CVE-2001-1462

WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to cause the WebID agent to enter debug mode via a URL containing null characters, which may allow attackers to obtain sensitive information...

CVE-2001-0715

CVE-2001-0715 affects Sendmail up to version 8.12.0/8.12.x prior to 8.12.1. The flaw allows a local user to disclose sensitive information about the mail queue by enabling debug flags (-d) when RestrictQueueRun is not enabled. The OpenVAS/Nessus entries confirm the vulnerability is a local inform...

CVE-2001-0412

Cisco Content Services CSS switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode...

CVE-2001-0412

CVE-2001-0412 affects Cisco Content Services (CSS) switch products 11800 and earlier (Arrowpoint). The vulnerability allows a local user to gain privileges by entering debug mode, with a CVSSv2 base score of 7.2 (HIGH): local attack vector, low complexity, no authentication, andComplete impact on...

CVE-1999-1141

Ascom Timeplex router allows remote attackers to obtain sensitive information or conduct unauthorized activities by entering debug mode through a sequence of CTRL-D characters...

Ошибки в sendmail debug (signed/unsigned)

при использовании ключа -d используется знаковое число после присвоения ему беззнакового значения в качестве индекса массива, что позволяет адресовать отрицательное смещение...

CVE-2001-0412

Cisco Content Services CSS switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode...

Hewlett-Packard MPE/iX NM Debug does not always handle breakpoints correctly

Overview There is a problem in the NM Debug facility of MPE/iX that allows users to gain unauthorized privileges. Description The problem affects HP3000 systems running MPE/iX versions 5.5 through 6.5. HP has published a security bulletin describing the solution to this vulnerability...

Проблема с отладочными регистрами в Windows 2000 (debug registers privelege elevation)

Используя отладочные регистры DR0-DR7 можно "убить" привелегированный процесс и перехватить его именованные каналы, получив системные права...

Elevation of privileges with debug registers on Win2K

Georgi Guninski security advisory 45, 2001 Elevation of privileges with debug registers on Win2K Systems affected: Win2K, Win2K SP1 have not tested on Win2K SP2 but according to Microsoft SP2 fixes this Risk: High Date: 24 May 2001 Legal Notice: This Advisory is Copyright c 2001 Georgi Guninski...

Microsoft Windows Server 2000 - Debug Registers

Microsoft Windows Server 2000 - Debug Registers // source: https://www.securityfocus.com/bid/2764/info A vulnerability exists in the handling of debug registers in Windows 2000. It is possible for unprivileged processes to create breakpoints for arbitrary processes. This can be used to 'kill'...

Microsoft Windows Server 2000 - Debug Registers

// source: https://www.securityfocus.com/bid/2764/info A vulnerability exists in the handling of debug registers in Windows 2000. It is possible for unprivileged processes to create breakpoints for arbitrary processes. This can be used to 'kill' arbitrary processes without administrative...

Vulnerability in Oracle E-Business Suite Release 11i Applications Desktop Integrator

Post date: 05/22/01 Vulnerability in Oracle E-Business Suite Release 11i Applications Desktop Integrator Overview A potential security vulnerability has been discovered in Applications Desktop Integrator ADI version 7.X for Oracle E-Business Suite Release 11i. A debug version of the FNDPUB11I.DLL...

Oracle's ADI 7.1.1.10.1 Major security hole

The version of ADI Application Desktop Integrator 7.1.1.10.1 which was recently shipped with Oracle's Financial Applications version 11.5.3 contains a major security breach. Whenever the software is launched, it creates a file called dbg.txt on the local hard drive on the system which contains in...

CVE-2001-0187

Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment...

CVE-2001-0267

CVE-2001-0267 concerns a vulnerability in HP MPE/iX’s NM Debug facility. The HP NM Debug mechanism fails to handle breakpoints correctly on MPE/iX versions 5.5 through 6.5, allowing local users to gain unauthorized privileges (potentially root). CERT notes the issue enables local privilege escala...

CVE-2001-0187

CVE-2001-0187 concerns WU-FTPD up to version 2.6.1, where a format-string vulnerability in debug mode can allow remote code execution. The issue affects WU-FTPD when using RFC 931 authentication with debugging enabled, potentially letting an attacker craft ident responses that are logged by the s...

Локальная дырка в Cisco Content Services (Arrowpoint) (debug mode)

Пользователь может переключится в режим отладки, из которого получить административные привелегии...

WU-FTPD 2.4.22.52.6 - Debug Mode Client Hostname Format String

WU-FTPD 2.4.22.52.6 - Debug Mode Client Hostname Format String source: https://www.securityfocus.com/bid/2296/info Wu-ftpd is a widely used unix ftp server. It contains a format string vulnerability that may be exploitable under certain perhaps 'extreme' circumstances. When running in debug mode,...

WU-FTPD 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String

source: https://www.securityfocus.com/bid/2296/info Wu-ftpd is a widely used unix ftp server. It contains a format string vulnerability that may be exploitable under certain perhaps 'extreme' circumstances. When running in debug mode, Wu-ftpd logs user activity to syslog in an insecure manner. An...