NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.

Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.

ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility.

Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.

Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.

Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.

Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account.

A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.

The Debian mailman package uses weak authentication, which allows attackers to gain privileges.

Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.

The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.

The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.

The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.

The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.

KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories.

The KDE klock program allows local users to unlock a session using malformed input.

Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to conduct a denial of service through the ldap_search request.

A kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.

Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function.

The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users.

The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code.

IBM GINA, when used for OS/2 domain authentication of Windows NT users, allows local users to gain administrator privileges by changing the GroupMapping registry key.

Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.

Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.