Weekly Vulnerabilities Reports > December 6 to 12, 1999
Overview
13 new vulnerabilities reported during this period, including 3 critical vulnerabilities and 3 high severity vulnerabilities. This weekly summary report vulnerabilities in 15 products from 10 vendors including Microsoft, SUN, Debian, Redhat, and Linux. Vulnerabilities are notably categorized as and "Link Following".
- 11 reported vulnerabilities are remotely exploitables.
- 13 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 3 reported vulnerabilities.
- SUN has the most reported critical vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
3 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 1999-12-10 | CVE-1999-0977 | SUN | Authentication vulnerability in Solaris sadmind Disabled Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request. | 10.0 |
| 1999-12-09 | CVE-1999-0974 | SUN | Unspecified vulnerability in SUN Solaris and Sunos Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service. | 10.0 |
| 1999-12-07 | CVE-1999-0973 | SUN | Unspecified vulnerability in SUN Solaris and Sunos Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. | 10.0 |
3 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 1999-12-09 | CVE-1999-0978 | Debian | Unspecified vulnerability in Debian Linux 2.1 htdig allows remote attackers to execute commands via filenames with shell metacharacters. | 7.5 |
| 1999-12-09 | CVE-1999-0972 | Wolfpack Development | Unspecified vulnerability in Wolfpack Development Xshipwars 1.0/1.2.4 Buffer overflow in Xshipwars xsw program. | 7.5 |
| 1999-12-06 | CVE-1999-0989 | Microsoft | Unspecified vulnerability in Microsoft IE 5/5.0 Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol. | 7.5 |
5 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 1999-12-08 | CVE-1999-0981 | Microsoft | Link Following vulnerability in Microsoft Internet Explorer Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect." | 5.1 |
| 1999-12-12 | CVE-1999-0289 | Apache | Unspecified vulnerability in Apache Http Server The Apache web server for Win32 may provide access to restricted files when a . | 5.0 |
| 1999-12-08 | CVE-1999-0986 | Debian Linux Redhat | The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option. | 5.0 |
| 1999-12-06 | CVE-1999-0991 | Goodtech | Unspecified vulnerability in Goodtech Telnet Server NT 2.2.1 Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name. | 5.0 |
| 1999-12-10 | CVE-1999-0975 | Microsoft | Unspecified vulnerability in Microsoft Windows 95, Windows 98 and Windows NT The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed. | 4.6 |
2 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 1999-12-12 | CVE-1999-1009 | Disney | Unspecified vulnerability in Disney GO Express Search The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system. | 2.6 |
| 1999-12-07 | CVE-1999-0976 | Eric Allman | Unspecified vulnerability in Eric Allman Sendmail 8.9.3 Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail. | 2.1 |