| OSVDB ID | Disclosure Date | Title |
|---|
|
3104
Description:
Microsoft Internet Explorer (PPC version on Macintosh) contains a flaw that allows a remote attacker to overwrite arbitrary files with custom data. The flaw is due to IE not checking FORM ACTION content and accepting file:// arguments. INPUT NAME data specified in the FORM request is then written to the specified file, deleting whatever data is already present.
|
1997-08-29
|
Microsoft IE PPC Overwrite Arbitrary Files
|
|
275
Description:
Microsoft IIS contains a flaw that allows a remote attacker to create arbitrary files or a denial of service on a remote server. The issue is due to the "newdsn.exe" CGI application not sanitizing arguments provided. If an attacker is able to create a file on the system, it can be leveraged for additional privileges.
|
1997-08-27
|
Microsoft IIS newdsn.exe Remote Arbitrary File Creation
|
|
9862
Description:
SGI IRIX contains a flaw that may lead to an unauthorized information disclosure. The issue is due to the 'MachineInfo' CGI script, which will disclose sensitive system information resulting in a loss of confidentiality.
|
1997-08-26
|
IRIX MachineInfo CGI Program Information Disclosure
|
|
8751
Description:
(Description Provided by CVE) : rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.
|
1997-08-24
|
Multiple Vendor rpc.mountd File Existence Information Disclosure
|
|
12972
Description:
(Description Provided by CVE) : Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header.
|
1997-08-24
|
Majordomo no/advertise Directive Reply-To Header Arbitrary Command Execution
|
|
6333
Description:
(Description Provided by CVE) : spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed.
|
1997-08-20
|
spaceware spaceball HOSTNAME Variable Arbitrary Privileged Command Execution
|
|
7805
Description:
(Description Provided by CVE) : Vulnerability in CGI program in the Lasso application by Blue World, as used on WebSTAR and other servers, allows remote attackers to read arbitrary files.
|
1997-08-19
|
Blue World Lasso CGI Arbitrary File Access
|
|
57410
Description:
Unknown / Incomplete
|
1997-08-14
|
Check Point FireWall-1 ICMP Traffic Stateful Inspection Bypass
|
|
100
Description:
(Description Provided by CVE) : The DG/UX finger daemon allows remote command execution through shell metacharacters.
|
1997-08-11
|
DG/UX in.fingerd Remote Command Execution
|
|
9894
Description:
(Description Provided by CVE) : sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.
|
1997-08-05
|
sort /tmp Symlink Arbitrary File Modification
|
|
83852
Description:
NetKit bootparamd is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in multiple unspecified buffer overflows. When handling a spoofed DNS packets, a remote attacker can potentially execute arbitrary code or cause a denial of service.
|
1997-08-02
|
NetKit bootparamd DNS Handling Multiple Unspecified Overflows
|
|
83851
Description:
NetKit (netkit-rusers) is prone to an overflow condition. The rusers client fails to properly sanitize user-supplied input resulting in a buffer overflow. This may allow an attacker to execute arbitrary code or cause a denial of service.
|
1997-08-02
|
NetKit (netkit-rusers) rusers Client Unspecified Overflow
|
|
939
Description:
(Description Provided by CVE) : Buffer overflow in SunOS/Solaris ps command.
|
1997-08-01
|
Multiple Vendor ps Local Overlflow
|
|
948
Description:
(Description Provided by CVE) : Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
|
1997-08-01
|
Multiple Vendor libXt Library Local Overflow
|
|
438
Description:
(Description Provided by CVE) : DNS cache poisoning via BIND, by predictable query IDs.
|
1997-08-01
|
ISC BIND Predictable Query ID DNS Cache Poisoning
|
|
2068
Description:
(Description Provided by CVE) : An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.
|
1997-08-01
|
Multiple Unix syslogd Message Flood Remote DoS
|
|
7862
Description:
(Description Provided by CVE) : Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored displays.
|
1997-08-01
|
Microsoft IE User DAT File History Disclosure
|
