#ibm

The mcsp Client Site Processor system (MultiCSP) in Standard and Poor's ComStock is installed with several accounts that have no passwords or easily guessable default passwords.

Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack.

Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.

Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file.

Buffer overflow in SCO su program allows local users to gain root access via a long username.

Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI.

Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port.

By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.

Buffer overflow in SCO UnixWare Xsco command via a long argument.

HP Secure Web Console uses weak encryption.