CVE List
| Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
|---|---|---|---|---|---|---|---|
| 1896 | CVE-2000-0318 | Entry | Atrium Mercur Mail Server 3.2 allows local attackers to read other user"s email and create arbitrary files via a dot dot (..) attack. | View | |||
| 1897 | CVE-2000-0319 | Entry | mail.local in Sendmail 8.10.x does not properly identify the . string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in . . | View | |||
| 1898 | CVE-2000-0320 | Entry | Qpopper 2.53 and 3.0 does not properly identify the string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 1023 characters long and ends in . | View | |||
| 1899 | CVE-2000-0321 | Candidate | Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name. | Proposed (20000518) | ACCEPT(1) Levy | MODIFY(1) Frech | NOOP(4) Baker, Cole, LeBlanc, Wall | REJECT(1) Christey | Frech> XF:icradius-username-bo | Every reference I pull up shows the product"s name as ICRADIUS. See | http://mysql.eunet.fi/Downloads/Contrib/icradius.README | Christey> In a followup, Alan DeKok (aland@FREERADIUS.ORG) says that | this could occur in other RADIUS servers also; however, the | bug could only be exploited if someone has altered the | configuration file, which shouldn"t normally be modifiable | by anyone else. | | So, this should be REJECTed since the bug doesn"t directly give | anyone else any additional privileges or access. | Christey> Alan DeKok <aland@FREERADIUS.ORG> says it applies to other RADIUS | programs also, *however* since it needs a valid username, only | the RADIUS owner can exploit it by changing the config file. But | if the config file can be written by others - well, that"s still | a potential risk, but you"ve probably got bigger problems then. | - http://marc.theaimsgroup.com/?l=bugtraq&m=95671883515060&w=2 | Look at ChangeLog at ftp://ftp.cheapnet.net/pub/icradius/ChangeLog | | Possible confirmation in 0.15: "sql_getvpdata now dynamically | allocates buffer sizes for sql queries to avoid over runs" | | But that"s a bit general. | | Alan Kok said that Cistron and other RADIUS servers were affected; the | ICRADIUS changelog says to check the Cistron logs for other possible | bug fixes, since ICRADIUS uses Cistron codebase. Go back to | freeradius.org and find link to Cistron at | http://www.miquels.cistron.nl/radius/ | | Cistron changelog at http://www.miquels.cistron.nl/radius/ChangeLog It | has different version numbers - go back to ICRADIUS changelog to find | rought equivalents. ICRADIUS 0.15 uses Cistron 1.6.3 patches, so | start from there. | | No apparent problems in 1.6.3 or 1.6.4, but 1.6.1 says: "Fix all | strcpy(), strcat(), sprintf() and sccanf() calls for buffer | overflows." So perhaps the problem was fixed then? Or maybe the | vulnerable sscanf() call was missed and/or disregarded because it was | believed that the hostname could be trusted since it came from a | well-controlled configuration file? | View |
| 1900 | CVE-2000-0322 | Entry | The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters. | View |
Page 380 of 20943, showing 5 records out of 104715 total, starting on record 1896, ending on 1900
