|
Nov 30 2001
|
(Oracle Issues Fix) Re: Oracle Database Component (dbsnmp) Lets Local Users with Oracle Group Privileges Obtain Root Privileges
|
|
Nov 29 2001
|
(The Vendor Responds) Re: Secure Computing's SafeWord Agent for SSH Gives Remote Users Root Level Access to the SSH Server
|
|
Nov 29 2001
|
(Some Details Are Provided) Re: Allaire's JRun Java Server Discloses JSP Source Code to Remote Users When Used As a Connector With Commercial Web Servers
|
|
Nov 28 2001
|
Allaire's JRun Java Server Discloses JSP Source Code to Remote Users When Used As a Connector With Commercial Web Servers
|
|
Nov 28 2001
|
Allaire's JRun Java Server May Issue Duplicate Session IDs in Certain Cases, Potentially Allowing a Remote User to Act as Another User
|
|
Nov 27 2001
|
Sun NetDynamics Application Server Authentication Flaw Lets Remote Users Hijack Sessions
|
|
Nov 25 2001
|
Oracle9iAS Web Cache Can Be Crashed By Remote Users Sending Malformed HTTP Content Length Header
|
|
Nov 23 2001
|
Secure Computing's SafeWord Agent for SSH is Based on Vulnerable SSH Code
|
|
Nov 21 2001
|
(Sun Provides Patch) Re: Mailx Client for Sun Solaris Allows Local Users to Execute Code with Mail Group Privileges
|
|
Nov 16 2001
|
(Sun Issues a Fix) Re: Sun's XSun X.11 Server for Solaris Gives Local Users Root-Level Privileges
|
|
Nov 16 2001
|
Sun Solaris Kernel send() Library Input Validation Flaw Enables Local Users to Cause the Kernel to Consume Excessive CPU Resources
|
|
Nov 13 2001
|
(Sun Issues Fix) ToolTalk Database Server Format String Flaw Lets Remote Users Gain Root Level Privileges on Several UNIX Operating System Platforms
|
|
Nov 13 2001
|
(Lotus Provides Information on How to Use ACLs) Re: Lotus Domino Access Control List Configuration Error May Allow Remote Users to View Documents that an Administrator Believes are Protected
|
|
Nov 13 2001
|
(Lotus Responds) Re: Lotus Domino Web Server Default Navigation Protection Mechanisms Can Be Bypassed by Remote Users, Allowing Some Portions of the Database to be Viewed
|
|
Nov 13 2001
|
(Lotus Responds and Provides Recommendations) Re: Lotus Domino Web Administrator Template Access Control Flaw Lets Remote Users Gain Some Web Administrator Privileges
|
|
Nov 13 2001
|
Sun Solaris pt_chmod Access Control Vulnerability Lets Local Users Obtain Write Access to Another User's TTY
|
|
Nov 9 2001
|
Rational ClearCase Configuration Management Software Buffer Overflow in db_loader Lets Local Users Execute Arbitrary Code with Root Level Privileges
|
|
Nov 8 2001
|
Symantec Enterprise Firewall (Raptor Firewall) Netbios Proxy Can Be Crashed By Remote Users and UDP Proxy Can Be Made to Consume All CPU Resources
|
|
Nov 5 2001
|
(Entrust Issues Fix) Re: Entrust GetAccess Input Validation Flaw Lets Remote Users Obtain Files from the Server
|
|
Nov 5 2001
|
Entrust GetAccess Input Validation Flaw Lets Remote Users Obtain Files from the Server
|
|
Nov 2 2001
|
Progress Database Format String Vulnerability Yields Root Privileges to Local Users
|
|
Nov 1 2001
|
e-Zone Media's FuseTalk Bulletin Board Input Validation Flaw Lets Remote Users Execute SQL Commands on the Server
|
|
Nov 1 2001
|
(A User Summarizes Domino Access Control Methods) Re: Lotus Domino Access Control List Configuration Error May Allow Remote Users to View Documents that an Administrator Believes are Protected
|
|
Oct 31 2001
|
Oracle Label Security Access Control Flaw Lets Users Gain Unauthorized Access to Data in the Database
|
|
Oct 31 2001
|
(Oracle Issues Fix) Re: Oracle9iAS Web Cache Allows Remote Users to Execute Arbitrary Code or Cause the Caching Process to Exit or Hang
|
|
Oct 31 2001
|
(Oracle Issues Workaround) Re: Oracle Database Permission Configuration Error Lets Local Users Modify Database Files, Configuration Files, and Executables
|
|
Oct 31 2001
|
Lotus Domino Access Control List Configuration Error May Allow Remote Users to View Documents that an Administrator Believes are Protected
|
|
Oct 31 2001
|
Lotus Domino Web Server Default Navigation Protection Mechanisms Can Be Bypassed by Remote Users, Allowing Some Portions of the Database to be Viewed
|
|
Oct 31 2001
|
Lotus Domino Web Administrator Template Access Control Flaw Lets Remote Users Gain Some Web Administrator Privileges
|
|
Oct 26 2001
|
Check Point FireWall-1/VPN-1 Management Functions Can Be Crashed By Remote Users Due to RDP Processing Flaw
|
|
Oct 24 2001
|
(Oracle Describes a Workaround) Re: Oracle Database otrcrep Component Buffer Overflow Lets Local Users Obtain Escalated Group and User Privileges
|
|
Oct 24 2001
|
(Sun Issues Fix) The Network Time Protocol Daemon (ntpd) Allows Remote Users to Execute Arbitrary Code on the Server - Typically to Gain Root Privileges on the Server
|
|
Oct 23 2001
|
Check Point FireWall-1 SecuRemote VPN System Discloses Information About Valid Usernames
|
|
Oct 23 2001
|
(Sun Issues Fix) Yppasswd on Sun Solaris Gives Remote Users Root-Level Access on the Server
|
|
Oct 22 2001
|
Sun Solaris in.fingerd Discloses Complete List of All Account Names to Remote Users
|
|
Oct 19 2001
|
Oracle9iAS Web Cache Allows Remote Users to Execute Arbitrary Code or Cause the Caching Process to Exit or Hang
|
|
Oct 16 2001
|
(Sun Issues Fix for Solaris 8) Re: Sun Solaris Xlock Environment Variable Buffer Overflow Lets Local Users Grab Root Privileges
|
|
Oct 11 2001
|
Progress Database PROTERMCAP and PROMSGS Errors Let Local Users Execute Arbitrary Code with Root Level Privileges
|
|
Oct 10 2001
|
(Sun Issues Fix) Re: Yppasswd on Sun Solaris Gives Remote Users Root-Level Access on the Server
|
|
Oct 10 2001
|
Progress RDBMS Database System Has Multiple Vulnerabilities That Permit Local Users to Gain Root Level Access on the Host
|
|
Oct 9 2001
|
(The Vendor Provides Some Guidance) Re: IBM WebSphere Application Server Uses Predictable Session ID Cookies, Allowing Remote Users to Guess Session IDs and Hijack Web Sessions
|
|
Oct 3 2001
|
ToolTalk Database Server Format String Flaw Lets Remote Users Gain Root Level Privileges on Several UNIX Operating System Platforms
|
|
Oct 2 2001
|
HP OpenView Network Node Manager Component Lets Local Users Gain Elevated Privileges
|
|
Sep 29 2001
|
Network Associates PGP Keyserver Configuration Error Gives Keyserver Administrative Access to Remote Users Without Requiring Authentication
|
|
Sep 24 2001
|
Lotus Domino Web Server Discloses Internal Network Address to Remote Users
|
|
Sep 23 2001
|
(Vendor Reports This is an Old Bug That Has Long Been Fixed) Re: Oracle Application Server Discloses Full Path to Remote Users in Response to Requests for Non-existent JSP Files
|
|
Sep 21 2001
|
IBM WebSphere Application Server Uses Predictable Session ID Cookies, Allowing Remote Users to Guess Session IDs and Hijack Web Sessions
|
|
Sep 20 2001
|
Lotus Notes API Lets Authorized Remote Users Obtain Unauthorized Access to Other User File Attachments
|
|
Sep 18 2001
|
Oracle Application Server Discloses Full Path to Remote Users in Response to Requests for Non-existent JSP Files
|
|
Sep 11 2001
|
Check Point FireWall-1 Older Versions Use Unsafe Temporary Files When Compiling Security Policies, Allowing Local Users to Elevate Their Privileges
|
|
Sep 8 2001
|
Check Point FireWall-1 Remote Management GUI Lets Remote Administrators Create or Overwrite Files on the Firewall with Root Level Privileges
|
|
Sep 8 2001
|
(Sun Issues Fix) Solaris Print Protocol Daemon (in.lpd) Gives Remote Users Root-Level Access
|
|
Sep 7 2001
|
(Sun Issues Fix) Sun Solaris SNMP-to-DMI Network Management Protocol Mapper Allows Remote Users to Execute Arbitrary Code and Gain Root-Level Access to the Affected Host
|
|
Sep 6 2001
|
Internet Security Systems RealSecure Intrusion Detection Misses '%u' Encoded Attacks Against Microsoft Web Servers
|
|
Sep 6 2001
|
Dragon Sensor Intrusion Detection System Does Not Detect Certain Attacks Against Microsoft Web Servers
|
|
Sep 5 2001
|
WebShield E-mail Scanner Lets Remote Users Get User-Level Operating System Access
|
|
Sep 5 2001
|
Gauntlet Firewall and PGP e-ppliances from Network Associates Have Buffer Overflows that Let Remote Users Get User-Level Operating System Access on the Firewall
|
|
Sep 5 2001
|
(Information on Other Versions) Re: PGP May Fail to Warn of Invalid Signatures in Certain Situations
|
|
Sep 4 2001
|
PGP May Fail to Warn of Invalid Signatures in Certain Situations
|
|
Aug 27 2001
|
Installer for Netscape 6 on Solaris Uses Unsafe Temporary File Permissions that Allow Local Users to Obtain Elevated Privileges
|
|
Aug 25 2001
|
RSA Keon PKI Secure Directory Server Can Be Crashed By Remote Users
|
|
Aug 23 2001
|
(A Workaround is Described) Re: Lotus Domino Mail Server Can Be Made to Consume 100% of CPU Resources By Remote Users
|
|
Aug 21 2001
|
Lotus Domino Mail Server Can Be Made to Consume 100% of CPU Resources By Remote Users
|
|
Aug 18 2001
|
glFtpD FTP Server LIST Command Flaw Lets Remote Users Consume All CPU Resources
|
|
Aug 18 2001
|
Remedy Action Request System Client Installer Temporary File Vulnerability Lets Local Users Obtain Root Level Privileges on the System
|
|
Aug 13 2001
|
Macromedia JRun Java Server Discloses JSP Source Code to Remote Users
|
|
Aug 13 2001
|
Netscape Enterprise Server Discloses Internal IP Addresses to Remote Users in Certain Configurations
|
|
Aug 11 2001
|
SurgeFTP Uses Weak Password Hashing Method Allowing Remote Users to Obtain the FTP Administrator's Password
|
|
Aug 11 2001
|
Sun Solaris Xlock Environment Variable Buffer Overflow Lets Local Users Grab Root Privileges
|
|
Aug 7 2001
|
Allaire's Macromedia ColdFusion Server Lets Remote Users View Any File on the System or Execute Arbitrary Commands with Root/System Level Privileges
|
|
Aug 7 2001
|
(Sun Issues Fix) Several FTP Server Implementations Allow Remote Users to Obtain Root-Level Privileges on the Server
|
|
Aug 3 2001
|
Oracle Database Permission Configuration Error Lets Local Users Modify Database Files, Configuration Files, and Executables
|
|
Aug 3 2001
|
Oracle Database otrcrep Component Buffer Overflow Lets Local Users Obtain Escalated Group and User Privileges
|
|
Aug 3 2001
|
Oracle Database Component (dbsnmp) Lets Local Users with Oracle Group Privileges Obtain Root Privileges
|
|
Aug 3 2001
|
Roxen Web Server Discloses Files on the Server to Remote Users and May, in Certain Configurations, Let Remote Users Execute Any Program on the Server
|
