Weekly Vulnerabilities Reports > January 25 to 31, 1999

Overview

16 new vulnerabilities reported during this period, including 4 critical vulnerabilities and 8 high severity vulnerabilities. This weekly summary report vulnerabilities in 13 products from 8 vendors including Microsoft, Linux, IBM, SUN, and SGI. Vulnerabilities are notably categorized as "Information Exposure", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 11 reported vulnerabilities are remotely exploitables.
  • 16 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 6 reported vulnerabilities.
  • Linux has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

4 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
1999-01-29 CVE-2000-0370 Caldera Unspecified vulnerability in Caldera Openlinux

The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command.

10.0
1999-01-28 CVE-1999-0461 SGI
Linux
Remote Security vulnerability in Linux Kernel

Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address.

10.0
1999-01-26 CVE-1999-0347 Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character.
10.0
1999-01-25 CVE-1999-0356 Remote Security vulnerability in ControlIT

ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book.

10.0

8 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
1999-01-26 CVE-1999-0449 Microsoft Unspecified vulnerability in Microsoft Internet Information Server 4.0

The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.

7.8
1999-01-27 CVE-1999-1450 SCO Unspecified vulnerability in SCO Openserver and Unixware

Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.

7.5
1999-01-27 CVE-1999-0349 Microsoft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Information Server 3.0/4.0

A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.

7.5
1999-01-26 CVE-1999-0450 Microsoft Unspecified vulnerability in Microsoft products

In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).

7.5
1999-01-30 CVE-1999-0360 Microsoft Unspecified vulnerability in Microsoft Site Server 2.0

MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely.

7.2
1999-01-28 CVE-1999-0952 SUN Unspecified vulnerability in SUN Solaris and Sunos

Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.

7.2
1999-01-25 CVE-1999-1458 Digital Unspecified vulnerability in Digital Unix

Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument.

7.2
1999-01-25 CVE-1999-0352 Local Security vulnerability in ControlIT

ControlIT 4.5 and earlier (aka Remotely Possible) has weak password encryption.

7.2

4 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
1999-01-29 CVE-1999-1546 IBM Unspecified vulnerability in IBM Navio NC Browser 1.1.0.1

netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable.

5.0
1999-01-27 CVE-1999-0348 Microsoft Information Exposure vulnerability in Microsoft Internet Information Server 4.0

IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.

5.0
1999-01-25 CVE-1999-0357 Microsoft Denial-Of-Service vulnerability in Windows 98SE

Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets.

5.0
1999-01-26 CVE-1999-0400 Linux Unspecified vulnerability in Linux Kernel 2.2.0

Denial of service in Linux 2.2.0 running the ldd command on a core file.

4.6

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS