SPcits

SPcits http://spcits.com Innovating World Wide Web Fri, 18 May 2012 13:21:01 +0000 en hourly 1 http://wordpress.org/?v=3.3.2 CVE-2000-0546 http://spcits.com/2012/05/cve-2000-0546/ http://spcits.com/2012/05/cve-2000-0546/#comments Fri, 18 May 2012 13:21:01 +0000 Shubhneet Goel http://spcits.com/2012/05/cve-2000-0546/ (more...)]]> Description:- Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function. References:- BUGTRAQ:20000609 Security Advisory: MULTIPLE DENIAL OF SERVICE VULNERABILITIES IN KRB4 KDC | URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0064.html | CONFIRM:http://web.mit.edu/kerberos/www/advisories/krb4kdc.txt | CERT:CA-2000-1 Phase:- Proposed (20000712) Vote:- ACCEPT(2) Levy Ozancin | MODIFY(2) Cox Frech | NOOP(3) Christey LeBlanc Wall Comments:- N/A ]]> http://spcits.com/2012/05/cve-2000-0546/feed/ 0 CVE-2000-0545 http://spcits.com/2012/05/cve-2000-0545/ http://spcits.com/2012/05/cve-2000-0545/#comments Fri, 18 May 2012 13:21:00 +0000 Shubhneet Goel http://spcits.com/2012/05/cve-2000-0545/ (more...)]]> Description:- Buffer overflow in mailx mail command (aka Mail) on Linux systems allows local users to gain privileges via a long -c (carbon copy) parameter. References:- BUGTRAQ:20000602 /usr/bin/Mail exploit for Slackware 7.0 (mail-slack.c) | URL:http://archives.neohapsis.com/archives/bugtraq/2000-05/0435.html | DEBIAN:20000605 mailx: mail group exploit in mailx | URL:http://www.debian.org/security/2000/20000 Phase:- Proposed (20000712) Vote:- ACCEPT(2) Levy Ozancin | MODIFY(1) Frech | NOOP(2) LeBlanc Wall | REVIEWING(1) Christey Comments:- N/A ]]> http://spcits.com/2012/05/cve-2000-0545/feed/ 0 CVE-2000-0544 http://spcits.com/2012/05/cve-2000-0544/ http://spcits.com/2012/05/cve-2000-0544/#comments Fri, 18 May 2012 13:20:59 +0000 Shubhneet Goel http://spcits.com/2012/05/cve-2000-0544/ (more...)]]> Description:- Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length. References:- NTBUGTRAQ:20000604 anonymous SMBwriteX DoS | URL:http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0231.html | BID:1304 | URL:http://www.securityfocus.com/bid/1304 Phase:- Proposed (20000712) Vote:- ACCEPT(2) LeBlanc Levy | MODIFY(1) Frech | NOOP(1) Ozancin | REVIEWING(2) Christey Wall Comments:- N/A ]]> http://spcits.com/2012/05/cve-2000-0544/feed/ 0 CVE-2000-0543 http://spcits.com/2012/05/cve-2000-0543/ http://spcits.com/2012/05/cve-2000-0543/#comments Fri, 18 May 2012 13:20:58 +0000 Shubhneet Goel http://spcits.com/2012/05/cve-2000-0543/ (more...)]]> Description:- The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000. References:- BUGTRAQ:20000614 Remote DoS attack in Networks Associates PGP Certificate Server Version 2.5 Vulnerability | URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0107.html | BID:1343 | URL:http://www.securityfocus.com/bid/1343 | XF:p Phase:- Modified (20001010-1) Vote:- ACCEPT(5) Baker Cole Collins Levy Ozancin | MODIFY(1) Frech | NOOP(1) Armstrong | REVIEWING(1) Christey Comments:- N/A ]]> http://spcits.com/2012/05/cve-2000-0543/feed/ 0 CVE-2000-0542 http://spcits.com/2012/05/cve-2000-0542/ http://spcits.com/2012/05/cve-2000-0542/#comments Fri, 18 May 2012 13:20:58 +0000 Shubhneet Goel http://spcits.com/2012/05/cve-2000-0542/ (more...)]]> Description:- Tigris remote access server before 11.5.4.22 does not properly record Radius accounting information when a user fails the initial login authentication but subsequently succeeds. References:- BUGTRAQ:20000612 ACC/Ericsson Tigris Accounting Failure | URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0104.html | BID:1345 | URL:http://www.securityfocus.com/bid/1345 | XF:tigris-radius-login-failure | URL:http://xforce. Phase:- N/A Vote:- N/A Comments:- N/A ]]> http://spcits.com/2012/05/cve-2000-0542/feed/ 0 CVE-2000-0541 http://spcits.com/2012/05/cve-2000-0541/ http://spcits.com/2012/05/cve-2000-0541/#comments Fri, 18 May 2012 13:20:57 +0000 Shubhneet Goel http://spcits.com/2012/05/cve-2000-0541/ (more...)]]> Description:- The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command. References:- BUGTRAQ:20000617 Infosec.20000617.panda.a | URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0164.html | XF:panda-antivirus-remote-admin(4707) | URL:http://xforce.iss.net/xforce/xfdb/4707 | BID:1359 | URL:http://www.securityf Phase:- N/A Vote:- N/A Comments:- N/A ]]> http://spcits.com/2012/05/cve-2000-0541/feed/ 0 CVE-2000-0540 http://spcits.com/2012/05/cve-2000-0540/ http://spcits.com/2012/05/cve-2000-0540/#comments Fri, 18 May 2012 13:20:56 +0000 Shubhneet Goel http://spcits.com/2012/05/cve-2000-0540/ (more...)]]> Description:- JSP sample files in Allaire JRun 2.3.x allow remote attackers to access arbitrary files (e.g. via viewsource.jsp) or obtain configuration information. References:- ALLAIRE:ASB00-015 | URL:http://www.allaire.com/handlers/index.cfm?ID=16290&Method=Full | BID:1386 | URL:http://www.securityfocus.com/bid/1386 | XF:jrun-read-sample-files | URL:http://xforce.iss.net/static/4774.php | OSVDB:2713 | Phase:- N/A Vote:- N/A Comments:- N/A ]]> http://spcits.com/2012/05/cve-2000-0540/feed/ 0 CVE-2000-0538 http://spcits.com/2012/05/cve-2000-0538/ http://spcits.com/2012/05/cve-2000-0538/#comments Fri, 18 May 2012 13:20:55 +0000 Shubhneet Goel http://spcits.com/2012/05/cve-2000-0538/ (more...)]]> Description:- ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial of service via a long login password. References:- BUGTRAQ:20000607 New Allaire ColdFusion DoS | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=96045469627806&w=2 | ALLAIRE:ASB00-14 | URL:http://www.allaire.com/handlers/index.cfm?ID=16122&Method=Full | BID:1314 | URL:http://www.security Phase:- N/A Vote:- N/A Comments:- N/A ]]> http://spcits.com/2012/05/cve-2000-0538/feed/ 0 CVE-2000-0537 http://spcits.com/2012/05/cve-2000-0537/ http://spcits.com/2012/05/cve-2000-0537/#comments Fri, 18 May 2012 13:20:52 +0000 Shubhneet Goel http://spcits.com/2012/05/cve-2000-0537/ (more...)]]> Description:- BRU backup software allows local users to append data to arbitrary files by specifying an alternate configuration file with the BRUEXECLOG environmental variable. References:- BUGTRAQ:20000606 BRU Vulnerability | URL:http://archives.neohapsis.com/archives/bugtraq/2000-06/0013.html | CALDERA:CSSA-2000-018.0 | URL:http://www.calderasystems.com/support/security/advisories/CSSA-2000-018.0.txt | BID:1321 | URL:ht Phase:- N/A Vote:- N/A Comments:- N/A ]]> http://spcits.com/2012/05/cve-2000-0537/feed/ 0 CVE-2000-0536 http://spcits.com/2012/05/cve-2000-0536/ http://spcits.com/2012/05/cve-2000-0536/#comments Fri, 18 May 2012 13:20:51 +0000 Shubhneet Goel http://spcits.com/2012/05/cve-2000-0536/ (more...)]]> Description:- xinetd 2.1.8.x does not properly restrict connections if hostnames are used for access control and the connecting host does not have a reverse DNS entry. References:- CONFIRM:http://www.synack.net/xinetd/ | DEBIAN:20000619 xinetd: bug in access control mechanism | URL:http://www.debian.org/security/2000/20000619 | BID:1381 | URL:http://www.securityfocus.com/bid/1381 | XF:xinetd-improper-restrictions Phase:- N/A Vote:- N/A Comments:- N/A ]]> http://spcits.com/2012/05/cve-2000-0536/feed/ 0