Weekly Vulnerabilities Reports > January 17 to 23, 2000
Overview
15 new vulnerabilities reported during this period, including 4 critical vulnerabilities and 3 high severity vulnerabilities. This weekly summary report vulnerabilities in 20 products from 14 vendors including Microsoft, Nortel, Redhat, HP, and Freebsd. Vulnerabilities are notably categorized as .
- 9 reported vulnerabilities are remotely exploitables.
- 15 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 3 reported vulnerabilities.
- Redhat has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
4 Critical Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2000-01-21 | CVE-2000-0093 | Redhat | Unspecified vulnerability in Redhat Linux 6.1 An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5. | 10.0 |
| 2000-01-21 | CVE-2000-0091 | Inter7 | Unspecified vulnerability in Inter7 Vpopmail Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password. | 10.0 |
| 2000-01-18 | CVE-1999-0992 | HP | Unspecified vulnerability in HP Vvos HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP). | 10.0 |
| 2000-01-17 | CVE-2000-0065 | Avtronics | Unspecified vulnerability in Avtronics Inetserv 3.0 Buffer overflow in InetServ 3.0 allows remote attackers to execute commands via a long GET request. | 10.0 |
3 High Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2000-01-18 | CVE-2000-0079 | W3C | Unspecified vulnerability in W3C Cern Httpd 3.0 The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL. | 7.5 |
| 2000-01-20 | CVE-2000-0088 | Microsoft | Unspecified vulnerability in Microsoft products Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability. | 7.2 |
| 2000-01-18 | CVE-2000-0099 | SCO | Unspecified vulnerability in SCO Unixware 7.0.0/7.0.1/7.1.0 Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument. | 7.2 |
6 Medium Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2000-01-19 | CVE-2000-0092 | Freebsd Netbsd Openbsd | The BSD make program allows local users to modify files via a symlink attack when the -j option is being used. | 6.2 |
| 2000-01-21 | CVE-2000-0115 | Microsoft | Unspecified vulnerability in Microsoft Internet Information Server IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page. | 5.0 |
| 2000-01-18 | CVE-2000-0086 | Netopia | Unspecified vulnerability in Netopia Timbuktu PRO 2.0/3.0 Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing. | 5.0 |
| 2000-01-17 | CVE-2000-0064 | Nortel | Unspecified vulnerability in Nortel Contivity 1.0 cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters. | 5.0 |
| 2000-01-17 | CVE-2000-0063 | Nortel | Unspecified vulnerability in Nortel Contivity 1.0 cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script. | 5.0 |
| 2000-01-17 | CVE-2000-0072 | Computer Power Solutions | Unspecified vulnerability in Computer Power Solutions Visual Casel 3.0/3.5 Visual Casel (Vcasel) does not properly prevent users from executing files, which allows local users to use a relative pathname to specify an alternate file which has an approved name and possibly gain privileges. | 4.6 |
2 Low Vulnerabilities
| DATE | CVE | VENDOR | VULNERABILITY | CVSS |
|---|---|---|---|---|
| 2000-01-17 | CVE-2000-0090 | Vmware | Unspecified vulnerability in VMWare Workstation VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack. | 3.6 |
| 2000-01-20 | CVE-1999-0595 | Microsoft | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. | 2.1 |