Weekly Vulnerabilities Reports > June 12 to 18, 2000

Overview

18 new vulnerabilities reported during this period, including 1 critical vulnerabilities and 5 high severity vulnerabilities. This weekly summary report vulnerabilities in 19 products from 18 vendors including Symantec, Shadow OP Software, Debian, Microsoft, and Redhat. Vulnerabilities are notably categorized as .

  • 13 reported vulnerabilities are remotely exploitables.
  • 18 reported vulnerabilities are exploitable by an anonymous user.
  • Symantec has the most reported vulnerabilities, with 2 reported vulnerabilities.
  • MIT has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

1 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2000-06-14 CVE-2000-0514 MIT Unspecified vulnerability in MIT Kerberos 5 1.1/1.1.1

GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges.

10.0

5 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2000-06-15 CVE-2000-0483 Redhat
Zope
The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization.
7.5
2000-06-15 CVE-2000-0473 Analogx Unspecified vulnerability in Analogx Simpleserver WWW

Buffer overflow in AnalogX SimpleServer 1.05 allows a remote attacker to cause a denial of service via a long GET request for a program in the cgi-bin directory.

7.5
2000-06-17 CVE-2000-0541 Panda Unspecified vulnerability in Panda Antivirus 2.0

The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command.

7.2
2000-06-16 CVE-2000-0494 Symantec Veritas Unspecified vulnerability in Symantec Veritas Volume Manager 3.0.2/3.0.3/3.0.4

Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script.

7.2
2000-06-14 CVE-2000-0471 SUN Unspecified vulnerability in SUN Solaris and Sunos

Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.

7.2

10 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2000-06-16 CVE-2000-0512 Debian Unspecified vulnerability in Debian Linux 2.2/2.3

CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which allows a remote attacker to cause a denial of service.

5.0
2000-06-16 CVE-2000-0480 Shadow OP Software DoS vulnerability in Shadow Op Dragon Server 1.0/2.0

Dragon telnet server allows remote attackers to cause a denial of service via a long username.

5.0
2000-06-16 CVE-2000-0479 Shadow OP Software DoS vulnerability in Shadow Op Dragon Server 1.0/2.0

Dragon FTP server allows remote attackers to cause a denial of service via a long USER command.

5.0
2000-06-15 CVE-2000-0484 MAX Feoktistov Unspecified vulnerability in MAX Feoktistov Small Http Server 1.212

Small HTTP Server ver 3.06 contains a memory corruption bug causing a memory overflow.

5.0
2000-06-14 CVE-2000-0543 PGP Unspecified vulnerability in PGP Certificate Server 2.5/2.5.1

The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000.

5.0
2000-06-14 CVE-2000-0478 Symantec Unspecified vulnerability in Symantec Norton Antivirus 1.5/2.0

In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows viruses to pass through the server.

5.0
2000-06-14 CVE-2000-0477 Symantec Unspecified vulnerability in Symantec Norton Antivirus 1.5/2.0

Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a denial of service via a .zip file that contains long file names.

5.0
2000-06-13 CVE-2000-0542 Ericsson Unspecified vulnerability in Ericsson AXC Tigris Multiservice Access Platform 623.0/627.0/711.0

Tigris remote access server before 11.5.4.22 does not properly record Radius accounting information when a user fails the initial login authentication but subsequently succeeds.

5.0
2000-06-12 CVE-2000-0535 Openssl
Freebsd
OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken.
5.0
2000-06-15 CVE-2000-0475 Microsoft Unspecified vulnerability in Microsoft Windows 2000

Windows 2000 allows a local user process to access another user's desktop within the same windows station, aka the "Desktop Separation" vulnerability.

4.6

2 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2000-06-16 CVE-2000-0501 ALT N Unspecified vulnerability in Alt-N Mdaemon 2.8.5.0

Race condition in MDaemon 2.8.5.0 POP server allows local users to cause a denial of service by entering a UIDL command and quickly exiting the server.

2.6
2000-06-13 CVE-2000-0565 Mindstorm Unspecified vulnerability in Mindstorm Smartftp Daemon 0.2

SmartFTP Daemon 0.2 allows a local user to access arbitrary files by uploading and specifying an alternate user configuration file via a ..

2.1