#ibm

Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges.

Denial of service in Samba NETBIOS name service daemon (nmbd).

Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".

Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.

Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301.

The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.

Buffer overflow in ircd allows arbitrary command execution.

mSQL v2.0.1 and below allows remote execution through a buffer overflow.

A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.

Netscape Enterprise servers may list files through the PageServices query.