Weekly Vulnerabilities Reports > November 1 to 7, 1999

Overview

25 new vulnerabilities reported during this period, including 1 critical vulnerabilities and 14 high severity vulnerabilities. This weekly summary report vulnerabilities in 27 products from 22 vendors including Microsoft, SUN, Trend Micro, SGI, and SCO. Vulnerabilities are notably categorized as "Permissions, Privileges, and Access Controls", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 15 reported vulnerabilities are remotely exploitables.
  • 25 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 4 reported vulnerabilities.
  • Realnetworks has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

1 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
1999-11-04 CVE-1999-0896 Realnetworks Unspecified vulnerability in Realnetworks Realserver G2 1.0

Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password.

10.0

14 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
1999-11-07 CVE-1999-1533 Trend Micro Denial of Service vulnerability in Trend Micro Interscan Viruswall 3.2.3/3.3

Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause a denial of service (hang) via a long password argument to the login.htm file in its HTTP service.

7.5
1999-11-07 CVE-1999-1529 Trend Micro Buffer Overflow vulnerability in Trend Micro Interscan Viruswall 3.23/3.3

A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code.

7.5
1999-11-04 CVE-1999-1065 Palm Pilot Unspecified vulnerability in Palm Pilot Hotsync Manager 3.0.4

Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 14238 while the manager is in network mode.

7.5
1999-11-02 CVE-1999-1531 IBM Unspecified vulnerability in IBM Homepageprint 1.0.7

Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.

7.5
1999-11-02 CVE-1999-0947 AN Unspecified vulnerability in AN An-Httpd 1.2B

AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.

7.5
1999-11-01 CVE-1999-0354 Microsoft Unspecified vulnerability in Microsoft Internet Explorer and Word

Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content.

7.5
1999-11-04 CVE-1999-1571 SCO Buffer Overflow vulnerability in SCO Openserver 5.0.0/5.0.5

Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.

7.2
1999-11-04 CVE-1999-1340 Hylafax Buffer Overflow vulnerability in Hylafax 4.0.2

Buffer overflow in faxalter in hylafax 4.0.2 allows local users to gain privileges via a long -m command line argument.

7.2
1999-11-04 CVE-1999-0899 Microsoft Permissions, Privileges, and Access Controls vulnerability in Microsoft Windows NT 4.0

The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider.

7.2
1999-11-04 CVE-1999-0898 Microsoft Buffer Errors vulnerability in Microsoft Windows NT 4.0

Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request.

7.2
1999-11-02 CVE-1999-0949 SGI
SUN
Turbolinux
Buffer Overflow vulnerability in Canna subsystem 'uum'

Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.

7.2
1999-11-02 CVE-1999-0948 SGI
SUN
Turbolinux
Buffer Overflow vulnerability in Canna subsystem 'uum'

Buffer overflow in uum program for Canna input system allows local users to gain root privileges.

7.2
1999-11-01 CVE-1999-1517 Freebsd Unspecified vulnerability in Freebsd 3.3

runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user to overwrite or read arbitrary files by providing the target files to runtar.

7.2
1999-11-01 CVE-1999-0830 SCO Local Security vulnerability in SCO Unixware 7.0

Buffer overflow in SCO UnixWare Xsco command via a long argument.

7.2

8 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
1999-11-02 CVE-1999-0946 Yamaha Unspecified vulnerability in Yamaha Midiplug 1.1Bj

Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag.

5.1
1999-11-04 CVE-1999-1509 Etype Directory Traversal vulnerability in Etype Eserv 2.50

Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a ..

5.0
1999-11-04 CVE-1999-0887 Floosietek Unspecified vulnerability in Floosietek Ftgate 2.1

FTGate web interface server allows remote attackers to read files via a ..

5.0
1999-11-04 CVE-1999-0843 Cisco Denial-Of-Service vulnerability in Cisco Router

Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port.

5.0
1999-11-03 CVE-1999-0904 Byte Fusion Unspecified vulnerability in Byte Fusion Bftelnet 1.1

Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username.

5.0
1999-11-01 CVE-1999-0854 Infopop Unspecified vulnerability in Infopop Ultimate Bulletin Board 5.07

Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file.

5.0
1999-11-01 CVE-1999-0829 HP Remote Security vulnerability in Secure Web Console

HP Secure Web Console uses weak encryption.

5.0
1999-11-01 CVE-1999-1077 Apple Unspecified vulnerability in Apple Macos 9

Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock.

4.6

2 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
1999-11-03 CVE-1999-0885 Computer Software Manufaktur CGI vulnerability in Computer Software Manufaktur Alibaba 2.0

Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.

3.6
1999-11-01 CVE-1999-0827 Microsoft
Netscape
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
2.6