Unknown · CVSS Not scored
Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option.
Published Mar 29, 2006 · Updated Aug 1, 2024
Unknown · CVSS Not scored
bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attackers to execute arbitrary commands as root via an infected mail message with shell metacharacters in the reply-to field.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in AspUpload.dll in Persits Software AspUpload before 1.4.0.2 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument in the HTTP request.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue."
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
A bug in Intel Pentium processor (MMX and Overdrive) allows local users to cause a denial of service (hang) in Intel-based operating systems such as Windows NT and Windows 95, via an invalid instruction, aka the "Invalid Operand with Locked CMPXCHG8B Instruction" problem.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Compaq Integration Maintenance Utility as used in Compaq Insight Manager agent before SmartStart 4.50 modifies the legal notice caption (LegalNoticeCaption) and text (LegalNoticeText) in Windows NT, which could produce a legal notice that is in violation of the security policy.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Windows NT 4.0 SP4 and earlier allows local users to gain privileges by modifying the symbolic link table in the \?? object folder using a different case letter (upper or lower) to point to a different device.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Sendmail before 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29 allows remote attackers to cause a denial of service (reboot) via a flood of IAC packets to the telnet port.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to gain privileges via Trojan horse programs.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files.
Published Mar 9, 2002 · Updated Aug 1, 2024