Table 4.1 Various Technical Vulnerabilities
| CVE-2000–0844—some functions that implement the local subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. |
| CVE-2000–0825—Ipswitch™ Imail™ 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. |
| CVE-2000–0816—Linux® tmpwatch—fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters. |
| CVE-2000–0829—the tmpwatch utility in Red Hat® Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/. |
| CVE-2000–0888—named in BIND 8.2 through 8.2.2-P6, allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the “srv bug.” |
| CVE-2001–0155—format string vulnerability in VShell™ SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers. |
| CVE-2001–0353—buffer overflow in the line printer daemon (in.lpd) for Solaris™ 8 and earlier allows local and remote attackers to gain root privileges via a “transfer job” routine. |
| CVE-2001–0440—buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary commands. |
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.