CA-2000-01 Denial-of-Service Developments In addition to continued reports of denial-of-service problems, a denial-of-service tool called "stacheldraht" has been discovered.
CA-2000-03 Continuing Compromises of DNS servers There are continuing compromises of machines running the DNS software that is part of BIND (named). A significant number of delegated DNS servers in the in-addr.apra tree are running outdated versions of DNS software.
CA-2000-05 Netscape Navigator Improperly Validates SSL Sessions A flaw has been discovered in the way some web browsers validate SSL sessions. By exploiting this vulnerability, intruders may be able to deceive people into disclosing sensitive information (e.g. credit card numbers and other sensitive data) intended for a legitimate web site.
CA-2000-06 Multiple Buffer Overflows in Kerberos Authenticated Services There are several buffer overflow vulnerabilities in the Kerberos authentication software. The most severe vulnerability allows remote intruders to gain root privileges on systems running services using Kerberos authentication. If vulnerable services are enabled on the Key Distribution Center (KDC) system, the entire Kerberos domain may be compromised.
CA-2000-08 Inconsistent Warning Messages in Netscape Navigator A flaw exists in Netscape Navigator that could allow an attacker to masquerade as a legitimate web site if the attacker can compromise the validity of certain DNS information. Attackers can trick users into disclosing information intended for a legitimate web site if the user has previously accepted a certificate in which the name recorded in the certificate does not match the DNS name of the web site to which the user is connecting.
CA-2000-11 MIT Kerberos Vulnerable to Denial-of-Service Attacks There are several potential buffer overflow vulnerabilities in the Kerberos authentication software. The most severe vulnerability allows remote intruders to disrupt normal operations of the Key Distribution Center (KDC) if an attacker is able to send malformed requests to a realm's key server. The vulnerabilities discussed in this advisory are different than the ones discussed in advisory CA-2000-06.
CA-2000-13 Two Input Validation Problems In FTPD A vulnerability involving an input validation error in the "site exec" command has recently been identified in the Washington University ftpd (wu-ftpd) software package. A similar but distinct vulnerability has also been identified that involves a missing format string in several setproctitle() calls. It affects a broader number of ftp daemons.
CA-2000-18: PGP May Encrypt Data With Unauthorized ADKs Additional Decryption Keys (ADKs) is a feature of PGP (Pretty Good Privacy) that allows authorized extra decryption keys to be added to a user's public key certificate. However, an implementation flaw in PGP allows unsigned ADKs which have been maliciously added to a certificate to be used for encryption.
