[CLOSE] OSVDB ID : 85829 - Disclosed: 2000-10-31

Description:

Allaire JRun contains a flaw that may allow a remote denial of service. The issue is triggered when multiple malformed requests are made to the Java /servlet/. This will result in a loss of availability for the program.

[CLOSE] OSVDB ID : 457 - Disclosed: 2000-10-31

Description:

Exchange contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted email is sent, which contains specific malformed MIME headers, and will result in loss of availability for the service.

[CLOSE] OSVDB ID : 469 - Disclosed: 2000-10-31

Description:

ServletExec contains a flaw that may allow a remote attacker to arbitrarily upload files. The problem is that the application does not restrict access to the 'com.unify.ewave.servletexec.UploadServlet' servlet. It is possible that the flaw may allow a remote attacker to create a HTML form and upload JSP files to the server and execute arbitrary commands resulting in a loss of integrity.

[CLOSE] OSVDB ID : 3250 - Disclosed: 2000-10-31

Description:

ezbounce contains a flaw that may allow a local user to cause a denial of service. The issue is due to the ezbounce.pid file being written with randomg permissions. If the file becomes world writeable at any point, a local attacker could change the PID inside the file to an arbitrary program, which could then be killed from another process such as CRON, as is often the case.

[CLOSE] OSVDB ID : 13753 - Disclosed: 2000-10-31

Description:

(Description Provided by CVE) : CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server.

[CLOSE] OSVDB ID : 215 - Disclosed: 2000-10-30

Description:

(Description Provided by CVE) : Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file.

[CLOSE] OSVDB ID : 1625 - Disclosed: 2000-10-30

Description:

(Description Provided by CVE) : Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks.

[CLOSE] OSVDB ID : 1626 - Disclosed: 2000-10-30

Description:

(Description Provided by CVE) : Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords.

[CLOSE] OSVDB ID : 13754 - Disclosed: 2000-10-30

Description:

(Description Provided by CVE) : Serv-U FTP Server allows remote attackers to bypass its anti-hammering feature by first logging on as a valid user (possibly anonymous) and then attempting to guess the passwords of other users.

[CLOSE] OSVDB ID : 17769 - Disclosed: 2000-10-30

Description:

ServletExec contains a flaw that may allow a remote denial of service. The issue is triggered when issuing a specially crafted HTTP GET request containing the '/servlet/' string, which causes the servlet engine to crash resulting in a loss of availability.

[CLOSE] OSVDB ID : 441 - Disclosed: 2000-10-30

Description:

(Description Provided by CVE) : Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows remote attackers to cause a denial of service via a malformed URL.

[CLOSE] OSVDB ID : 487 - Disclosed: 2000-10-30

Description:

(Description Provided by CVE) : Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server.

[CLOSE] OSVDB ID : 13747 - Disclosed: 2000-10-30

Description:

(Description Provided by CVE) : dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.

[CLOSE] OSVDB ID : 13751 - Disclosed: 2000-10-30

Description:

(Description Provided by CVE) : eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running.

[CLOSE] OSVDB ID : 59350 - Disclosed: 2000-10-30

Description:

(Description Provided by CVE) : Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart.

[CLOSE] OSVDB ID : 88637 - Disclosed: 2000-10-30

Description:

FreeBSD contains a format string flaw in the vipw functionality in the chpass utility family. The issue is triggered as format string specifiers (e.g. %s and %x) are not properly sanitized. With a specially crafted request, a local attacker can gain escalated privileges.

[CLOSE] OSVDB ID : 440 - Disclosed: 2000-10-29

Description:

(Description Provided by CVE) : Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter.

[CLOSE] OSVDB ID : 488 - Disclosed: 2000-10-29

Description:

(Description Provided by CVE) : Directory traversal vulnerability in Metertek pagelog.cgi allows remote attackers to read arbitrary files via a .. (dot dot) attack on the "name" or "display" parameter.

[CLOSE] OSVDB ID : 14158 - Disclosed: 2000-10-28

Description:

(Description Provided by CVE) : Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

[CLOSE] OSVDB ID : 1621 - Disclosed: 2000-10-28

Description:

IIS 5.0 Indexing Services for Windows 2000 contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the CiRestriction parameter in a .htw request upon submission, allowing Active Scripting to execute on a the host's browser. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. A remote attacker can visit a Web page containing malicious code that requests an .htw file, causing Active Scripting to execute active content on a visiting user's computer.

[CLOSE] OSVDB ID : 1620 - Disclosed: 2000-10-27

Description:

A remote overflow exists in bftpd. The USER command fails to validate user-supplied input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 1622 - Disclosed: 2000-10-27

Description:

(Description Provided by CVE) : nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests.

[CLOSE] OSVDB ID : 1630 - Disclosed: 2000-10-27

Description:

(Description Provided by CVE) : CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without knowing the original password.

[CLOSE] OSVDB ID : 8570 - Disclosed: 2000-10-27

Description:

(Description Provided by CVE) : The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system.

[CLOSE] OSVDB ID : 1627 - Disclosed: 2000-10-26

Description:

(Description Provided by CVE) : cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions.

[CLOSE] OSVDB ID : 8813 - Disclosed: 2000-10-26

Description:

(Description Provided by CVE) : Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges.

[CLOSE] OSVDB ID : 444 - Disclosed: 2000-10-26

Description:

Cisco Catalyst contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a specially crafted URL is sent to the web interface. It is possible that the flaw may allow arbitrary code execution resulting in a loss of confidentiality, integrity, and/or availability.

[CLOSE] OSVDB ID : 486 - Disclosed: 2000-10-26

Description:

iPlanet Certificate Management System contains a flaw that allows a remote attacker to access arbitrary files of the web path. The issue is due to the server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the URI.

[CLOSE] OSVDB ID : 4086 - Disclosed: 2000-10-26

Description:

Netscape Directory Server contains a flaw that allows a remote attacker to access arbitrary files of the web path. The issue is due to the server not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the URI.

[CLOSE] OSVDB ID : 5830 - Disclosed: 2000-10-26

Description:

MAILsweeper for SMTP contains a flaw that may allow a remote denial of service. The issue is triggered when a corrupt document is attached to an email, and will result in loss of availability for the MAILsweeper service.

[CLOSE] OSVDB ID : 437 - Disclosed: 2000-10-26

Description:

(Description Provided by CVE) : Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml extension.

[CLOSE] OSVDB ID : 3206 - Disclosed: 2000-10-26

Description:

TIS Internet Firewall Toolkit (FWTK) contains a flaw that allows a remote attacker to execute arbitrary code on the vulnerable system. The flaw is due to the pmsg() function in the x-gw package. If an attacker supplied malicious code, the sanity checks the function performs will not report the error only, instead it reports the error along with the malicious code which it executes.

[CLOSE] OSVDB ID : 4087 - Disclosed: 2000-10-26

Description:

iPlanet CMS has a flaw that allows a local or remote attacker to obtain the administrative password. The issue is due to the software storing the administrator password plaintext in the admin-serv/config/adm.conf file. Used in conjunction with other vulnerabilities present in this software, a remote attacker could request this file and obtain the password.

[CLOSE] OSVDB ID : 4088 - Disclosed: 2000-10-26

Description:

Netscape Directory Server has a flaw that allows a local or remote attacker to obtain the administrative password. The issue is due to the software storing the administrator password plaintext in the admin-serv/config/adm.conf file. Used in conjunction with other vulnerabilities present in this software, a remote attacker could request this file and obtain the password.

[CLOSE] OSVDB ID : 7245 - Disclosed: 2000-10-26

Description:

(Description Provided by CVE) : The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes.

[CLOSE] OSVDB ID : 7008 - Disclosed: 2000-10-25

Description:

(Description Provided by CVE) : HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window.

[CLOSE] OSVDB ID : 1513 - Disclosed: 2000-10-25

Description:

A remote overflow exists in ntop when running in 'web server' (-w) mode. The program fails to validate input to the filename variable resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code resulting in a loss of integrity.

[CLOSE] OSVDB ID : 6717 - Disclosed: 2000-10-25

Description:

Cisco devices running IOS software may be prone to a denial of service attack if a URL containing the question mark followed by a slash (?/) is requested. The device will enter an infinite loop when the supplied with the URL containing a "?/" and an enable password. Subequently, the router or switch will crash in two minutes after the watchdog timer has expired and will then reload. In certain cases the device will not reload and restart. In such a case, however, a manual restart would be required to regain normal functionality.

[CLOSE] OSVDB ID : 6782 - Disclosed: 2000-10-25

Description:

Web+ contains a flaw related to ODBC connections. No further details have been provided.

[CLOSE] OSVDB ID : 545 - Disclosed: 2000-10-25

Description:

(Description Provided by CVE) : The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands.