strace allows local users to read arbitrary files via memory mapped file names.

The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files.

Race condition in xterm allows local users to modify arbitrary files via the logging option.

ypserv allows local administrators to modify password tables.

ypserv allows a local user to modify the GECOS and login shells of other users.

Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.

The ugidd RPC interface by design allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.

A version of finger is running that exposes valid user information to any entity on the network.

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.

In older versions of Sendmail, an attacker could use a pipe character to execute root commands.

The Perl fingerd program allows arbitrary command execution from remote users.

Sendmail WIZ command enabled, allowing root access.

Latest Servicing Stack Updates

Microsoft Office Defense in Depth Update

Microsoft SharePoint Server Defense in Depth Update

Memory Integrity System Readiness Scan Tool Defense in Depth Update