FreeBSD-SA-00:35.proftpd

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:35 Security Advisory FreeBSD, Inc. Topic: proftpd port contains remote root compromise Category: ports Module: proftpd Announced: 2000-08-14 Credits: lamagra Affects:...

012.txt

From [email protected] Wed Aug 2 11:08:46 2000 Return-Path: Date: Mon, 2 Aug 0100 11:56:57 +0000 Reply-To: [email protected] Sender: Bugtraq List From: [email protected] Subject: Local root compromise in PGX Config Sun Sparc Solaris To: [email protected] hi guys and gals yeah heres...

CVE-2000-0637

Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability...

MiniVend view_page.html Shell Metacharacter Arbitrary Command Execution

The version of MiniVend running on the remote host has an arbitrary command execution vulnerability. Input to the 'mvarg' parameter of viewpage.html is not properly sanitized. A remote attacker could exploit this to execute arbitrary commands on the system. %NASLMINLEVEL 70300 C Tenable Network...

CVE-2000-0353

Pine 4.x is affected by CVE-2000-0353. A remote attacker can trigger arbitrary commands by providing an index.html that executes lynx to fetch a uudecoded file from a malicious web server, which is then executed by Pine. Impact is described as full confidentiality, integrity, and availability com...

CVE-2000-0398

The CVE-2000-0398 issue affects Rockliffe MailSite Management Agent, due to a buffer overflow in wconsole.dll that can be triggered by a long query_string parameter in an HTTP GET request. This allows remote attackers to potentially execute arbitrary commands. Public documents identify the vulner...

CVE-2000-0421

The processbug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters...

CVE-2000-0437

CVE-2000-0437 describes a buffer overflow in the CyberPatrol daemon “cyberdaemon” used in the Gauntlet and WebShield products. The flaw could be triggered by network-input and allows remote attackers to cause a denial of service or execute arbitrary commands on affected hosts. The linked Nessus e...

CVSWeb Developer CVSWeb 1.80 - Insecure Perl open Code Execution

CVSWeb Developer CVSWeb 1.80 - Insecure Perl open Code Execution source: https://www.securityfocus.com/bid/1469/info Cvsweb 1.80 makes an insecure call to the perl OPEN function, providing attackers with write access to a cvs repository the ability to execute arbitrary commands on the host machin...

Security Advisory: FreeBSD-SA-00:24.libedit

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:24 Security Advisory FreeBSD, Inc. Topic: libedit reads config file from current directory Category: core Module: libedit Announced: 2000-07-05 Affects: All versions of...

FreeBSD-SA-00:24.libedit

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:24 Security Advisory FreeBSD, Inc. Topic: libedit reads config file from current directory Category: core Module: libedit Announced: 2000-07-05 Affects: All versions of...

CVE-2000-0401

PDGSoft Shopping Cart vulnerability (CVE-2000-0401) affects redirect.exe and changepw.exe. The issue is remote buffer overflows that allow an attacker to execute arbitrary commands via a long query string, potentially leading to data disclosure or privilege escalation on the web server. Exploitat...

FreeBSD-SA-00:22.apsfilter

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:22 Security Advisory FreeBSD, Inc. Topic: apsfilter allows users to execute arbitrary commands as user lpd Category: ports Module: apsfilter Announced: 2000-06-07 Credits...

CVE-2000-0523

Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command...

CVE-2000-0493

Buffer overflow in Simple Network Time Sync SMTS daemon allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long string...

Gauntlet CyberPatrol Content Monitoring System Overflow

The remote host is running Network Associated Gauntlet firewall. The installed version of the software is vulnerable to a buffer overflow. An attacker could exploit this flaw in order to remotely execute arbitrary commands on the affected host. C Tenable Network Security, Inc. include"compat.inc"...

CVE-2000-0438

Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter...

S.u.S.E Linux 4.x5.x6.x7.0 Slackware 3.x4.0 Turbolinux 6 OpenLinux 7.0 - fdmount Local Buffer Overflow (1)

S.u.S.E Linux 4.x5.x6.x7.0 Slackware 3.x4.0 Turbolinux 6 OpenLinux 7.0 - fdmount Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/1239/info A buffer overflow exists in the 0.8 version of the fdmount program, distributed with a number of popular versions of Linux. By supplying ...

CVE-2000-0450

Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands...

CVE-2000-0432

The calender.pl and the calendaradmin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters...