and View Sensitive Memory Contents
|
|
Jul 31 2001
|
Mathematica Can Be Crashed By Remote Users and May Grant Valid Licenses to Unauthorized Mathematica Clients
|
|
Jul 31 2001
|
Quake 3 Arena Server Can Be Crashed By Remote Users
|
|
Jul 31 2001
|
Linux Kernel IP Masquerading (NAT) Module May Let Some Remote Users Send Packets Through the Firewall and Access the Protected Network
|
|
Jul 29 2001
|
Additional Vulnerabilities in TrendMicro's InterScan AppletTrap Malicious Code Filtering Software Allow Remote Users to Create HTML With Malicious Code That Will Bypass the Filtering Mechanisms
|
|
Jul 29 2001
|
Morpheus File Sharing Software Discloses Files Not Selected For Sharing to Remote Users in Certain Configurations
|
|
Jul 29 2001
|
KaZaA Media Desktop Discloses Files Not Selected For Sharing to Remote Users in Certain Configurations
|
|
Jul 29 2001
|
MasqMail Piped Alias Processing Allows Certain Local Users to Escalate Privileges to Root
|
|
Jul 28 2001
|
Microsoft Windows 2000 and Windows NT 4.0 RPC Input Validation Failure Lets Remote Users Destabilize the Operating System
|
|
Jul 28 2001
|
Microsoft SQL Database Server RPC Input Validation Failure Lets Remote Users Crash the Database Service
|
|
Jul 28 2001
|
Microsoft Exchange Server RPC Input Validation Failure Lets Remote Users Crash the Exchange Service
|
|
Jul 28 2001
|
Entrust GetAccess Single Sign-on Software Lets Remote Users Execute Java Programs on the Server
|
|
Jul 28 2001
|
Eggdrop IRC Bot Buffer Overflow Lets Valid Remote Users Crash the Bot
|
|
Jul 27 2001
|
Window Maker X11 Window Manager Contains a Buffer Overflow that May Execute Arbitrary Code or Crash When Viewing a Malicious Web Page or E-mail Message
|
|
Jul 27 2001
|
Microsoft Windows 2000 Telnet Service Can Be Crashed By Remote Users
|
|
Jul 27 2001
|
Windows Terminal Services in Microsoft Windows 2000 and NT 4.0 Can Be Crashed By Remote Users Due to a Memory Leak
|
|
Jul 27 2001
|
Groff pic Utility Format String Vulnerability Allows Remote Users to Execute Arbitrary Commands on the Server with 'lp' User Privileges
|
|
Jul 27 2001
|
Ipswitch's WS_FTP Server Will Execute Remotely-Supplied Arbitrary Code, Typically With System Privileges
|
|
Jul 27 2001
|
SnapStream Personal Video System for Windows Lets Remote Users Obtain Files on the System, Including One Containing Unencrypted SnapStream Passwords
|
|
Jul 27 2001
|
Windows Media Player Allows Malicious Media Files to Execute Arbitrary Code on the Player's Host
|
|
Jul 25 2001
|
Mambo Site Server Content Management System Lets Authorized Remote Users Obtain Full Administrative Control of the Application
|
|
Jul 25 2001
|
Arkeia Backup Software May Use Unsafe Permissions for Its Backup Database, Allowing Local Users to View and Modify the Database
|
|
Jul 25 2001
|
Sambar Web Server Lets Remote Users Modify Files on the Server
|
|
Jul 25 2001
|
NetBSD sendmsg Utility Allows Local Users to Cause a System Panic
|
|
Jul 25 2001
|
Sambar Server Password File Can Be Decrypted By Local Users
|
|
Jul 25 2001
|
Cisco LocalDirector Load Balancer May Allow Remote Users to Deny Service in Certain Configurations
|
|
Jul 25 2001
|
SCO Unix su Utility Environment Variable Buffer Overflow Lets Local Users Obtain Root Level Privileges
|
|
Jul 24 2001
|
Microsoft Services for Unix Memory Leak in Telnet and NFS Services Allows Remote Users to Crash the Operating System
|
|
Jul 24 2001
|
Proxomitron Web Filtering Proxy Allows Remote Users to Conduct Cross-site Scripting Attacks and Cause Arbitrary Code to be Executed by the Proxomitron Users' Browser, Possibly Disclosing Cookies
|
|
Jul 24 2001
|
Solaris Dtmail E-mail Client Buffer Overflow Lets Local Users Gain Elevated Group Privileges
|
|
Jul 23 2001
|
Pileup Morse Code Training Program Lets Local Users Execute Arbitrary Code and Gain Root Privileges on the System
|
|
Jul 23 2001
|
PHPLib Default Configuration Allows Remote Users to Inject and Execute Arbitrary Code into Any PHPLib-based Script
|
|
Jul 23 2001
|
Tivoli SecureWay Policy Director WebSEAL Server Discloses Files on Multiple Web Servers to Remote Users
|
|
Jul 23 2001
|
CGIWrap Cross-Site Scripting Vulnerability Allows Remote Users to Cause Javascript to Be Executed By Another User's Browser
|
|
Jul 21 2001
|
SSH Secure Shell 3.0.0 for Unix Lets Remote Users Login to Certain Accounts Without Authentication
|
|
Jul 20 2001
|
NetWin's NWAuth Extended Authentication Module Uses Weak Hashing Algorithm That Discloses Passwords to Local Users; Code May Also Allow for Execution of Arbitrary Code Supplied by Remote Users
|
|
Jul 20 2001
|
IBM alphaWorks TFTP Server for Java Discloses Files to Remote Users
|
|
Jul 20 2001
|
Procmail Handles Signals Unsafely, Possibly Allowing Local Users to Obtain Elevated Privileges
|
|
Jul 20 2001
|
IBM AIX libil8n Library Buffer Overflow May Allow Local Users to Obtain Root Privileges on the System
|
|
Jul 19 2001
|
Tcl/Tk May Load Malicious Libraries That Can Give Root Privileges to Local Users
|
|
Jul 19 2001
|
HP Virtual Vault mkacct Utility May Let Local Users Obtain Elevated Privileges
|
|
Jul 19 2001
|
PHP Lets Local Users Create Circular Scripts That Could Cause Denial of Service Conditions
|
|
Jul 19 2001
|
OmniSecure's HTTProtect Temporary File Flaw May Let Local Users Overwrite Files
|
|
Jul 19 2001
|
ZoneAlarm Pro MailSafe Feature Fails to Check E-mail Attachments with Long File Names
|
|
Jul 19 2001
|
Windows 2000 May Disclose Descriptive Information To Local Users Attempting Password Guessing with the NetUserChangePassword API
|
|
Jul 19 2001
|
Squid Proxy Caching Server Lets Remote Users Conduct Portscans Against Other Hosts Via the Squid Server in Certain Configurations
|
|
Jul 19 2001
|
Norton AntiVirus Lets Local Users Disable the Virus Quarantine Feature and Disable the Automatic Virus Protections
|
|
Jul 18 2001
|
Telnet Daemons May Give Remote Users Root Level Access Privileges
|
|
Jul 18 2001
|
Check Point FireWall-1 May Disclose Protected Network Topology to Remote Users in Certain Configurations
|
|
Jul 18 2001
|
Sambar Server's Web Server Lets Local Users Disclose Files Outside of the Documents Directory
|
|
Jul 18 2001
|
Sambar Server's SMTP Mail Server May Allow Remote Users to Relay Mail Through the Server
|
|
Jul 17 2001
|
Un-CGI Web Form Preprocessor Discloses Files on the System to Remote Users and Executes Non-executable Files
|
|
Jul 17 2001
|
Caldera Docview Documentation Web Server Lets Local Users Gain Httpd User Account Privileges
|
|
Jul 17 2001
|
NetQuake Servers Allow Remote Users to Deny Service to Quake Users
|
|
Jul 17 2001
|
Oracle 8i Enterprise Edition Server Lets Remote Users Execute Arbitrary Code and Obtain Privileges on the Server, Possibly Including Root Privileges
|
|
Jul 17 2001
|
Network Associates PGP Keyserver Lets Remote Users Execute Arbitrary Code and Gain Privileges on the Server
|
|
Jul 17 2001
|
Microsoft Exchange LDAP Service Can Be Crashed By Remote Users
|
|
Jul 17 2001
|
Another Tcpdump Network Sniffer Vulnerability Lets Remote Users Crash It and Possibly Run Arbitrary Code
|
|
Jul 17 2001
|
Teamware Office Suite LDAP Server Lets Remote Users Crash the Server and Execute Arbitrary Code on the Server
|
|
Jul 17 2001
|
Slackware Linux Man Utility Lets Local Users Obtain Root Privileges Under Certain Conditions
|
|
Jul 17 2001
|
OpenLDAP Directory Server Can Be Crashed By Remote Users
|
|
Jul 17 2001
|
Lotus Domino Server Lets Remote Users Crash the Server and Execute Arbitrary Code on the Server
|
|
Jul 17 2001
|
IBM SecureWay LDAP Directory Can Be Crashed By Remote Users
|
|
Jul 17 2001
|
iPlanet LDAP Directory Server Allows Remote Users to Execute Arbitrary Code on the Server
|
