The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication.

Buffer overflow in the huh program in the orville-write package allows local users to gain root privileges.

SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges.

Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges.

Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.

gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.

Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter.

The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote attackers to connect to the ADMIN$ share without a password until the ...

Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt.

Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname.

Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges.

Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and possibly execute commands via a long URL in a malicious web page.

SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metacharacters.

Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow remote attackers to gain privileges via a malformed Select statement in an SQL query.

When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encr...

Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.

setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file.

buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters.

The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges.

Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack.

EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters.

EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters.

Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.

ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions.