7618 matches found
CVE-2000-0009
The bnapass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands...
CVE-2000-0637
Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability...
CVE-2000-0663
The CVE-2000-0663 issue concerns Windows NT/2000 where the registry entry for Explorer.exe uses a relative path name, enabling a local user to cause arbitrary commands to run by placing a Trojan named Explorer.exe in the %Systemdrive% directory (the “Relative Shell Path” vulnerability). Affected ...
CVE-2000-0727
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters...
CVE-2000-0727
CVE-2000-0727 affects the xpdf PDF viewer client older than 0.91. The flaw: when handling embedded URLs, the client does not correctly launch a web browser, enabling an attacker to execute arbitrary commands via a URL containing shell metacharacters. NVD assigns a base CVSS v2.0 score of 7.6 (HIG...
CVE-2000-0322
The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters...
CVE-2000-0494
Veritas Volume Manager creates a world writable .serverpids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsaserver script...
CVE-2000-0285
The CVE-2000-0285 entry describes a buffer overflow in XFree86 3.3.x that allows a local user to execute arbitrary commands via a long -xkbmap parameter. Affected software is XFree86 3.3.x; the vulnerability stems from improper handling of the -xkbmap argument, enabling local privilege compromise...
CVE-2000-0561
Buffer overflow in WebBBS 1.15 allows remote attackers to execute arbitrary commands via a long HTTP GET request...
ISS Security Advisory: Insecure call of external programs in Red Hat Linux tmpwatch
-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Advisory October 6, 2000 Insecure call of external programs in Red Hat Linux tmpwatch Synopsis: The tmpwatch utility is used in Red Hat Linux to remove temporary files. This utility has an option to call the "fuser" program,...
CVE-2000-0816
Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters...
RedHat 6.2/7.0 Tmpwatch - Arbitrary Command Execution
// source: https://www.securityfocus.com/bid/1785/info A vulnerability exists in tmpwatch, a utility which automates the removal of temporary files in unix-like systems. An optional component of tmpwatch, fuser, improperly handles arguments to system library calls. If an attacker creates a file...
RedHat 6.27.0 Tmpwatch - Arbitrary Command Execution
RedHat 6.27.0 Tmpwatch - Arbitrary Command Execution // source: https://www.securityfocus.com/bid/1785/info A vulnerability exists in tmpwatch, a utility which automates the removal of temporary files in unix-like systems. An optional component of tmpwatch, fuser, improperly handles arguments to...
FreeBSD-SA-00:35.proftpd
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:35 Security Advisory FreeBSD, Inc. Topic: proftpd port contains remote root compromise Category: ports Module: proftpd Announced: 2000-08-14 Credits: lamagra Affects:...
012.txt
From [email protected] Wed Aug 2 11:08:46 2000 Return-Path: Date: Mon, 2 Aug 0100 11:56:57 +0000 Reply-To: [email protected] Sender: Bugtraq List From: [email protected] Subject: Local root compromise in PGX Config Sun Sparc Solaris To: [email protected] hi guys and gals yeah heres...
CVE-2000-0637
Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability...
MiniVend view_page.html Shell Metacharacter Arbitrary Command Execution
The version of MiniVend running on the remote host has an arbitrary command execution vulnerability. Input to the 'mvarg' parameter of viewpage.html is not properly sanitized. A remote attacker could exploit this to execute arbitrary commands on the system. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2000-0353
Pine 4.x is affected by CVE-2000-0353. A remote attacker can trigger arbitrary commands by providing an index.html that executes lynx to fetch a uudecoded file from a malicious web server, which is then executed by Pine. Impact is described as full confidentiality, integrity, and availability com...
CVE-2000-0421
The processbug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters...
CVE-2000-0437
CVE-2000-0437 describes a buffer overflow in the CyberPatrol daemon “cyberdaemon” used in the Gauntlet and WebShield products. The flaw could be triggered by network-input and allows remote attackers to cause a denial of service or execute arbitrary commands on affected hosts. The linked Nessus e...