[CLOSE] OSVDB ID : 830 - Disclosed: 1997-06-30

Description:

(Description Provided by CVE) : Buffer overflow in ircd allows arbitrary command execution.

[CLOSE] OSVDB ID : 59264 - Disclosed: 1997-06-29

Description:

(Description Provided by CVE) : Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.

[CLOSE] OSVDB ID : 11477 - Disclosed: 1997-06-28

Description:

Microsoft Windows NT 4.0 contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker causes an access violation within LSASS.exe causing the process to stop running, and will result in loss of availability for the operating system.

[CLOSE] OSVDB ID : 83446 - Disclosed: 1997-06-27

Description:

Samba is prone to an overflow condition. This issue is triggered when smbmount fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted multiple variable username, a local attacker can potentially execute arbitrary code.

[CLOSE] OSVDB ID : 11225 - Disclosed: 1997-06-27

Description:

A local overflow exists in SVGAlib/zgv. The product fails to verify the length of the HOME environment variable, resulting in a buffer overflow. By setting this variable to an overly long value, arbitrary code can be executed as root, resulting in a loss of availability.

[CLOSE] OSVDB ID : 935 - Disclosed: 1997-06-26

Description:

(Description Provided by CVE) : ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.

[CLOSE] OSVDB ID : 84074 - Disclosed: 1997-06-26

Description:

Ultrix contains a flaw that is triggered by dxterm being given setuid privileges. This may allow a remote attacker to log output data to arbitrary files, which will overwrite pre-existing data on that file.

[CLOSE] OSVDB ID : 7420 - Disclosed: 1997-06-25

Description:

(Description Provided by CVE) : Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location.

[CLOSE] OSVDB ID : 8674 - Disclosed: 1997-06-25

Description:

(Description Provided by CVE) : Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries.

[CLOSE] OSVDB ID : 8675 - Disclosed: 1997-06-25

Description:

(Description Provided by CVE) : Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which could allow local users to gain privileges by modifying /etc/passwd.

[CLOSE] OSVDB ID : 8676 - Disclosed: 1997-06-25

Description:

(Description Provided by CVE) : Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links when updating an NIS database, which allows local users to overwrite arbitrary files.

[CLOSE] OSVDB ID : 8677 - Disclosed: 1997-06-25

Description:

(Description Provided by CVE) : Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 create lock files insecurely, which allows local users to gain root privileges.

[CLOSE] OSVDB ID : 8678 - Disclosed: 1997-06-25

Description:

(Description Provided by CVE) : Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local users to gain privileges via the save option in the Database Manager, which is running with setgid bin privileges.

[CLOSE] OSVDB ID : 934 - Disclosed: 1997-06-24

Description:

(Description Provided by CVE) : Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.

[CLOSE] OSVDB ID : 933 - Disclosed: 1997-06-24

Description:

(Description Provided by CVE) : Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.

[CLOSE] OSVDB ID : 1804 - Disclosed: 1997-06-21

Description:

(Description Provided by CVE) : Denial of service in IIS using long URLs.

[CLOSE] OSVDB ID : 45109 - Disclosed: 1997-06-19

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 83481 - Disclosed: 1997-06-19

Description:

Solaris contains a flaw that may allow a local denial of service. The issue is triggered by an error in rsh that allows an attacker to manipulate a root-owned socket, which will result in loss of availability for the program / service.

[CLOSE] OSVDB ID : 301 - Disclosed: 1997-06-19

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 11267 - Disclosed: 1997-06-18

Description:

(Description Provided by CVE) : MajorCool mj_key_cache program allows local users to modify files via a symlink attack.

[CLOSE] OSVDB ID : 85 - Disclosed: 1997-06-15

Description:

(Description Provided by CVE) : The handler CGI program in IRIX allows arbitrary command execution.

[CLOSE] OSVDB ID : 17004 - Disclosed: 1997-06-14

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 17005 - Disclosed: 1997-06-14

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 17003 - Disclosed: 1997-06-14

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 17002 - Disclosed: 1997-06-14

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 12978 - Disclosed: 1997-06-13

Description:

(Description Provided by CVE) : rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system.

[CLOSE] OSVDB ID : 83850 - Disclosed: 1997-06-12

Description:

NetKit (netkit-tftp) contains a flaw that allows an attacker to traverse outside of a restricted path. The issue is due to tftpd not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../). This directory traversal attack would allow the attacker to gain access to arbitrary files.

[CLOSE] OSVDB ID : 5738 - Disclosed: 1997-06-12

Description:

A local overflow exists in some versions of the at(1) program. The program fails to validate input properly resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code as root resulting in a loss of integrity and confidentiality.

[CLOSE] OSVDB ID : 5850 - Disclosed: 1997-06-12

Description:

qmail-smtpd contains a flaw that may allow a remote denial of service. The issue is triggered by sending an email with a large number of recipient addresses. Qmail will attempt to process such message, which will consume all memory on the server host, and will result in loss of availability for this computer.

[CLOSE] OSVDB ID : 56527 - Disclosed: 1997-06-11

Description:

(Description Provided by CVE) : Denial of service in Qmail through long SMTP commands.

[CLOSE] OSVDB ID : 5826 - Disclosed: 1997-06-10

Description:

(Description Provided by CVE) : Buffer overflow in dtaction command gives root access.

[CLOSE] OSVDB ID : 8065 - Disclosed: 1997-06-07

Description:

(Description Provided by CVE) : The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.

[CLOSE] OSVDB ID : 83142 - Disclosed: 1997-06-05

Description:

IBM AIX contains a flaw that may allow an attacker to gain access to unauthorized privileges. The issue is triggered when a buffer overflow occurs in mount, which will cause a segfault and core dump file. Using a symlink, the core file can be used to create or overwrite a file. By setting an environment variable with arbitrary content, it will be appended to the file. Leveraging this against a file such as .rhosts will allow for privileged access to an arbitrary account.

[CLOSE] OSVDB ID : 8727 - Disclosed: 1997-06-04

Description:

(Description Provided by CVE) : Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111.

[CLOSE] OSVDB ID : 11471 - Disclosed: 1997-06-01

Description:

(Description Provided by CVE) : Denial of service in Windows NT DNS servers by flooding port 53 with too many characters.