#ibm

Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations.

ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event.

iPlanet Web Server 4.1 allows remote attackers to cause a denial of service via a large number of GET commands, which consumes memory and causes a kernel panic.

The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.

The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417.

The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions.

Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file.

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.

The shopping cart application provided with Filemaker allows remote users to modify sensitive purchase information via hidden form fields.

The Intellivend shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.