1231 matches found
CVE-2000-0691
The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.lastrun to the target file...
CVE-2000-0721
The CVE-2000-0721 entry concerns the FlagShip package, specifically the FSserial, FlagShip_c, and FlagShip_p programs, which are installed world-writeable. Root cause: local write access allows replacement of these components with Trojan horses. Impact: local users can modify these binaries, pote...
CVE-2000-0724
The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files...
Security Advisory: FreeBSD-SA-00:41.elf
Topic: Malformed ELF images can cause a system hang Category: core Module: kernel Announced: 2000-08-28 Credits: Adam McDougall [email protected] Affects: FreeBSD 3.x, 4.x and 5.x prior to the correction date Corrected: 2000-07-25 FreeBSD 5.0-CURRENT 2000-07-23 FreeBSD 4.0-STABLE FreeBSD only: Y...
FreeBSD-SA-00:43.brouted
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:43 Security Advisory FreeBSD, Inc. Topic: brouted port allows gid kmem compromise Category: ports Module: brouted Announced: 2000-08-28 Credits: Discovered during interna...
FreeBSD-SA-00:41.elf
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:41 Security Advisory FreeBSD, Inc. Topic: Malformed ELF images can cause a system hang Category: core Module: kernel Announced: 2000-08-28 Credits: Adam McDougall Affects...
SUIDPerl 5.00503 - Mail Shell Escape (2)
source: https://www.securityfocus.com/bid/1547/info The interaction between some security checks performed by suidperl, the setuid version of perl, and the /bin/mail program creates a scenario that allows local malicious users to execute commands with root privileges. The suidperl program perform...
Microsoft Windows Server 2000 - Named Pipes Predictability
Microsoft Windows Server 2000 - Named Pipes Predictability source: https://www.securityfocus.com/bid/1535/info The Service Control Manager SCM is an administrative tool in Windows 2000 which handles the creation and modification of system services such as Server, Workstation, Alerter, and ClipBoo...
Microsoft Windows Server 2000 - Named Pipes Predictability
source: https://www.securityfocus.com/bid/1535/info The Service Control Manager SCM is an administrative tool in Windows 2000 which handles the creation and modification of system services such as Server, Workstation, Alerter, and ClipBook. A server-side named pipe is created before each service ...
CVE-2000-0531
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets...
[linux-security] [RHSA-2000:041-02] man package's 'makewhatis' uses insecure handling of files in /tmp
--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: man package's 'makewhatis' uses insecure handling of files in /tmp Advisory ID: RHSA-2000:041-02 Issue date: 2000-07-03 Updated on: 2000-07-03 Product: Red Hat Linux Keywords: man /tmp...
CVE-1999-0864
UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file...
CVE-2000-0433
The SuSE aaabase package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles...
CVE-1999-0782
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable...
CVE-2000-0276
BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls using interrupt 37...
CVE-2000-0247
Unknown vulnerability in Generic-NQS GNQS allows local users to gain root privileges...
CVE-2000-0163
asmon and ascpu in FreeBSD allow local users to gain root privileges via a configuration file...
CVE-1999-0840
Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option...
CVE-1999-0860
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack...
CVE-2000-0077
The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands...