| OSVDB ID | Disclosure Date | Title |
|---|
|
8014
Description:
(Description Provided by CVE) : sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack.
|
1998-02-25
|
IBM AIX sadc Symlink Arbitrary File Overwrite
|
|
9842
Description:
(Description Provided by CVE) : Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file.
|
1998-02-25
|
Quake 2 Server on Linux config.cfg Symlink Arbitrary File Access
|
|
11506
Description:
(Description Provided by CVE) : The WinGate telnet proxy allows remote attackers to cause a denial of service via a large number of connections to localhost.
|
1998-02-21
|
WinGate Telnet Proxy localhost Connection Saturation DoS
|
|
6091
Description:
(Description Provided by CVE) : FreeBSD mmap function allows users to modify append-only or immutable files.
|
1998-02-20
|
BSD mmap Append-Only / Immutable File Modification
|
|
9904
Description:
(Description Provided by CVE) : Squid Internet Object Cache 1.1.20 allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences.
|
1998-02-20
|
Squid Internet Object Cache Regular Expression ACL Bypass
|
|
11503
Description:
(Description Provided by CVE) : mmap function in BSD allows local attackers in the kmem group to modify memory through devices.
|
1998-02-20
|
BSD mmap Function KMEM Group Memory Modification
|
|
12970
Description:
(Description Provided by CVE) : Buffer overflow in web-admin tool in NetXRay 2.6 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request.
|
1998-02-18
|
NetXRay web-admin Tool HTTP Request Overflow
|
|
11502
Description:
Multiple BSDs contain a flaw that may allow a malicious user to spoof TCP connections against BSD hosts on networks that do not filter source routed packets via router packet filters. The issue is triggered when the sysctl system configuration control for "do source route" does not prevent source routed packets from being accepted by 4.4BSD kernels, even when the sysctl variable net.inet.ip.dosourceroute is set to '0'. It is possible that the flaw may result in a loss of integrity.
|
1998-02-15
|
Multiple BSD sysctl Control Failure Source Routing Attack
|
|
7992
Description:
IBM AIX contains a flaw that may allow a remote denial of service. The issue is triggered when telnetd receives an attack and system runs out of message blocks and hangs, and will result in loss of availability for the telnet service and all other tty activity to hang.
|
1998-02-11
|
IBM AIX telnet Login Remote DoS
|
|
11478
Description:
(Description Provided by CVE) : Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size.
|
1998-02-11
|
Microsoft Windows NT Malformed SMB Logon Request DoS
|
|
8730
Description:
(Description Provided by CVE) : Solaris volrmmount program allows attackers to read any file.
|
1998-02-10
|
Solaris volrmmount Arbitrary File Access
|
|
83143
Description:
IBM AIX contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the iFOR/LS license server (from Gradient Technologies) using a /tmp/last_uuid file that is created insecurely. It is possible for a local attacker to use a symlink attack against the iFOR/LS file to cause the program to unexpectedly write to, or overwrite an attacker specified file.
|
1998-02-09
|
IBM AIX iFOR/LS /tmp/last_uuid Symlink Arbitrary File Overwrite
|
|
12981
Description:
(Description Provided by CVE) : Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file.
|
1998-02-06
|
KDE Screen Savers .kss.pid Symlink Arbitrary File Overwrite
|
|
59829
Description:
(Description Provided by CVE) : Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
|
1998-02-06
|
Netscape Enterprise/FastTrack DOS Filename Request Access Bypass
|
|
88697
Description:
libpng contains an overflow condition in the png_size_t function. The issue is triggered as user-supplied input is not properly validated in cases when the png_size_t function is smaller than 32 bytes. This may allow a remote attacker to cause an unspecified overflow, resulting in a denial of service or potentially execution of arbitrary code.
|
1998-02-04
|
libpng png_size_t Function Unspecified Overflow
|
|
12033
Description:
(Description Provided by CVE) : Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
|
1998-02-02
|
Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
|
