The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions for the All Users and Default Users directories.
CVE-2000-0297
Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
CVE-2000-0296
fcheck allows local users to gain privileges by embedding shell metacharacters into file names that are processed by fcheck.
CVE-2000-0295
Buffer overflow in LCDproc allows remote attackers to gain root privileges via the screen_add command.
CVE-2000-0294
Buffer overflow in healthd for FreeBSD allows local users to gain root privileges.
CVE-2000-0293
aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory.
CVE-2000-0292
The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash.
CVE-2000-0291
Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document.
CVE-2000-0290
Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request.
CVE-2000-0289
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.