SAINT Documentation
WWDSI
SAINT Home
--------

CVE Cross Reference

  CVE # CVE Description SAINT Tutorial
BROWN CVE-1999-0002 Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems. mountd vulnerabilities
RED CVE-1999-0003 Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd) tooltalk version
RED CVE-1999-0005 Arbitrary command execution via IMAP buffer overflow in authenticate command. imap version
BROWN CVE-1999-0006 Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command. pop version
BROWN CVE-1999-0008 Buffer overflow in NIS+, in Sun's rpc.nisd program nisd vulnerability
RED CVE-1999-0009 Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. DNS vulnerabilities
RED CVE-1999-0010 Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. DNS vulnerabilities
RED CVE-1999-0011 Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. DNS vulnerabilities
RED CVE-1999-0013 Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user. SSH vulnerabilities
YELLOW CVE-1999-0017 FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. FTP bounce
BROWN CVE-1999-0018 Buffer overflow in statd allows root privileges. rpc statd access
BROWN CVE-1999-0019 Delete or create a file via rpc.statd, due to invalid information. rpc statd access
RED CVE-1999-0021 Arbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program. http cgi access
RED CVE-1999-0024 DNS cache poisoning via BIND, by predictable query IDs. DNS vulnerabilities
RED CVE-1999-0035 Race condition in signal handling routine in ftpd, allowing read/write of arbitrary files FTP vulnerabilities
RED CVE-1999-0039 Arbitrary command execution using webdist CGI program in IRIX. http cgi access
RED CVE-1999-0042 Buffer overflow in University of Washington's implementation of IMAP and POP servers. imap version
RED CVE-1999-0043 Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. innd vulnerabilities
BROWN CVE-1999-0045 List of arbitrary files on Web host via nph-test-cgi script http cgi info
RED CVE-1999-0047 MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. Sendmail vulnerabilities
RED CVE-1999-0058 Buffer overflow in PHP cgi program, php.cgi allows shell access. http cgi access
YELLOW CVE-1999-0059 IRIX fam service allows an attacker to obtain a list of all files on the server. SGI fam vulnerability
RED CVE-1999-0067 CGI phf program allows remote command execution through shell metacharacters. http cgi access
BROWN CVE-1999-0070 test-cgi program allows an attacker to list files on the server http cgi info
RED CVE-1999-0080 wu-ftp FTP server allows root access via "site exec" command. FTP vulnerabilities
RED CVE-1999-0095 The debug command in Sendmail is enabled, allowing attackers to execute commands as root. Sendmail vulnerabilities
RED CVE-1999-0096 Sendmail decode alias can be used to overwrite sensitive files sendmail decode
RED CVE-1999-0100 Remote access in AIX innd 1.5.1, using control messages. innd vulnerabilities
BROWN CVE-1999-0103 Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm. Possible DoS (fraggle) problem
RED CVE-1999-0146 The campas CGI program provided with some NCSA web servers allows an attacker to read arbitrary files. http cgi access
RED CVE-1999-0147 The aglimpse CGI program of the Glimpse package allows remote execution of arbitrary commands http cgi access
RED CVE-1999-0148 The handler CGI program in IRIX allows arbitrary command execution. http cgi access
BROWN CVE-1999-0149 The wrap CGI program in IRIX allows arbitrary command execution from remote users. http cgi info
RED CVE-1999-0168 The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. NFS export via portmapper
RED CVE-1999-0174 The view-source CGI program allows remote attackers to read any file on the system that is internally accessible by the web server. http cgi access
RED CVE-1999-0176 The Webgais program allows a remote user to execute arbitrary commands. http cgi access
RED CVE-1999-0177 The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs. http cgi access
RED CVE-1999-0178 The win-c-sample program in the WebSite web server has a buffer overflow that allows remote execution of commands. http cgi access
RED CVE-1999-0196 The websendmail program in the Webgais program allows a remote user to access arbitrary files. http cgi access
RED CVE-1999-0206 MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. Sendmail vulnerabilities
RED CVE-1999-0260 The jj CGI program allows command execution via shell metacharacters. http cgi access
RED CVE-1999-0262 faxsurvey CGI script on Linux allows remote command execution via shell metacharacters. http cgi access
RED CVE-1999-0264 htmlscript CGI program allows remote read access to files. http cgi access
RED CVE-1999-0266 The info2www CGI script allows remote file access or remote command execution. http cgi access
RED CVE-1999-0270 pfdispaly CGI program for SGI's Performer API Search Tool allows read access to files. http cgi access
RED   CVE-1999-0320, CAN-1999-0696 calendar manager
RED CVE-1999-0368 Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. FTP vulnerabilities
BROWN   CVE-1999-0472, CAN-1999-0186, CAN-1999-0516, CAN-1999-0517, CAN-1999-0792 Guessable Read Community
BROWN CVE-1999-0513 ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. Possible DoS (fraggle) problem
BROWN CVE-1999-0514 UDP messages to broadcast addresses are allowed, allowing for a Fraggle attack that can cause a denial of service by flooding the target. Possible DoS (fraggle) problem
YELLOW CVE-1999-0526 An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server. unrestricted X server access
BROWN CVE-1999-0612 A version of finger is running that exposes valid user information to any entity on the network. excessive finger info
YELLOW CVE-1999-0626 A version of rusers is running that exposes valid user information to any entity on the network. rusersd vulnerability
RED CVE-1999-0627 The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. REXD access
BROWN CVE-1999-0704 Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others. amd buffer overflow
RED CVE-1999-0705 Buffer overflow in INN inews program. innd vulnerabilities
RED CVE-1999-0744 Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request. Netscape vulnerabilities
RED CVE-1999-0752 Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake. Netscape vulnerabilities
RED CVE-1999-0771 The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack. Compaq Insight Manager http server
RED CVE-1999-0772 Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301. Compaq Insight Manager http server
RED CVE-1999-0789 Buffer overflow in AIX ftpd in the libc library. FTP vulnerabilities
RED CVE-1999-0833 Buffer overflow in BIND 8.2 via NXT records. DNS vulnerabilities
RED CVE-1999-0834 Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library. SSH vulnerabilities
RED CVE-1999-0835 Denial of service in BIND named via malformed SIG records. DNS vulnerabilities
RED CVE-1999-0837 Denial of service in BIND by improperly closing TCP sessions via so_linger. DNS vulnerabilities
RED CVE-1999-0848 Denial of service in BIND named via consuming more than "fdmax" file descriptors. DNS vulnerabilities
RED CVE-1999-0849 Denial of service in BIND named via maxdname. DNS vulnerabilities
RED CVE-1999-0851 Denial of service in BIND named via naptr. DNS vulnerabilities
RED CVE-1999-0853 Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure. Netscape vulnerabilities
RED CVE-1999-0868 ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. innd vulnerabilities
RED CVE-1999-0878 Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR. FTP vulnerabilities
RED CVE-1999-0879 Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file. FTP vulnerabilities
RED CVE-1999-0880 Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly. FTP vulnerabilities
BROWN CVE-1999-0953 WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers. http cgi info
RED CVE-1999-0955 Race condition in wu-ftpd and BSDI ftpd allows remote attackers gain root access via the SITE EXEC command. FTP vulnerabilities
RED CVE-1999-0977 Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request. sadmind
RED CVE-2000-0026 Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string. UnixWare i2odialogd
RED CVE-2000-0161 Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not validate an identification number, which allows remote attackers to execute SQL commands. http cgi access
RED CVE-2000-0207 SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metacharacters. http cgi access
RED CVE-2000-0208 The htdig (ht://Dig) CGI program htsearch allows remote attackers to read arbitrary files by enclosing the file name with backticks (`) in parameters to htsearch. http cgi access

Back to the Documentation TOC