#ibm

Falcon web server allows remote attackers to determine the absolute path of the web root via long file names.

Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file.

Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.

Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.

Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges.

Denial of service in Samba NETBIOS name service daemon (nmbd).

Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".

Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.

Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301.

The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.