CVE-2000-0285

The CVE-2000-0285 entry describes a buffer overflow in XFree86 3.3.x that allows a local user to execute arbitrary commands via a long -xkbmap parameter. Affected software is XFree86 3.3.x; the vulnerability stems from improper handling of the -xkbmap argument, enabling local privilege compromise...

CVE-2000-0675

Buffer overflow in Infopulse Gatekeeper 3.5 and earlier allows remote attackers to execute arbitrary commands via a long string...

CVE-2000-0743

Buffer overflow vulnerability in University of Minnesota (UMN) gopherd 2.x. A remote attacker can trigger command execution by sending a DES key generation request (GDESkey) that contains a long ticket value. Affected component: gopherd 2.x; root cause: overflow in handling DES key generation req...

CVE-2000-0655

CVE-2000-0655 affects Netscape Communicator 4.73 and earlier. The vulnerability allows remote attackers to cause a denial of service or execute arbitrary commands through a JPEG image containing a comment with an illegal field length of 1. The connected documents corroborate the affected software...

ISS Security Advisory: Insecure call of external programs in Red Hat Linux tmpwatch

-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Advisory October 6, 2000 Insecure call of external programs in Red Hat Linux tmpwatch Synopsis: The tmpwatch utility is used in Red Hat Linux to remove temporary files. This utility has an option to call the "fuser" program,...

CVE-2000-0816

Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters...

RedHat 6.27.0 Tmpwatch - Arbitrary Command Execution

RedHat 6.27.0 Tmpwatch - Arbitrary Command Execution // source: https://www.securityfocus.com/bid/1785/info A vulnerability exists in tmpwatch, a utility which automates the removal of temporary files in unix-like systems. An optional component of tmpwatch, fuser, improperly handles arguments to...

RedHat 6.2/7.0 Tmpwatch - Arbitrary Command Execution

// source: https://www.securityfocus.com/bid/1785/info A vulnerability exists in tmpwatch, a utility which automates the removal of temporary files in unix-like systems. An optional component of tmpwatch, fuser, improperly handles arguments to system library calls. If an attacker creates a file...

FreeBSD-SA-00:35.proftpd

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:35 Security Advisory FreeBSD, Inc. Topic: proftpd port contains remote root compromise Category: ports Module: proftpd Announced: 2000-08-14 Credits: lamagra Affects:...

012.txt

From [email protected] Wed Aug 2 11:08:46 2000 Return-Path: Date: Mon, 2 Aug 0100 11:56:57 +0000 Reply-To: [email protected] Sender: Bugtraq List From: [email protected] Subject: Local root compromise in PGX Config Sun Sparc Solaris To: [email protected] hi guys and gals yeah heres...

CVE-2000-0637

Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability...

MiniVend view_page.html Shell Metacharacter Arbitrary Command Execution

The version of MiniVend running on the remote host has an arbitrary command execution vulnerability. Input to the 'mvarg' parameter of viewpage.html is not properly sanitized. A remote attacker could exploit this to execute arbitrary commands on the system. %NASLMINLEVEL 70300 C Tenable Network...

CVE-2000-0421

The processbug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters...

CVE-2000-0437

CVE-2000-0437 describes a buffer overflow in the CyberPatrol daemon “cyberdaemon” used in the Gauntlet and WebShield products. The flaw could be triggered by network-input and allows remote attackers to cause a denial of service or execute arbitrary commands on affected hosts. The linked Nessus e...

CVE-2000-0353

Pine 4.x is affected by CVE-2000-0353. A remote attacker can trigger arbitrary commands by providing an index.html that executes lynx to fetch a uudecoded file from a malicious web server, which is then executed by Pine. Impact is described as full confidentiality, integrity, and availability com...

CVSWeb Developer CVSWeb 1.80 - Insecure Perl open Code Execution

CVSWeb Developer CVSWeb 1.80 - Insecure Perl open Code Execution source: https://www.securityfocus.com/bid/1469/info Cvsweb 1.80 makes an insecure call to the perl OPEN function, providing attackers with write access to a cvs repository the ability to execute arbitrary commands on the host machin...

Security Advisory: FreeBSD-SA-00:24.libedit

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:24 Security Advisory FreeBSD, Inc. Topic: libedit reads config file from current directory Category: core Module: libedit Announced: 2000-07-05 Affects: All versions of...

FreeBSD-SA-00:24.libedit

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:24 Security Advisory FreeBSD, Inc. Topic: libedit reads config file from current directory Category: core Module: libedit Announced: 2000-07-05 Affects: All versions of...

CVE-2000-0401

PDGSoft Shopping Cart vulnerability (CVE-2000-0401) affects redirect.exe and changepw.exe. The issue is remote buffer overflows that allow an attacker to execute arbitrary commands via a long query string, potentially leading to data disclosure or privilege escalation on the web server. Exploitat...

FreeBSD-SA-00:22.apsfilter

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:22 Security Advisory FreeBSD, Inc. Topic: apsfilter allows users to execute arbitrary commands as user lpd Category: ports Module: apsfilter Announced: 2000-06-07 Credits...