ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions.
CVE-2000-0177
DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters.
CVE-2000-0176
The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist.
CVE-2000-0175
Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.
CVE-2000-0174
StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2000-0173
Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.
CVE-2000-0172
The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges.
CVE-2000-0171
atsadc in the atsar package for Linux does not properly check the permissions of an output file, which allows local users to gain root privileges.
CVE-2000-0170
Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.
CVE-2000-0169
Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'.