CVE-2000-0743

Buffer overflow vulnerability in University of Minnesota (UMN) gopherd 2.x. A remote attacker can trigger command execution by sending a DES key generation request (GDESkey) that contains a long ticket value. Affected component: gopherd 2.x; root cause: overflow in handling DES key generation req...

CVE-2000-0655

CVE-2000-0655 affects Netscape Communicator 4.73 and earlier. The vulnerability allows remote attackers to cause a denial of service or execute arbitrary commands through a JPEG image containing a comment with an illegal field length of 1. The connected documents corroborate the affected software...

CVE-2000-0624

CVE-2000-0624 describes a buffer overflow in Winamp 2.64 and earlier that can be triggered by a long #EXTINF: extension in an M3U playlist, potentially allowing a remote attacker to execute arbitrary commands. The initial reports do not provide additional technical specifics beyond this descripti...

CVE-2000-0285

The CVE-2000-0285 entry describes a buffer overflow in XFree86 3.3.x that allows a local user to execute arbitrary commands via a long -xkbmap parameter. Affected software is XFree86 3.3.x; the vulnerability stems from improper handling of the -xkbmap argument, enabling local privilege compromise...

CVE-2000-0525

CVE-2000-0525: OpenSSH does not properly drop privileges when UseLogin is enabled, allowing local users to execute arbitrary commands by supplying the command to the ssh daemon. Affected: OpenSSH with UseLogin enabled. Root cause: privileges not dropped correctly after authentication. Impact: pot...

CVE-2000-0586

Buffer overflow in Dalnet IRC server 4.6.5 allows remote attackers to cause a denial of service or execute arbitrary commands via the SUMMON command...

CVE-2000-0637

Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability...

ISS Security Advisory: Insecure call of external programs in Red Hat Linux tmpwatch

-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Advisory October 6, 2000 Insecure call of external programs in Red Hat Linux tmpwatch Synopsis: The tmpwatch utility is used in Red Hat Linux to remove temporary files. This utility has an option to call the "fuser" program,...

CVE-2000-0816

Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters...

RedHat 6.27.0 Tmpwatch - Arbitrary Command Execution

RedHat 6.27.0 Tmpwatch - Arbitrary Command Execution // source: https://www.securityfocus.com/bid/1785/info A vulnerability exists in tmpwatch, a utility which automates the removal of temporary files in unix-like systems. An optional component of tmpwatch, fuser, improperly handles arguments to...

RedHat 6.2/7.0 Tmpwatch - Arbitrary Command Execution

// source: https://www.securityfocus.com/bid/1785/info A vulnerability exists in tmpwatch, a utility which automates the removal of temporary files in unix-like systems. An optional component of tmpwatch, fuser, improperly handles arguments to system library calls. If an attacker creates a file...

FreeBSD-SA-00:35.proftpd

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:35 Security Advisory FreeBSD, Inc. Topic: proftpd port contains remote root compromise Category: ports Module: proftpd Announced: 2000-08-14 Credits: lamagra Affects:...

012.txt

From [email protected] Wed Aug 2 11:08:46 2000 Return-Path: Date: Mon, 2 Aug 0100 11:56:57 +0000 Reply-To: [email protected] Sender: Bugtraq List From: [email protected] Subject: Local root compromise in PGX Config Sun Sparc Solaris To: [email protected] hi guys and gals yeah heres...

CVE-2000-0637

Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability...

MiniVend view_page.html Shell Metacharacter Arbitrary Command Execution

The version of MiniVend running on the remote host has an arbitrary command execution vulnerability. Input to the 'mvarg' parameter of viewpage.html is not properly sanitized. A remote attacker could exploit this to execute arbitrary commands on the system. %NASLMINLEVEL 70300 C Tenable Network...

CVE-2000-0421

The processbug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters...

CVE-2000-0353

Pine 4.x is affected by CVE-2000-0353. A remote attacker can trigger arbitrary commands by providing an index.html that executes lynx to fetch a uudecoded file from a malicious web server, which is then executed by Pine. Impact is described as full confidentiality, integrity, and availability com...

CVE-2000-0437

CVE-2000-0437 describes a buffer overflow in the CyberPatrol daemon “cyberdaemon” used in the Gauntlet and WebShield products. The flaw could be triggered by network-input and allows remote attackers to cause a denial of service or execute arbitrary commands on affected hosts. The linked Nessus e...

CVE-2000-0398

The CVE-2000-0398 issue affects Rockliffe MailSite Management Agent, due to a buffer overflow in wconsole.dll that can be triggered by a long query_string parameter in an HTTP GET request. This allows remote attackers to potentially execute arbitrary commands. Public documents identify the vulner...

CVSWeb Developer CVSWeb 1.80 - Insecure Perl open Code Execution

CVSWeb Developer CVSWeb 1.80 - Insecure Perl open Code Execution source: https://www.securityfocus.com/bid/1469/info Cvsweb 1.80 makes an insecure call to the perl OPEN function, providing attackers with write access to a cvs repository the ability to execute arbitrary commands on the host machin...