| 8/23/99 |
Denial
of Service Attack against Lotus Notes Domino Server 4.6 |
|
|
medium |
Notes
LDAP |
|
|
389 |
|
|
| 8/20/99 |
Patch
Available for Office "ODBC Vulnerabilities" |
|
|
high |
ODBC,jet |
|
http://www.microsoft.com/security/bulletins/MS99-030faq.asp |
OS |
|
|
| 8/18/99 |
Attackers
can remotely add default route entries on the victims host |
|
|
medium |
ICMP
Router Discovery Protocol (IRDP) |
|
http://www.L0pht.com/advisories.html |
icmp |
|
|
| 8/17/99 |
Oracle
Intelligent agent dbsnmp allow root access |
|
|
high |
oracle |
|
|
OS |
|
|
| 8/16/99 |
Patch
Available for "Malformed HTTP Request Header" Vulnerability |
|
|
medium |
iis |
|
|
80 |
|
|
| 6/16/99 |
IIS
Buffer Overflow |
MS-IIS |
4 |
high |
|
|
|
80 |
|
|
| 5/27/99 |
Patch
Available for "RAS and RRAS Password" Vulnerability |
Windows
NT |
4.0 |
high |
RAS |
|
|
OS |
|
MS99-017 |
| 5/17/99 |
Patch
Available for "Malformed Help File" Vulnerability |
Windows
NT |
4.0 |
high |
help[
utility |
|
|
OS |
|
|
| 4/21/99 |
Patch
Available for "DHTML Edit" Vulnerability |
MS-Iexplorer |
4.x,5.0 |
high |
ActiveX |
|
|
80 |
|
|
| 4/21/99 |
MSHTML
Update Available for Internet Explorer |
MS-Iexplorer |
4.x,5.0 |
medium |
|
|
|
80 |
|
|
| 4/20/99 |
Security
Vulnerability in sendmail |
HP-UX |
10.2,11.0 |
medium |
sendmail
release 8.8.6 |
|
|
25 |
|
|
| 4/16/99 |
The
IPFilter package misuse of symlink |
UNIX |
|
high |
IPFilter
v3.2.10 |
|
|
OS |
|
|
| 4/15/99 |
security
raport - flaws in rpc part of libc |
Linux |
|
medium |
rpc,portmap |
|
|
111 |
|
|
| 4/15/99 |
no
admin password on aDSL routers |
Flow
point |
2000
ADSL Router |
medium |
router,telnet,password |
|
|
all,23 |
|
|
| 4/14/99 |
WU-ftpd
Worm |
Linux |
|
high |
wu-ftp |
|
|
21,20,31337 |
|
|
| 4/13/99 |
Cisco
IOS(R) Software Input Access List Leakage with NAT |
cisco
IOS |
12.0,
12.0S, and 12.0T |
medium |
|
|
|
|
|
|
| 4/13/99 |
Pandora
Hack |
Netware |
4.x,5 |
high |
|
|
|
|
|
|
| 4/10/99 |
New
Novell Remote.NLM Password Decryption Algorithm with Exploit |
Netware |
|
high |
Remote.NLM,password |
|
|
|
|
|
| 4/9/99 |
IE
5.0 security vulnerabilities - %01 bug again |
MS-Iexplorer |
5.0 |
high |
|
|
|
80 |
|
|
| 4/8/99 |
Using
ff.core under solaris 7 it is possible for a normal user to overwrite
arbitrary files |
Solaris |
7 |
high |
OpenWeirdos
File Mangler,ff.core |
|
|
OS |
|
|
| 4/8/99 |
Netscape
4.5 password decryption |
Netscape-browser |
4.5 |
high |
password,netscape |
|
|
OS |
|
|
| 4/6/99 |
packets
may pass unfiltered through fw-1 for brief periods of time (3-5 seconds)
while starting or stopping. |
Nokia
Firewall |
IP400,IP600,VPN200,VPN-1
RemoteLink |
medium |
|
|
|
23,80,21 |
nokia990406 |
http://support.iprg.nokia.com/resolutions/1402/fw-hotfix.tgz |
| 4/5/99 |
Security
Hole in Java 2 (and JDK 1.1.x) |
Netscape-browser |
4.5 |
high |
Java
Virutal Machine,byte code verifier |
|
|
80,443 |
|
|
| 4/5/99 |
An
issue with Apache on Debian |
Apache |
apache_1.3.3-7.deb |
low |
httpd,Alias
/doc/ /usr/doc/ |
|
|
80 |
|
|
| 4/5/99 |
Digital
Unix 4.0E /var permission |
DEC
UNIX |
4.0E |
high |
/var,permission |
|
|
OS |
|
|
| 4/4/99 |
Linux
2.x IPC vunerability and mmap |
Linux |
up
to 2.2.x |
high |
IPC,mmap |
|
|
OS |
|
|
| 4/4/99 |
Overflow
in CAC.Washington.EDU ipop3d 4.xx and in pine 4.xx (Linux) |
Linux
Redhat |
|
high |
ipop3d,pine |
|
|
110,143 |
|
|
| 4/4/99 |
Lockfile
vunerability in pine 4.xx (Linux) and in ipop3d 4.xx |
Linux
Redhat |
|
medium |
|
|
|
110, |
|
|
| 4/2/99 |
Possible
local DoS in sendmail can be extended to any mail system |
Sendmail |
|
medium |
|
|
|
25 |
|
|
| 4/1/99 |
VENGINE:
Polymorphizer for MS-Word macro viruses |
MS-Office |
97,2000 |
medium |
word |
|
|
OS |
|
|
| 4/1/99 |
Xylan
OmniSwitch "features" |
OmniSwitch |
until
3.1.8,3.2.3 |
medium |
telnet,snmp |
|
|
23,161,20,21 |
|
|
| 4/1/99 |
Potential
vulnerability in SCO TermVision Windows 95 client |
SCO |
5 |
high |
TermVision |
|
|
OS |
|
|
| 3/31/99 |
Papa.b
an Excel variant of Melissa |
MS-Office |
97,2000 |
medium |
excel |
|
|
|
|
|
| 3/31/99 |
HPSBUX9903-096
Security Vulnerability in MC/ServiceGuard & MC/LockManager |
HP-UX |
up
to 11.0 |
|
LockManager, |
|
|
OS |
included |
|
| 3/31/99 |
linux
insmod bug/security vulnerability |
Linux |
previous
to 2.2.2-pre6 |
medium |
insmod,/tmp, |
|
|
OS |
|
|
| 3/31/99 |
Vulnerability
in xfs .font-unix, bad symlink in /tmp |
Linux
Redhat |
5.1,5.2 |
high |
Packet
XFree86-xfs-3.3.3.1-1 |
|
|
OS |
redhat |
|
| 3/31/99 |
WebRamp
Denial of Service Attacks |
WebRamp |
|
medium |
access
device |
|
|
80,5353 |
|
http://www.rampnet.com/upgrades |
| 3/31/99 |
IE
5.0 allows reading and sending local files to a remote server |
MS-Iexplorer |
5.0 |
high |
Iexplorer |
|
|
80 |
|
|
| 3/29/99 |
Vulnerability
in /tmp with the name .X11-unix using symlink |
Linux
S.u.S.E. |
3.3.3-5 |
high |
.X11-unix,symlink,/tmp |
|
|
6000 |
included |
|
| 3/29/99 |
Bypassing
Excel Macro Virus Protection |
MS-Office |
97 |
low |
Excel |
|
|
25 |
|
|
| 3/27/99 |
Melissa
Macro Virus |
MS-Office |
97,2000 |
medium |
mail |
|
Cert-CA-99-04 |
25 |
|
|
| 3/26/99 |
Index
Server 2.0 and the Registry |
Windows
NT |
4.0 |
low |
index
server 2.0 |
|
|
|
|
|
| 3/24/99 |
Remote
Denial of Service Vulnerability in Cisco Catalyst Series Ethernet
Switches |
cisco
switch |
|
medium |
Catalyst
1200, 2900, 5000, and 5500 series switches are affected. 2900XL, 2926
are not affected. |
|
|
tbd |
|
|
| 3/24/99 |
Security
Vulnerability with ftp on HP-UX 11.00 |
HP-UX |
11.0 |
high |
ftp |
|
|
20,
21 |
|
PHCO_17601 |
| 3/24/99 |
DoS
for Linux 2.1.89 - 2.2.3: 0 length fragment bug |
Linux |
2.1.89
- 2.2.3 |
medium |
IP
stack |
|
|
ip |
|
|
| 3/24/99 |
IE
5 Vulnerabilities |
MS-Iexplorer |
5 |
low |
Iexplorer |
|
|
80 |
|
|
| 3/24/99 |
IE5
Cookies change behaviour when upgrading from IE4 |
MS-Iexplorer |
5 |
low |
cookies |
|
|
80 |
|
|
| 3/23/99 |
SSL
sessions can be reused in a different context from their original one |
OpenSSL |
up
to version 0.9.2b |
high |
Apache-SSL,
mod_ssl, Raven, Stronghold |
|
|
443 |
|
|
| 3/23/99 |
WU-FTPD
REMOTE EXPLOIT Version wu-2.4.2-academ[BETA-18](1) for linux x86 (redhat
5.2) |
Linux
Redhat |
5.2 |
high |
WU-FTPD |
|
|
25 |
|
|
| 3/23/99 |
Encrypted
mail sent from the Notes client may traverse the network in the clear
and may be stored on the mail server unencrypted. |
Notes
Server |
4.5 |
high |
Notes
encryption |
|
|
1325 |
|
|
| 3/20/99 |
Netscape
Communicator 4.5 comes with "talkback" |
Netscape-browser |
4.5 |
medium |
Netscape
Communicator 4.5, talkback |
SUSE |
|
OS |
|
version
4.51 from Netscape |
| 3/20/99 |
Eudora
Attachment Buffer Overflow |
Windows
All |
up
to eudora 4.2 |
medium |
Eudora |
|
|
25 |
|
|
| 3/19/99 |
ProMail
v1.21, an advanced freeware mail program for Windows 95/98, is a
trojan. |
W98 |
W95/98 |
high |
ProMail
v1.21 |
AEON |
|
25,110 |
|
|
| 3/18/99 |
The
default permissions on /dev/kmem is insecure |
Linux
S.u.S.E. |
SuSE
6.0 and below |
high |
devs-*,
lsof |
S.U.S.E |
|
OS |
included |
|
| 3/18/99 |
Security
Vulnerability with hpterm on HP-UX 10.20 |
HP-UX |
HP9000
Series 700 and Series 800, HP-UX release 10.20 only |
high |
hpterm |
HP |
|
6000-6063 |
|
PHSS_17830 |
| 3/18/99 |
Microsoft
SMTP Service can creates DoS to other mail servers |
Windows
NT |
4.0
with SP4 |
medium |
mail,
SMTP |
Bugtraq |
|
25 |
|
|
| 3/18/99 |
noexec
mount flag is not properly handled by non-root mount |
NetBSD |
1.3.3
and prior |
high |
mountd,
noexec |
NetBSD |
|
OS |
|
|
| 3/17/99 |
Security
hole in umapfs |
NetBSD |
amiga,
arm32, atari, bebox, i386, mac68k, macppc, newsmips, next68k,
next68k, ofppc, pmax, sparc, sparc64, vax, x68k |
high |
umapfs |
NetBSD |
NetBSD
Security Advisory 1999-006 |
OS |
|
ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/patches/19990311-umapfs |
| 3/17/99 |
Short-Term
High-Risk Vulnerability During Slackware 3.6 Network |
Linux
Slackware |
3.6 |
high |
"net.i"
boot
"net.i" boot image |
ISS |
|
23 |
|
|
| 3/15/99 |
LDAP
Buffer overflow against Microsoft Directory Services |
MS-Exchange |
5.5 |
high |
LDAP |
ISS |
|
389 |
ms99-009 |
http://www.microsoft.com/security/bulletins/ms99-009.asp |
| 3/13/99 |
Solaris
7 can be crashed by |
Solaris |
7 |
medium |
/usr/xpg4/bin/more
on /proc/self/psinfo |
Bugtraq |
bugid
is 4219071 |
OS |
|
|
| 3/12/99 |
Case
Sensitivity vulnerability |
Windows
NT |
(3.51,
4.0, 5.0) |
high |
trojan
any system executables |
cybermedia |
|
OS |
|
|
| 3/12/99 |
Patch
Available for Windows NT "Screen Saver" Vulnerability |
Windows
NT |
4 |
low |
winlogon.exe |
Microsoft |
previous
announce |
OS |
|
http://support.microsoft.com/support/kb/articles/q221/9/91.asp |
| 3/11/99 |
Shockwave
7 Security Hole |
Shockwave |
7 |
high |
Web
plug-in |
|
|
80 |
|
|
| 3/11/99 |
Cisco
7xx TCP and HTTP Vulnerabilities |
cisco
IOS |
7xx
series routers |
high |
telnet,
http |
CISCO |
|
25,80 |
included |
http://www.cisco.com/warp/public/791/sec_incident_response.shtml |
| 3/11/99 |
Bay
Networks firmware |
Bay-Wellfleet |
BayStack
350T HW:RevC FW:V1.01 SW:V1.2.0.10
BayStack 350T HW:RevC FW:V1.01 SW:V2.0.0.15 |
high |
BayStack
350 |
Bugtraq |
|
23 |
|
version
2.0.3.4 |
| 3/10/99 |
Linux
Blind TCP Spoofing |
Linux |
up
to and including 2.0.35. |
medium |
TCP
stack |
http://www.nai.com |
|
tcp |
|
http://www.redhat.com/support/docs/errata.html. |
| 3/10/99 |
Solaris
"/usr/bin/write" bug |
Solaris |
7,2.6
,2.5.1 |
low |
write |
Bugtraq |
|
OS |
|
|
| 3/10/99 |
Again
the virus Happy99 |
Windows
All |
|
low |
Ska,Happy99,
WSOCK32.SKA,SKA.EXE, I-Worm.Happy,PE_SKA,Happy |
|
|
25 |
|
|
| 3/9/99 |
Attack
were an SMTP server is probed for common names |
Sendmail |
|
medium |
SMTP
MTA |
Bugtraq |
|
25 |
|
|
| 3/9/99 |
Digital
Unix 4 protected password database |
DEC
UNIX |
4 |
high |
Enhanced
Security package, nis |
Bugtraq |
|
OS,
nis |
|
|
| 3/9/99 |
Screen
Saver vulnerability |
Windows
NT |
NT
3.51 and all its service packs, NT 4.0 with Service Pack 1, and NT 5.0
beta1 and beta2 |
low |
Winlogon.Exe |
http://www.cybermedia.co.in |
|
OS |
|
|
| 3/8/99 |
Winfreeze
EXPLOIT Win9x/NT |
Windows
All |
|
medium |
icmp
route |
|
|
icmp |
|
|
| 3/8/99 |
Password
and DOS Vulnerability with Testrack (bug trackin software) |
TestTrack |
|
medium |
ttcgi.exe |
|
|
99 |
|
|
| 3/8/99 |
X
server font path buffer overflow vulnerability |
IRIX |
up
to 6.5 |
high |
X
server's
font path |
|
19990301-01-PX |
6000 |
from
ver 6.5.1 |
19990301-01-PX |
| 3/8/99 |
Netscape
Communicator find() vulnerabilities |
Netscape-browser |
up
to 4.5 |
low |
Communicator |
Bugtraq |
|
80 |
|
|
| 3/8/99 |
HP
printer vulnerabilities |
HP
printer |
HP 5
series network printers A05.08 |
medium |
printer |
Bugtraq |
|
161 |
BETA
A.05.09 |
|
| 3/8/99 |
ISAPI
Extension vulnerability allows to execute code as SYSTEM |
MS-IIS |
4 |
high |
CGI |
Bugtraq |
|
80 |
|
|
| 3/7/99 |
Little
exploit for startup scripts (SCO 5.0.4p). |
SCO |
5.0.4p |
medium |
boot |
Bugtraq |
SCO |
OS |
|
|
| 3/5/99 |
Buffer
overflow in /usr/bin/cancel. |
Solaris |
2.6 |
high |
/usr/bin/cancel |
Bugtraq |
|
OS |
included |
http://sunsolve.sun.com/sunsolve/pubpatches/patches.html |
| 3/4/99 |
local
root comprimise in /usr/bin/gnuplot version Linux version 3.5 |
Linux
S.u.S.E. |
3.5 |
high |
GNU
plot |
Bugtraq |
|
OS |
gnuplot
release 3.7 |
|
| 3/4/99 |
password
in plaintext, and file has permissions that enable anyone to view it. |
Oracle |
8.0.3 |
high |
Oracle
8.0.3 on NT 4.0 |
Bugtraq |
|
OS |
|
|
| 3/4/99 |
Security
Vulnerability with NES3.6 on VVOS |
HP-UX |
10.24 |
medium |
Virtual
Vault |
HP |
HP |
|
inclulded |
|
| 3/2/99 |
XCmail
remotely exploitable vulnerability |
Xcmail |
|
high |
Xcmail |
|
|
25 |
|
|
| 3/1/99 |
Multiple
IMail Vulnerabilites |
Imail |
5.0 |
high |
mail,
Imap, Imonitor, LDAP, Imail web services, whois32 |
eEye |
|
143,389,8181,8383,43 |
|
|
| 2/26/99 |
SUPER's
log function buffer overflow |
Linux
Debian |
3.19 |
high |
super |
www.sekure.org |
|
OS |
patch |
super-3.12.1.tar.gz |
| 2/26/99 |
Spam
with trojan horse installed |
Windows
All |
all |
high |
mail
spam trojan |
Bugtraq |
|
20043 |
|
|
| 2/26/99 |
IIS4
allows proxied password attacks over NetBIOS |
Windows
NT |
4 |
high |
IIS
4 |
|
|
80 |
|
|
| 2/25/99 |
Obtaining
password information from history files on a Cobalt RaQ |
UNIX |
|
high |
Cobalt
RaQ |
Bugtraq |
|
23,80 |
|
|
| 2/25/99 |
Firewall97
for Digital Unix is affected by a buffer overflow bug present in BIND
versions prior to 4.9.7 |
Altavista-firewall |
firewall97 |
medium |
dns,
named,bind |
Bugtraq |
|
53,8053,8153 |
patch |
|
| 2/23/99 |
Taskpads
Let Web Sites invoke executables on User's computer |
MS-Backoffice |
4.0
W98 |
high |
BackOffice
Resource Kit
Windows 98 Resource Kit and Windows 98 Resource
Kit Sampler |
support.microsoft.com |
http://support.microsoft.com/support/kb/articles/Q218/6/19.ASP |
80 |
|
ftp://ftp.microsoft.com/reskit/nt4/x86/taskpads/ |
| 2/23/99 |
Process
Table Attack |
UNIX |
|
medium |
inetd |
Bugtraq |
|
all |
|
|
| 2/22/99 |
InterScan
Viruswall: Any user can download binaries and virus infected files
though the VirusWall |
Solaris |
|
high |
Interscan
Viruswall |
Bugtraq |
|
80,25,
21 |
|
http:://www.antivirus.com |
| 2/20/99 |
More
Buffer Overflows in Digital Unix |
DEC
UNIX |
4.0D |
high |
nsralist,
rdist, networker, at, inc |
Bugtraq |
|
OS |
|
http://ftp.service.digital.com/patches/public/unix/v4.0/ssrt0583u.README |
| 2/19/99 |
Fix
Available for Windows NT "KnownDLLs List" Vulnerability |
Windows
NT |
3.5,
3.51, and 4.0, Standard and Enterprise Editions |
high |
DLL's |
Microsoft |
MS99-006 |
OS |
|
MS99-006 |
| 2/19/99 |
Vulnerability
in ToolTalk RPC Service |
IRIX |
6.2-6.5.3 |
high |
ToolTalk
RPC Service |
SGI |
19981101-01-PX |
111 |
README.patch.3510 |
|
| 2/19/99 |
Windows
Backdoors Update II: |
Windows
All |
|
high |
NetBus
2.0 Pro, Caligula, and Picture.exe |
ISS |
|
20034,20043,
can be changed |
|
|
| 2/18/99 |
ICMP
attack still in use |
W98 |
|
medium |
ping |
Bugtraq |
|
icmp |
|
|
| 2/18/99 |
Debian
GNU/Linux 2.0r5 released (fwd) |
Linux
Debian |
|
|
|
|
|
|
|
|
| 2/18/99 |
Windows
NT : any local user can gain administator privileges and/or take full
control over the system |
Windows
NT |
4.0 |
high |
DLLs |
L0pht |
l0pht-advisories |
OS |
MS99-006-update |
ms99-006.asp |
| 2/18/99 |
Netscape
Communicator window spoofing bug |
Netscape-browser |
up
to 4.51 |
low |
Communicator |
Bugtraq |
|
80 |
|
|
| 2/17/99 |
Buffer
overflow in lsof version 4.40 and prior |
Linux |
|
high |
lsof
version 4.4 and prior |
HERT |
HERT
002 |
OS |
debian |
4.40/arg.c.patch |
| 2/16/99 |
Stack
Overflow in NFR Web Server |
NFR |
2.0.2 |
high |
Network
Flight Recorder |
NAI |
|
2001 |
2.0-p3 |
NFR |
| 2/15/99 |
PPTP
Revision |
Windows
All |
|
high |
PPTP |
Bugtraq |
|
|
|
|
| 2/15/99 |
Remote
attackers could gain access to database mSQL |
UNIX |
2.0.6
and below |
low |
mSQL
(Mini SQL) 2.0.6 and below |
KSR |
|
|
|
mSQL
(2.0.7) |
| 2/15/99 |
Buffer
Overflow in "Super" package in Debian Linux |
Linux
Debian |
3.9.6
through 3.11.6 |
high |
Super |
ISS |
|
OS |
|
|
| 2/14/99 |
Mail-Max
Remote Buffer Overflow Exploit |
MailMax |
|
high |
SMTP
server for windows 95/98/NT |
|
|
25 |
|
|
| 2/14/99 |
Two
traceroute's bugs allow any user to use it as a udp or icmp flooder |
UNIX |
Debian,
Slackware, RedHat (all of them with 2.0.34 kernel)
Digital Unix V4.0
Free BSD |
medium |
traceroute |
Bugtraq |
|
icmp
any udp |
included |
|
| 2/12/99 |
Sun
Solaris Vulnerabilities (sdtcm_convert, man/catman, CDE) |
Solaris |
7,
7_x86, 2.6, 2.6_x86, 2.5.1,
2.5.1_x86, 2.5,25_x86, 2.4 and 2.4_x86 running CDE |
high |
catman
utility
sdtcm_convert
CDE |
CIAC |
SUN |
|
|
sunsolve
patches |
| 2/12/99 |
BackOffice
Server 4.0 Does Not Delete Installation Setup File |
MS-Backoffice |
4.0 |
high |
SQL
Server
Exchange Server
Transaction Server |
microsoft |
ms99-005 |
OS |
|
ms99-005 |
| 2/11/99 |
Digital
Unix Vulnerabilities ( at , inc ) |
DEC
UNIX |
V4.0,
V4.0a, V4.0b, V4.0c, V4.0d, V4.0e. |
high |
"at"
and "inc" commands |
CIAC |
Local
Bugtraq |
OS |
|
Digital
patch_servicel |
| 2/10/99 |
HP-UX
rpc.pcnfsd Vulnerability |
HP-UX |
10.01,
10.10,10.20,11.00 |
high |
rpc.pcnfsd |
CIAC |
|
111 |
|
|
| 2/10/99 |
WU-ftp:
A security vulnerability has been identified in all versions of the
wu-ftpd |
Linux
Redhat |
4.2,
5.0, 5.1, and 5.2 |
high |
wu-ftp |
Red
hat |
netect-advisory_0209 |
21,20 |
|
wu-ftpd-2.4.2b18-2.1 |
| 2/9/99 |
Remote
buffer overflows in various FTP servers leads to potential root |
Linux |
|
high |
ProFTPD
(1.2.0pre1)
Wuarchive ftpd (2.4.2-academ[BETA-18]) |
Netect |
|
|
patch |
|
| 2/8/99 |
Patch
Available for Authentication Processing Error in Windows NT (r) 4.0 |
Windows
NT |
4
with SP4 |
high |
SAM
databases |
Microsoft |
|
137,138 |
MS99-004 |
http://support.microsoft.com/support/kb/articles/q214/8/40.asp |
| 2/5/99 |
Microsoft
Access 97 databases protected with a password are stored in foreign
mdb's table attachements as plaintext. |
MS-Office |
97 |
high |
Access |
Bugtraq |
|
|
|
|
| 2/5/99 |
Widespread
Router Access Port DoS |
cisco
IOS |
up
to 12.0 |
medium |
telnet |
Bugtraq |
|
23,2001,4001,6001,9001 |
|
|
| 2/4/99 |
Microsoft
Access 97 Stores Database Password as Plaintext |
MS-Office |
|
high |
Access
97 |
Bugtraq |
|
80
with ASP |
|
|
| 2/3/99 |
TROJAN:
netstation.navio-comm.rte 1.1.0.1 |
AIX |
|
high |
netstation.navio-com.rte
1.1.0.1 |
Bugtraq |
|
2049
nfs |
|
|
| 2/2/99 |
WS_FTP
Server Remote DoS Attack |
Windows
NT |
|
medium |
WS_FTP
Server Version 1.0.1.E/1.0.2.E |
eEye |
|
|
|
|
| 2/2/99 |
W97M.Footprint
Macro Virus Detected |
MS-Office |
97 |
medium |
Word
97 |
CIAC |
|
25,80,21 |
|
|
| 1/25/99 |
IIS
Remote FTP Exploit/DoS Attack |
Windows
NT |
Windows
NT 4.0 (SP4) IIS 3.0 / 4.0, Windows 95/98 PWS 1.0 |
medium |
IIS
3.0 / 4.0 |
Bugtraq |
|
21,20 |
MS99-003 |
http://support.microsoft.com/support/kb/articles/q188/3/48.asp |
| 1/25/99 |
Multiple
vulnerabilities in ControlIT(tm) (formerly Remotely Possible/32)
enterprise management software |
ControlIT |
4.5 |
high |
Computer
Associates ControlIT |
ISS |
ISS |
799 |
|
http://www.cai.com/ |
| 1/23/99 |
Potential
Denial of service with CGI.pm |
All |
5.005_02 |
medium |
perl |
|
|
80,443 |
included |
|
| 1/22/99 |
Firewall-1
product which can allow an attacker to pass traffic through the firewall
which the administrator may not have intended to allow in |
Nokia
Firewall |
all |
medium |
Firewall-1 |
geek-speak.net |
|
|
|
|
| 1/22/99 |
Trojan
Horse Version of util-linux |
Linux |
2.9 |
high |
util-linux-2.9g.tar.gz |
CERT |
CA-99-02 |
OS |
|
|
| 1/21/99 |
Trojan
horse version of TCP Wrappers |
All |
|
high |
TCP
Wrappers |
Bugtraq |
CERT
Advisory CA-99-01 |
1 |
Trojan
horse version of TCP Wrappers |
|
| 1/21/99 |
Patch
Available for exposure in Forms 2.0 TextBox |
Windows
All |
|
low |
The
Forms 2.0 ActiveX control Visual Basic for Applications 5.0- Microsoft
Office 97
- Microsot Outlook 98
- Microsoft Project 98
- Microsoft Visual Basic 5.0
- Any third-party product that includes Visual
Basic for Applications 5.0 |
Microsoft |
Microsoft
Knowledge Base (KB) article Q214757 |
|
|
|
| 1/21/99 |
Quakenbush
Windows NT Password Appraiser |
Windows
NT |
4.0 |
high |
Quakenbush
password cracker |
L0pht |
Advisory |
80 |
|
|
| 1/21/99 |
Patch
Available for "Word 97 Template" Vulnerability |
MS-Office |
97 |
|
Word
97 Template |
Microsoft |
|
|
|
ms99-002 |
| 1/20/99 |
select(2)/accept(2)
race condition in TCP servers |
NetBSD |
4.4 |
medium |
tcpip |
The
NetBSD Foundation |
NetBSD
Security Advisory 1999-001 |
all |
|
NETBSD |
| 1/19/99 |
Vulnerability
in the BackWeb Polite Agent Protocol |
|
|
|
backweb |
|
|
|
|
|
| 1/16/99 |
Redirection
attack and 'Headers prescan' DoS |
Sendmail |
Sendmail
8.8.x/8.9.x. |
medium |
sendmail |
Bugtraq |
|
25 |
|
Sendmail
8.9.2 |
| 1/10/99 |
Buffer
overflow in www.boutell.com cgic library |
|
1.05 |
high |
cgiFormEntryString(),
cgic library |
|
|
80 |
|
|
| 1/6/99 |
Remote
Explorer |
Windows
NT |
4.0 |
high |
virus |
ISS |
|
|
|
|
| 1/3/99 |
ACC's'Tigris'
Access Terminal server security vunerability.. |
Tigris |
up
to (and including) 10.5.8 |
medium |
|
bugtraq |
|
|
ver
11.1.24 |
ver
11.1.24 |
| 1/3/99 |
any
user configured under suGuard can execute any command as root |
suGuard |
1.0 |
high |
suGuard |
L0pht |
Advisory |
|
|
|