Vulnerability Index: Year 1999

Denial of Service Vulnerability in BSD-derived TCP/IP Implementations Critical Buffer Overflow Vulnerability in NFS Mountd Grants Remote Root Access Root Privilege Escalation via Buffer Overflow in Tooltalk Database Server (rpc.ttdbserverd) Critical MIME Buffer Overflow Vulnerability in Email Clients IMAP Buffer Overflow: Arbitrary Command Execution via Authenticate Command Remote Root Access Vulnerability in qpopper POP Servers PKCS #1 Vulnerability: Exploiting SSL-encrypted Session Information Critical Buffer Overflow Vulnerability in Sun's rpc.nisd Program Critical Vulnerability: Inverse Query Buffer Overflow in BIND 4.9 and BIND 8 Releases BIND 8 Denial of Service Vulnerability via Malicious DNS Messages CNAME Record and Zone Transfer Denial of Service Vulnerability in BIND 4.9 and BIND 8 Releases Windows Web Servers Vulnerable to Remote File Access Bypass via Long Filenames SSH Agent Vulnerability: Unauthorized Access to Remote Accounts via Stolen Credentials CDE dtappgather Program Vulnerability Teardrop IP Fragmentation Attack Land IP Denial of Service Vulnerability FTP Bounce Attack: Exploiting Arbitrary Port Connections on FTP Servers Root Privilege Escalation via Buffer Overflow in statd File Manipulation Vulnerability in rpc.statd Duplicate vulnerability: CVE-1999-0032 Buffer Overflow Vulnerability in Count.cgi (wwwcount) Allows Arbitrary Command Execution Buffer Overflow Vulnerability in rdist's expstr() Function Allows Local User to Gain Root Privileges Buffer Overflow Vulnerability in rdist's lookup() Function Allows Local User to Gain Root Privileges Predictable Query IDs in BIND: Exploiting DNS Cache Poisoning Vulnerability Exploiting Buffer Overflow in SGI IRIX df Command for Root Privilege Escalation SGI IRIX pset Command Buffer Overflow Vulnerability Allows Root Privilege Escalation Exploiting Buffer Overflow in Eject Command: Gaining Root Privileges on SGI IRIX Systems SGI IRIX Login/Scheme Command Buffer Overflow Vulnerability Exploiting Buffer Overflow in ordist Command: Attaining Root Privileges on SGI IRIX Systems Exploiting Buffer Overflow in xlock Command on SGI IRIX Systems for Root Privileges Web Activity Monitoring Vulnerability in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x Buffer Overflow Vulnerability in lpr Allows Local Privilege Escalation Buffer Overflow Vulnerability in Sun's at Program Allows Command Execution Buffer Overflow Vulnerability in Suidperl (Sperl) Race Condition Vulnerability in FTPD Signal Handling Routine Allows Arbitrary File Read/Write Vulnerability in IRIX Login Program Allows File Creation and Damage with Nonzero LOCKOUT Parameter Metamail Package Vulnerability: Arbitrary Command Execution via Message Headers Buffer Overflow Vulnerability in xlock Program Allows Local Privilege Escalation Arbitrary Command Execution in SGI IRIX Webdist CGI Program Xt Library Buffer Overflow Vulnerability NLS Buffer Overflow Vulnerability Critical Buffer Overflow Vulnerability Detected in University of Washington's IMAP and POP Servers Shell Command Injection in INN Daemon (innd) 1.5 via newgroup and rmgroup Control Messages Local Privilege Escalation Vulnerability in fsdump Command on IRIX Arbitrary File Disclosure Vulnerability in nph-test-cgi Script Exploiting Buffer Overflow in rlogin Program via TERM Environmental Variable Critical Buffer Overflow Vulnerability in Sendmail Versions 8.8.3 and 8.8.4 Arbitrary Command Execution with Root Privileges in Talkd via Corrupt DNS Information Arbitrary File Creation or Overwriting Vulnerability in Csetup under IRIX Critical Buffer Overflow Vulnerability in HP-UX newgrp Program FLEXlm LicenseManager Arbitrary File Creation and Program Execution Vulnerability in IRIX FreeBSD IP Fragmentation Denial of Service Vulnerability TCP RST Denial of Service Vulnerability in FreeBSD Vulnerability: Denial of Service in Sun's ftpd Daemon Critical Root Access Vulnerability in Sun libnsl: Buffer Overflow Exploit Buffer Overflow Vulnerability in Sun's Ping Program Allows Local Users to Gain Root Access Remote Code Execution Vulnerability in Vacation Program via Sendmail Command Critical Buffer Overflow Vulnerability in PHP CGI Program Enables Unauthorized Shell Access IRIX fam Service Information Disclosure Vulnerability Denial of Service Vulnerability in Ascend MAX and Pipeline Routers via Malformed Packet to Discard Port Critical Vulnerability: File Creation, Deletion, and Remote Execution in BSD Line Printer Daemon (lpd) File Descriptor Leakage Vulnerability in OpenBSD's chpass Command Cisco IOS 12.0 and Other Versions Vulnerable to UDP Packet Crash on Syslog Port AIX lquerylv Program Buffer Overflow Vulnerability Allows Local Users to Gain Root Access Remote Code Execution via Buffer Overflows in dtmail Attachment Handling Remote Code Execution in AnyForm CGI Remote Command Execution Vulnerability in phf CGI Program File Disclosure Vulnerability in CGI PHP mylog Script Exploiting Solaris UFSrestore Buffer Overflow Vulnerability Directory Listing Vulnerability in test-cgi Program Critical Apache httpd Cookie Buffer Overflow Vulnerability in Versions 1.1.1 and Earlier AIX xdat Buffer Overflow Vulnerability Allows Local Users to Gain Root Access Remote Code Execution via LD_LIBRARY_PATH Environment Variable in Telnet Sequential Allocation of Listening TCP Ports Allows Spoofing Attacks PASV Core Dump Vulnerability in wu-ftpd Daemon Wu-FTP Buffer Overflow Vulnerability in PASV Command TCP Sequence Number Spoofing Vulnerability Local Privilege Escalation and Command Execution Vulnerability in pcnfsd (rpc.pcnfsd) FTP Denial of Service Vulnerability: Exhaustion of Available Ports through Multiple PASV Commands Remote Root Access Vulnerability in wu-ftp FTP Server 2.4 File Overwrite Vulnerability in wu-ftp via rnfr Command Root Access Vulnerability in FTPD via CWD ~root Command FTP Server Vulnerability: getcwd() File Descriptor Leak NFS Server Vulnerability: Privilege Escalation via mknod and Writable kmem Device Remote Code Execution Vulnerability in rwhod on AIX and Other Operating Systems via Long Hostname UDP Packet AIX Routed Remote File Modification Vulnerability AIX Telnet Denial of Service Vulnerability Remote Code Execution Vulnerability in IRIX and AIX automountd Services Buffer Overflow Vulnerability in AIX libDtSvc Library Allows Local Users to Gain Root Access AIX rcp Command Buffer Overflow Vulnerability Buffer Overflow Vulnerability in AIX writesrv Command Allows Local Privilege Escalation AIX Portmir Command Local Privilege Escalation Vulnerability Privilege Escalation Vulnerability in AIX nslookup Command AIX piodmgrsu Command Privilege Escalation Vulnerability Sendmail Debug Command Vulnerability Sendmail decode alias vulnerability allows for file overwrite. Shell Command Injection Vulnerability in AIX FTP Client SMTP HELO Command Buffer Overflow Vulnerability in Sendmail Buffer Overflow Vulnerability in Syslog Utility Allows Root Privilege Escalation AIX innd 1.5.1 Remote Access Vulnerability via Control Messages Root Access Vulnerability in AIX and Solaris gethostbyname Library Call via Corrupt DNS Host Names Buffer Overflow Vulnerability in SLmail 3.x: Exploiting Large FROM Line for Command Execution UDP Bomb: Amplifying DDoS Attack with Echo and Chargen Services Teardrop-2: Evolved IP Denial of Service Attack Recursive Search Vulnerability in Finger Protocol Finger Redirection Vulnerability: Enabling Unauthorized Finger Bomb Attacks Apache 1.2.5 Buffer Overflow Denial of Service Vulnerability Buffer Overflow Vulnerability in IRIX Printers Program Grants Local Root Access Solaris 2.5.1 ffbconfig Buffer Overflow Vulnerability CVE-1999-0315: Typo-induced Duplicate Vulnerability Title: Spoofing Vulnerability Found in RIP v1 Routing Protocol AIX dtterm Buffer Overflow Vulnerability in CDE Root Access Vulnerability in Certain Implementations of rlogin Symlink Attack Vulnerability in Elm elm-2.4 Mail Package Allows Local Users to Execute Commands and Read Files AIX Bugfiler Program Local Privilege Escalation Vulnerability SYN Flood Vulnerability: Overwhelming Connections with Unacknowledged SYN Packets AIX passwd Local Privilege Escalation Vulnerability AIX infod Local Privilege Escalation via X Display Windows NT 4.0 Beta Vulnerability: Unauthorized Access and Deletion of Shares Writable Utmp File in Sun/Solaris Enables Local Users to Attain Root Privileges Root Access Exploit: Buffer Overflow in dtaction Command AIX lchangelv Buffer Overflow Vulnerability Allows Root Access Race condition vulnerability in Linux mailx command allows local users to read user files. Gopher and Gopher+ File Access Vulnerability Critical Buffer Overflow Vulnerability in SGI IRIX Mailx Program SGI IRIX xterm and Xaw Buffer Overflow Vulnerability: Root Access Exploit Local Privilege Escalation via swinstall and swmodify Commands in HP-UX Systems Ping o' Death: Denial of Service through Oversized ICMP Ping Packets Local Privilege Escalation via Sendmail .forward or :include: File Local Privilege Escalation Vulnerability in Sendmail Critical Vulnerability in Sendmail 8.7.5 and Earlier: Buffer Overflow and Denial of Service Exploit Allowing Root Access Local Privilege Escalation Vulnerability in Expreserve Local Privilege Escalation Vulnerability in fm_fls License Server for Adobe Framemaker Local Privilege Escalation Vulnerability in Solaris 2.x Local Privilege Escalation Vulnerability in Solaris admintool Arbitrary File Write and Root Access Vulnerability in Kodak Color Management System (KCMS) on Solaris Buffer Overflow Vulnerability in Linux's Dip Program Allows Local Privilege Escalation Root Privilege Escalation Vulnerability in suidperl and sperl Programs Solaris x86 mkcookie Local Privilege Escalation Vulnerability NT Systems Vulnerability: Denial of Service in RAS/PPTP Arbitrary Command Execution Vulnerability in Java Bytecode Verifier Arbitrary Host Connection Vulnerability in Netscape Navigator 2.0 and Java Developer's Kit 1.0 Kerberos 4 Key Server Vulnerability: Session Key Generation and Masquerading Qmail Denial of Service Vulnerability via RCPT Command with Large Number of Recipients Sendmail WIZ Command Vulnerability: Root Access Exploit Command Execution Vulnerability in NCSA Web Server's Campas CGI Program Remote Code Execution Vulnerability in aglimpse CGI Program Arbitrary Command Execution Vulnerability in IRIX Handler CGI Program Directory Listing Vulnerability in IRIX Wrap CGI Program Remote Code Execution Vulnerability in Perl fingerd Program Vulnerability: Disclosure of SATAN Session Key through Web Browser Pointing Remote Command Execution Vulnerability in DG/UX Finger Daemon WinNuke: Windows 95/NT Out of Band (OOB) Data Denial of Service Vulnerability ASP Source Code Disclosure Vulnerability Remote Code Execution Vulnerability in Ghostscript with -dSAFER Option Wu-FTPd Vulnerability: Unauthorized Access with Any User and Password Combination Denial of Service Vulnerability in Cisco PIX Firewall and CBAC IP Fragmentation Attack Cisco PIX Firewall Manager (PFM) File Retrieval Vulnerability Cisco IOS Router Crash Vulnerability Unauthorized PPP Connections: Vulnerability in Cisco IOS Devices' PPP CHAP Authentication Vulnerability in Cisco IOS 10.3 Allows Bypassing Filtering with tacacs-ds or tacacs Keyword Bypassing Filtering with the Established Keyword in Cisco IOS Software Sendmail Pipe Character Vulnerability: Remote Command Execution Race Condition Vulnerability in Solaris ps Command Allows File Overwrite NFS Cache Poisoning: Exploiting Vulnerabilities in Network File System NFS Vulnerability: Unauthorized Directory Traversal via cd .. Command NFS File Handle Guessing Vulnerability in SunOS Portmapper Proxy Vulnerability NFS Vulnerability: Unauthorized File Access and Modification via False UID NFS File System Mounting Vulnerability in Ultrix and OSF Syslog Denial of Service Vulnerability Remote Command Execution Vulnerability in FormMail CGI Program Remote Code Execution Vulnerability in FormMail CGI Program Arbitrary File Read Vulnerability in view-source CGI Program File Disclosure Vulnerability in Novell Web Server Remote Code Execution Vulnerability in Webgais Program Arbitrary Program Execution Vulnerability in WebSite Web Server Uploader Remote Code Execution Vulnerability in WebSite Web Server 1.1e via Buffer Overflow in win-c-sample.exe Samba Client cd .. Command Causes Windows NT Crash or Lockup Null Username Login Vulnerability in in.rshd The Wall Daemon Vulnerability: Exploiting Denial of Service, Social Engineering, and Remote Command Execution Samba Buffer Overflow Vulnerability: Remote Root Access via Long Password TFTP Directory Traversal Vulnerability in Linux Implementations Dynamic Update Vulnerability in BIND DNS Server Remote Command Execution via Trusted FTP Server in SunOS/Solaris Default Community String Vulnerability in Solaris SNMP Subagent Duplicate Vulnerability: CVE-1999-0022 Solaris passwd Command Denial of Service Vulnerability Solaris rpcbind Vulnerability: High Numbered UDP Port Listening Critical Vulnerability in Solaris rpcbind Allows Arbitrary File Overwrite and Root Access Remote Code Execution Vulnerability in IIS newdsn.exe CGI Script Buffer Overflow in Telnet Daemon tgetent Routing Zero Length TCP Option Vulnerability: Rebooting Ascend and 3com Routers In.comsat Vulnerability: Denial of Service Exploit Enables Unauthorized Message Generation Vulnerability: Denial of Service and RPC Service Spoofing in Portmapper Arbitrary File Access and Code Execution Vulnerability in Webgais 1.0 User Account Information Leakage via Finger Command User Account Information Disclosure Vulnerability Unspecified tdelete Return Value Vulnerability in GNU C Library (glibc) Unauthenticated Access to Windows NT FTP Server (WFTP) with Guest Account Enabled FTP Server Vulnerability: Exposing Home Directory Path via CWD Command FTP Command Injection Vulnerability in GNU tar SMTP Vulnerability: Privilege Escalation via Improper Mail From and Invalid Rcpt To Addresses in Sendmail Remote Code Execution in Sendmail 8.6.9 via Ident Vulnerability Sendmail 8.6.11 and 8.6.12 Denial of Service Vulnerability Critical Root Access Vulnerability in Sendmail 8.8.0 and 8.8.1: MIME Buffer Overflow Exploit Command Execution Vulnerability in Majordomo via Reply-To Field and lists Command Arbitrary Command Execution Vulnerability in rpc.ypupdated (NIS) Remote File Reading Vulnerability in SunView (SunTools) selection_svc Facility Shell Metacharacter Vulnerability in Automount Daemon Automountd NFS Mount Daemon Vulnerability: Unrestricted Mounting of NFS Directories via Long Export Lists Solaris rpc.mountd Information Disclosure Vulnerability Denial of Service Vulnerability in libnsl of Solaris ICMP Unreachable Packet Amplification Vulnerability File Append Vulnerability in Routed SYN and RST Packet-Based Denial of Service Vulnerability in Linux inetd SunOS 4.1.3 Vulnerability: Reboot Exploit via Malicious UDP Packet Option Settings Reboot Vulnerability Discovered in Livingston Portmaster Machines Buffer Overflow Vulnerability in FTP Serv-U 2.5 IRC Denial of Service Vulnerability Critical Vulnerability: Denial of Service Exploit Targeting Ascend Routers via Port 150 Critical Denial of Service Vulnerability in Cisco IOS Web Server: Router Reboot via Long URL Solaris syslogd Vulnerability: Crash on Receiving Message from Host without Inverse DNS Entry Windows NT Messenger Service Denial of Service Vulnerability via Long Username Denial of Service Vulnerability in Windows NT 4.0 SMB Logon Request Handling Fragmented IP Packets Denial of Service Vulnerability in Windows NT TCP/IP Processes LSASS.EXE Access Violation Vulnerability: Denial of Service Exploit Windows NT RPCSS.EXE Denial of Service Vulnerability Windows NT IIS Server Denial of Service Vulnerability Exploiting ..\.. Critical Buffer Overflow Vulnerability in Cisco 7xx Routers via Telnet Service Buffer Overflow Vulnerability in IP-Switch IMail and Seattle Labs Slmail 2.6 Packages: Exploiting a Long VRFY Command for Denial of Service and Remote Access Critical Remote Code Execution Vulnerability in NCSA WebServer 1.5c Arbitrary Command Execution Vulnerability in IIS 1.0 Bash Vulnerability: Command Separator Exploit Critical Remote Code Execution Vulnerability in NCSA WebServer (1.4.1 and below) ScriptAlias Directory Vulnerability: Exposing CGI Programs to Attackers Guestbook CGI Program Remote Command Execution Vulnerability Arbitrary File Read Vulnerability in php.cgi Directory Listing Vulnerability in Netscape FastTrack Web Server Vulnerability: Policy Violation in Filtering Fragmented SYN Packets with IP Reserved Bits Guessable Magic Cookies in X Windows: A Gateway to Remote Command Execution Remote Access Vulnerability: Exploiting POP3 to Access Mail Files in Linux Systems with Shadow Passwords Critical Root Access Vulnerability in Linux cfingerd Livingston RADIUS Buffer Overflow Vulnerability NIS+ Configuration Vulnerability: Unauthorized Login as User + Critical Root Access Vulnerability in HP Remote Watch Remote Code Execution Vulnerability in INN's nnrpd Program Race Condition Vulnerability in SSHD 1.2.17 Allows Credential Theft Remote Command Execution Vulnerability in Windows NT RSHSVC Program Qmail Denial of Service Vulnerability via Long SMTP Commands Talk Program Denial of Service Vulnerability Critical Buffer Overflow Vulnerability in Listserv Enables Arbitrary Command Execution Remote Code Disclosure Vulnerability in IIS 3.0 with iis-fix Hotfix HP OpenView SNMP Community String Vulnerability: Remote Modification of MIB Tables and Information Disclosure Critical Buffer Overflow Vulnerability in ircd Enables Arbitrary Command Execution Remote Command Execution Vulnerability in War FTP: Buffer Overflow Exploit Nestea: Unleashing Teardrop IP Fragmentation DoS Attack Bonk: A New Variant of Teardrop IP Fragmentation DoS Vulnerability User Enumeration Vulnerability in cfingerd Shell Command Injection Vulnerability in jj CGI Program Critical Buffer Overflow Vulnerabilities in Netmanager Chameleon SMTPd Arbitrary Command Execution in Hylafax Faxsurvey CGI Script Solaris SUNWadmap Privilege Escalation Vulnerability Remote File Read Vulnerability in htmlscript CGI Program ICMP Redirect Vulnerability: Crash and Lock-up Risk for Hosts Remote File Access and Command Execution Vulnerability in info2www CGI Script Remote Command Execution Vulnerability in NCSA HTTP Daemon v1.3 MetaInfo MetaWeb Web Server: Arbitrary Script Execution and File Read Vulnerability File Listing Vulnerability in Netscape Enterprise Servers SGI Performer API Search Tool (performer_tools) Directory Traversal Vulnerability Remote Crash Vulnerability in Progressive Networks Real Video Server (pnserver) Slmail v2.5 Denial of Service Vulnerability via POP3 Port Solaris 2.5.1 Telnet Denial of Service Vulnerability Windows NT DNS Server Denial of Service Vulnerability Windows NT DNS Server Denial of Service Vulnerability Remote Code Execution Vulnerability in mSQL v2.0.1 and Below Root Access Vulnerability in WorkMan Program IIS Vulnerability: Remote Source Code Disclosure via ::$DATA URL Manipulation Shell Metacharacter Remote Command Execution in Excite for Web Servers (EWS) Exploiting Remote Command Execution in Microsoft Internet Explorer via .lnk and .url Files Long URL Denial of Service Vulnerability in IIS CVE-1999-1584 and CVE-1999-1586 Remote Code Disclosure Vulnerability in Java Web Server SMTP HELO Buffer Overflow Vulnerability Windows NT Resource Kit Telnet Denial of Service Vulnerability Space Appending Vulnerability in NT Web Servers Wguest CGI Program Vulnerability: Exploiting Weaknesses in User Authentication Denial of Service Vulnerability in Microsoft Windows NT 4.0 WINS Server Apache Web Server for Win32 Vulnerability: Access to Restricted Files via Appended Dot in URL Denial of Service Vulnerability in WinGate Telnet Proxy Unsecured WinGate Proxy Installation Allows Unauthorized Connection Redirection Winpopup Denial of Service Vulnerability AAA Authentication Bypass Vulnerability on Cisco Systems WINS Database Deletion Vulnerability via SNMP Solaris sysdef Command Local Privilege Escalation Vulnerability Solaris volrmmount Vulnerability: Unauthorized File Read Access Vixie Cron Library Buffer Overflow Vulnerability File Overwrite Vulnerability in ypbind with -ypset and -ypsetme Options Exploiting Buffer Overflow in FreeBSD lpd via Long DNS Hostnames Vulnerability: Unauthorized Addition of Malicious NIS+ Servers via nis_cachemgr in Solaris NIS+ Critical Buffer Overflow Vulnerability in SunOS/Solaris ps Command Arbitrary Command Execution Vulnerability in SunOS/Solaris FTP Clients Buffer Overflow Vulnerability in BNU UUCP Daemon (uucpd) via Long Hostnames Vulnerability: Local Privilege Escalation via mmap Function in BSD Source Routing Vulnerability in BSD-based Operating Systems Critical Buffer Overflow Vulnerability in HP xlock Program HP-UX cstm Program Buffer Overflow Vulnerability Arbitrary File Modification Vulnerability in HP-UX gwind Program HP-UX vgdisplay Local Privilege Escalation Vulnerability Vulnerability: Unauthorized Access to New User Accounts in SSH 1.2.25 on HP-UX Local Privilege Escalation Vulnerability in fpkg2swpk in HP-UX Root Privilege Vulnerability in HP ypbind Allows Unauthorized Modification of NIS Data Local Privilege Escalation via Disk Bandwidth Vulnerability on SGI IRIX 6.4 S2MP for Origin/Onyx2 Local Privilege Escalation via Relative Pathnames in ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 Solaris fdformat Command Buffer Overflow Vulnerability Buffer Overflow Vulnerability in Linux splitvt Command Allows Local Users to Gain Root Access Critical Buffer Overflow Vulnerability in Linux su Command Grants Unauthorized Root Access Buffer Overflow Vulnerability in xmcd 2.0p12: Local User Access via Environmental Variable Buffer Overflow Vulnerability in xmcd 2.1 Allows Unauthorized Access via User Resource Setting Root Access Vulnerability in SunOS rpc.cmsd Solaris kcms_configure Command Buffer Overflow Vulnerability Arbitrary File Writing Vulnerability in FreeBSD's open() Function Vulnerability: Privilege Escalation via FreeBSD mmap Function Local Privilege Escalation Vulnerability in HP-UX's PPL Program Local Privilege Escalation Vulnerability in vhe_u_mnt Program on HP-UX Critical Vulnerability in HP-UX Mediainit Program Local Privilege Escalation Vulnerability in SGI syserr Program Local Privilege Escalation Vulnerability in SGI Permissions Program Local Privilege Escalation Vulnerability in SGI mediad Program Root Access Vulnerability in Linux bdash Game: Buffer Overflow Exploit Critical Buffer Overflow Vulnerability in Internet Explorer 4.0(1) NetMeeting Buffer Overflow Vulnerability: Denial of Service and Remote Command Execution Remote Command Execution and Local Privilege Escalation Vulnerabilities in HP OpenView Omniback Local Privilege Escalation Vulnerability in Solaris 2.2 and 2.3 Duplicate vulnerability: CVE-1999-0032 HP-UX mstm Buffer Overflow Vulnerability Allows Local Root Access AIX Batch Queue (bsh) Privilege Escalation Vulnerability AIX Licensed Program Product Vulnerability: Local Privilege Escalation to Root Access Buffer Overflow Vulnerability in Solaris libauth Library Buffer Overflow Vulnerability in Linux Slackware Crond Program Allows Local Privilege Escalation Buffer Overflow Vulnerability in Linux Mail Program Deliver Allows Local Privilege Escalation Local Privilege Escalation Vulnerability in Linux PAM Modules Arbitrary Program Execution Vulnerability in Palace Server Sechole Exploit: Granting Debug-Level Access to NT System Processes Jolt ICMP Attack: Denial of Service Vulnerability in Windows 95 and Windows NT Arbitrary File Read Vulnerability in CGI PHP mlog Script Remote File Reading and Web Page Spoofing Vulnerability in Internet Explorer 4.01 IIS ASP Caching Vulnerability: Sensitive Information Leakage in Shared Physical Directory Buffer Overflow Vulnerability in IIS FTP List Command Allows Remote Code Execution Race condition vulnerability in ClearCase's db_loader program allows local users to gain root access via the manipulation of SUID bits. Pizza Thief: FTP PASV Vulnerability Exploitation for Data Theft and Denial of Service Weak Password Encryption in ControlIT 4.5 and Earlier (aka Remotely Possible) HP rpc.pcnfsd Vulnerability: Remote Root Access via Printer Spool Directory Permissions Arbitrary Execution of Visual Basic Programs in Internet Explorer and Outlook ControlIT 4.5 Denial of Service Vulnerability Weak Encryption Used to Store Usernames and Passwords in ControlIT v4.5 and Earlier Denial of Service Vulnerability in Windows 98 and Other Operating Systems via Crafted oshare Packets Buffer Overflow Vulnerability in inc Program of MH Package in Digital Unix 4.0 Vulnerability: Denial of Service, Modem Lockout, Dial Out, and Password Disclosure in ptylogin Remote Code Execution Vulnerability in MS Site Server 2.0 with IIS 4 Unencrypted Storage of Usernames and Passwords and Unlogged Administrative Changes in NetWare LaserFiche CWD Command Denial of Service Vulnerability in WS_FTP Server Buffer Overflow Vulnerability in SuSE 5.2 PLP lpc Program Allows Root Compromise Plaintext Storage of Database Password in Microsoft Access 97 Remote Command Execution Vulnerability in Metamail Package Windows NT 4.0 Service Pack 4 Vulnerability: Unauthorized Access to Network Shares Local Privilege Escalation Vulnerability in NetBSD netstat Command Palmetto: Remote Root Access Vulnerability in wu-ftpd and ProFTPD Buffer Overflow Vulnerability in Sun sdtcm_convert Calendar Utility for OpenWindows Arbitrary File Overwrite Vulnerability in Sun Solaris and SunOS man and catman Local Privilege Escalation Vulnerability in Lynx Unsecured Setup File Exposes Account Credentials in BackOffice Server Installer Super Utility Buffer Overflow Vulnerability Allows Local Privilege Escalation Symlink Attack Vulnerability in Debian GNU/Linux cfengine Package Remote Code Execution Vulnerability in Network Flight Recorder (NFR) 2.0.2-Research Privilege Escalation Vulnerability in Windows NT via KnownDLLs Manipulation Process Table Exhaustion Vulnerability in Unix Systems: A Denial of Service Attack HTTP Request with Multiple GET Commands Bypasses InterScan VirusWall for Solaris Virus Scanning Remote Code Execution Vulnerability in Microsoft Taskpads via Unsafe Scripting Methods Local File Access Vulnerability in SLMail 3.1 and 3.2 with RAS Enabled Buffer Overflow Vulnerability in Super 3.11.6 and Other Versions of Syslog Utility Allowing Local Root Access Windows NT Screen Saver Privilege Escalation Vulnerability Unauthenticated Access Vulnerability in ACC Tigris Clipboard Data Leakage Vulnerability Remote Code Execution and Denial of Service Vulnerability in Exchange 5.5 LDAP Bind Function Remote File Disclosure Vulnerability in Microsoft Personal Web Server and FrontPage Personal Web Server Legacy Credential Caching Vulnerability in Windows 95 and Windows 98 Systems Local Privilege Escalation in DataLynx suGuard via Insecure PATH Variable Critical Buffer Overflow Vulnerability in Debian Linux netstd Bootp Server Dosemu Slang Library Buffer Overflow Vulnerability SMB Authentication Replay Vulnerability Buffer Overflow Vulnerability in Thomas Boutell's cgic Library (Versions up to 1.05) Denial of Service Vulnerability in Sendmail 8.8.x and 8.9.2 Password Reset Vulnerability in DPEC Online Courseware BackWeb Polite Agent Protocol Vulnerability: Server Spoofing via Race Condition Race Condition Vulnerability in NetBSD TCP Servers Allows Remote Denial of Service Critical Security Vulnerability: Quakenbush NT Password Appraiser Sends Passwords in Plaintext SSH Vulnerability: Expired Accounts Allowed for Login on Linux Systems Remote Code Execution Vulnerability in Mirc 5.5 DCC Server Command Denial of Service Vulnerability in Linux 2.2.0 via ldd Command on Core Files Race Condition Vulnerability in Linux 2.2.1 Allows Unauthorized Memory Access via /proc Files Symlink Permission Escalation Vulnerability in Wget 1.5.3 Local Denial of Service Vulnerability in Cyrix CPUs on Linux Remote Command Execution via Buffer Overflow in Mail-Max SMTP Server for Windows Root Privilege Escalation via Buffer Overflow in lsof Buffer Overflow Vulnerability in Digital Unix Networker Program nsralist Default Virtual Directory in IIS 4.0 Allows Proxy for Password Attacks and User Identification World Readable Files in Cobalt RaQ Microservers: A Web Server Vulnerability Buffer Overflow Vulnerability in gnuplot Allows Local Privilege Escalation Buffer Overflow Vulnerability in Solaris 2.6 (i386) Cancel Command Allows Local Root Access Symlink Attack Vulnerability in SCO OpenServer Enterprise System v 5.0.4p Command Injection Vulnerability in Web Servers Running ISAPI Extensions SGI X Server Font Path Buffer Overflow Vulnerability TCP Connection Spoofing Vulnerability Default HTTP Server Enabled in Cisco 7xx Series Routers: Remote Configuration Modification Vulnerability Remote System Reload Vulnerability in Cisco 7xx Series Routers via TELNET Port Denial of Service Vulnerability in 64-bit Solaris 7 procfs SMTP Denial of Service Vulnerability: Multiple RCPT TO Commands in Same Connection Microsoft SMTP Service Denial of Service Vulnerability Privilege Escalation Vulnerability in umapfs via malicious mount_umap Program Root Access Vulnerability in Linux Slackware 3.6 Local Privilege Escalation Vulnerability in NetBSD 1.3.3 Mount Privilege Escalation Vulnerability in hpterm on HP-UX 10.20 Local File Overwrite Vulnerability in Netscape 4.5 via Talkback Local Privilege Escalation in Netscape 4.5 via Talkback Crash Default Permissions of /dev/kmem in Linux Versions Before 2.0.36 Allow IP Spoofing Eudora 4.1 Denial of Service Vulnerability Session Reuse Vulnerability in OpenSSL and SSLeay Unencrypted Transmission of Encrypted Mail in Lotus Notes 4.5 Client Denial of Service Vulnerability in Cisco Catalyst 5000 Supervisor Software Remote Denial of Service Vulnerability in Linux 2.2.3 and Earlier: IP Fragmentation Attack Local Privilege Escalation in HP-UX 11.00 FTP Symlink Attack Vulnerability in XFree86 Startx Command XFree86 xfs Symlink Vulnerability Privilege Escalation via SAM in HP-UX MC/ServiceGuard and MC/LockManager Local Privilege Escalation in Domain Enterprise Server Management System (DESMS) on HP-UX WebRamp Systems Denial of Service Vulnerability WebRamp Systems Denial of Service Vulnerability via Malicious UDP Packet Spoofing Buffer Overflow Vulnerability in Procmail Configuration File (procmailrc) Allows Command Execution Remote Code Execution Vulnerability in Java Virtual Machine's Byte Code Verifier WinGate Buffer Overflow Vulnerability: Remote Denial of Service Exploit Local Privilege Escalation in Solaris ff.core Replay Attack Vulnerability in Patrol Management Software: Stealing Administrator Passwords Remotely Windows Denial of Service Vulnerability via Malicious ARP Packets Unfiltered Packets Vulnerability in Cisco Routers with NAT on IOS 12.0 Denial of Service Vulnerability in NetBSD 1.3.3 and Earlier Versions via Unusual Symbolic Link Creation Privilege Escalation Vulnerability in MPE/iX Debug Utility HTTP Request Method Length Vulnerability Denial of Service Vulnerability in ExAir Sample Site in IIS 4 Path Disclosure Vulnerability in IIS with Perl Interpreter Local Denial of Service Vulnerability in Linux 2.0.36 Developer-Installed Backdoor Password Vulnerability CDP Port 1999 SYN Packet Identification Vulnerability Operating System Identification through IP/ICMP Packet Analysis Remote File Read and Deletion Vulnerability in ColdFusion Expression Evaluator Local Privilege Escalation in Linux ftpwatch Program L0phtcrack 2.5 Vulnerability: Password Information Stored in Temporary Files Alpha Linux Denial of Service Vulnerability: MILO Reboot Exploit Linux Autofs Module Buffer Overflow Vulnerability Remote Code Execution Vulnerability in rpcbind SUIDPerl Vulnerability: Local Users Exploiting nosuid Mount Option Bypass IRIX fcagent Denial of Service Vulnerability Denial of Service Vulnerability in Tripwire 1.2 and Earlier via Long Filenames Denial of Service Vulnerability in Lynx and Internet Explorer via Large Width Parameter in IMG Tag Arbitrary File Access Vulnerability in NetBSD 1.3.3 and Earlier Arbitrary File Read Vulnerability in Webcom CGI Guestbook Programs Arbitrary File Reading Vulnerability in Internet Explorer 5.0 Window Spoofing Vulnerability in Internet Explorer 5.0 Weak Encryption Algorithm in Novell Remote.NLM Passwords Unauthenticated Remote Configuration Vulnerability in Winroute Proxy Server Persistent Default SNMP Community Name Vulnerability in NetApps C630 Netcache Vulnerability: rsync command changes client's working directory permissions Arbitrary File Access Vulnerability in ICQ Webserver Local Privilege Escalation: Exploiting a Race Condition in procmail's .procmailrc Handling Insecure Password Encryption in SCO TermVision Remote File Upload Vulnerability in ColdFusion Application Server HP-UX Sendmail 8.8.6 Vulnerability: Denial of Service via Connection Acceptance Vulnerability: Denial of Service in Netscape Enterprise Server with VirtualVault on HP-UX VVOS Systems Symlink Attack Vulnerability in Midnight Commander 4.x Allows Local Denial of Service OpenBSD 'poll' Vulnerability: Exploiting Denial of Service TSS Handling Vulnerability in OpenBSD Kernel Triggered by Crashme Program Nlink Value Vulnerability: OpenBSD Crash in FFS and EXT2FS Filesystems Critical Buffer Overflow Vulnerability in OpenBSD Ping OpenBSD Vulnerability: Remote System Crash via ipintr() in ipq AOL Instant Messenger Denial of Service Vulnerability via Malicious Hyperlink Arbitrary File Reading Vulnerability in DHTML Edit ActiveX Control Cross-Frame Scripting Vulnerability in Internet Explorer 4.0 and 5.0 Untrusted Scripted Paste Vulnerability in Internet Explorer 5.0 Information Disclosure Vulnerability in Internet Explorer 5.0 via IMG SRC Tag Command Injection Vulnerability in Bash Prompt Parsing Remote User Identification Vulnerability in ffingerd 1.19 Remote Code Execution via rpc.statd SM_MON and SM_NOTIFY Commands WinGate Proxy Denial of Service Vulnerability via POP3 Buffer Overflow Dot Dot Exploit: Remote File System Access via SMB Shares GetAdmin: Exploiting NtOpenProcessToken to Gain Administrative Rights on Windows NT 4.0 Anonymous FTP Enabled: Potential Security Breach TFTP Directory Traversal Vulnerability SNMP Registry Key Disclosure Vulnerability Guessable Password Vulnerability in Unix Account Default or Null Password Vulnerability Guessable Password Vulnerability in Windows NT Local User/Administrator Accounts Default or Missing Password Vulnerability in Windows NT Local User or Administrator Accounts Guessable Password Vulnerability in Windows NT Domain User/Administrator Accounts Default or Missing Password Vulnerability in Windows NT Domain Accounts Weak Password Vulnerability Default Password Vulnerability Remote Code Execution via Shell Interpreters in CGI-Bin Directory Source Routing Vulnerability: Allowing Arbitrary Hosts to Send Packets Non-Router Machine with Enabled IP Forwarding: Vulnerability Exposed SMTP Mail Relay Vulnerability: Exploitable Configuration Allowing Spam Abuse Vulnerability: ICMP Broadcast Address Allowance Enables Smurf Attack for Denial of Service Fraggle Attack: Denial of Service Vulnerability via UDP Broadcast Messages Unrestricted Remote Trust Relationship Vulnerability in Unix Systems Guessable SNMP Community Name Vulnerability Default or Null SNMP Community Name Vulnerability Critical Vulnerability: Guessable NETBIOS/SMB Share Password Default, Null, or Missing NETBIOS/SMB Share Password Vulnerability Critical Vulnerability: Inadequate Access Control for NETBIOS/SMB Share NIS Domain Name Vulnerability Inappropriate Permissions for Critical NIS+ Table: Vulnerability Unrestricted ICMP Echo (Ping) Vulnerability ICMP Information Disclosure Vulnerability Unrestricted IP Traceroute Access Vulnerability Critical Vulnerability: Unrestricted Access to X Server via Disabled Access Control Inappropriate Permissions in Anonymous FTP Account: Critical Data Vulnerability Network Spoofing Vulnerability: Router/Firewall Packet Forwarding Vulnerability: Unauthorized Forwarding of Packets from IANA Reserved or Private Addresses Promiscuous Mode: Enabling Unauthorized Packet Sniffing SMTP Service Supports Potentially Vulnerable Commands Zone Transfer Vulnerability in DNS Server Inverse Query Vulnerability: Exploiting DNS Server's Inverse Query Functionality Inappropriate Privileges Vulnerability in Windows NT Insecure Windows NT Account Password Policy Settings Web Browser Configuration Vulnerability: Execution of Active Content Trust Relationship Vulnerability Guessable Password Vulnerability Windows NT Guest Account Vulnerability Insecure Authentication Method: .rhosts File in SSH Server Unnecessary NFS Server Running Without File System Import/Export Automatic Administrator Login Vulnerability Arbitrary Hosts Can Access Router's Routing Tables: A Critical Vulnerability Arbitrary Command Execution Vulnerability in HP OpenMail via Malicious Print Requests Critical Data Exposure: NFS Exports Vulnerability Privilege Escalation: Non-Root Unix Account with UID 0 UID Duplication Vulnerability in Unix Accounts Critical Vulnerability: Insecure Permissions on System-Critical Unix File or Directory Critical Vulnerability: Inappropriate Permissions on Windows NT System Files or Directories Server Side Include (SSI) files in IIS have the #exec function vulnerability. Remote Access to Windows NT Registry by Non-Admin Users Printer Vulnerability: Unauthorized Document Printing and Disabling Sendmail Alias Command Injection Vulnerability Syslog File Write Vulnerability: Denial of Service and Activity Concealment Insecure Mode of rpc.admind in Solaris Directory Listing Vulnerability Windows NT Vulnerability: Lack of Password Filter Utility Open Access to Router Configuration Service Vulnerability: Trojan Horse Attack on Windows NT Registry Editor via .reg Files Windows NT User Audit Policy Failure to Log Event Success or Failure File Audit Policy Vulnerability File Audit Policy Vulnerability: Incomplete Logging for Non-Critical Files and Directories Windows NT Registry Audit Policy Vulnerability: Failure to Log Security-Critical Events Windows NT Registry Audit Policy Vulnerability: Non-Critical Key Event Logging Failure Critical Permissions Vulnerability in HKEY_LOCAL_MACHINE Key on Windows NT Systems Critical Permissions Vulnerability in HKEY_CLASSES_ROOT Key on Windows NT Systems Insecure Windows NT Account Lockout Policy Settings Windows NT Domain Trust Vulnerability Title: Windows NT File System Vulnerability: Incompatibility with NTFS Default Administrator Account Vulnerability Nonstandard Port Vulnerability Unrestricted File System Access Vulnerability Unusual Fragmented Packets Bypass Router/Firewall Filter Vulnerability Critical Vulnerability: Inappropriate Permissions on Windows NT Registry Key Inadequate Legal Notification Vulnerability Windows NT Event Log Vulnerability: Inadequate Access Permissions Windows NT Logon Box Reveals Last User's Name Vulnerability Default Winlogon Key Setting Allows Unauthorized Shutdown Without Logon Unrestricted Access to Removable Media Drives in Windows NT System Windows NT System Page File Vulnerability Windows NT Log File Vulnerability Windows NT Account Policy Allows Remote Users to Stay Logged In Beyond Logon Hours Out-of-Order Packet Handling Vulnerability in Network Intrusion Detection System (IDS) Improper Sequence Number Handling Vulnerability in Network Intrusion Detection System (IDS) Checksum Verification Vulnerability in Network Intrusion Detection System (IDS) TCP Handshake Packet Vulnerability Fragmented Packets Vulnerability in Network Intrusion Detection System (IDS) Windows NT Vulnerability: Inappropriate User Group Membership WebStore 1.0 Shopping Cart CGI Program web_store.cgi Information Disclosure Vulnerability Order Form 1.0 Shopping Cart CGI Program Vulnerability EZMall 2000 Shopping Cart CGI Program mall2000.cgi Incorrect Configuration Vulnerability Insufficient Access Control in QuikStore Shopping Cart Allows Remote Password Disclosure Privacy Breach Vulnerability in PDG Shopping Cart's 'shopper.cgi' Program SoftCart.exe Misconfiguration Vulnerability Webcart CGI Program Vulnerability: Disclosure of Private Information Critical Vulnerability: Inappropriate Value in Windows NT Registry Key Critical Vulnerability: Exposed User Information in Finger Service rpc.sprayd Service Vulnerability FTP Service Enabled SNMP Service Running Without Proper Security Configuration TFTP Service Running Vulnerability SMTP Service Enabled Rexec Service Vulnerability Telnet Service Enabled NIS Component Service Running Vulnerability NETBIOS Service Exposure Vulnerability Insecure DNS Service Configuration X Windows Service Configuration Vulnerability rstat/rstatd Service Vulnerability rpc.rquotad Service Vulnerability Critical Vulnerability: Unrestricted Access to Valid User Information via rusers Weak Authentication in Rexd Service Allows Command Execution Exposing Machine Status and User Information: rwho/rwhod Service Vulnerability Ident/Identd Service Vulnerability Vulnerability: NT Alerter and Messenger Services Running NFS Service Running Vulnerability Vulnerability: Open RPC Portmapper Service HTTP/WWW Service Enabled Insecure SSH Service Configuration Echo Service Vulnerability: Potential Security Breach Discard Service Vulnerability: Potential Security Breach Systat Service Vulnerability: Potential Security Breach Daytime Service Vulnerability Chargen Service Vulnerability: Potential Security Risk Gopher Service Vulnerability UUCP Service Vulnerability: Potential Security Risk Insecure POP Service Configuration IMAP Service Running Without Proper Configuration NNTP News Service Running Vulnerability Insecure IRC Service Configuration LDAP Service Running Insecure Bootparam Service Configuration X25 Service Running Vulnerability FSP Service Running Vulnerability Netstat Service Vulnerability: Exposing Sensitive Information to Remote Attackers RSH/RLOGIN Service Vulnerability Database Service Running with Default Credentials NIS+ Component Service Vulnerability NT Vulnerability: OS/2 or POSIX Subsystem Enabled Information Disclosure through Service Banner or Help Function Username Enumeration Vulnerability in ugidd RPC Interface WinGate Vulnerability: Exploiting Weaknesses in the WinGate Proxy Server DCOM Configuration Vulnerability Presence of Windows NT Primary Domain Controller (PDC) or Backup Domain Controller (BDC) Title: Installation of Hacker Utility or Trojan Horse on System Distribution Point Trojan Horse Vulnerability Outdated or Unpatched System-Critical Program Vulnerability Integrity Checksum Vulnerability Critical Vulnerability: Inappropriate Permissions on Windows NT Registry Key Critical Vulnerability: Inappropriate Value in Windows NT Registry Key ARP Spoofing Vulnerability: Exploiting ARP Protocol for IP Address Spoofing and Denial of Service Attacks Remote Code Execution Vulnerability in scriptlet.typelib ActiveX Control Remote Code Execution Vulnerability in Eyedog ActiveX Control for Internet Explorer Eyedog ActiveX Control Buffer Overflow Vulnerability Critical Buffer Overflow Vulnerability in ToxSoft NextFTP Client via CWD Command Chocoa IRC Client Vulnerability: Buffer Overflow via IRC Channel Topics ALMail32 POP3 Client Buffer Overflow via From: or To: Headers Local Privilege Escalation via BSD profil System Call Denial of Service Vulnerability in Check Point FireWall-1 via UDP Packets Sent through VPN-1 Symlink Attack Vulnerability in sdtcm_convert on Solaris 2.6 Default Password Vulnerability in WebRamp Web Administration Utility Apache ServerRoot Default Configuration Vulnerability Buffer Overflow Vulnerability in hybrid-6 IRC Server Allows Remote Command Execution via m_invite Invite Option Windows NT Terminal Server Denial of Service Vulnerability Buffer Overflow Vulnerability in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 Remote Email Relay Vulnerability in Microsoft Exchange 5.5 ICMP Packet Malformation Vulnerability in Gauntlet Firewall Critical Denial of Service Vulnerability in Sendmail 8.8.6 on HPUX Critical Buffer Overflow Vulnerability in Netscape Communicator via EMBED Tags Critical Denial of Service Vulnerability in Netscape Enterprise Server (NES) via Long URL in HP Virtual Vault (VVOS) Weak RPC Authentication in ToolTalk ttsession Daemon Allows Remote Command Execution Critical Buffer Overflow Vulnerability in HP Software Distributor (SD) for HPUX 10.x and 11.x Symlink Attack Vulnerability in CDE dtspcd Daemon Insecure PATH Variable Configuration in HP CDE Program Buffer Overflow Vulnerability in CDE dtaction Utility Allows Local Privilege Escalation Unauthenticated Remote Root Privilege Vulnerability in Array Services Daemon (arrayd) Buffer Overflow in TT_SESSION Environment Variable in ToolTalk Shared Library Allows Local Privilege Escalation AIX ptrace System Call Denial of Service Vulnerability Arbitrary File Read Vulnerability in Sybase PowerDynamo Personal Web Server CDE Calendar Manager Service Daemon (rpc.cmsd) Buffer Overflow Vulnerability Local Privilege Escalation in SCO Doctor via Tools Option IP Protocol Logger (ippl) Vulnerability: Denial of Service Exploit Session Hijacking Vulnerability in Bluestone Sapphire Web Server Buffer Overflow Vulnerability in Microsoft Phone Dialer (dialer.exe) via Malformed dialer.ini Entry Unattended Installation File Exposes Local Administrator Password in Windows NT 4.0 ImportExportFavorites vulnerability in Internet Explorer 5.0 and 5.01 Vulnerability: Privilege Escalation via chflags and fchflags on Unix Operating Systems Critical Buffer Overflow Vulnerability in Berkeley Automounter Daemon (amd) Logging Facility Critical Buffer Overflow Vulnerability in INN inews Program Privilege Escalation in Linux xmonisdn Package via IFS or PATH Environmental Variable Manipulation Unauthorized File Transfer Vulnerability in HP Visualize Conference FTP Configuration Buffer Overflow in cfingerd: Exploiting a Long GECOS Field for Root Privilege Escalation Remote Code Execution via Cachemgr.cgi in Squid Package Local Privilege Escalation in Oracle 8.x Intelligent Agent for Unix COAS Vulnerability: World-Readable /etc/shadow Password File Local Privilege Escalation in Compaq Tru64 UNIX's dtlogin Program Critical Vulnerability in Compaq Tru64 UNIX edauth Command RAS Client Buffer Overflow Vulnerability Windows NT 4.0 Help File Utility Buffer Overflow Vulnerability Vulnerability: Remote Disabling of Virus Warning Mechanism in Microsoft Excel 97 Privilege Escalation Vulnerability in IBM GINA for OS/2 Domain Authentication Arbitrary Code Execution Vulnerability in Guile Plugin for Gnumeric Spreadsheet Package Local Privilege Escalation Vulnerability in Linux pt_chown Command LSA Denial of Service Vulnerability in Windows NT Remote Code Execution Vulnerability in Cobalt RaQ2 Servers Denial of Service Vulnerability in Windows NT Client Server Runtime Subsystem (CSRSS) Buffer Overflow Vulnerability in OpenBSD Procfs and Fdescfs File Systems via Uio_offset in Readdir() Function Double Byte Code Page Vulnerability in IIS Allows Remote Source Code Viewing Windows NT Denial of Service Vulnerability via Malformed File Image Header OpenBSD Kernel Vulnerability: Unencrypted IPsec Packet Leakage Windows NT Vulnerability: Direct IOCTL Calls to Disable Keyboard and Mouse Buffer Overflow Vulnerability in Lotus Notes LDAP (NLDAP) Allows Denial of Service via ldap_search Request Local Privilege Escalation Vulnerability in Debian man-db Package KDE klock Program Local Session Unlock Vulnerability Arbitrary File Deletion Vulnerability in Debian smtp-refuser Logging Facility VMWare 1.0.1 for Linux Buffer Overflow Vulnerability via Long HOME Environmental Variable Unauthenticated Remote Database Modification Vulnerability in CiscoSecure ACS Local Privilege Escalation Vulnerability in KDE K-Mail via Symlink Attack Arbitrary File Read Vulnerability in showcode.asp in IIS and Site Server Arbitrary File Read Vulnerability in viewcode.asp in IIS and Site Server Arbitrary File Read Vulnerability in code.asp in IIS and Site Server Arbitrary File Read Vulnerability in codebrws.asp in IIS and Site Server Denial of Service Vulnerability in Linux in.telnetd Telnet Daemon via Malformed TERM Environmental Variable Root Login Vulnerability in QMS CrownNet Unix Utilities for 2060 Weak Authentication in Debian Mailman Package Allows Privilege Escalation Local Privilege Escalation Vulnerability in Trn Buffer Overflow Vulnerability in Netscape Enterprise Server and FastTrack Server Buffer Overflow Vulnerability in pdnsd for IBM AIX C Set ++ Compiler Default Configuration of in.identd in SuSE Linux Allows Remote Denial of Service SMP Denial of Service Vulnerability in BSDi: High CPU Load fstat Call Critical Buffer Overflow Vulnerability in Red Hat net-tools Package Critical Buffer Overflow Vulnerability in Microsoft Telnet Client on Windows 95 and Windows 98 Remote Code Execution Vulnerability in Hotmail via HTML STYLE Tag Buffer Overflow Vulnerability in Netscape Enterprise Server 3.6 with SSL Handshake Patch Buffer Overflow Exploit: Denial of Service in Netscape Enterprise Server via SSL Handshake Remote Directory Traversal Vulnerability in w3-msql CGI Script Privilege Escalation via INN inndstart Program Unintended Password Caching in Windows NT RRAS and RAS Clients Remote Code Execution Vulnerability in ColdFusion Administrator with Advanced Security Enabled Weak Encryption in ColdFusion CFCRYPT Program: Vulnerability Exploitation Source Code Disclosure Vulnerability in Netscape Enterprise and FastTrack Servers Buffer Overflow Vulnerability in FuseMAIL POP Service Privilege Escalation through Undocumented CFML Tags and Functions in ColdFusion Administrator Buffer Overflow Vulnerability in FreeBSD FTS Library Routines Allows Local User to Modify Arbitrary Files via Periodic Program Remote Code Execution via Embedded JavaScript in TITLE Tag Cross-Network ARP Modification Vulnerability in NetBSD ARP Packet Overwrite Vulnerability in NetBSD Local File Modification Vulnerability in SGI IRIX midikeys Program Arbitrary Command Execution Vulnerability in Microsoft Java Virtual Machine Critical Buffer Overflow Vulnerability in Solaris libc, ufsrestore, and rcp via LC_MESSAGES Environmental Variable Vulnerability: Buffer Overflow in Vixie Cron via MAILTO Environmental Variable Local Privilege Escalation via Vixie Cron on Linux Systems Firewall-1 Vulnerability: Denial of Service via Long Timeout for Non-SYN Connections Arbitrary File Read Vulnerability in Compaq Management Agents and Survey Utility Critical Denial of Service Vulnerability in Compaq Management Agents and Survey Utility via Port 2301 Buffer Overflow Vulnerability in Solaris lpset Program Allows Local Privilege Escalation Mars NetWare Emulation (NWE) Package Vulnerability: Buffer Overflow via Long Directory Names Improper Handling of Established Keyword in Access Lists on Cisco Gigabit Switch Routers Running IOS Alibaba HTTP Server Directory Traversal Vulnerability IIS FTP Server File Read and Delete Vulnerability Buffer Overflow in Xi Graphics Accelerated-X Server: Local Privilege Escalation via Long Display or Query Parameter HP-UX SharedX Recserv Program Denial of Service Vulnerability Arbitrary Process Termination Vulnerability in KDE Klock Arbitrary Command Execution Vulnerability in KDE via KDEDIR Environmental Variable Arbitrary Directory Creation Vulnerability in KDE kppp Denial of Service Vulnerability in FreeBSD: Hard Link Creation from Device Special File to NFS File System NERP: Oracle TNSLSNR SQL*Net Listener Denial of Service Vulnerability Local Privilege Escalation Vulnerability in INN inndstart Program Arbitrary File Creation Vulnerability in Solaris Dynamic Linker Symlink Following Vulnerability in SSH Authentication Agent Arkiea nlservd Denial of Service Vulnerability AIX ftpd Buffer Overflow Vulnerability in libc Library Netscape Cache Information Disclosure Vulnerability Unauthenticated Remote Administration Vulnerability in Hybrid Network Cable Modems Default SNMP Community Name Vulnerability in ROUTERmate Remote File Reading Vulnerability in Internet Explorer Macro Execution Vulnerability in Microsoft Excel SYLK Files Unauthenticated Remote Execution Vulnerability in NIS+ rpc.nisd Server Spoofing Vulnerability in FreeBSD T/TCP Extensions for Transactions NIS Finger Denial of Service Vulnerability Critical Buffer Overflow Vulnerability in bootpd on OpenBSD, FreeBSD, and Linux Systems Buffer Overflow in bootpd 2.4.3 and Earlier: Exploiting a Long Boot File Location Remote File Disclosure Vulnerability in Allaire Forums GetFile.cfm Remote Code Execution Vulnerability in BMC Patrol Remote Code Execution Vulnerability in Internet Explorer 5 via Malformed Favorites Icon Arbitrary File Write Vulnerability in AIX eNetwork Firewall's fwluser Script Linux 2.2.x Kernel Denial of Service Vulnerability via Malformed ICMP Packets Denial of Service Vulnerability in Novell NetWare Transaction Tracking System (TTS) Critical Buffer Overflow Vulnerability in Solaris dtprintinfo Program Sensitive Information Exposure in Netscape Directory Server Installation Procedure Buffer Overflow Vulnerabilities in ISC DHCP Distribution Server (dhcpd) 1.0 and 2.0 Cookie Security Vulnerability in Netscape Communicator 4.x with Javascript Enabled Nmbd Denial of Service Vulnerability in Samba Samba smbd Program Vulnerability: Buffer Overflow via Malformed Message Command Arbitrary File System Mounting Vulnerability in Samba smbmnt Privilege Escalation in Cfingerd with ALLOW_EXECUTION Enabled Remote Code Execution Vulnerability in Red Hat pump DHCP Client Memory Leak Vulnerability in Windows NT 4.0 SNMP Agent Remote Access Vulnerability in Motorola CableRouter: Unauthorized Configuration Access on Port 1024 Remote Code Execution in Lynx WWW Client via Command-Line Parameter Injection Buffer Overflow Vulnerability in Solaris kcms_configure via Long NETPATH Environmental Variable Vulnerability: Ineffective VRFY Command Disabling in NTMail Privilege Escalation in FreeBSD seyon via Modified PATH Variable Privilege Escalation Vulnerability in FreeBSD seyon via Malicious -emulator Argument Remote Root Access Vulnerability in Qpopper 3.0 via AUTH Command Buffer Overflow Buffer Overflow Vulnerability in xmindpath in FreeBSD Allows Local Privilege Escalation via -f Argument Persistent Drive Mapping Vulnerability UnixWare /var/mail default permissions vulnerability Privilege Escalation via Buffer Overflow in FreeBSD Angband Frame Spoofing Vulnerability in Internet Explorer 5.0 and Later Versions Local File Disclosure Vulnerability in UnixWare pkg Commands Weak Encryption in HP Secure Web Console Critical Buffer Overflow Vulnerability in SCO UnixWare Xsco Command Linux syslogd Vulnerability: Denial of Service via Excessive Connections NFS Server Buffer Overflow Vulnerability NXT Record Buffer Overflow Vulnerability in BIND 8.2 RSAREF2 Buffer Overflow Vulnerability BIND named vulnerability: Malformed SIG records leading to Denial of Service UnixWare uidadmin Symlink Attack Vulnerability BIND TCP Session Denial of Service Vulnerability Buffer Overflow Vulnerability in Serv-U FTP 2.5: Remote Denial of Service via SITE Command Privilege Escalation Vulnerability in Windows NT Task Scheduler with Internet Explorer 5 Buffer Overflow Vulnerability in CDE dtmail and dtmailpr Programs CDE Mailtool Buffer Overflow Vulnerability Arbitrary File Read Vulnerability in Symantec Mail-Gear 1.0 Web Interface Server Vulnerability: Denial of Service via FTP PORT Command on Cisco Routers with NAT Long URL Denial of Service Vulnerability in MDaemon WorldClient and WebConfig Services Buffer Overflow Vulnerability in SCO su Program Allows Local Users to Gain Root Access MDaemon 2.7 Denial of Service Vulnerability: Exploiting Connection Flood Critical Buffer Overflow Vulnerability in FICS xboard Program BIND named vulnerability: Denial of Service via excessive file descriptor consumption BIND named vulnerability: Maxdname Denial of Service Endymion MailMan Default Permissions Vulnerability NAPTR-based Denial of Service Vulnerability in BIND named Local Privilege Escalation Vulnerability in IBM WebSphere Buffer Overflow in Netscape Enterprise Server and Netscape FastTrack Server: Remote Privilege Escalation via HTTP Basic Authentication Remote Code Execution Vulnerability in Ultimate Bulletin Board Critical Buffer Overflow Vulnerability in FreeBSD gdc Program User Enumeration Vulnerability in Slackware 7.0 Login System Symlink Attack Vulnerability in FreeBSD gdc Program Remote Proxy Configuration Modification Vulnerability in Internet Explorer 5 Solaris ARP Local File Disclosure Vulnerability Vulnerability: Local Privilege Escalation via Solaris chkperm and VMSYS Symlink Attack Race Condition Vulnerability in SSL ISAPI Filter: Information Leakage in Plaintext Insecure Directory Permissions in RPM Distribution for PostgreSQL: Local Privilege Escalation via Plaintext Password File Critical Buffer Overflow Vulnerability in FreeBSD seyon: Exploiting HOME Environmental Variable and Command Line Arguments Symlink Attack Vulnerability in UnixWare Core Dumping Buffer Overflow Vulnerability in CommuniGatePro via Long String to HTTP Configuration Port Buffer Overflow Vulnerability in UnixWare xauto Program Allows Local Privilege Escalation HTTP Header Flooding Vulnerability in IIS 4.0: Denial of Service Exploit Remote Command Execution Vulnerability in UCBMail Frame Spoofing Vulnerability in Internet Explorer 3.x to 4.01 Untrusted Scripted Paste Vulnerability in Internet Explorer 4.01 Cross Frame Navigate Vulnerability in Internet Explorer 4.0 and 4.01 Vixie cron Buffer Overflow Vulnerability Skyfull Mail Server Vulnerability: Buffer Overflow via MAIL FROM Command Remote Denial of Service Vulnerability in IIS 4.0 via Malformed Request for Files with .HTR, .IDC, or .STM Extensions Remote Code Execution via ICMP Router Discovery Protocol (IRDP) in DHCP Clients Critical Buffer Overflow Vulnerability in Internet Explorer 4.0 via EMBED Tag Remote File Reading Vulnerability in Internet Explorer 5 via ExecCommand Method on IFRAME Remote Root Privilege Escalation via Buffer Overflow in WU-FTPD and Related FTP Servers Remote Code Execution via Buffer Overflow in WU-FTPD and Related FTP Servers WU-FTPD Denial of Service Vulnerability via SITE NEWER Command Arbitrary File Read Vulnerability in Falcon Web Server Path Disclosure Vulnerability in Falcon Web Server Arbitrary File Read Vulnerability in Zeus Web Server Weak Encryption Vulnerability in Zeus Web Server Administrative Interface Remote Command Execution Vulnerability in Alibaba Web Server RASMAN Security Descriptor Vulnerability FTGate Web Interface Server Directory Traversal Vulnerability Privilege Escalation via ORACLE_HOME Environmental Variable in dbsnmp Unsecured Cisco 675 Routers Vulnerable to Remote Telnet Sessions Remote Code Execution in iHTML Merchant Arbitrary File Reading Vulnerability in Internet Explorer 5's Download Behavior Buffer Overflow in Netscape Communicator 4.7 and Earlier: Dynamic Font Length Field Vulnerability Symlink Attack Vulnerability in userOsa of SCO OpenServer Local Privilege Escalation: Unauthorized Terminal Write Access in Red Hat Linux Screen Program LDAP Attribute Access Vulnerability in Firewall-1 Buffer Overflow in RealServer Administration Utility Allows Remote Code Execution Arbitrary File Read Vulnerability in iChat ROOMS Webserver Windows NT 4.0 Print Spooler Buffer Overflow Vulnerability Arbitrary Command Execution Vulnerability in Windows NT 4.0 Print Spooler Buffer Overflow in rpc.yppasswdd: Local Privilege Escalation via MD5 Hash Generation Local Privilege Escalation in ypserv: Unauthorized Modification of GECOS and Login Shells Local Administrators Can Modify Password Tables in ypserv AIX Packet Filtering Module Vulnerability: Improper Filtering of High Destination Ports Buffer Overflow Vulnerability in BFTelnet: Denial of Service via Long Username Zero-Length IP Options Vulnerability in Axent Raptor Firewall: Exploiting Denial of Service Buffer Overflow in sccw: Local Privilege Escalation via HOME Environmental Variable Local File Disclosure Vulnerability in SCCW Solaris TCP Streams Driver Denial of Service Vulnerability Spoofed Route Pointer Vulnerability in Multihomed Windows Systems Cookie Expiration Vulnerability in Microsoft Site Server and Commercial Internet System (MCIS) Remote Root Access Vulnerability in ProFTPD, wu-ftpd, and beroftpd via MKD and CWD Commands Denial of Service Vulnerability in FreeBSD VFS Cache Remote Command Execution Vulnerability in dfire.cgi Script Critical Buffer Overflow Vulnerability in Debian GNU/Linux FTP Client Arbitrary File Read Vulnerability in URL Live! Web Server Insecure Storage of Account Credentials in WebTrends Software Arbitrary File Reading Vulnerability in Preloader ActiveX Control Windows Systems Vulnerable to Denial of Service via Malformed IGMP Packets Denial of Service Vulnerability in Motorola CableRouter: Exploiting Memory Leak via Telnet Connections Buffer Overflow Vulnerability in pop-2d POP Daemon Allows Privilege Escalation via FOLD Command BMC Patrol UDP Port Denial of Service Vulnerability Remote Code Disclosure Vulnerability in ColdFusion Server 4.0 Remote Code Execution Vulnerability in ColdFusion Server 4.0 Remote Denial of Service Vulnerability in ColdFusion Server 4.0 Syntax Checker UnityMail Denial of Service Vulnerability Apache Denial of Service Vulnerability via Large Number of MIME Headers Arbitrary File Read Vulnerability in NTMail SmartDesk WebSuite Buffer Overflow Vulnerability Denial of Service Vulnerability in Novell NetWare with Novell-HTTP-Server or YAWN Web Servers Remote Code Execution Vulnerability in wwwboard Remote Code Execution Vulnerability in Mediahouse Statistics Server Clear-text Storage of Administrator Password in Mediahouse Statistics Server Arbitrary File Read Vulnerability in TeamTrack Web Server Arbitrary File Reading Vulnerability in classifieds.cgi Remote Code Execution in classifieds.cgi via Hidden Variable Remote Command Execution Vulnerability in BNBSurvey survey.cgi Program Arbitrary File Read Vulnerability in BNBForm Remote Command Execution in MBone SDR Package via SIP Messages Debian IRC Epic/epic4 Client Denial of Service Vulnerability via Long String Remote Code Execution Vulnerability in Mutt Mail Client via Malformed MIME Messages Remote Command Execution Vulnerability in Mutt Mail Client Privilege Escalation in UnixWare dos7utils via STATICMERGE Environmental Variable OpenLink 3.2 Buffer Overflow Vulnerability Weak Encryption Vulnerability in IBM WebSphere ikeyman Tool IMS Buffer Overflow Vulnerability Yamaha MidiPlug Buffer Overflow Vulnerability via EMBED Tag Text Variable Remote Code Execution via Shell Metacharacters in AN-HTTPd's Example CGI Scripts Buffer Overflow Vulnerability in uum Program for Canna Input System Allows Local Privilege Escalation Buffer Overflow Vulnerability in canuum Program for Canna Input System Buffer Overflow Vulnerability in WFTPD FTP Server Allows Remote Root Access via MKD and CWD Commands Remote Code Execution Vulnerability in OmniHTTPd CGI Program imagemap.exe Solaris lpstat Class Argument Buffer Overflow Vulnerability Insecure Storage of Encrypted Passwords in WWWBoard Default Username and Password Vulnerability in WWWBoard Remote Root Access Vulnerability in wu-ftpd and BSDI ftpd via SITE EXEC Command Root Privilege Escalation and Denial of Service Vulnerability in NeXT NetInfo _writers Property Local Privilege Escalation Vulnerability in MajorCool mj_key_cache Program Local Privilege Escalation Vulnerability in sudo 1.5.x via Dot Dot Attack Local Privilege Escalation via Symlink Attack in IRIX startmidi Program Arbitrary Directory Creation Vulnerability in IRIX cdplayer Local Privilege Escalation via Symlink Attack in HPUX sysdiag Log File Creation HPUX passwd Command Buffer Overflow Vulnerability Privilege Escalation via Symlink Attack in FreeBSD mount_union Command Arbitrary Code Execution Vulnerability in FreeBSD setlocale Race condition vulnerability in xterm logging option allows local users to modify arbitrary files Buffer Overflow in Solaris getopt in libc Allows Local Privilege Escalation Critical Buffer Overflow Vulnerability in Internet Explorer, Outlook Express, and Windows Explorer via res: Local Resource Protocol BNC IRC Proxy Buffer Overflow Vulnerability Snork: Windows NT RPC Service Denial of Service Vulnerability Denial of Service Vulnerability in OmniHTTPD visadmin.exe via Malformed URL Exim Buffer Overflow Vulnerability Allows Local Privilege Escalation Xshipwars xsw Program Vulnerability: Buffer Overflow Solaris Snoop Program Buffer Overflow Vulnerability Solaris Snoop Buffer Overflow: Remote Root Privilege Escalation via GETQUOTA Requests Windows Help System Local Privilege Escalation Vulnerability Local Privilege Escalation and Denial of Service Vulnerability in Sendmail Remote Root Privilege Escalation via Buffer Overflow in Solaris sadmind Command Execution Vulnerability in htdig Privilege Escalation Vulnerability in SCO UnixWare's Privileged Process System Denial of Service Vulnerability in Windows NT Service Control Manager (SCM) Server-side Page Reference Redirect Vulnerability in Internet Explorer 5.01 and Earlier Plaintext Password Storage in Sun WBEM Installation Script Remote Code Execution in Whois Internic Lookup Program Remote Code Execution in Matt's Whois Program (whois.cgi) via Shell Metacharacters Remote Code Execution in CC Whois Program Denial of Service Vulnerability in Linux 2.0.3x Ping Command with -R Option Domain User Login Vulnerability Arbitrary File Read Vulnerability in UnixWare pkgtrans Remote Code Execution Vulnerability in Internet Explorer 5 DirectShow Filter (MSDXM.OCX) via vnd.ms.radio Protocol VerboseAuth setting in gdm allows attacker to identify valid users on a system Buffer Overflow Vulnerability in GoodTech Telnet Server NT Bypassing Access Restrictions in HP VirtualVault with PHSS_17692 Patch via Trusted Gateway Proxy (TGP) Delayed Application of ACL Modifications in Microsoft Exchange 5.5 Keystream Reuse Vulnerability in Windows NT with SYSKEY Windows NT Local Security Authority (LSA) Denial of Service Vulnerability Remote Code Execution Vulnerability in Infoseek Ultraseek Search Engine Command Execution Vulnerability in wu-ftp with FTP Conversion Enabled Cache Poisoning Vulnerability in Cisco Cache Engine Denial of Service Vulnerability in Microsoft SQL 7.0 Server via Malformed TDS Packet Remote Access to Performance Statistics in Cisco Cache Engine Web Administration Interface Null Username and Password Vulnerability in Cisco Cache Engine Weak Encryption Vulnerability in Netscape Navigator's Mail Password Storage Denial of Service Vulnerability in War FTP Daemon 1.70 Critical Buffer Overflow Vulnerability in POProxy POP Server for Norton Anti-Virus NAV2000 Arbitrary File Read Vulnerability in Groupwise Web Server GWWEB.EXE Groupwise Web Server Path Disclosure Vulnerability Remote Code Execution Vulnerability in VDO Live Player via Malformed .vdo File Local Privilege Escalation in xsoldier Program via Long Argument Remote Code Execution Vulnerability in Disney Go Express Search Insecure Cipher Policy: Allowing none Cipher in SSH 1.2.27 Server Arbitrary Command Execution Vulnerability in Microsoft Data Access Components (MDAC) SMTP Component Remote Crash Vulnerability AIX 4.1.5 and 4.2.1 Vulnerability: Root Access via Malformed Zone File Buffer Overflow Vulnerability in Solaris 2.7 and 2.7 Mail Command Apple AppleShare Mail Server 5.0.3 Buffer Overflow Vulnerability Denial of Service Vulnerability in Microsoft HTML Control Vulnerability: Remote Code Execution via Malicious ASP File Attachment in Seattle Labs Emurl 2.0 IP Fragmentation Bypass Vulnerability in Linux Kernels 2.2.10 and Earlier Insecure Permissions in Cabletron Spectrum Enterprise Manager 5.0 Enable Privilege Escalation Unauthenticated Remote Access Vulnerability in Novell Netware NDS 5.99 NFS on SunOS 4.1 through 4.1.2 Vulnerability: Local User Root Access Privilege Escalation via Trojan Horse ls Program in IRIX 4.x and 5.x Serial Ports Administrative Program Account Expiration Bypass Vulnerability in Solaris 7.0's useradd Command Denial of Service Vulnerability in Tcpdump 3.4a via Zero Length Header Packet Insecure Console Locking in CDE Screenlock Program on Solaris 2.6 Symlink Attack Vulnerability in aspppd on Solaris 2.5 x86 World-writable permissions in Solaris 2.6 HW3/98 admintool vulnerability Denial of Service Vulnerability in Symantec pcAnywhere 8.0 Unrecorded Login Attempts Vulnerability in SSH Server (sshd2) Denial of Service Vulnerability in counter.exe 2.70 via Malformed HTTP Request Denial of Service Vulnerability in counter.exe 2.70 Root Privilege Escalation Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 Outlook Express POP3 Command Mode Hang Vulnerability AT&T System V Release 4 Login Privilege Escalation Vulnerability IIS GET Denial of Service Vulnerability Local File Overwrite Vulnerability in COPS 1.04 Local Privilege Escalation via Symlink Attack in rex.satan 1.1.1 Arbitrary File Overwrite Vulnerability in Tiger 2.2.3 Local Privilege Escalation Vulnerability in diskalign and diskperf in IRIX 6.4 Patches 2291 and 2848 Root Access Vulnerability in NetWare Client 1.0 on IRIX 6.3 and 6.4 Buffer Overflow Vulnerability in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 Cisco Resource Manager (CRM) 1.0 and 1.1 Local Information Disclosure Vulnerability Denial of Service Vulnerability in Microsoft Exchange Server 5.5 and 5.0 Privilege Escalation Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d Denial of Service Vulnerability in pnserver of RealServer 5.0 and Earlier Buffer Overflow Vulnerability in IMonitor in IMail 5.0: Remote Code Execution and Denial of Service Remote Bypass and Unlogged Activities Vulnerability in Gauntlet 5.0 BSDI Privilege Escalation via Buffer Overflow in Bash's PS1 Environmental Variable Weak XOR Encryption in ARCserve NT Agents Allows Password Sniffing and Decryption Matt Wright FormHandler.cgi Script Directory Traversal Vulnerability Arbitrary File Read Vulnerability in Matt Wright FormHandler.cgi Script Sensitive Form Data Exposure in Microsoft FrontPage Arbitrary Command Execution Vulnerability in guestbook.pl on Apache 1.3.9 and Possibly Other Versions Remote Shutdown Vulnerability in FLEXlm License Manager 6.0d Excel 97 CALL Vulnerability CVE-1999-1395: Insecure Default Configuration Vulnerability Local Privilege Escalation Vulnerability in VMS 4.0 through 5.3 via ANALYZE/PROCESS_DUMP DCL Command Buffer Overflow in Vermillion FTP Daemon VFTPD 1.23: Remote Code Execution and Denial of Service Vulnerability Remote Code Execution Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for SVR4 Systems Buffer Overflow Vulnerability in Tetrix TetriNet Daemon 1.13.16 Unauthenticated Remote Access and Configuration Vulnerability in HP Laserjet Printers with JetDirect Cards Remote Bypass of Print Filters in HP Laserjet Printers with JetDirect Cards Arbitrary Command Execution in CDomain whois_raw.cgi Whois CGI Script Buffer Overflow Vulnerabilities in WindowMaker 0.52 through 0.60.0 Remote Code Execution and Denial of Service Vulnerability in Palm Pilot HotSync Manager 3.0.4 Quake 1 Server UDP Amplification Vulnerability SGI MachineInfo CGI Program Exposes Sensitive System Status Information Denial of Service Vulnerability in Oracle Webserver 2.1 Directory Traversal Vulnerability in iCat Carbo Server 3.0.0 Buffer Overflow in Ping CGI Program in Xylogics Annex Terminal Service: Remote Denial of Service Vulnerability World-writeable permissions on Architext.conf file in Excite for Web Servers (EWS) 1.1 allows unauthorized access to Excite accounts Privilege Escalation via Encrypted Password Replay in Excite for Web Servers (EWS) 1.1 Password Vulnerability in Excite for Web Servers (EWS) 1.1: Weak Encryption Scheme Allows for Password Guessing Unrestricted Brute Force Password Cracking in Webmin Denial of Service Vulnerability in AIX 4.1.5 inetd Bypassing Password Protection in MacOS 9 through Idle Locking Vulnerability Bypassing Password Protection in MacOS 9 via Idle Locking Vulnerability Weak Encryption in WS_FTP Pro 6.0 Initialization Files Allows Password Decryption and Privilege Escalation Privilege Escalation Vulnerability in ptrace in AIX 4.3 Privilege Escalation Vulnerability in rmmount on SunOS 5.7 Arbitrary File Reading Vulnerability in Novell WebServer Examples Toolkit 2's files.pl Script Jana Proxy Web Server 1.40 Directory Traversal Vulnerability Jana Proxy Web Server 1.45 Directory Traversal Vulnerability Insecure Permissions on AEDebug Registry Key Allows Execution of Trojan Horse Debugger SSH Insertion Attack: Exploiting CBC and CFB Modes Vulnerability Remote Privilege Escalation in Novell 5 and Earlier via IPX Packet Spoofing Dotless IP Address Vulnerability in Internet Explorer 4 Privilege Escalation Vulnerability in HP-UX chsh Command Buffer Overflow Vulnerability in chfn Command in HP-UX 9.X through 10.20 Default Configuration of NCSA Telnet Package Enables Unauthorized FTP Access Insecure Permissions and Symlink Attack in UNIX News Readers tin and rtin Insecure Permissions in .tin Directory Allow Password Disclosure Buffer Overflow in Window.External Function in JScript Scripting Engine in Internet Explorer 4.01 SP1 and Earlier MK Overrun security issue Vulnerability: Arbitrary File Modification via Sort's Temporary Files and Symbolic Links Buffer Overflow Vulnerability in KDE Klock Allows Local Privilege Escalation Clipboard Data Leakage Vulnerability in Microsoft NetMeeting 2.1 Remote Session Decryption Vulnerability in BSD Telnet Client with Encryption and Kerberos 4 Authentication Kerberos 4 Remote Information Disclosure Vulnerability Cisco PIX Private Link Vulnerability: Reduced Effective Key Length in DES Encryption Weak Encryption in Kabsoftware Lydia Utility Allows Local Users to Decrypt Passwords and Gain Privileges Symlink Attack Vulnerability in lpr on BSD-based Operating Systems Arbitrary File Read Vulnerability in dxconsole in DEC OSF/1 3.2C and Earlier Weak Encryption in Windows 95 Password List File (PWL) Allows Privilege Escalation Arbitrary File Read Vulnerability in Windows 95 with Remote Administration and File Sharing for NetWare Networks Buffer Overflow Vulnerability in kppp in KDE Allows Local Privilege Escalation KDE kppp Buffer Overflow Vulnerability CVE-1999-1107: Insecure Default Configuration Vulnerability Denial of Service Vulnerability in Sendmail 8.10.0 and Earlier Windows Media Player ActiveX Object File Existence Disclosure Vulnerability Bypassing StackGuard Security Mechanisms via Non-Linear Attack Arbitrary Command Execution Vulnerability in IrfanView32 3.07 and Earlier Eudora Internet Mail Server (EIMS) Buffer Overflow Vulnerability Korn Shell (ksh) SUID_exec Buffer Overflow Vulnerability Korn Shell (ksh) Vulnerability in HP Apollo Domain/OS sr10.2 and sr10.3 beta Privilege Escalation Vulnerability in Indigo Magic System Administration Subsystem of SGI IRIX 6.3 and 6.4 Arbitrary File Read Vulnerability in lquerypv Command Denial of Service Vulnerability in Solaris 2.6 TCP/IP Parameters Modification Insecure Configuration of Anonymous FTP in AIX Allows Remote Command Execution Privilege Escalation via PATH Variable in netprint on SGI IRIX 6.4 and Earlier UUCP Default Configuration Privilege Escalation Vulnerability in AIX Privilege Escalation Vulnerability in SunOS 4.0.3 and Earlier Local Privilege Escalation Vulnerability in Sun Source (sunsrc) Tapes Installation Bypassing Access Restrictions in ColdFusion HTTP Client Application Privilege Escalation and Arbitrary File Modification in Oracle Webserver 2.1 and Earlier Insecure File Permissions in Cisco Resource Manager (CRM) 1.1 and Earlier Windows NT 4.0 Named Pipes Over RPC Denial of Service Vulnerability Arbitrary Command Execution via Automatic .isp File Download in Internet Explorer 3.01 on Windows 95 VLAN Trunking Tag Forging Vulnerability in Cisco Catalyst 2900 Switches Information Disclosure Vulnerability in Netscape Enterprise Server 3.5.1 Buffer Overflow Vulnerability in OSF Distributed Computing Environment (DCE) Security Demon (secd) in IRIX 6.4 and Earlier Denial of Service Vulnerability in Windows NT 4.0 Privilege Escalation Vulnerability in HP-UX X Windows Applications Root Privilege Escalation Vulnerability in Vue 3.0 in HP 9.x Root Privilege Escalation Vulnerability in VUE 3.0 in HP 9.x Data Transfer Compromise Vulnerability in Predictive Messaging Systems Insecure Permissions on /dev/audio Device: Exploiting Microphone Monitoring Vulnerability World-writable Home Directories in SCO UNIX System V/386 Release 3.2 and SCO Products Symlink Attack Vulnerability in HP-UX CUE Allows Arbitrary File Overwrite and Root Privilege Escalation Buffer Overflow in CrackLib 2.5: Local Privilege Escalation via Long GECOS Field Remote Access Vulnerability in Ascom Timeplex Router Allows Unauthorized Activities and Data Leakage Privilege Escalation via LD_* Environmental Variables in SunOS 4.1.2 and Earlier Privilege Escalation Vulnerability in SGI IRIX Runtime Linker Program rld Insecure Permissions in MPower Installation on HP-UX 10.x Allow Local Privilege Escalation Local File Access and Privilege Escalation Vulnerability in GlancePlus for HP-UX 10.20 and Earlier Local File Access and Privilege Escalation Vulnerability in GlancePlus for HP-UX 9.x and Earlier Remote Code Execution Vulnerability in Platinum Policy Compliance Manager (PCM) 7.0 Denial of Service Vulnerability in IIS 4.0 and Earlier FTP Service CSM Proxy 4.1 Buffer Overflow Vulnerability ComOS Routers Vulnerable to TCP Session Spoofing and Hijacking Session Timeout Bypass Vulnerability in Compaq/Microcom 6000 Access Integrator Unlimited Login Attempts Vulnerability in Compaq/Microcom 6000 Access Integrator Arbitrary Command Execution in HAMcards Postcard CGI Script 1.0 Arbitrary Command Execution in LakeWeb Filemail CGI Script Remote Code Execution in LakeWeb Mail List CGI Script Denial of Service Vulnerability in BisonWare FTP Server 4.1 and Earlier Denial of Service Vulnerability in Tcpip.sys Buffer Overflow Vulnerability in Solaris PAM and unix_scheme Modules Local Privilege Escalation in SSH 2.0.11 and Earlier: Unauthorized Remote Forwarding from Privileged Ports Root Privilege Escalation Vulnerability in HP-UX ftpd/kftpd Root Privilege Escalation Vulnerability in HP-UX 10.x and Earlier via Forced Core Dump in PPL Denial of Service Vulnerability in passwd in SCO UNIX 4.0 and Earlier Remote Access Vulnerability in HP Series 800 S/X/V Class Servers via SSP Teststation Denial of Service Vulnerability in Microsoft Outlook Client via X-UIDL Header Manipulation Privilege Escalation and Arbitrary File Read Vulnerability in GNU fingerd 1.37 Local Privilege Escalation in Linux 2.0.37 via Custom Segment Limit Encoding Vulnerability Cross-Site Scripting Vulnerability in Third Voice Web Annotation Utility Enables Data Theft and Fake Web Page Generation Symlink Attack Vulnerability in Internet Security Scanner (ISS) for Linux 5.3 Installation Script Denial of Service Vulnerability in nobo 1.2 via Large UDP Packets Privilege Escalation and Unauthorized Account Modification in IPswitch IMail Privilege Escalation and Unauthorized Account Modification in IPswitch WS_FTP Arbitrary User Modification Vulnerability in Maximizer Enterprise 4 Calendar and Address Book Program World-writable temporary directory vulnerability in Corel Word Perfect 8 for Linux Vulnerability: Password Bypass on Iomega ZIP-100 Drives Unauthenticated Remote Redirection Vulnerability in Cisco Cache Engine Buffer Overflow in cidentd Ident Daemon Allows Local Privilege Escalation Directory Traversal Vulnerability in nph-publish Allows Arbitrary File Overwrite Information Disclosure Vulnerability in Sambar Server 4.1 beta Remote Code Execution Vulnerability in man.sh CGI Script Arbitrary Command Execution in O'Reilly WebSite 1.1e and Website Pro 2.0 Root Privilege Escalation Vulnerability in On-Line Customer Registration Software for IRIX 6.2 through 6.4 Buffer Overflow Vulnerability in Linux Runtime Linkers (ld.so and ld-linux.so) Allows Privilege Escalation Remote Command Execution in SGI IRIX System Manager sysmgr GUI Buffer Overflow in Elm 2.4 and Earlier: Privilege Escalation via Long TERM Environmental Variable Buffer Overflow Vulnerability in SCO mscreen Allows Local Privilege Escalation Local Privilege Escalation in rxvt with PRINT_PIPE Option Privilege Escalation via Symlink Attack in Pine Mail Client World-Readable Log File Vulnerability in MySQL 3.21 Buffer Overflow Vulnerability in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 Remote Code Execution Vulnerability in Admiral Systems EmailClub 1.05 POP3 Server Buffer Overflow Vulnerability in chkey in Solaris 2.5.1 and Earlier Buffer Overflow Vulnerability in Solaris 2.5.1 and Earlier: Local Privilege Escalation via Long Command Line Argument Privilege Escalation Vulnerability in NeXT NeXTstep 2.1 and Earlier Insecure Installation of chroot in Digital Ultrix 4.1 and 4.0 Allows Privilege Escalation Misleading Update Reporting in NAI VirusScan NT 4.0.2 Denial of Service Vulnerability in Hummingbird Exceed X version 5 Privilege Escalation via TIOCCONS Vulnerability in SunOS 4.1.1 Root Privilege Escalation in BuildDisk Program on NeXT Systems Apache WWW Server 1.3.1 and Earlier MIME Header Resource Exhaustion Vulnerability Denial of Service Vulnerability in Vintra SMTP MailServer via Malformed EXPN *@ Command TCP Chorusing: Denial of Service Vulnerability in Windows 95 and Windows 98 Systems Denial of Service Vulnerability in StarTech POP3 Proxy and Telnet Server Denial of Service Vulnerability in Ascend Multilink PPP for ISDN Dialup Users Improper Handling of Restricted Keywords in Check Point Firewall-1 User-Defined Objects Privilege Escalation Vulnerability in HP-UX 10.01 and 10.00 Arbitrary Command Execution via SystemSoft SystemWizard ActiveX Controls Buffer Overflow Vulnerability in NetXRay 2.6 Web-Admin Tool Allows Remote Code Execution Buffer Overflow Vulnerability in Ping Allows Local Privilege Escalation in AIX 4.2 and Earlier Root Privilege Escalation Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 Symlink Attack Vulnerability in xterm on Digital UNIX 4.0B with Patch Kit 5 Root Privilege Escalation Vulnerability in in.telnetd on SunOS 4.1.1 and Earlier Root Privilege Escalation Vulnerability in in.rlogind on SunOS 4.0.3 and 4.0.3c Denial of Service Vulnerability in HP-UX 10.30 Telnet Service Unauthenticated Local Denial of Service in 4.4 BSD Kernel's Asynchronous I/O Facility Temporary Storage of User Credentials in LOGIN.EXE in Novell Netware 4.0 and 4.01 Bypassing Security Restrictions in Cisco Routers 9.17 and Earlier via IP Source Routed Packets Privilege Escalation via PATH Manipulation in Windows NT Local File Disclosure Vulnerability in Finger on Commodore Amiga UNIX 2.1p2a and Earlier Root Privilege Escalation Vulnerability in SGI Help System and Print Manager in IRIX 5.2 and Earlier Arbitrary Command Execution via Reply-To Header in Majordomo 1.94.3 and Earlier Symlink Attack Vulnerability in dxchpwd.log File in Digital Unix (OSF/1) 3.x Denial of Service Vulnerability in Netbt.sys on Windows NT 4.0 Denial of Service Vulnerability in IIS 3.0 via Large Number of Forward Slash Characters in ASP Page URL IMAP 4.1 BETA Vulnerability: Local User Crash and Password Exposure File Existence Disclosure Vulnerability in rpc.mountd Denial of Service and Arbitrary Command Execution Vulnerability in Netscape Communicator 4.7 and Earlier Local Privilege Escalation Vulnerability in Ethereal Remote Command Execution via Modem Guard Time Vulnerability File Permission Vulnerability in Quake 2 Server 3.13 on Linux Quake 2 Server Denial of Service Vulnerability User Account Enumeration in SSH 2.0.12 and Other Versions Untrusted Search Path Vulnerability in day5datacopier in SGI IRIX 6.2 Domain Resolution Vulnerability in IIS 4.0 Denial of Service Vulnerability in LSA (LSASS.EXE) in Windows NT 4.0 FTP Password Exposure in Internet Explorer 5.0 Plaintext Password Storage Vulnerability in Internet Anywhere Mail Server 2.3.1 Buffer Overflow Vulnerabilities in smbvalid/smbval SMB Authentication Library Privilege Escalation Vulnerability in HP-UX CORE-DIAG Fileset Xauthority Bypass Vulnerability in HP-UX 9.x Remote Code Execution Vulnerability in cddbd CD Database Server Arbitrary Command Execution Vulnerability in Internet Explorer's FileSystemObject ActiveX Object Privilege Escalation Vulnerability in HP-UX Subnetconfig Privilege Escalation via SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier Local Privilege Escalation via Symlink Attack in IPFilter 3.2.3 through 3.2.10 Insecure Access Control in vacm ucd-snmp SNMP Server Version 3.52 Insecure Default Permissions in Microsoft Site Server 3.0 Direct Mailer Feature Root Privilege Escalation Vulnerability in HP Camera Component of HP DCE/9000 in HP-UX 9.x Privilege Escalation Vulnerability in Support Watch (SupportWatch) in HP-UX 8.0 through 9.0 Insecure Permissions in HP-UX 10.20's Movemail Vulnerability Arbitrary File Reading Vulnerability in Lasso CGI Program Local Denial of Service Vulnerability in HP-UX Direct Audio User Space Code Local Privilege Escalation Vulnerability in SCO UnixWare 2.0.x and 2.1.0 Kernel Privilege Escalation Vulnerability in SCO OpenServer 5.0.2 and Earlier ICMP Redirect Spoofing Vulnerability in Windows 95, 98, and NT 4.0 Remote Code Execution in Hyperseek via admin.cgi edit_file Action Parameter Plaintext Storage of Database Master Password in Oracle Database Assistant 1.0 Bypassing Password Prompt in Xyplex Terminal Server 6.0.1S1 and Other Versions Remote Access Vulnerability in rpc.pwdauthd in SunOS 4.1.1 and Earlier Data Leakage Vulnerability in Microsoft Office 98, Macintosh Edition Information Disclosure in mSQL (Mini SQL) 2.0.6 via ServerStats Query Buffer Overflow Vulnerability in Rainbow Six Multiplayer: Remote DoS and Command Execution via Long Nickname Command Java Applet Host Connection Restriction Bypass in Netscape 4.5 Arbitrary File Overwrite Vulnerability in Metamail before 2.7-7.2 WebRamp M3 Router: Persistent Remote Telnet and HTTP Access Vulnerability Denial of Service Vulnerability in SLmail 3.1 and Earlier SMTP Server User Enumeration Vulnerability in rshd Remote Code Execution Vulnerability in KDE File Manager (kfm) Allows Arbitrary File Modification Session Hijacking Vulnerability in KDE Konsole Allows Unauthorized Access to User Sessions Arbitrary File Overwrite Vulnerability in KDE Beta 3 Screen Savers KMail in KDE 1.0 PGP Passphrase Exposure Vulnerability Weak Encryption in Macromedia Dreamweaver Exposes FTP Passwords to Local Users Buffer Overflow Vulnerability in CDROM Confidence Test Program Allows Local Privilege Escalation Bypassing Access Control Lists (ACLs) in Squid Internet Object Cache 1.1.20 through Hexadecimal URL Encoding World-Writable Temporary Files Vulnerability in iPass RoamServer 3.1 Insecure Storage of Passwords in Lotus cc:Mail Release 8 Root Privilege Escalation via fte-console in fte package Clear-text Storage of Proxy Authentication Credentials in BackWeb Client Remote Code Execution in nlog CGI Scripts Shared Folder Vulnerability in AS/400 and Microsoft SNA Server 3.0 and Earlier Insecure Logging of User Credentials in Hummingbird Exceed 6.0.1.0 Remote Code Execution Vulnerability in Development Version of Breeze Network Server Cleartext Storage of Administrator Password in RealSystem G2 Server Configuration File Denial of Service Vulnerability in Opera 3.2.1 via Extra Slash in URL NukeNabber Denial of Service Vulnerability Denial of Service Vulnerability in Linux 2.1.132 and Earlier Symlink Attack Vulnerability in addnetpr on SGI IRIX 6.2 and Earlier Arbitrary File Read Vulnerability in Analog 3.0 and Earlier Insecure Permissions in Samba 1.9.18's wsmbconf Application ICQ 98 Beta on Windows NT: Remote Attackers Can Obtain Internal IP Address Buffer Overflow Vulnerability in nftp FTP Client Version 1.40 TCP/IP Connection Reset Vulnerability in Microsoft Windows 95 and Windows NT 4.0 Remote Code Execution via Buffer Overflow in Kolban Webcam32 Web Administration Denial of Service Vulnerability in Apache mod_proxy (CVE-2000-0282) Insecure Permissions in Office Shortcut Bar (OSB) Enable Unauthorized Folder Access Improper Initialization of Grouplist in Transarc DCE DFS 1.1 for Solaris 2.4 and 2.5 Buffer Overflow in Kerberos IV Compatibility Libraries: Local Privilege Escalation via Long Line in Configuration File Physical Access Vulnerability: Unechoed Character Display via L2/AGAIN Key Vulnerability: Insecure Configuration of Anonymous FTP in FreeBSD 2.2.1 and Earlier Privilege Escalation via RCP Vulnerability Local File Read and System Accounting Configuration Modification Vulnerability in Accton on Cray UNICOS 6.1 and 6.0 Remote Code Execution Vulnerability in Z-Modem Protocol Implementation Root Access Vulnerability in pt_chmod in SCO UNIX 4.2 and Earlier Root Access Vulnerability in prwarn in SCO UNIX 4.2 and Earlier Root Access Vulnerability in SCO UNIX 4.2 and Earlier Login System Root Access Vulnerability in SCO UNIX at Program Bypassing Filters in Cisco IOS 9.1 and Earlier with Extended IP Access Lists Root Privilege Escalation Vulnerability in Novell UnixWare 1.1's urestore Privilege Escalation Vulnerability in HP-UX 10.20 Programs Local Privilege Escalation Vulnerability in Sendmail 8.6.7 CVE-1999-1022: Insecure Default Configuration Vulnerability Authentication Bypass Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 Privilege Escalation Vulnerability in DEC OpenVMS VAX and OpenVMS AXP Privilege Escalation via Command Sequence in FreeBSD's Manual Page Reader (man) Denial of Service Vulnerability in Union File System in FreeBSD 2.2 and Earlier Privilege Escalation and Denial of Service Vulnerabilities in DECnet/OSI for OpenVMS Passfilt.dll vulnerability: Passwords containing user's name in Windows NT SP2 Symbolic Link Table Manipulation Vulnerability in Windows NT 4.0 SP4 and Earlier Privilege Escalation via Trojan Horse Programs in SunOS 4.1.3 and Earlier Root Privilege Escalation Vulnerability in SGI IRIX Object Server Program Privilege Escalation Vulnerability in Novell NetWare 3.x and Earlier via Packet Spoofing Buffer Overflow in SSH 1.2.26 Client with Kerberos V Enabled: Remote Code Execution and Denial of Service Vulnerability Plaintext Username and Password Exposure in 1ArcServe Backup and Inoculan AV Client Modules for Exchange Clear-text Storage of Administrator Password in Norton AntiVirus for Internet Email Gateways and Norton AntiVirus for MS Exchange Brute Force Password Guessing Vulnerability in VAXstations Running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF Insecure Permissions in SAS System 5.18 on VAX/VMS Privilege Escalation Vulnerability in wu-ftpd 2.4 FTP Server Buffer Overflow Vulnerability in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 Symlink Attack Vulnerability in Linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 Local Privilege Escalation via Buffer Overflow in SysVInit in Red Hat Linux 5.1 and Earlier Buffer Overflow Vulnerability in db library 1.85.4's Ignored snprintf Size Parameter Denial of Service Vulnerability in netcfg 2.16-1 in Red Hat Linux 4.2 Symlink Attack Vulnerability in gzexe on Red Hat Linux 5.0 and Earlier Arbitrary Command Execution via Shell Metacharacters in ncftp 2.4.2 FTP Client Buffer Overflow Vulnerabilities in Elm 2.4 Filter Command Remote Code Execution Vulnerability in cmu-snmp SNMP Package Denial of Service Vulnerability in 3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29 FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords in plaintext in world-readable history file, leading to privilege escalation. World-Writable Permissions Vulnerability in Delegate Proxy 5.9.3 and Earlier Denial of Service Vulnerability in Linux and FreeBSD with NAT and ipchains/ipfw Buffer Overflow Vulnerability in Hylafax 4.0.2's Faxalter Allows Privilege Escalation Local Privilege Escalation via TIOCSETD Option on Linux Kernel ICQ ActiveList Server Denial of Service Vulnerability Denial of Service Vulnerability in Xerox DocuColor 4 LP HTTP Server Plaintext Storage of Credentials in Auto_FTP 0.2 Configuration File Insecure Permissions in Auto_FTP 0.2 Allows Unauthorized File Transfer and Viewing Insecure PAM Configuration Allows Unauthorized rlogin Access Local Privilege Escalation Vulnerability in Xsession Improper PAM-based Access Control in Linuxconf on Red Hat Linux 6.0 and Earlier Denial of Service Vulnerability in Omni-NFS/X 6.1 NFS Daemon World-writeable permissions in ARCAD Systemhaus 0.078-5 allow local privilege escalation through program replacement vulnerability Directory Traversal Vulnerability in KVIrc IRC Client 0.9.0 with Listen to !nick <soundname> requests Option Symbolic Link Following Vulnerability in Linux 2.2 Cleartext Password Storage in Nosque MsgCore 2.14 Cleartext Storage of Usernames and Passwords in Softarc FirstClass Internet Server Default Password Vulnerability in BMC Patrol Component Compaq Integration Maintenance Utility: Security Policy Violation through Legal Notice Modification Cross-Site Scripting (CSS) Vulnerability in Netscape Communicator 4.04 through 4.7 Inadequate User Policy Update Vulnerability in Windows NT and Windows 2000 Server Name Length Vulnerability Denial of Service Vulnerability in Windows NT 4.0 Denial of Service Vulnerability in Windows NT 3.51 and 4.0 WINS Server Denial of Service Vulnerability in Win32k.sys on Windows NT 4.0 before SP2 Denial of Service Vulnerability in Windows NT 3.51 and 4.0 Denial of Service Vulnerability in Windows NT 4.0 via Illegal Kernel Mode Address in GetThreadContext and SetThreadContext Functions Privilege Escalation Vulnerability in Windows NT Home Directory Search Weak Encryption of POP3 Passwords in Pegasus E-mail Client 3.0 and Earlier Username/Password Cache Leakage Vulnerability in Internet Explorer 5.0 Limited Scanning of MS Exchange Server Inbox Folder Tree Vulnerability Plaintext Password Storage in Real Media RealServer (rmserver) 6.0.3.353 Vulnerability: Disabling Screen Saver and Task Scheduler Service during Internet Explorer 5.0 Setup Wizard Buffer Overflow Vulnerability in Solaris 2.6 and 7 /usr/bin/write Cleartext Storage of Credentials in Triactive Remote Manager with Basic Authentication Denial of Service Vulnerability in FORE PowerHub before 5.0.1 Sensitive Customer Information Exposed in Perlshop.cgi Shopping Cart Program Arbitrary File Read Vulnerability in FileSystemObject (FSO) in showfile.asp ASP Page Arbitrary Command Execution via Buffer Overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions Arbitrary File Read Vulnerability in Matt Wright's download.cgi 1.0 Improper Chroot Operation in dbmlparser.exe CGI Guestbook Program Allows Remote File Read DNS Amplification Attack: Exploiting Name Servers for Traffic Amplification Arbitrary Command Execution Vulnerability in Symantec Norton Utilities 2.0 for Windows 95 Remote Code Execution Vulnerability in dbadmin CGI Program 1.0.1 on Linux Privilege Escalation via NetWare NFS Read Only Flag Shell Metacharacter Vulnerability in bash and tcsh Local Privilege Escalation Vulnerability in Indigo Magic System Tour Package Buffer Overflow in ppp Program in FreeBSD 2.1 and Earlier: Privilege Escalation via Long HOME Environment Variable Symbolic Link Vulnerability in Perl 5.004_04 and Earlier Denial of Service Vulnerability in Windows NT 4.0 SP2 Local Privilege Escalation via Symlink Attack in passwd Command on SunOS 4.1.x Bypassing Access Filters in US Robotics/3Com Total Control Chassis Privilege Escalation via SUIDEXEC in SUIDMANAGER 0.18 on Debian 2.0 Privilege Escalation Vulnerability in NeXT 1.0a and 1.0 with Publicly Accessible Printers Root Privilege Escalation Vulnerability in NeXT 1.0a and 1.0's restore0.9 Installation Script Physical Access Vulnerability: Bypassing Password Security on Apple Powerbooks Vulnerability: Root User Bypasses Immutable and Append-Only Flags in BSD 4.4-based Operating Systems Privilege Escalation Vulnerability in VMS Monitor Utility (SYS$SHARE:SPISHR.EXE) Root Access and Denial of Service Vulnerability in SPARC Integer Multiplication Emulation Code on SunOS 4.1 through 4.1.2 Information Disclosure Vulnerability in Index Server 2.0 on IIS 4.0 Root Privilege Escalation Vulnerability in xfsdump in SGI IRIX via bck.log Log File Symlink Attack Local Privilege Escalation in SpaceWare 7.3 v1.0 for IRIX 6.2 via HOSTNAME Environmental Variable The Economist Screen Saver 1999: Password Protection Bypass Vulnerability Insecure Permissions Vulnerability in Desktop Searchbook Program UNIX Domain Socket Access Permissions Vulnerability Insecure Permissions in IBM/Tivoli OPC Tracker Agent v2.1 Denial of Service Vulnerability in IBM/Tivoli OPC Tracker Agent Version 2 Release 1 Insecure Permissions and Shadowed Password File Exposure in AIX's snap Command Denial of Service Vulnerability in dumpreg in Red Hat Linux 5.1 Local Privilege Escalation via Symlink Attack in Red Hat Linux 5 DHCP Configuration Script Local Denial of Service Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 Information Disclosure Vulnerability in at Program Symlink Attack Vulnerability in addnetpr on IRIX 5.3 and 6.2 Unnotified Addition of Anonymous FTP User in Debian GNU/Linux 2.0 Denial of Service Vulnerability in Apple MacOS X and Apache HTTP Server Privilege Escalation via Core Dump in Solaris 2.4 Privilege Escalation via IBM Netfinity Remote Control Process Manager Privilege Escalation Vulnerability in DEC ULTRIX /usr/bin/mail Denial of Service Vulnerability in AnswerBook2 (AB2) Web Server Format String Vulnerability in AnswerBook2 (AB2) Web Server Dwhttpd 3.1a4 ICQ99 Web Server Build 1701 File Existence Disclosure Vulnerability Buffer Overflow Vulnerability in nss_nisplus.so.1 Library in Solaris NIS+ Backdoor Password Vulnerability in NBase Switches Remote Code Execution and Denial of Service Vulnerability in NBase Switches NH208 and NH215 Insecure Default Configuration of Slackware 3.4 Allows Execution of Trojan Horse Programs Denial of Service Vulnerability in Solaris 2.3 through 2.6 via Ping Request to Multicast Address Unsafe Permissions in Solaris Solstice AdminSuite 2.1 Allow Local Users to Gain Root Access Privilege Escalation Vulnerability in Solaris Solstice AdminSuite 2.1 Local Privilege Escalation: Solaris Solstice AdminSuite 2.1 Symbolic Link Vulnerability Insecure Lock File Creation Vulnerability in Solaris Solstice AdminSuite Privilege Escalation via Solaris Solstice AdminSuite Database Manager World-Readable and World-Writable Permissions in DIT TransferPro Devices: Local Users' Disk Damage Vulnerability Insecure Password Protection in Royal daVinci PIM Software Vulnerability: Bypassing Run only allowed apps Policy in ZAK Appstation Mode Delayed xlock process execution during power management on Solaris 2.4-2.6 allows keyboard input manipulation after system restore Arbitrary File Permission Change Vulnerability in HP JetAdmin D.01.09 on Solaris Privilege Escalation Vulnerability in Slackware Linux 3.2-3.5 Privilege Escalation via Buffer Overflow in libsocks5 Library Remote Code Execution in Ray Chan WWW Authorization Gateway 0.1 CGI Program Arbitrary File Read and Possible Command Execution in ePerl 2.2.12 Privilege Escalation Vulnerability in SunOS 4.1.1 and Earlier Symlink Attack Vulnerability in gcc 2.7.2 ICQ 98a 1.30 Long Filename Truncation Vulnerability Denial of Service Vulnerability in Linux 2.0.34 AMD K6 Processor Denial of Service Vulnerability Local Privilege Escalation Vulnerability in Micah Software Full Armor Network Configurator and Zero Administration RSA Key Generation Vulnerability in Alibaba 2.0: Cleartext Transactions due to Exponent of 1 Remote Core Dump Vulnerability in imapd and ipop3d Persistent URL History Vulnerability in Internet Explorer 3 Denial of Service Vulnerability in Internet Explorer 4.0 via Long CLASSID Parameter in OBJECT Tag Eudora and Eudora Light Remote Crash and Mailbox Corruption Vulnerability Denial of Service Vulnerability in SunOS 4.1.4 on Sparc 20 Machine Privilege Escalation Vulnerability in rlogin daemon rshd and scheme on SCO UNIX OpenServer and UnixWare Arbitrary File Read Vulnerability in Winmsdp.exe in IIS 4.0 and Site Server 3.0 Clipboard Data Leakage Vulnerability in Windows NT 4.0 GINA Clipboard Data Leakage Vulnerability in Internet Explorer 4 The Matrix Screen Saver Password Bypass Vulnerability Improper Access Restriction in RSHSVC Allows Unauthorized Access Arbitrary File Read Vulnerability in thttpd HTTP Server 2.03 and Earlier Buffer Overflow in thttpd HTTP Server Allows Remote Code Execution via Long Date String Buffer Overflow Vulnerability in Digital UNIX 4.0's 'at' Program Allows Local Privilege Escalation Local Privilege Escalation Vulnerability in BMC PATROL Agent Arbitrary File Creation Vulnerability in BMC PATROL SNMP Agent Insecure PATH Handling in InPerson on IRIX 5.3 through IRIX 6.5.10 Remote File Disclosure Vulnerability in bb-hist.sh CGI History Module in Big Brother 1.09b and 1.09c Improper Fragmentation in Windows NT 4.0 TCP/IP Stack Bypassing Access Control Lists in Cisco IOS 11.1CC and 11.1CT with DFS Enabled Bypassing Access Control Lists in Cisco IOS 11.1-11.3 with DFS Enabled Bypassing Access Control Lists in Cisco Routers with Extended IP Access Lists and Established Keyword Remote Code Execution Vulnerability in rcp on SunOS 4.0.x Local Privilege Escalation via rdist and sendmail in UNIX Systems Buffer Overflow in w3-auth CGI Program in miniSQL Package Allows Remote Command Execution Cleartext Password Storage Vulnerability in Eastman Work Management 3.21 Buffer Overflow Vulnerability in passwd Allows Local Privilege Escalation Freiburg Text-Viewing Vulnerability in Internet Explorer 4.0 The Page Redirect Issue Vulnerability Automatic Execution of PowerPoint in Browsers: Remote Code Execution Vulnerability ProFTPd 1.2 mod_sqlpw Vulnerability: Passwords Recorded in wtmp Log Denial of Service Vulnerability in Intel Pentium Processor: Invalid Operand with Locked CMPXCHG8B Instruction Buffer Overflow Vulnerability in GNOME Libraries 1.0.8: Local Privilege Escalation via Long --espeaker Argument Denial of Service Vulnerability in Sun HotSpot Performance Engine VM Remote Code Execution Vulnerability in textcounter.pl Symlink Attack Vulnerability in acledit and aclput in AIX 4.3 Newline Bypass Vulnerability in Squid 2.2.STABLE5 and Below Privilege Leak in SVGAlib zgv 3.0-7 and Earlier: Local Root Access Vulnerability Buffer Overflow in zgv in svgalib 1.2.10 and Earlier: Arbitrary Code Execution via Long HOME Environment Variable Remote Code Execution Vulnerability in MSN Setup BBS 4.71.0.10 ActiveX Control Vulnerability: Remote File Viewing and Denial of Service in nsd Virtual File System Arbitrary File Overwrite Vulnerability in IBM AIX 4.1 through 4.3 Root Privilege Escalation Vulnerability in AIX 4.3 Digest Unauthenticated File Reading Vulnerability in IBM SP2 System Data Repository (SDR) Buffer Overflow in XFree86 SuperProbe in Slackware Linux 3.1: Local Privilege Escalation via Long -nopr Argument Root Access Vulnerability in xosview 1.5.1 via Long HOME Environmental Variable Relative Pathname Vulnerability in Red Hat 2.1 Abuse.Console Privilege Escalation Vulnerability in diskperf and diskalign in IRIX 6.4 Remote Code Execution Vulnerability in Hewlett Packard Apollo Domain OS SR10 through SR10.3 Arbitrary File Read Vulnerability in Colorview on Silicon Graphics IRIX 5.1, 5.2, and 6.0 Local File Overwrite Vulnerability in xtvscreen in SuSE Linux 6.0 File Existence Disclosure Vulnerability in Sudo 1.5 Weak Encryption of Passwords in Ipswitch IMail 5.0 and 6.0 Registry Keys Symlink Attack Vulnerability in Slackware Linux 3.4 pkgtool Symlink Attack Vulnerability in ISC BIND 4.9 and 8.1 Denial of Service Vulnerability in Internet Anywhere POP3 Mail Server 2.3.1 Local Privilege Escalation in SGI OS2 IRIX 6.3 via ipxchk and ipxlink Quake 1.9 Client Buffer Overflow Vulnerability Denial of Service Vulnerability in Network Flight Recorder (NFR) 1.5 and 1.6 Denial of Service Vulnerability in Stalker Internet Mail Server 1.6 via Long HELO Command QuakeWorld 2.10 Buffer Overflow Vulnerability Remote Code Execution Vulnerability in SMI Sendmail 4.0 and earlier on SunOS up to 4.0.3 Insecure Permissions Vulnerability in SunOS 4.1 through 4.1.3 Undocumented URLs in Tektronix PhaserLink Printer 840.0 and earlier allow remote administrator access Etype Eserv 2.50 Web Server Directory Traversal Vulnerability Buffer Overflow Vulnerability in Bisonware FTP Server Buffer Overflow Vulnerabilities in Xtramail 1.11: Denial of Service and Command Execution Arbitrary Command Execution Vulnerability in AMaViS Virus Scanner 0.2.0-pre4 and Earlier 3Com SuperStack II Hub Software Version 2.10 MIB Vulnerability: Unauthorized Access to Community Strings Buffer Overflow in Celtech ExpressFS FTP Server 2.x: Remote Code Execution and Denial of Service Vulnerability Denial of Service Vulnerability in TenFour TFS Gateway 4.0 Buffer Overflow Vulnerability in TenFour TFS Gateway SMTP Mail Server 3.2 Privilege Escalation Vulnerability in runtar of Amanda Backup System Shared Memory Denial of Service and Memory Limit Bypass Vulnerability Denial of Service Vulnerability in Gene6 G6 FTP Server 2.0 Ad Server Sample Directory Configuration Vulnerability Buffer Overflow Vulnerability in Computalynx CMail SMTP Servers Recursive Parsing Vulnerability in Roxen Web Server 1.3.11 and Earlier Buffer Overflow Vulnerability in Sambar Web Server 4.2.1 Allows Remote Code Execution and Denial of Service Remote Password Recovery Exploit in FlowPoint DSL Router Firmware Versions Prior to 3.0.8 Vulnerability: Unauthorized Access to User's Mailbox and Internal Web Servers via Shockwave's GetNextText Command Privacy Breach: Macromedia Shockwave 7 Auto-Update Exposes User Passwords and Hard Disk Information Improper IP Address Restriction in Sun Netbeans Java IDE Allows Remote Server Access ProSoft Netware Client 5.12 on Macintosh MacOS 9 NDS Session Persistence Vulnerability Buffer Overflow Vulnerability in Trend Micro Interscan VirusWall SMTP Gateway 3.23/3.3 for NT User Data Leakage Vulnerability in Cobalt RaQ 2.0 and RaQ 3i Buffer Overflow Vulnerability in IBM HomePagePrint 1.0.7 for Windows98J via Long IMG_SRC HTML Tag Denial of Service Vulnerability in Netscape Messaging Server 3.54, 3.55, and 3.6 Denial of Service Vulnerability in Eicon Technology Diva LAN ISDN Modem Arkeia Backup Product Local Privilege Escalation via Buffer Overflow Buffer Overflow Vulnerability in AspUpload.dll Allows Remote Code Execution World-Writable .sbstart Startup Script Vulnerability in AcuShop Salesbuilder Denial of Service Vulnerability in IIS 3.x and 4.x via SSL Requests Inadvertent Exposure of Sensitive Server Information in IIS 4 Upgrade Buffer Overflow Vulnerability in QPC Software's QVT/Term Plus and QVT/Net FTP Server Weak Encryption Vulnerability in Cactus Software Shell Lock Symlink Attack Vulnerability in Cactus Software Shell Lock Command Execution Vulnerability in RPMMail before 1.4 Weak Encryption of Passwords in MacOS Users & Groups Data File Buffer Overflow Vulnerability in Microsoft IIS FTP Server Allows Denial of Service World-readable permission on crash-save file in Joe's Own Editor (joe) 2.8 allows unauthorized file access Insecure NFS Configuration in netstation.navio-com.rte 1.1.0.1 on IBM AIX Bypassing Access Restrictions in Oracle Web Listener 2.1 via HTTP-encoded URL Character Replacement Denial of Service Vulnerability in Cabletron SmartSwitch Router (SSR) 8000 Firmware 2.x Lynx 2.x Insecure HTML Handling and Configuration File Modification Vulnerability Arbitrary File Read Vulnerability in F5 BIG/ip 2.1.2 and Earlier Buffer Overflow Vulnerability in Ipswitch IMail Service 5.0 Privilege Escalation and Arbitrary File Overwrite Vulnerability in dpsexec (DPS Server) on IBM AIX XCmail 0.99.6 Autoquote Buffer Overflow Vulnerability Improper Group ID Setting in SGI IRIX Mail Allows Unauthorized Mail Access Insecure Permissions in Cheyenne InocuLAN Anti-Virus Server Allows Trojan Installation Weak Encryption and Storing of SQLExecutiveCmdExec Password in Accessible Registry: Privilege Escalation Vulnerability in Microsoft SQL Server 6.5 Buffer Overflow Vulnerability in IMAP Server Login Functions in Ipswitch IMail 5.0 and Earlier Unauthorized Access Vulnerability in Digital OpenVMS 7.1 and Earlier with External Authentication Authentication Bypass Vulnerability in Xylan OmniSwitch before 3.2.6 Local Privilege Escalation Vulnerability in TAMU Tiger Script Plaintext Storage of Administrative Password in Nullsoft SHOUTcast Server Configuration File gFTP FTP Client 1.13 and Earlier Versions Vulnerability: Plaintext Password Logging Remote Denial of Service Vulnerability in Nachuatec D435 and D445 Printer Denial of Service Vulnerability in FreeBSD 3.2 and Other Versions via NFS v3 Mounted Directory Access Local Privilege Escalation via Symlink Attack in Man2html 2.1 and Earlier Buffer Overflow Vulnerability in iParty Server 1.2 and Earlier: Remote Denial of Service (DoS) via Extended Characters Denial of Service Vulnerability in Seapine Software TestTrack Server Off-by-one Error in NcFTPd FTP Server Allows Remote Denial of Service Denial of Service Vulnerability in Quake 1 and NetQuake Servers Buffer Overflow Vulnerability in sar for OpenServer 5.0.5 Buffer Overflow Vulnerability in sar for SCO OpenServer 5.0.0 through 5.0.5 Insecure File Permissions in cpio on FreeBSD and Debian GNU/Linux HP-UX Multiple Unknown Privilege Escalation and File Access Vulnerabilities in r-cmnds Buffer Overflow Vulnerability in nslookup for AIX 4.3 Remote Code Execution via Kodak/Wang ActiveX Controls Buffer Overflow in Adobe Acrobat ActiveX Control Allows Remote Code Execution Buffer Overflow in HHOpen ActiveX Control Allows Remote Code Execution Remote Code Execution Vulnerability in Registration Wizard ActiveX Control Denial of Service Vulnerability in Cenroll ActiveX Control Privilege Escalation in SunOS Sendmail 5.59-5.65 via Crafted Forwarding Host Argument Memory Leak Vulnerability in SNMP Agent (snmp.exe) for Windows NT 4.0 Cisco PIX Firewall Established Command Vulnerability Buffer Overflow Vulnerability in nslookup for AIX 4.3 Privilege Escalation Vulnerability in SunOS 4.1.1 through 4.1.3c and Open Windows 3.0 Privilege Escalation via fsck Failure in Sun Solaris 2.x Privilege Escalation Vulnerability in SunOS 4.1.x LoadModule Information Disclosure Vulnerability in /usr/ucb/ps Command Buffer Overflow Vulnerability in Sun Solaris x86 NLPS Server Unspecified Local Privilege Escalation Vulnerability in IBM AIX 3.2 Crontab Directory Traversal Vulnerability in wwwcount (Count.cgi) 2.3 Allows Remote File Read Bypassing Authentication Requirements in Microsoft IIS Server 4.0 SP4 Unspecified Vulnerabilities in Sendmail 5 on Sun SunOS 4.1.3_U1 and 4.1.4 WINS Vulnerability: Denial of Service and Credential Theft via 1Ch Registration