CVE Output in CVRF 1.1: 20240326
CVE List
cve@mitre.org
The MITRE Corporation
20240326-102054
Interim
2024.03.26.10
1
2024-03-26T10:20:54
Initial public release
2024-03-26T10:20:54
2024-03-26T10:20:54
MITRE Custom CVE-to-CVRF Converter 2.0
This is a list of CVE Identifiers as published by MITRE.
The MITRE Corporation (MITRE) hereby grants you a non-exclusive, royalty-free license to use Common Vulnerabilities and Exposures (CVE (R)) for research, development, and commercial purposes. Any copy you make for such purposes is authorized provided that you reproduce MITREs copyright designation and this license in any such copy.
ALL DOCUMENTS AND THE INFORMATION CONTAINED THEREIN ARE PROVIDED ON AN "AS IS" BASIS AND THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE MITRE CORPORATION, ITS BOARD OF TRUSTEES, OFFICERS, AGENTS, AND EMPLOYEES, DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
CVE-1999-0001
ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.
2000-02-04
2005-12-16
CVE-1999-0001
BUGTRAQ:19981223 Re: CERT Advisory CA-98.13 - TCP/IP Denial of Service
CERT:CA-98-13-tcp-denial-of-service
http://www.openbsd.org/errata23.html#tcpfix
CONFIRM:http://www.openbsd.org/errata23.html#tcpfix
http://www.osvdb.org/5707
OSVDB:5707
CVE-1999-0002
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.
1999-09-29
2005-11-02
CVE-1999-0002
http://www.securityfocus.com/bid/121
BID:121
CERT:CA-98.12.mountd
http://www.ciac.org/ciac/bulletins/j-006.shtml
CIAC:J-006
ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I
SGI:19981006-01-I
XF:linux-mountd-bo
CVE-1999-0003
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
1999-09-29
2005-11-02
CVE-1999-0003
http://www.securityfocus.com/bid/122
BID:122
CERT:CA-98.11.tooltalk
NAI:NAI-29
ftp://patches.sgi.com/support/free/security/advisories/19981101-01-A
SGI:19981101-01-A
ftp://patches.sgi.com/support/free/security/advisories/19981101-01-PX
SGI:19981101-01-PX
XF:aix-ttdbserver
XF:tooltalk
CVE-1999-0004
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
2000-02-04
2018-10-12
CVE-1999-0004
CERT:CA-98.10.mime_buffer_overflows
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-008
MS:MS98-008
SUN:00175
XF:outlook-long-name
CVE-1999-0005
Arbitrary command execution via IMAP buffer overflow in authenticate command.
1999-09-29
2005-11-02
CVE-1999-0005
http://www.securityfocus.com/bid/130
BID:130
CERT:CA-98.09.imapd
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/177
SUN:00177
XF:imap-authenticate-bo
CVE-1999-0006
Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.
1999-09-29
2005-11-02
CVE-1999-0006
AUSCERT:AA-98.01
http://www.securityfocus.com/bid/133
BID:133
CERT:CA-98.08.qpopper_vul
ftp://patches.sgi.com/support/free/security/advisories/19980801-01-I
SGI:19980801-01-I
XF:qpopper-pass-overflow
CVE-1999-0007
Information from SSL-encrypted sessions via PKCS #1.
1999-09-29
2005-11-02
CVE-1999-0007
CERT:CA-98.07.PKCS
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002
MS:MS98-002
XF:nt-ssl-fix
CVE-1999-0008
Buffer overflow in NIS+, in Sun's rpc.nisd program.
1999-09-29
2005-11-02
CVE-1999-0008
CERT:CA-98.06.nisd
ISS:June10,1998
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/170
SUN:00170
XF:nisd-bo-check
CVE-1999-0009
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
1999-09-29
2009-03-01
CVE-1999-0009
http://www.securityfocus.com/bid/134
BID:134
CERT:CA-98.05.bind_problems
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083
HP:HPSBUX9808-083
ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX
SGI:19980603-01-PX
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/180
SUN:00180
XF:bind-bo
CVE-1999-0010
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
1999-09-29
2009-03-01
CVE-1999-0010
CERT:CA-98.05.bind_problems
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083
HP:HPSBUX9808-083
ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX
SGI:19980603-01-PX
XF:bind-dos
CVE-1999-0011
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
1999-09-29
2009-03-01
CVE-1999-0011
CERT:CA-98.05.bind_problems
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083
HP:HPSBUX9808-083
ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX
SGI:19980603-01-PX
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/180
SUN:00180
XF:bind-axfr-dos
CVE-1999-0012
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
1999-09-29
2022-08-17
CVE-1999-0012
CERT:CA-98.04.Win32.WebServers
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0012
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0012
XF:nt-web8.3
CVE-1999-0013
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.
1999-09-29
2022-08-17
CVE-1999-0013
CERT:CA-98.03.ssh-agent
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0013
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0013
NAI:NAI-24
XF:ssh-agent
CVE-1999-0014
Unauthorized privileged access or denial of service via dtappgather program in CDE.
1999-09-29
2005-11-02
CVE-1999-0014
CERT:CA-98.02.CDE
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-075
HP:HPSBUX9801-075
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/185
SUN:00185
CVE-1999-0015
Teardrop IP denial of service.
2000-02-04
2017-10-18
CVE-1999-0015
CERT:CA-97.28.Teardrop_Land
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5579
OVAL:oval:org.mitre.oval:def:5579
XF:teardrop
CVE-1999-0016
Land IP denial of service.
1999-09-29
2009-03-01
CVE-1999-0016
CERT:CA-97.28.Teardrop_Land
CISCO:http://www.cisco.com/warp/public/770/land-pub.shtml
FREEBSD:FreeBSD-SA-98:01
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-076
HP:HPSBUX9801-076
XF:95-verv-tcp
XF:cisco-land
XF:land
XF:land-patch
XF:ver-tcpip-sys
CVE-1999-0017
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
1999-09-29
2022-08-17
CVE-1999-0017
CERT:CA-97.27.FTP_bounce
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017
XF:ftp-bounce
XF:ftp-privileged-port
CVE-1999-0018
Buffer overflow in statd allows root privileges.
1999-09-29
2005-11-02
CVE-1999-0018
AUSCERT:AA-97.29
http://www.securityfocus.com/bid/127
BID:127
CERT:CA-97.26.statd
XF:statd
CVE-1999-0019
Delete or create a file via rpc.statd, due to invalid information.
1999-09-29
2005-11-02
CVE-1999-0019
CERT:CA-96.09.rpc.statd
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/135
SUN:00135
XF:rpc-stat
CVE-1999-0020
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
2000-02-04
2005-02-03
CVE-1999-0020
CVE-1999-0021
Arbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program.
1999-09-29
2005-11-02
CVE-1999-0021
http://www.securityfocus.com/bid/128
BID:128
BUGTRAQ:19971010 Security flaw in Count.cgi (wwwcount)
CERT:CA-97.24.Count_cgi
XF:http-cgi-count
CVE-1999-0022
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
1999-09-29
2005-11-02
CVE-1999-0022
CERT:CA-97.23.rdist
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/179
SUN:00179
XF:rdist-bo3
XF:rdist-sept97
CVE-1999-0023
Local user gains root privileges via buffer overflow in rdist, via lookup() function.
1999-09-29
2022-08-17
CVE-1999-0023
CERT:CA-96.14.rdist_vul
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0023
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0023
XF:rdist-bo
XF:rdist-bo2
CVE-1999-0024
DNS cache poisoning via BIND, by predictable query IDs.
1999-09-29
2022-08-17
CVE-1999-0024
CERT:CA-97.22.bind
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0024
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0024
NAI:NAI-11
XF:bind
CVE-1999-0025
root privileges via buffer overflow in df command on SGI IRIX systems.
1999-09-29
2005-11-02
CVE-1999-0025
AUSCERT:AA-97.19.IRIX.df.buffer.overflow.vul
http://www.securityfocus.com/bid/346
BID:346
http://www.cert.org/advisories/CA-1997-21.html
CERT:CA-1997-21
http://www.kb.cert.org/vuls/id/20851
CERT-VN:VU#20851
SGI:SGI:19970505-01-A
SGI:SGI:19970505-02-PX
https://exchange.xforce.ibmcloud.com/vulnerabilities/440
XF:df-bo(440)
CVE-1999-0026
root privileges via buffer overflow in pset command on SGI IRIX systems.
1999-09-29
2022-08-17
CVE-1999-0026
AUSCERT:AA-97.20.IRIX.pset.buffer.overflow.vul
CERT:CA-97.21.sgi_buffer_overflow
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0026
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0026
XF:pset-bo
CVE-1999-0027
root privileges via buffer overflow in eject command on SGI IRIX systems.
1999-09-29
2022-08-17
CVE-1999-0027
AUSCERT:AA-97.21.IRIX.eject.buffer.overflow.vul
CERT:CA-97.21.sgi_buffer_overflow
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0027
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0027
XF:eject-bo
CVE-1999-0028
root privileges via buffer overflow in login/scheme command on SGI IRIX systems.
1999-09-29
2022-08-17
CVE-1999-0028
AUSCERT:AA-97.22.IRIX.login.scheme.buffer.overflow.vul
CERT:CA-97.21.sgi_buffer_overflow
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0028
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0028
XF:sgi-schemebo
CVE-1999-0029
root privileges via buffer overflow in ordist command on SGI IRIX systems.
1999-09-29
2022-08-17
CVE-1999-0029
AUSCERT:AA-97.23-IRIX.ordist.buffer.overflow.vul
CERT:CA-97.21.sgi_buffer_overflow
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0029
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0029
XF:ordist-bo
CVE-1999-0030
root privileges via buffer overflow in xlock command on SGI IRIX systems.
2000-02-04
2022-08-17
CVE-1999-0030
AUSCERT:AA-97.24.IRIX.xlock.buffer.overflow.vul
CERT:CA-97.21.sgi_buffer_overflow
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0030
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0030
SGI:19970508-02-PX
XF:sgi-xlockbo
CVE-1999-0031
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
2000-06-02
2005-11-02
CVE-1999-0031
CERT:CA-97.20.javascript
http://www.codetalker.com/advisories/vendor/hp/hpsbux9707-065.html
HP:HPSBUX9707-065
CVE-1999-0032
Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option.
1999-09-29
2005-11-02
CVE-1999-0032
AUSCERT:AA-96.12
http://www.securityfocus.com/bid/707
BID:707
BUGTRAQ:19960813 Possible bufferoverflow condition in lpr, xterm and xload
BUGTRAQ:19961025 Linux & BSD's lpr exploit
CERT:CA-97.19.bsdlp
CIAC:H-08
http://www.ciac.org/ciac/bulletins/i-042.shtml
CIAC:I-042
MLIST:[freebsd-security] 19961025 Vadim Kolontsov: BoS: Linux & BSD's lpr exploit
MLIST:[linux-security] 19961122 LSF Update#14: Vulnerability of the lpr program.
ftp://patches.sgi.com/support/free/security/advisories/19980402-01-PX
SGI:19980402-01-PX
XF:bsd-lprbo
XF:bsd-lprbo2
XF:lpr-bo
CVE-1999-0033
Command execution in Sun systems via buffer overflow in the at program.
2000-02-04
2022-08-17
CVE-1999-0033
CERT:CA-97.18.at
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0033
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0033
SUN:00160
XF:sun-atbo
CVE-1999-0034
Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.
1999-09-29
2022-08-17
CVE-1999-0034
CERT:CA-97.17.sperl
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0034
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0034
XF:perl-suid
CVE-1999-0035
Race condition in signal handling routine in ftpd, allowing read/write arbitrary files.
1999-09-29
2022-08-17
CVE-1999-0035
AUSCERT:AA-97.03
CERT:CA-97.16.ftpd
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0035
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0035
XF:ftp-ftpd
CVE-1999-0036
IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.
1999-09-29
2005-11-02
CVE-1999-0036
AUSCERT:AA-97.12
CERT:CA-97.15.sgi_login
http://www.ciac.org/ciac/bulletins/h-106.shtml
CIAC:H-106
http://www.osvdb.org/990
OSVDB:990
ftp://patches.sgi.com/support/free/security/advisories/19970508-02-PX
SGI:19970508-02-PX
https://exchange.xforce.ibmcloud.com/vulnerabilities/557
XF:sgi-lockout(557)
CVE-1999-0037
Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.
1999-09-29
2022-08-17
CVE-1999-0037
CERT:CA-97.14.metamail
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0037
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0037
XF:metamail-header-commands
CVE-1999-0038
Buffer overflow in xlock program allows local users to execute commands as root.
1999-09-29
2022-08-17
CVE-1999-0038
CERT:CA-97.13.xlock
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038
XF:xlock-bo
CVE-1999-0039
webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter.
1999-09-29
2005-11-02
CVE-1999-0039
AUSCERT:AA-97.14
http://www.securityfocus.com/bid/374
BID:374
BUGTRAQ:19970507 Re: SGI Advisory: webdist.cgi
BUGTRAQ:19970507 Re: SGI Security Advisory 19970501-01-A - Vulnerability in
http://www.cert.org/advisories/CA-1997-12.html
CERT:CA-1997-12
http://www.osvdb.org/235
OSVDB:235
ftp://patches.sgi.com/support/free/security/advisories/19970501-02-PX
SGI:19970501-02-PX
https://exchange.xforce.ibmcloud.com/vulnerabilities/333
XF:http-sgi-webdist(333)
CVE-1999-0040
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
1999-09-29
2022-08-17
CVE-1999-0040
CERT:CA-97.11.libXt
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0040
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0040
XF:libXt-bo
CVE-1999-0041
Buffer overflow in NLS (Natural Language Service).
1999-09-29
2022-08-17
CVE-1999-0041
CERT:CA-97.10.nls
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041
XF:nls-bo
CVE-1999-0042
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
1999-09-29
2022-08-17
CVE-1999-0042
CERT:CA-97.09.imap_pop
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042
NAI:NAI-21
XF:popimap-bo
CVE-1999-0043
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
1999-09-29
2022-08-17
CVE-1999-0043
CERT:CA-97.08.innd
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043
XF:inn-controlmsg
CVE-1999-0044
fsdump command in IRIX allows local users to obtain root access by modifying sensitive files.
1999-09-29
2005-11-02
CVE-1999-0044
ftp://patches.sgi.com/support/free/security/advisories/19970301-01-P
SGI:19970301-01-P
XF:sgi-fsdump
CVE-1999-0045
List of arbitrary files on Web host via nph-test-cgi script.
1999-09-29
2022-08-17
CVE-1999-0045
CERT:CA-97.07.nph-test-cgi_script
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0045
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0045
XF:http-cgi-nph
CVE-1999-0046
Buffer overflow of rlogin program using TERM environmental variable.
1999-09-29
2022-08-17
CVE-1999-0046
CERT:CA-97.06.rlogin-term
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046
XF:rlogin-termbo
CVE-1999-0047
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
1999-09-29
2005-11-02
CVE-1999-0047
http://www.securityfocus.com/bid/685
BID:685
CERT:CA-97.05.sendmail
XF:sendmail-mime-bo2
CVE-1999-0048
Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.
1999-09-29
2005-11-02
CVE-1999-0048
AUSCERT:AA-97.01
CERT:CA-97.04.talkd
FREEBSD:FreeBSD-SA-96:21
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/147
SUN:00147
XF:netkit-talkd
XF:talkd-bo
CVE-1999-0049
Csetup under IRIX allows arbitrary file creation or overwriting.
1999-09-29
2022-08-17
CVE-1999-0049
CERT:CA-97.03.csetup
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0049
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0049
XF:sgi-csetup
CVE-1999-0050
Buffer overflow in HP-UX newgrp program.
1999-09-29
2022-08-17
CVE-1999-0050
AUSCERT:AA-96.16.HP-UX.newgrp.Buffer.Overrun.Vulnerability
CERT:CA-97.02.hp_newgrp
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0050
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0050
XF:hp-newgrpbo
CVE-1999-0051
Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.
1999-09-29
2022-08-17
CVE-1999-0051
AUSCERT:AA-96.03
CERT:CA-97.01.flex_lm
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0051
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0051
XF:sgi-licensemanager
CVE-1999-0052
IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.
1999-09-29
2005-12-17
CVE-1999-0052
FREEBSD:FreeBSD-SA-98:08
http://www.osvdb.org/908
OSVDB:908
https://exchange.xforce.ibmcloud.com/vulnerabilities/1389
XF:freebsd-ip-frag-dos(1389)
CVE-1999-0053
TCP RST denial of service in FreeBSD.
1999-09-29
2005-12-17
CVE-1999-0053
FREEBSD:FreeBSD-SA-98:07
http://www.osvdb.org/6094
OSVDB:6094
CVE-1999-0054
Sun's ftpd daemon can be subjected to a denial of service.
1999-09-29
2005-11-02
CVE-1999-0054
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/171
SUN:00171
XF:sun-ftpd
CVE-1999-0055
Buffer overflows in Sun libnsl allow root access.
1999-09-29
2005-11-02
CVE-1999-0055
http://www-1.ibm.com/support/search.wss?rs=0&q=IX80543&apar=only
AIXAPAR:IX80543
RSI:RSI.0005.05-14-98.SUN.LIBNSL
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/172
SUN:00172
XF:sun-libnsl
CVE-1999-0056
Buffer overflow in Sun's ping program can give root access to local users.
1999-09-29
2005-11-02
CVE-1999-0056
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/174
SUN:00174
XF:sun-ping
CVE-1999-0057
Vacation program allows command execution by remote users through a sendmail command.
1999-09-29
2009-03-01
CVE-1999-0057
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9811-087
HP:HPSBUX9811-087
NAI:NAI-19
XF:vacation
CVE-1999-0058
Buffer overflow in PHP cgi program, php.cgi allows shell access.
1999-09-29
2005-11-02
CVE-1999-0058
http://www.securityfocus.com/bid/712
BID:712
NAI:NAI-12
XF:http-cgi-phpbo
CVE-1999-0059
IRIX fam service allows an attacker to obtain a list of all files on the server.
1999-09-29
2005-11-02
CVE-1999-0059
http://www.securityfocus.com/bid/353
BID:353
NAI:NAI-16
http://www.osvdb.org/164
OSVDB:164
https://exchange.xforce.ibmcloud.com/vulnerabilities/325
XF:irix-fam(325)
CVE-1999-0060
Attackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool.
1999-09-29
2022-08-17
CVE-1999-0060
ASCEND:http://www.ascend.com/2695.html
http://www.ascend.com/2695.html
MISC:http://www.ascend.com/2695.html
NAI:NAI-26
XF:ascend-config-kill
CVE-1999-0061
File creation and deletion, and remote execution, in the BSD line printer daemon (lpd).
2000-02-04
2022-08-17
CVE-1999-0061
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0061
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0061
NAI:NAI-20
XF:bsd-lpd
CVE-1999-0062
The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage.
1999-09-29
2004-09-02
CVE-1999-0062
NAI:NAI-28
http://www.osvdb.org/7559
OSVDB:7559
XF:openbsd-chpass
CVE-1999-0063
Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port.
1999-09-29
2022-08-17
CVE-1999-0063
AUSCERT:ESB-98.197
CISCO:http://www.cisco.com/warp/public/770/iossyslog-pub.shtml
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0063
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0063
XF:cisco-syslog-crash
CVE-1999-0064
Buffer overflow in AIX lquerylv program gives root access to local users.
1999-09-29
2022-08-17
CVE-1999-0064
BUGTRAQ:May28,1997
https://marc.info/?l=bugtraq&m=87602167418428&w=2
MISC:https://marc.info/?l=bugtraq&m=87602167418428&w=2
XF:lquerylv-bo
CVE-1999-0065
Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands.
1999-09-29
2005-11-02
CVE-1999-0065
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/181
SUN:00181
XF:hp-dtmail
CVE-1999-0066
AnyForm CGI remote execution.
1999-09-29
2005-11-02
CVE-1999-0066
http://www.securityfocus.com/bid/719
BID:719
BUGTRAQ:19950731 SECURITY HOLE: "AnyForm" CGI
XF:http-cgi-anyform
CVE-1999-0067
phf CGI program allows remote command execution through shell metacharacters.
1999-09-29
2004-09-02
CVE-1999-0067
AUSCERT:AA-96.01
http://www.securityfocus.com/bid/629
BID:629
BUGTRAQ:19960923 PHF Attacks - Fun and games for the whole family
http://www.cert.org/advisories/CA-1996-06.html
CERT:CA-1996-06
http://www.osvdb.org/136
OSVDB:136
XF:http-cgi-phf
CVE-1999-0068
CGI PHP mylog script allows an attacker to read any file on the target server.
1999-09-29
2004-09-02
CVE-1999-0068
http://www.securityfocus.com/bid/713
BID:713
BUGTRAQ:19971019 Vulnerability in PHP Example Logging Scripts
http://www.osvdb.org/3396
OSVDB:3396
XF:http-cgi-php-mylog
CVE-1999-0069
Solaris ufsrestore buffer overflow.
1999-09-29
2004-09-02
CVE-1999-0069
http://www.osvdb.org/8158
OSVDB:8158
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/169
SUN:00169
XF:sun-ufsrestore
CVE-1999-0070
test-cgi program allows an attacker to list files on the server.
1999-09-29
2020-08-14
CVE-1999-0070
https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2@%3Cusers.httpd.apache.org%3E
MLIST:[httpd-users] 20200814 [users@httpd] CVE NIST discrepancies
XF:http-cgi-test
CVE-1999-0071
Apache httpd cookie buffer overflow for versions 1.1.1 and earlier.
1999-09-29
2022-08-17
CVE-1999-0071
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0071
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0071
NAI:NAI-2
XF:http-apache-cookie
CVE-1999-0072
Buffer overflow in AIX xdat gives root access to local users.
1999-09-29
2022-08-17
CVE-1999-0072
ERS:ERS-SVA-E01-1997:004.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0072
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0072
XF:ibm-xdat
CVE-1999-0073
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.
1999-09-29
2022-08-17
CVE-1999-0073
CERT:CA-95:14.Telnetd_Environment_Vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0073
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0073
XF:linkerbug
CVE-1999-0074
Listening TCP ports are sequentially allocated, allowing spoofing attacks.
1999-09-29
2022-08-17
CVE-1999-0074
https://www.cve.org/CVERecord?id=CVE-1999-0074
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0074
XF:seqport
CVE-1999-0075
PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password.
1999-09-29
2004-09-02
CVE-1999-0075
BUGTRAQ:19961016 Re: ftpd bug? Was: bin/1805: Bug in ftpd
http://www.osvdb.org/5742
OSVDB:5742
XF:ftp-pasvcore
CVE-1999-0076
Buffer overflow in wu-ftp from PASV command causes a core dump.
2000-02-04
2022-08-17
CVE-1999-0076
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0076
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0076
XF:ftp-args
CVE-1999-0077
Predictable TCP sequence numbers allow spoofing.
1999-09-29
2008-03-25
CVE-1999-0077
https://exchange.xforce.ibmcloud.com/vulnerabilities/139
XF:tcp-seq-predict(139)
CVE-1999-0078
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call.
2000-02-04
2022-08-17
CVE-1999-0078
CERT:CA-96.08.pcnfsd
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0078
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0078
XF:rpc-pcnfsd
CVE-1999-0079
Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports.
1999-09-29
2022-08-17
CVE-1999-0079
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0079
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0079
XF:ftp-pasv-dos
XF:ftp-pasvdos
CVE-1999-0080
Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command.
1999-09-29
2022-08-17
CVE-1999-0080
BUGTRAQ:19950531 SECURITY: problem with some wu-ftpd-2.4 binaries (fwd)
CERT:CA-95:16.wu-ftpd.vul
https://archive.nanog.org/mailinglist/mailarchives/old_archive/1995-11/msg00385.html
MISC:https://archive.nanog.org/mailinglist/mailarchives/old_archive/1995-11/msg00385.html
XF:ftp-execdotdot
CVE-1999-0081
wu-ftp allows files to be overwritten via the rnfr command.
1999-09-29
2022-08-17
CVE-1999-0081
https://www.cve.org/CVERecord?id=CVE-1999-0081
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0081
XF:ftp-rnfr
CVE-1999-0082
CWD ~root command in ftpd allows root access.
1999-09-29
2005-11-02
CVE-1999-0082
http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html
FARMERVENEMA:Improving the Security of Your Site by Breaking Into it
XF:ftp-cwd
CVE-1999-0083
getcwd() file descriptor leak in FTP.
1999-09-29
2022-08-17
CVE-1999-0083
https://www.cve.org/CVERecord?id=CVE-1999-0083
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0083
XF:cwdleak
CVE-1999-0084
Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0.
1999-09-29
2005-11-02
CVE-1999-0084
https://exchange.xforce.ibmcloud.com/vulnerabilities/78
XF:nfs-mknod(78)
CVE-1999-0085
Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname.
1999-09-29
2005-11-02
CVE-1999-0085
BUGTRAQ:19960821 rwhod buffer overflow
https://exchange.xforce.ibmcloud.com/vulnerabilities/119
XF:rwhod(119)
https://exchange.xforce.ibmcloud.com/vulnerabilities/118
XF:rwhod-vuln(118)
CVE-1999-0086
AIX routed allows remote users to modify sensitive files.
2000-02-04
2022-08-17
CVE-1999-0086
ERS:ERS-SVA-E01-1998:001.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0086
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0086
XF:ibm-routed
CVE-1999-0087
Denial of service in AIX telnet can freeze a system and prevent users from accessing the server.
1999-09-29
2004-09-02
CVE-1999-0087
ERS:ERS-SVA-E01-1998:003.1
http://www.osvdb.org/7992
OSVDB:7992
XF:ibm-telnetdos
CVE-1999-0088
IRIX and AIX automountd services (autofsd) allow remote users to execute root commands.
2000-02-04
2003-05-08
CVE-1999-0088
http://www-1.ibm.com/services/brs/brspwhub.nsf/advisories/852567CC004F9038852566BF007B6393/$file/ERS-SVA-E01-1998_004_1.txt
ERS:ERS-SVA-E01-1998:004.1
CVE-1999-0089
Buffer overflow in AIX libDtSvc library can allow local users to gain root access.
2000-02-04
2022-08-17
CVE-1999-0089
ERS:ERS-SVA-E01-1997:005.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0089
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0089
XF:ibm-libDtSvc
CVE-1999-0090
Buffer overflow in AIX rcp command allows local users to obtain root access.
1999-09-29
2022-08-17
CVE-1999-0090
ERS:ERS-SVA-E01-1997:005.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0090
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0090
XF:ibm-rcp
CVE-1999-0091
Buffer overflow in AIX writesrv command allows local users to obtain root access.
1999-09-29
2022-08-17
CVE-1999-0091
ERS:ERS-SVA-E01-1997:005.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0091
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0091
XF:ibm-writesrv
CVE-1999-0092
Various vulnerabilities in the AIX portmir command allows local users to obtain root access.
2000-02-04
2022-08-17
CVE-1999-0092
ERS:ERS-SVA-E01-1997:006.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0092
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0092
CVE-1999-0093
AIX nslookup command allows local users to obtain root access by not dropping privileges correctly.
1999-09-29
2022-08-17
CVE-1999-0093
ERS:ERS-SVA-E01-1997:008.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0093
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0093
XF:ibm-nslookup
CVE-1999-0094
AIX piodmgrsu command allows local users to gain additional group privileges.
1999-09-29
2022-08-17
CVE-1999-0094
ERS:ERS-SVA-E01-1997:007.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0094
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0094
XF:ibm-piodmgrsu
CVE-1999-0095
The debug command in Sendmail is enabled, allowing attackers to execute commands as root.
1999-09-29
2019-06-11
CVE-1999-0095
http://www.securityfocus.com/bid/1
BID:1
CERT:CA-88.01
CERT:CA-93.14
http://seclists.org/fulldisclosure/2019/Jun/16
FULLDISC:20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)
http://www.openwall.com/lists/oss-security/2019/06/05/4
MLIST:[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
http://www.openwall.com/lists/oss-security/2019/06/06/1
MLIST:[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
http://www.osvdb.org/195
OSVDB:195
XF:smtp-debug
CVE-1999-0096
Sendmail decode alias can be used to overwrite sensitive files.
1999-09-29
2005-11-02
CVE-1999-0096
CERT:CA-93.16
CERT:CA-95.05
CIAC:A-13
CIAC:A-14
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/122&type=0&nav=sec.sba
SUN:00122
XF:smtp-dcod
CVE-1999-0097
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
1999-09-29
2022-08-17
CVE-1999-0097
ERS:ERS-SVA-E01-1997:009.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0097
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0097
XF:ibm-ftp
CVE-1999-0098
Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities.
2000-02-04
2022-08-17
CVE-1999-0098
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0098
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0098
XF:smtp-helo-bo
CVE-1999-0099
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.
1999-09-29
2022-08-17
CVE-1999-0099
CERT:CA-95.13.syslog.vul
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0099
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0099
XF:smtp-syslog
CVE-1999-0100
Remote access in AIX innd 1.5.1, using control messages.
1999-09-29
2022-08-17
CVE-1999-0100
ERS:ERS-SVA-E01-1997:002.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0100
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0100
XF:inn-controlmsg
CVE-1999-0101
Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.
2000-01-18
2005-11-02
CVE-1999-0101
http://ciac.llnl.gov/ciac/bulletins/h-13.shtml
CIAC:H-13
ERS:ERS-SVA-E01-1996:007.1
ERS:ERS-SVA-E01-1997:001.1
NAI:NAI-1
SUN:00137a
XF:ghbn-bo
CVE-1999-0102
Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line.
1999-09-29
2022-08-17
CVE-1999-0102
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0102
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0102
XF:slmail-fromheader-overflow
CVE-1999-0103
Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm.
1999-09-29
2005-11-02
CVE-1999-0103
CERT:CA-96.01.UDP_service_denial
https://ics-cert.us-cert.gov/advisories/ICSMA-18-233-01
MISC:https://ics-cert.us-cert.gov/advisories/ICSMA-18-233-01
XF:chargen
XF:chargen-patch
XF:echo
CVE-1999-0104
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.
2000-02-04
2018-08-22
CVE-1999-0104
http://www.securityfocus.com/bid/80175
BID:80175
CERT:CA-97.28.Teardrop_Land
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5743
OVAL:oval:org.mitre.oval:def:5743
XF:teardrop-mod
CVE-1999-0105
finger allows recursive searches by using a long string of @ symbols.
2000-02-04
2022-08-17
CVE-1999-0105
https://www.cve.org/CVERecord?id=CVE-1999-0105
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0105
CVE-1999-0106
Finger redirection allows finger bombs.
2000-02-04
2022-08-17
CVE-1999-0106
https://www.cve.org/CVERecord?id=CVE-1999-0106
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0106
CVE-1999-0107
Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.
2000-02-04
2022-08-17
CVE-1999-0107
BUGTRAQ:19971230 Apache DoS attack?
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0107
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0107
XF:apache-dos
CVE-1999-0108
The printers program in IRIX has a buffer overflow that gives root access to local users.
1999-09-29
2005-11-02
CVE-1999-0108
http://seclists.org/bugtraq/1997/May/191
BUGTRAQ:19970527 another day, another buffer overflow....
XF:printers-bo
CVE-1999-0109
Buffer overflow in ffbconfig in Solaris 2.5.1.
1999-09-29
2005-11-02
CVE-1999-0109
AUSCERT:AA-97.06
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/140
SUN:00140
XF:ffbconfig-bo
CVE-1999-0110
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0315. Reason: This candidate's original description had a typo that delayed it from being detected as a duplicate of CVE-1999-0315. Notes: All CVE users should reference CVE-1999-0315 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
2000-02-04
2005-02-03
CVE-1999-0110
CVE-1999-0111
RIP v1 is susceptible to spoofing.
1999-09-29
2022-08-17
CVE-1999-0111
https://www.cve.org/CVERecord?id=CVE-1999-0111
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0111
XF:rip
CVE-1999-0112
Buffer overflow in AIX dtterm program for the CDE.
1999-09-29
2005-11-02
CVE-1999-0112
BUGTRAQ:19970520 AIX 4.2 dtterm exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/878
XF:dtterm-bo(878)
CVE-1999-0113
Some implementations of rlogin allow root access if given a -froot parameter.
1999-09-29
2005-11-02
CVE-1999-0113
http://www.securityfocus.com/bid/458
BID:458
BUGTRAQ:19940729 -froot??? (AIX rlogin bug)
CERT:CA-94.09.bin.login.vulnerability
CIAC:E-26
XF:rlogin-froot
CVE-1999-0114
Local users can execute commands as other users, and read other users' files, through the filter command in the Elm elm-2.4 mail package using a symlink attack.
2000-02-04
2022-08-17
CVE-1999-0114
BUGTRAQ:19951226 filter (elm package) security hole
BUGTRAQ:19990912 elm filter program
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0114
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0114
XF:elm-filter2
CVE-1999-0115
AIX bugfiler program allows local users to gain root access.
2001-05-07
2005-11-02
CVE-1999-0115
http://www.securityfocus.com/bid/1800
BID:1800
BUGTRAQ:19970909 AIX bugfiler
XF:ibm-bugfiler
CVE-1999-0116
Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood.
1999-09-29
2005-11-02
CVE-1999-0116
CERT:CA-96.21.tcp_syn.flooding
ftp://patches.sgi.com/support/free/security/advisories/19961202-01-PX
SGI:19961202-01-PX
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/136
SUN:00136
CVE-1999-0117
AIX passwd allows local users to gain root access.
1999-09-29
2022-08-17
CVE-1999-0117
CERT:CA-92:07.AIX.passwd.vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0117
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0117
XF:ibm-passwd
CVE-1999-0118
AIX infod allows local users to gain root access through an X display.
2000-06-02
2005-11-02
CVE-1999-0118
http://marc.info/?l=bugtraq&m=91158980826979&w=2
BUGTRAQ:19981119 RSI.0011.11-09-98.AIX.INFOD
XF:aix-infod
CVE-1999-0119
Windows NT 4.0 beta allows users to read and delete shares.
2000-02-04
2022-08-17
CVE-1999-0119
https://exchange.xforce.ibmcloud.com/vulnerabilities/11
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/11
CVE-1999-0120
Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root.
1999-09-29
2005-11-02
CVE-1999-0120
CERT:CA-94.06.utmp.vulnerability
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/126
SUN:00126
XF:utmp-write
CVE-1999-0121
Buffer overflow in dtaction command gives root access.
2000-02-04
2022-08-17
CVE-1999-0121
ERS:ERS-SVA-E01-1997:005.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0121
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0121
SUN:00164
CVE-1999-0122
Buffer overflow in AIX lchangelv gives root access.
1999-09-29
2022-08-17
CVE-1999-0122
BUGTRAQ:Jul21,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0122
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0122
XF:lchangelv-bo
CVE-1999-0123
Race condition in Linux mailx command allows local users to read user files.
2000-02-04
2022-08-17
CVE-1999-0123
BUGTRAQ:19951222 mailx-5.5 (slackware /bin/mail) security hole
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0123
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0123
XF:linux-mailx
CVE-1999-0124
Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files that can be accessed by the gopher daemon.
2000-06-02
2022-08-17
CVE-1999-0124
CERT:CA-93:11.UMN.UNIX.gopher.vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0124
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0124
XF:gopher-vuln
CVE-1999-0125
Buffer overflow in SGI IRIX mailx program.
1999-09-29
2005-11-02
CVE-1999-0125
ftp://patches.sgi.com/support/free/security/advisories/19980605-01-PX
SGI:19980605-01-PX
XF:sgi-mailx-bo
CVE-1999-0126
SGI IRIX buffer overflow in xterm and Xaw allows root access.
1999-09-29
2005-11-02
CVE-1999-0126
CERT:VB-98.04.xterm.Xaw
http://www.ciac.org/ciac/bulletins/j-010.shtml
CIAC:J-010
XF:xfree86-xaw
XF:xfree86-xterm-xaw
CVE-1999-0127
swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access.
2000-02-04
2022-08-17
CVE-1999-0127
AUSCERT:AA-96.04
CERT:CA-96.27.hp_sw_install
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0127
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0127
XF:hpux-swinstall
CVE-1999-0128
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
1999-09-29
2022-08-17
CVE-1999-0128
CERT:CA-96.26.ping
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0128
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0128
XF:ping-death
CVE-1999-0129
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
1999-09-29
2022-08-17
CVE-1999-0129
CERT:CA-96.25.sendmail_groups
http://www.cert.org/advisories/CA-1996-25.html
MISC:http://www.cert.org/advisories/CA-1996-25.html
CVE-1999-0130
Local users can start Sendmail in daemon mode and gain root privileges.
1999-09-29
2005-11-02
CVE-1999-0130
http://www.securityfocus.com/bid/716
BID:716
CERT:CA-96.24.sendmail.daemon.mode
XF:sendmail-daemon-mode
CVE-1999-0131
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
1999-09-29
2005-11-02
CVE-1999-0131
http://www.securityfocus.com/bid/717
BID:717
CERT:CA-96.20.sendmail_vul
XF:smtp-875bo
CVE-1999-0132
Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.
1999-09-29
2005-11-02
CVE-1999-0132
http://www.cert.org/advisories/CA-1996-19.html
CERT:CA-1996-19
http://www.osvdb.org/11723
OSVDB:11723
https://exchange.xforce.ibmcloud.com/vulnerabilities/401
XF:expreserve(401)
CVE-1999-0133
fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access.
1999-09-29
2022-08-17
CVE-1999-0133
CERT:CA-96.18.fm_fls
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0133
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0133
XF:fmaker-logfile
CVE-1999-0134
vold in Solaris 2.x allows local users to gain root access.
1999-09-29
2004-09-02
CVE-1999-0134
AUSCERT:AL-96.04
CERT:CA-96.17.Solaris_vold_vul
http://www.osvdb.org/8159
OSVDB:8159
XF:sol-voldtmp
CVE-1999-0135
admintool in Solaris allows a local user to write to arbitrary files and gain root access.
1999-09-29
2022-08-17
CVE-1999-0135
AUSCERT:AL-96.03
CERT:CA-96.16.Solaris_admintool_vul
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0135
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0135
XF:sun-admintool
CVE-1999-0136
Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access.
1999-09-29
2022-08-17
CVE-1999-0136
AUSCERT:AL-96.02
CERT:CA-96.15.Solaris_KCMS_vul
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0136
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0136
XF:sol-KCMSvuln
CVE-1999-0137
The dip program on many Linux systems allows local users to gain root access via a buffer overflow.
1999-09-29
2022-08-17
CVE-1999-0137
CERT:CA-96.13.dip_vul
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0137
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0137
XF:dip-bo
XF:linux-dipbo
CVE-1999-0138
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
1999-09-29
2022-08-17
CVE-1999-0138
CERT:CA-96.12.suidperl_vul
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0138
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0138
XF:sperl-suid
CVE-1999-0139
Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access.
1999-09-29
2004-09-02
CVE-1999-0139
http://www.osvdb.org/8205
OSVDB:8205
RSI:RSI.0012.12-03-98.SOLARIS.MKCOOKIE
XF:sol-mkcookie
CVE-1999-0140
Denial of service in RAS/PPTP on NT systems.
2000-02-04
2022-08-17
CVE-1999-0140
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0140
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0140
CVE-1999-0141
Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet.
1999-09-29
2005-11-02
CVE-1999-0141
CERT:CA-96.07.java_bytecode_verifier
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/134
SUN:00134
XF:http-java-applet
CVE-1999-0142
The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts.
2000-06-02
2022-08-17
CVE-1999-0142
CERT:CA-96.05.java_applet_security_mgr
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0142
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0142
XF:http-java-appletsecmgr
CVE-1999-0143
Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.
1999-09-29
2022-08-17
CVE-1999-0143
CERT:CA-96.03.kerberos_4_key_server
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0143
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0143
XF:kerberos-bf
CVE-1999-0144
Denial of service in Qmail by specifying a large number of recipients with the RCPT command.
2000-02-04
2017-12-18
CVE-1999-0144
http://www.securityfocus.com/bid/2237
BID:2237
http://marc.info/?l=bugtraq&m=87602558319029&w=2
BUGTRAQ:19970612 Re: Denial of service (qmail-smtpd)
http://marc.info/?l=bugtraq&m=87602558319024&w=2
BUGTRAQ:19970612 qmail-dos-2.c, another denial of service attack
http://cr.yp.to/qmail/venema.html
MISC:http://cr.yp.to/qmail/venema.html
http://www.ornl.gov/its/archives/mailing-lists/qmail/1997/06/threads.html
MISC:http://www.ornl.gov/its/archives/mailing-lists/qmail/1997/06/threads.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/208
XF:qmail-rcpt(208)
CVE-1999-0145
Sendmail WIZ command enabled, allowing root access.
2000-10-13
2019-06-11
CVE-1999-0145
http://www2.dataguard.no/bugtraq/1995_1/0332.html
BUGTRAQ:19950206 sendmail wizard thing...
http://www.cert.org/advisories/CA-1990-11.html
CERT:CA-1990-11
http://www.cert.org/advisories/CA-1993-14.html
CERT:CA-1993-14
http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html
FARMERVENEMA:Improving the Security of Your Site by Breaking Into it
http://seclists.org/fulldisclosure/2019/Jun/16
FULLDISC:20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)
http://www.openwall.com/lists/oss-security/2019/06/05/4
MLIST:[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
http://www.openwall.com/lists/oss-security/2019/06/06/1
MLIST:[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit
CVE-1999-0146
The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file.
1999-09-29
2005-11-02
CVE-1999-0146
http://www.securityfocus.com/bid/1975
BID:1975
BUGTRAQ:19970715 Bug CGI campas
https://exchange.xforce.ibmcloud.com/vulnerabilities/298
XF:http-cgi-campas(298)
CVE-1999-0147
The aglimpse CGI program of the Glimpse package allows remote execution of arbitrary commands.
1999-09-29
2022-08-17
CVE-1999-0147
AUSCERT:AA-97.28
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0147
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0147
XF:http-cgi-glimpse
CVE-1999-0148
The handler CGI program in IRIX allows arbitrary command execution.
1999-09-29
2005-11-02
CVE-1999-0148
http://www.securityfocus.com/bid/380
BID:380
ftp://patches.sgi.com/support/free/security/advisories/19970501-02-PX
SGI:19970501-02-PX
XF:http-sgi-handler
CVE-1999-0149
The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack.
1999-09-29
2005-11-02
CVE-1999-0149
http://www.securityfocus.com/bid/373
BID:373
BUGTRAQ:19970420 IRIX 6.x /cgi-bin/wrap bug
http://www.osvdb.org/247
OSVDB:247
ftp://patches.sgi.com/support/free/security/advisories/19970501-02-PX
SGI:19970501-02-PX
https://exchange.xforce.ibmcloud.com/vulnerabilities/290
XF:http-sgi-wrap(290)
CVE-1999-0150
The Perl fingerd program allows arbitrary command execution from remote users.
1999-09-29
2022-08-17
CVE-1999-0150
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0150
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0150
XF:perl-fingerd
CVE-1999-0151
The SATAN session key may be disclosed if the user points the web browser to other sites, possibly allowing root access.
2000-01-04
2022-08-17
CVE-1999-0151
CERT:CA-95.06.satan.vul
CERT:CA-95.07a.REVISED.satan.vul
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0151
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0151
CVE-1999-0152
The DG/UX finger daemon allows remote command execution through shell metacharacters.
1999-09-29
2022-08-17
CVE-1999-0152
BUGTRAQ:19970811 dgux in.fingerd vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0152
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0152
XF:dgux-fingerd
CVE-1999-0153
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.
1999-09-29
2004-09-02
CVE-1999-0153
http://www.osvdb.org/1666
OSVDB:1666
XF:win-oob
CVE-1999-0154
IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL.
2001-09-12
2022-08-17
CVE-1999-0154
BUGTRAQ:19970220 ! [ADVISORY] Major Security Hole in MS ASP
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0154
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0154
MSKB:Q163485
MSKB:Q164059
XF:http-iis-aspdot
XF:http-iis-aspsource
CVE-1999-0155
The ghostscript command with the -dSAFER option allows remote attackers to execute commands.
1999-09-29
2022-08-17
CVE-1999-0155
CERT:CA-95.10.ghostscript
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0155
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0155
XF:gscript-dsafer
CVE-1999-0156
wu-ftpd FTP daemon allows any user and password combination.
2000-02-04
2022-08-17
CVE-1999-0156
https://www.cve.org/CVERecord?id=CVE-1999-0156
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0156
XF:ftp-pwless
CVE-1999-0157
Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service.
1999-09-29
2009-03-01
CVE-1999-0157
CISCO:http://www.cisco.com/warp/public/770/nifrag.shtml
http://www.osvdb.org/1097
OSVDB:1097
XF:cisco-fragmented-attacks
CVE-1999-0158
Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM server and retrieve any file whose name and location is known.
1999-09-29
2004-09-02
CVE-1999-0158
http://www.cisco.com/warp/public/770/pixmgrfile-pub.shtml
CISCO:20010913 Cisco PIX Firewall Manager File Exposure
http://www.osvdb.org/685
OSVDB:685
XF:cisco-pix-file-exposure
CVE-1999-0159
Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases.
1999-09-29
2022-08-17
CVE-1999-0159
CISCO:http://www.cisco.com/warp/public/770/ioslogin-pub.shtml
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0159
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0159
XF:cisco-ios-crash
CVE-1999-0160
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections.
1999-09-29
2009-03-01
CVE-1999-0160
CIAC:I-002A
CISCO:19971001 Vulnerabilities in Cisco CHAP Authentication
http://www.osvdb.org/1099
OSVDB:1099
XF:cisco-chap
CVE-1999-0161
In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering.
1999-09-29
2009-03-01
CVE-1999-0161
CISCO:http://www.cisco.com/warp/public/707/1.html
http://www.osvdb.org/797
OSVDB:797
XF:cisco-acl-tacacs
CVE-1999-0162
The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering.
1999-09-29
2022-08-17
CVE-1999-0162
CISCO:19950601 "Established" Keyword May Allow Packets to Bypass Filter
https://www.cve.org/CVERecord?id=CVE-1999-0162
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0162
XF:cisco-acl-established
CVE-1999-0163
In older versions of Sendmail, an attacker could use a pipe character to execute root commands.
2000-02-04
2022-08-17
CVE-1999-0163
https://www.cve.org/CVERecord?id=CVE-1999-0163
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0163
XF:smtp-pipe
CVE-1999-0164
A race condition in the Solaris ps command allows an attacker to overwrite critical files.
1999-09-29
2004-09-02
CVE-1999-0164
AUSCERT:AA-95.07
CERT:CA-95.09.Solaris.ps.vul
http://www.osvdb.org/8346
OSVDB:8346
XF:sol-pstmprace
CVE-1999-0165
NFS cache poisoning.
2000-02-04
2022-08-17
CVE-1999-0165
https://www.cve.org/CVERecord?id=CVE-1999-0165
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0165
XF:nfs-cache
CVE-1999-0166
NFS allows users to use a "cd .." command to access other directories besides the exported file system.
1999-09-29
2022-08-17
CVE-1999-0166
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0166
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0166
XF:nfs-cd
CVE-1999-0167
In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system.
1999-09-29
2022-08-17
CVE-1999-0167
CERT:CA-91.21.SunOS.NFS.Jumbo.and.fsirand
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0167
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0167
XF:nfs-guess
CVE-1999-0168
The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions.
1999-09-29
2022-08-17
CVE-1999-0168
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0168
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0168
XF:nfs-portmap
CVE-1999-0169
NFS allows attackers to read and write any file on the system by specifying a false UID.
2000-02-04
2022-08-17
CVE-1999-0169
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0169
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0169
XF:nfs-uid
CVE-1999-0170
Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list.
1999-09-29
2022-08-17
CVE-1999-0170
https://www.cve.org/CVERecord?id=CVE-1999-0170
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0170
XF:nfs-ultrix
CVE-1999-0171
Denial of service in syslog by sending it a large number of superfluous messages.
2000-02-04
2022-08-17
CVE-1999-0171
https://www.cve.org/CVERecord?id=CVE-1999-0171
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0171
XF:syslog-flood
CVE-1999-0172
FormMail CGI program allows remote execution of commands.
1999-09-29
2022-08-17
CVE-1999-0172
BUGTRAQ:Aug02,1995
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0172
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0172
XF:http-cgi-formmail-exe
CVE-1999-0173
FormMail CGI program can be used by web servers other than the host server that the program resides on.
1999-09-29
2022-08-17
CVE-1999-0173
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0173
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0173
XF:http-cgi-formmail-use
CVE-1999-0174
The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.
1999-09-29
2022-08-17
CVE-1999-0174
BUGTRAQ:19970208 view-source
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174
XF:http-cgi-viewsrc
CVE-1999-0175
The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server.
1999-09-29
2022-08-17
CVE-1999-0175
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0175
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0175
XF:http-nov-convert
CVE-1999-0176
The Webgais program allows a remote user to execute arbitrary commands.
1999-09-29
2022-08-17
CVE-1999-0176
BUGTRAQ:Jul10,1997
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0176
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0176
XF:http-webgais-query
CVE-1999-0177
The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs.
1999-09-29
2022-08-17
CVE-1999-0177
BUGTRAQ:19970904 [Alert] Website's uploader.exe (from demo) vulnerable
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0177
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0177
NTBUGTRAQ:19970904 [Alert] Website's uploader.exe (from demo) vulnerable
NTBUGTRAQ:19970905 Re: FW: [Alert] Website's uploader.exe (from demo) vulnerable
XF:http-website-uploader
CVE-1999-0178
Buffer overflow in the win-c-sample program (win-c-sample.exe) in the WebSite web server 1.1e allows remote attackers to execute arbitrary code via a long query string.
1999-09-29
2005-11-02
CVE-1999-0178
http://www.securityfocus.com/bid/2078
BID:2078
http://archives.neohapsis.com/archives/bugtraq/1997_1/0021.html
BUGTRAQ:19970106 Re: signal handling
http://www.osvdb.org/8
OSVDB:8
https://exchange.xforce.ibmcloud.com/vulnerabilities/295
XF:http-website-winsample(295)
CVE-1999-0179
Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share.
1999-09-29
2005-11-02
CVE-1999-0179
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q140818
MSKB:Q140818
XF:nt-35
XF:nt-351
XF:nt-samba-dotdot
CVE-1999-0180
in.rshd allows users to login with a NULL username and execute commands.
1999-09-29
2022-08-17
CVE-1999-0180
https://www.cve.org/CVERecord?id=CVE-1999-0180
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0180
XF:rsh-null
CVE-1999-0181
The wall daemon can be used for denial of service, social engineering attacks, or to execute remote commands.
1999-09-29
2022-08-17
CVE-1999-0181
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0181
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0181
XF:walld
CVE-1999-0182
Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password.
1999-09-29
2005-11-02
CVE-1999-0182
CERT:VB-97.10.samba
http://www.ciac.org/ciac/bulletins/h-110.shtml
CIAC:H-110
XF:nt-samba-bo
CVE-1999-0183
Linux implementations of TFTP would allow access to files outside the restricted directory.
1999-09-29
2022-08-17
CVE-1999-0183
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0183
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0183
XF:linux-tftp
CVE-1999-0184
When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records.
1999-09-29
2022-08-17
CVE-1999-0184
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0184
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0184
XF:dns-updates
CVE-1999-0185
In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.
1999-09-29
2005-11-02
CVE-1999-0185
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/156
SUN:00156
XF:sun-ftpd/logind
CVE-1999-0186
In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters.
2000-02-04
2007-11-18
CVE-1999-0186
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10080762.htm
CONFIRM:http://support.novell.com/cgi-bin/search/searchtid.cgi?/10080762.htm
SUN:00178
XF:snmp-backdoor-access
CVE-1999-0187
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0022. Reason: This candidate is a duplicate of CVE-1999-0022. Notes: All CVE users should reference CVE-1999-0022 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
2000-02-04
2005-02-03
CVE-1999-0187
CVE-1999-0188
The passwd command in Solaris can be subjected to a denial of service.
1999-09-29
2005-11-02
CVE-1999-0188
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/182
SUN:00182
XF:sun-passwd-dos
CVE-1999-0189
Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111.
2000-03-22
2005-11-02
CVE-1999-0189
NAI:NAI-15
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/142
SUN:00142
XF:rpc-32771
CVE-1999-0190
Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access.
1999-09-29
2005-11-02
CVE-1999-0190
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/167
SUN:00167
XF:sun-rpcbind
CVE-1999-0191
IIS newdsn.exe CGI script allows remote users to overwrite files.
1999-09-29
2004-09-02
CVE-1999-0191
http://www.osvdb.org/275
OSVDB:275
XF:http-cgi-newdsn
CVE-1999-0192
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
1999-09-29
2022-08-17
CVE-1999-0192
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192
SNI:SNI-20
XF:bsd-tel-tgetent
CVE-1999-0193
Denial of service in Ascend and 3com routers, which can be rebooted by sending a zero length TCP option.
2000-02-04
2022-08-17
CVE-1999-0193
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0193
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0193
CVE-1999-0194
Denial of service in in.comsat allows attackers to generate messages.
1999-09-29
2022-08-17
CVE-1999-0194
https://www.cve.org/CVERecord?id=CVE-1999-0194
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0194
XF:comsat
CVE-1999-0195
Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1.
2000-02-04
2022-08-17
CVE-1999-0195
BUGTRAQ:19990128 rpcbind: deceive, enveigle and obfuscate
https://www.cve.org/CVERecord?id=CVE-1999-0195
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0195
CVE-1999-0196
websendmail in Webgais 1.0 allows a remote user to access arbitrary files and execute arbitrary code via the receiver parameter ($VAR_receiver variable).
1999-09-29
2005-11-02
CVE-1999-0196
http://www.securityfocus.com/bid/2077
BID:2077
BUGTRAQ:19970704 Vulnerability in websendmail
http://www.osvdb.org/237
OSVDB:237
XF:http-webgais-smail
CVE-1999-0197
finger 0@host on some systems may print information on some user accounts.
2000-02-04
2022-08-17
CVE-1999-0197
https://exchange.xforce.ibmcloud.com/vulnerabilities/8378
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/8378
CVE-1999-0198
finger .@host on some systems may print information on some user accounts.
2000-02-04
2022-08-17
CVE-1999-0198
https://exchange.xforce.ibmcloud.com/vulnerabilities/8378
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/8378
CVE-1999-0199
manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999.
2020-10-06
2020-10-06
CVE-1999-0199
https://ftp.gnu.org/gnu/glibc/glibc-2.2.tar.gz
MISC:https://ftp.gnu.org/gnu/glibc/glibc-2.2.tar.gz
https://github.com/bminor/glibc/commit/2864e767053317538feafa815046fff89e5a16be#diff-94e8c502f255fdfc346df0e29fd4ef40
MISC:https://github.com/bminor/glibc/commit/2864e767053317538feafa815046fff89e5a16be#diff-94e8c502f255fdfc346df0e29fd4ef40
https://www.cee.studio/tdelete.html
MISC:https://www.cee.studio/tdelete.html
CVE-1999-0200
Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password.
2000-02-04
2022-08-17
CVE-1999-0200
http://www.microsoft.com/technet/support/kb.asp?ID=137853
MISC:http://www.microsoft.com/technet/support/kb.asp?ID=137853
MSKB:Q137853
CVE-1999-0201
A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user.
1999-09-29
2022-08-17
CVE-1999-0201
https://www.cve.org/CVERecord?id=CVE-1999-0201
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0201
XF:ftp-home
CVE-1999-0202
The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands.
1999-09-29
2022-08-17
CVE-1999-0202
https://www.cve.org/CVERecord?id=CVE-1999-0202
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0202
XF:ftp-exectar
CVE-1999-0203
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.
2000-04-25
2022-08-17
CVE-1999-0203
CERT:CA-95.08
CIAC:E-03
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0203
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0203
XF:smtp-sendmail-version5
CVE-1999-0204
Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.
1999-09-29
2022-08-17
CVE-1999-0204
CIAC:F-13
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0204
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0204
XF:ident-bo
CVE-1999-0205
Denial of service in Sendmail 8.6.11 and 8.6.12.
2000-02-04
2022-08-17
CVE-1999-0205
BUGTRAQ:19990708 SM 8.6.12
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0205
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0205
CVE-1999-0206
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
1999-09-29
2022-08-17
CVE-1999-0206
AUSCERT:AA-96.06a
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0206
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0206
XF:sendmail-mime-bo
CVE-1999-0207
Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command.
1999-09-29
2022-08-17
CVE-1999-0207
CERT:CA-94.11.majordomo.vulnerabilities
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0207
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0207
XF:majordomo-exe
CVE-1999-0208
rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.
1999-09-29
2022-08-17
CVE-1999-0208
CERT:CA-95.17.rpc.ypupdated.vul
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0208
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0208
XF:rpc-update
CVE-1999-0209
The SunView (SunTools) selection_svc facility allows remote users to read files.
1999-09-29
2005-11-02
CVE-1999-0209
http://www.securityfocus.com/bid/8
BID:8
CERT:CA-90.05.sunselection.vulnerability
XF:selsvc
CVE-1999-0210
Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.
2000-06-02
2009-03-01
CVE-1999-0210
http://www.securityfocus.com/bid/235
BID:235
http://marc.info/?l=bugtraq&m=88053459921223&w=2
BUGTRAQ:19971126 Solaris 2.5.1 automountd exploit (fwd)
http://marc.info/?l=bugtraq&m=91547759121289&w=2
BUGTRAQ:19990103 SUN almost has a clue! (automountd)
http://www.cert.org/advisories/CA-99-05-statd-automountd.html
CERT:CA-99-05
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9910-104
HP:HPSBUX9910-104
CVE-1999-0211
Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone.
1999-09-29
2024-02-21
CVE-1999-0211
http://www.securityfocus.com/bid/24
BID:24
CERT:CA-94.02.REVISED.SunOS.rpc.mountd.vulnerability
https://vuls.cert.org/confluence/pages/viewpage.action?pageId=96665790
MISC:https://vuls.cert.org/confluence/pages/viewpage.action?pageId=96665790
https://vuls.cert.org/confluence/pages/viewpage.action?pageId=97124517
MISC:https://vuls.cert.org/confluence/pages/viewpage.action?pageId=97124517
https://vuls.cert.org/confluence/pages/viewpage.action?pageId=97124527
MISC:https://vuls.cert.org/confluence/pages/viewpage.action?pageId=97124527
CVE-1999-0212
Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server.
2000-01-04
2005-11-02
CVE-1999-0212
http://www.ciac.org/ciac/bulletins/i-048.shtml
CIAC:I-048
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/168
SUN:00168
XF:sun-mountd
CVE-1999-0213
libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind.
2000-02-04
2022-08-17
CVE-1999-0213
http://www.securityfocus.com/archive/1/9749
MISC:http://www.securityfocus.com/archive/1/9749
SUNBUG:4305859
XF:sun-libnsl
CVE-1999-0214
Denial of service by sending forged ICMP unreachable packets.
1999-09-29
2022-08-17
CVE-1999-0214
https://www.cve.org/CVERecord?id=CVE-1999-0214
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0214
XF:icmp-unreachable
CVE-1999-0215
Routed allows attackers to append data to files.
1999-09-29
2005-11-02
CVE-1999-0215
http://www.ciac.org/ciac/bulletins/j-012.shtml
CIAC:J-012
ftp://patches.sgi.com/support/free/security/advisories/19981004-01-PX
SGI:19981004-01-PX
XF:ripapp
CVE-1999-0216
Denial of service of inetd on Linux through SYN and RST packets.
2000-02-04
2022-08-17
CVE-1999-0216
BUGTRAQ:19971130 Linux inetd..
HP:HPSBUX9803-077
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0216
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0216
XF:hp-inetd
XF:linux-inetd-dos
CVE-1999-0217
Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems.
1999-09-29
2022-08-17
CVE-1999-0217
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0217
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0217
XF:udp-bomb
CVE-1999-0218
Livingston portmaster machines could be rebooted via a series of commands.
1999-09-29
2022-08-17
CVE-1999-0218
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0218
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0218
XF:portmaster-reboot
CVE-1999-0219
Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command.
1999-09-29
2005-11-02
CVE-1999-0219
http://www.securityfocus.com/bid/269
BID:269
BUGTRAQ:19990909 Exploit: Serv-U Ver2.5 FTPd Win9x/NT
http://marc.info/?l=ntbugtraq&m=92574916930144&w=2
NTBUGTRAQ:19990503 Buffer overflows in FTP Serv-U 2.5
http://marc.info/?l=ntbugtraq&m=92582581330282&w=2
NTBUGTRAQ:19990504 Re: Buffer overflows in FTP Serv-U 2.5
https://exchange.xforce.ibmcloud.com/vulnerabilities/205
XF:ftp-servu(205)
CVE-1999-0220
Attackers can do a denial of service of IRC by crashing the server.
2000-02-04
2022-08-17
CVE-1999-0220
https://www.cve.org/CVERecord?id=CVE-1999-0220
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0220
CVE-1999-0221
Denial of service of Ascend routers through port 150 (remote administration).
1999-09-29
2022-08-17
CVE-1999-0221
https://www.cve.org/CVERecord?id=CVE-1999-0221
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0221
XF:ascend-150-kill
CVE-1999-0222
Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL.
2000-02-04
2022-08-17
CVE-1999-0222
http://www.securityfocus.com/archive/1/60159
MISC:http://www.securityfocus.com/archive/1/60159
CVE-1999-0223
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.
2001-05-07
2005-11-02
CVE-1999-0223
http://www.securityfocus.com/bid/1878
BID:1878
BUGTRAQ:19961109 Syslogd and Solaris 2.4
http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?patchid=103291&collection=fpatches
CONFIRM:http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?patchid=103291&collection=fpatches
SUNBUG:1249320
XF:sol-syslogd-crash
CVE-1999-0224
Denial of service in Windows NT messenger service through a long username.
1999-09-29
2022-08-17
CVE-1999-0224
https://www.cve.org/CVERecord?id=CVE-1999-0224
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0224
XF:nt-messenger
CVE-1999-0225
Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size.
2000-06-02
2005-11-02
CVE-1999-0225
http://www.microsoft.com/technet/support/kb.asp?ID=180963
MSKB:Q180963
http://www.nai.com/nai_labs/asp_set/advisory/25_windows_nt_dos_adv.asp
NAI:19980214 Windows NT Logon Denial of Service
XF:nt-logondos
CVE-1999-0226
Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service.
2000-02-04
2022-08-17
CVE-1999-0226
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0226
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0226
CVE-1999-0227
Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.
1999-09-29
2005-11-02
CVE-1999-0227
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q154087
MSKB:Q154087
XF:nt-lsass-crash
CVE-1999-0228
Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT.
1999-09-29
2005-11-02
CVE-1999-0228
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q162567
MSKB:Q162567
XF:nt-rpc-ver
CVE-1999-0229
Denial of service in Windows NT IIS server using ..\..
2000-02-04
2022-08-17
CVE-1999-0229
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0229
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0229
MSKB:Q115052
CVE-1999-0230
Buffer overflow in Cisco 7xx routers through the telnet service.
1999-09-29
2004-09-02
CVE-1999-0230
CISCO:http://www.cisco.com/warp/public/770/pwbuf-pub.shtml
http://www.osvdb.org/1102
OSVDB:1102
CVE-1999-0231
Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access.
2000-02-04
2022-08-17
CVE-1999-0231
BUGTRAQ:19990317 Re: SLMail 2.6 DoS - Imail also
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0231
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0231
CVE-1999-0232
Buffer overflow in NCSA WebServer (version 1.5c) gives remote access.
2000-02-04
2022-08-17
CVE-1999-0232
https://www.cve.org/CVERecord?id=CVE-1999-0232
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0232
CVE-1999-0233
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.
2000-01-18
2005-11-02
CVE-1999-0233
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q148188
MSKB:Q148188
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q155056
MSKB:Q155056
XF:http-iis-cmd
CVE-1999-0234
Bash treats any character with a value of 255 as a command separator.
1999-09-29
2022-08-17
CVE-1999-0234
CERT:CA-96.22.bash_vuls
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234
XF:bash-cmd
CVE-1999-0235
Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote access.
2000-02-04
2022-08-17
CVE-1999-0235
CERT:CA-95:04
CIAC:F-11
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0235
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0235
CVE-1999-0236
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
1999-09-29
2022-08-17
CVE-1999-0236
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0236
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0236
XF:http-scriptalias
CVE-1999-0237
Remote execution of arbitrary commands through Guestbook CGI program.
1999-09-29
2022-08-17
CVE-1999-0237
CERT:VB-97.02
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0237
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0237
XF:http-cgi-guestbook
CVE-1999-0238
php.cgi allows attackers to read any file on the system.
2000-02-04
2022-08-17
CVE-1999-0238
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0238
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0238
XF:http-cgi-phpfileread
CVE-1999-0239
Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET.
1999-09-29
2004-09-02
CVE-1999-0239
http://www.osvdb.org/122
OSVDB:122
XF:fastrack-get-directory-list
CVE-1999-0240
Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy.
2000-02-04
2022-08-17
CVE-1999-0240
https://www.cve.org/CVERecord?id=CVE-1999-0240
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0240
CVE-1999-0241
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.
2000-02-04
2022-08-17
CVE-1999-0241
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0241
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0241
XF:http-xguess-cookie
CVE-1999-0242
Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords.
2000-02-04
2022-08-17
CVE-1999-0242
BUGTRAQ:19951222 mailx-5.5 (slackware /bin/mail) security hole
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0242
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0242
XF:linux-pop3d
CVE-1999-0243
Linux cfingerd could be exploited to gain root access.
2000-02-04
2022-08-17
CVE-1999-0243
http://www.geocrawler.com/archives/3/92/1996/9/0/2217716/
MISC:http://www.geocrawler.com/archives/3/92/1996/9/0/2217716/
CVE-1999-0244
Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root.
1999-09-29
2022-08-17
CVE-1999-0244
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0244
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0244
NAI:NAI-23
XF:radius-accounting-overflow
CVE-1999-0245
Some configurations of NIS+ in Linux allowed attackers to log in as the user "+".
1999-09-29
2022-08-17
CVE-1999-0245
BUGTRAQ:19950907 Linux NIS security problem hole and fix
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0245
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0245
XF:linux-plus
CVE-1999-0246
HP Remote Watch allows a remote user to gain root access.
2000-02-04
2022-08-17
CVE-1999-0246
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0246
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0246
XF:hp-remote
CVE-1999-0247
Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands.
2000-10-13
2005-11-02
CVE-1999-0247
http://www.securityfocus.com/bid/1443
BID:1443
http://www.nai.com/nai_labs/asp_set/advisory/17_inn_avd.asp
NAI:19970721 INN news server vulnerabilities
XF:inn-bo
CVE-1999-0248
A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.
2000-10-13
2005-11-02
CVE-1999-0248
http://www.uni-karlsruhe.de/~ig25/ssh-faq/ssh-faq-6.html#ss6.1
CONFIRM:http://www.uni-karlsruhe.de/~ig25/ssh-faq/ssh-faq-6.html#ss6.1
http://oliver.efri.hr/~crv/security/bugs/mUNIXes/ssh2.html
MISC:http://oliver.efri.hr/~crv/security/bugs/mUNIXes/ssh2.html
CVE-1999-0249
Windows NT RSHSVC program allows remote users to execute arbitrary commands.
2000-02-04
2022-08-17
CVE-1999-0249
https://www.cve.org/CVERecord?id=CVE-1999-0249
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0249
CVE-1999-0250
Denial of service in Qmail through long SMTP commands.
2000-02-04
2016-10-17
CVE-1999-0250
http://marc.info/?l=bugtraq&m=87602558319024&w=2
BUGTRAQ:19970612 qmail-dos-2.c, another denial of service attack
http://cr.yp.to/qmail/venema.html
MISC:http://cr.yp.to/qmail/venema.html
http://www.ornl.gov/its/archives/mailing-lists/qmail/1997/06/threads.html
MISC:http://www.ornl.gov/its/archives/mailing-lists/qmail/1997/06/threads.html
XF:qmail-leng
CVE-1999-0251
Denial of service in talk program allows remote attackers to disrupt a user's display.
1999-09-29
2022-08-17
CVE-1999-0251
https://www.cve.org/CVERecord?id=CVE-1999-0251
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0251
XF:talkd-flash
CVE-1999-0252
Buffer overflow in listserv allows arbitrary command execution.
1999-09-29
2022-08-17
CVE-1999-0252
https://www.cve.org/CVERecord?id=CVE-1999-0252
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0252
XF:smtp-listserv
CVE-1999-0253
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.
2000-02-04
2022-08-17
CVE-1999-0253
L0PHT:19970319
http://www.securityfocus.com/bid/1814
MISC:http://www.securityfocus.com/bid/1814
XF:http-iis-2e
CVE-1999-0254
A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.
2000-02-04
2022-08-17
CVE-1999-0254
ISS:Hidden SNMP community in HP OpenView
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0254
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0254
XF:hpov-hidden-snmp-comm
CVE-1999-0255
Buffer overflow in ircd allows arbitrary command execution.
2000-02-04
2022-08-17
CVE-1999-0255
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0255
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0255
CVE-1999-0256
Buffer overflow in War FTP allows remote execution of commands.
1999-09-29
2004-09-02
CVE-1999-0256
http://www.osvdb.org/875
OSVDB:875
XF:war-ftpd
CVE-1999-0257
Nestea variation of teardrop IP fragmentation denial of service.
2000-02-04
2022-08-17
CVE-1999-0257
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0257
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0257
CVE-1999-0258
Bonk variation of teardrop IP fragmentation denial of service.
2000-02-04
2022-08-17
CVE-1999-0258
https://marc.info/?l=ntbugtraq&m=88901842000424&w=2
MISC:https://marc.info/?l=ntbugtraq&m=88901842000424&w=2
CVE-1999-0259
cfingerd lists all users on a system via search.**@target.
2000-01-18
2022-08-17
CVE-1999-0259
BUGTRAQ:19970523 cfingerd vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0259
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0259
XF:cfinger-user-enumeration
CVE-1999-0260
The jj CGI program allows command execution via shell metacharacters.
1999-09-29
2022-08-17
CVE-1999-0260
BUGTRAQ:19961224 jj cgi
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0260
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0260
XF:http-cgi-jj
CVE-1999-0261
Netmanager Chameleon SMTPd has several buffer overflows that cause a crash.
2000-02-04
2002-04-12
CVE-1999-0261
BUGTRAQ:19980504 Netmanage Holes
http://www.insecure.org/sploits/netmanage.chameleon.overflows.html
MISC:http://www.insecure.org/sploits/netmanage.chameleon.overflows.html
CVE-1999-0262
Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string.
1999-09-29
2005-11-02
CVE-1999-0262
http://www.securityfocus.com/bid/2056
BID:2056
BUGTRAQ:19980804 PATCH: faxsurvey
BUGTRAQ:19980804 remote exploit in faxsurvey cgi-script
https://exchange.xforce.ibmcloud.com/vulnerabilities/1532
XF:http-cgi-faxsurvey(1532)
CVE-1999-0263
Solaris SUNWadmap can be exploited to obtain root access.
1999-09-29
2005-11-02
CVE-1999-0263
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/173
SUN:00173
XF:sun-sunwadmap
CVE-1999-0264
htmlscript CGI program allows remote read access to files.
1999-09-29
2022-08-17
CVE-1999-0264
BUGTRAQ:Jan27,1998
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0264
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0264
XF:http-htmlscript-file-access
CVE-1999-0265
ICMP redirect messages may crash or lock up a host.
1999-09-29
2005-11-02
CVE-1999-0265
ISS:ICMP Redirects Against Embedded Controllers
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q154174
MSKB:Q154174
XF:icmp-redirect
CVE-1999-0266
The info2www CGI script allows remote file access or remote command execution.
1999-09-29
2005-11-02
CVE-1999-0266
http://www.securityfocus.com/bid/1995
BID:1995
BUGTRAQ:19980303 Vulnerabilites in some versions of info2www CGI
XF:http-cgi-info2www
CVE-1999-0267
Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution.
1999-09-29
2022-08-17
CVE-1999-0267
CERT:CA-95.04.NCSA.http.daemon.for.unix.vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0267
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0267
XF:http-port
CVE-1999-0268
MetaInfo MetaWeb web server allows users to upload, execute, and read scripts.
2001-05-07
2004-09-02
CVE-1999-0268
BUGTRAQ:19980630 Security vulnerabilities in MetaInfo products
BUGTRAQ:19980703 Followup to MetaInfo vulnerabilities
http://www.osvdb.org/110
OSVDB:110
http://www.osvdb.org/3969
OSVDB:3969
XF:metaweb-server-dot-attack
CVE-1999-0269
Netscape Enterprise servers may list files through the PageServices query.
1999-09-29
2022-08-17
CVE-1999-0269
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0269
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0269
XF:netscape-server-pageservices
CVE-1999-0270
Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files.
2000-01-18
2005-11-02
CVE-1999-0270
http://www.securityfocus.com/bid/64
BID:64
BUGTRAQ:19980317 IRIX performer_tools bug
http://www.ciac.org/ciac/bulletins/i-041.shtml
CIAC:I-041
http://www.osvdb.org/134
OSVDB:134
ftp://patches.sgi.com/support/free/security/advisories/19980401-01-P
SGI:19980401-01-P
https://exchange.xforce.ibmcloud.com/vulnerabilities/810
XF:sgi-pfdispaly(810)
CVE-1999-0271
Progressive Networks Real Video server (pnserver) can be crashed remotely.
2000-02-04
2022-08-17
CVE-1999-0271
BUGTRAQ:19980115 pnserver exploit..
BUGTRAQ:19980817 Re: Real Audio Server Version 5 bug?
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0271
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0271
CVE-1999-0272
Denial of service in Slmail v2.5 through the POP3 port.
1999-09-29
2022-08-17
CVE-1999-0272
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0272
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0272
XF:slmail-username-bo
CVE-1999-0273
Denial of service through Solaris 2.5.1 telnet by sending ^D characters.
1999-09-29
2022-08-17
CVE-1999-0273
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0273
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0273
XF:sun-telnet-kill
CVE-1999-0274
Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made.
1999-09-29
2022-08-17
CVE-1999-0274
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0274
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0274
NAI:NAI-5
XF:nt-dns-dos
CVE-1999-0275
Denial of service in Windows NT DNS servers by flooding port 53 with too many characters.
2000-01-04
2022-08-17
CVE-1999-0275
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0275
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0275
MS:Q169461
XF:nt-dnscrash
XF:nt-dnsver
CVE-1999-0276
mSQL v2.0.1 and below allows remote execution through a buffer overflow.
1999-09-29
2022-08-17
CVE-1999-0276
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0276
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0276
SEKURE:sekure.01-99.msql
XF:msql-debug-bo
CVE-1999-0277
The WorkMan program can be used to overwrite any file to get root access.
1999-09-29
2022-08-17
CVE-1999-0277
CERT:CA-96.23.workman_vul
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0277
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0277
XF:workman
CVE-1999-0278
In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.
1999-09-29
2004-09-02
CVE-1999-0278
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-003
MS:MS98-003
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A913
OVAL:oval:org.mitre.oval:def:913
XF:iis-asp-data-check
CVE-1999-0279
Excite for Web Servers (EWS) allows remote command execution via shell metacharacters.
1999-09-29
2022-08-17
CVE-1999-0279
BUGTRAQ:19971217 CGI security hole in EWS (Excite for Web Servers)
BUGTRAQ:19980115 Excite announcement
CERT:VB-98.01.excite
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0279
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0279
XF:excite-cgi-search-vuln
CVE-1999-0280
Remote command execution in Microsoft Internet Explorer using .lnk and .url files.
2000-01-04
2022-08-17
CVE-1999-0280
CIAC:H-38
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0280
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0280
NTBUGTRAQ:19970317 Internet Explorer Bug #4
XF:http-ie-lnkurl
CVE-1999-0281
Denial of service in IIS using long URLs.
1999-09-29
2022-08-17
CVE-1999-0281
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0281
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0281
XF:http-iis-longurl
CVE-1999-0282
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1584, CVE-1999-1586. Reason: This candidate combined references from one issue with the description from another issue. Notes: Users should consult CVE-1999-1584 and CVE-1999-1586 to obtain the appropriate name. All references and descriptions in this candidate have been removed to prevent accidental usage.
2000-02-04
2005-08-29
CVE-1999-0282
CVE-1999-0283
The Java Web Server would allow remote users to obtain the source code for CGI programs.
2000-02-04
2016-10-17
CVE-1999-0283
http://marc.info/?l=bugtraq&m=88256790401004&w=2
BUGTRAQ:19970716 Viewable .jhtml source with JavaWebServer
CVE-1999-0284
Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.
2000-02-04
2022-08-17
CVE-1999-0284
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0284
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0284
XF:smtp-helo-bo
CVE-1999-0285
Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.
2000-02-04
2022-08-17
CVE-1999-0285
https://www.cve.org/CVERecord?id=CVE-1999-0285
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0285
CVE-1999-0286
In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages.
2000-02-04
2022-08-17
CVE-1999-0286
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0286
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0286
CVE-1999-0287
Vulnerability in the Wguest CGI program.
2000-02-04
2022-08-17
CVE-1999-0287
https://marc.info/?l=ntbugtraq&m=92368828704896&w=2
MISC:https://marc.info/?l=ntbugtraq&m=92368828704896&w=2
CVE-1999-0288
The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.
1999-09-29
2005-11-02
CVE-1999-0288
BUGTRAQ:19970801 WINS flooding
BUGTRAQ:19970815 Re: WINS flooding
http://safenetworks.com/Windows/wins.html
MISC:http://safenetworks.com/Windows/wins.html
MSKB:155701
NTBUGTRAQ:19970801 WINS flooding
https://exchange.xforce.ibmcloud.com/vulnerabilities/1233
XF:nt-winsupd-fix(1233)
CVE-1999-0289
The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.
1999-09-29
2022-08-17
CVE-1999-0289
https://www.cve.org/CVERecord?id=CVE-1999-0289
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0289
CVE-1999-0290
The WinGate telnet proxy allows remote attackers to cause a denial of service via a large number of connections to localhost.
2000-01-04
2022-08-17
CVE-1999-0290
BUGTRAQ:19980221 WinGate DoS
BUGTRAQ:19980326 WinGate Intermediary Fix/Update
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0290
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0290
XF:wingate-dos
CVE-1999-0291
The WinGate proxy is installed without a password, which allows remote attackers to redirect connections without authentication.
2000-01-04
2022-08-17
CVE-1999-0291
https://www.cve.org/CVERecord?id=CVE-1999-0291
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0291
XF:wingate-unpassworded
CVE-1999-0292
Denial of service through Winpopup using large user names.
1999-09-29
2022-08-17
CVE-1999-0292
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0292
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0292
XF:nt-winpopup
CVE-1999-0293
AAA authentication on Cisco systems allows attackers to execute commands without authorization.
1999-09-29
2022-08-17
CVE-1999-0293
CISCO:http://www.cisco.com/warp/public/770/aaapair-pub.shtml
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0293
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0293
XF:cisco-ios-aaa-auth
CVE-1999-0294
All records in a WINS database can be deleted through SNMP for a denial of service.
1999-09-29
2022-08-17
CVE-1999-0294
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0294
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0294
XF:nt-wins-snmp2
CVE-1999-0295
Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges.
1999-09-29
2005-11-02
CVE-1999-0295
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/157
SUN:00157
XF:sun-sysdef
CVE-1999-0296
Solaris volrmmount program allows attackers to read any file.
1999-09-29
2005-11-02
CVE-1999-0296
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/162
SUN:00162
XF:sun-volrmmount
CVE-1999-0297
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
2000-01-04
2022-08-17
CVE-1999-0297
AUSCERT:AA-96.21
CIAC:H-17
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297
NAI:NAI-3
XF:vixie-cron
CVE-1999-0298
ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.
2000-02-04
2003-03-21
CVE-1999-0298
http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp
NAI:19970205 Vulnerabilities in Ypbind when run with -ypset/-ypsetme
CVE-1999-0299
Buffer overflow in FreeBSD lpd through long DNS hostnames.
1999-09-29
2004-09-02
CVE-1999-0299
NAI:NAI-9
http://www.osvdb.org/6093
OSVDB:6093
CVE-1999-0300
nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers.
1999-09-29
2005-11-02
CVE-1999-0300
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/155
SUN:00155
XF:sun-niscache
CVE-1999-0301
Buffer overflow in SunOS/Solaris ps command.
1999-09-29
2005-11-02
CVE-1999-0301
AUSCERT:AUSCERT-97.17
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/149
SUN:00149
XF:sun-ps2bo
CVE-1999-0302
SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server.
1999-09-29
2005-11-02
CVE-1999-0302
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/176
SUN:00176
XF:sun-ftp-server
CVE-1999-0303
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
1999-09-29
2022-08-17
CVE-1999-0303
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0303
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0303
RSI:RSI.0002.05-18-98.BNU.UUCPD
XF:bnu-uucpd-bo
CVE-1999-0304
mmap function in BSD allows local attackers in the kmem group to modify memory through devices.
2000-01-04
2022-08-17
CVE-1999-0304
FREEBSD:FreeBSD-SA-98:02
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0304
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0304
XF:bsd-mmap
CVE-1999-0305
The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and earlier, and FreeBSD 2.2.5 and earlier, does not properly restrict source routed packets even when the (1) dosourceroute or (2) forwarding variables are set, which allows remote attackers to spoof TCP connections.
1999-09-29
2005-11-02
CVE-1999-0305
http://www.openbsd.org/advisories/sourceroute.txt
MISC:http://www.openbsd.org/advisories/sourceroute.txt
OPENBSD:Feb15,1998 "IP Source Routing Problem"
http://www.osvdb.org/11502
OSVDB:11502
https://exchange.xforce.ibmcloud.com/vulnerabilities/736
XF:bsd-sourceroute(736)
CVE-1999-0306
buffer overflow in HP xlock program.
2000-02-04
2022-08-17
CVE-1999-0306
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0306
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0306
XF:hp-xlock
CVE-1999-0307
Buffer overflow in HP-UX cstm program allows local users to gain root privileges.
2000-02-04
2022-08-17
CVE-1999-0307
BUGTRAQ:19961116 This week: turn me on, dead man
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0307
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0307
XF:hpux-cstm-bo
CVE-1999-0308
HP-UX gwind program allows users to modify arbitrary files.
1999-09-29
2005-11-02
CVE-1999-0308
CIAC:H-03: HP-UX suid Vulnerabilities
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9410-018
HP:HPSBUX9410-018
XF:hpux-gwind-overwrite
CVE-1999-0309
HP-UX vgdisplay program gives root access to local users.
1999-09-29
2005-11-02
CVE-1999-0309
CIAC:H-27: HP-UX vgdisplay Buffer Overrun Vulnerability
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9702-056
HP:HPSBUX9702-056
XF:hpux-vgdisplay
CVE-1999-0310
SSH 1.2.25 on HP-UX allows access to new user accounts.
1999-09-29
2022-08-17
CVE-1999-0310
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0310
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0310
XF:ssh-1225
CVE-1999-0311
fpkg2swpk in HP-UX allows local users to gain root access.
1999-09-29
2005-11-02
CVE-1999-0311
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9612-042
HP:HPSBUX9612-042
XF:hpux-fpkg2swpk
CVE-1999-0312
HP ypbind allows attackers with root privileges to modify NIS data.
1999-09-29
2022-08-17
CVE-1999-0312
CERT:CA-93:01.REVISED.HP.NIS.ypbind.vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0312
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0312
XF:nis-ypbind
CVE-1999-0313
disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames.
1999-09-29
2005-11-02
CVE-1999-0313
http://www.securityfocus.com/bid/214
BID:214
http://www.securityfocus.com/bid/213/exploit
MISC:http://www.securityfocus.com/bid/213/exploit
http://www.osvdb.org/936
OSVDB:936
ftp://patches.sgi.com/support/free/security/advisories/19980701-01-P
SGI:19980701-01-P
https://exchange.xforce.ibmcloud.com/vulnerabilities/1441
XF:sgi-disk-bandwidth(1441)
CVE-1999-0314
ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames.
1999-09-29
2005-11-02
CVE-1999-0314
http://www.securityfocus.com/bid/213
BID:213
http://www.securityfocus.com/bid/213/exploit
MISC:http://www.securityfocus.com/bid/213/exploit
http://www.osvdb.org/6788
OSVDB:6788
ftp://patches.sgi.com/support/free/security/advisories/19980701-01-P
SGI:19980701-01-P
https://exchange.xforce.ibmcloud.com/vulnerabilities/1199
XF:sgi-ioconfig(1199)
CVE-1999-0315
Buffer overflow in Solaris fdformat command gives root access to local users.
1999-09-29
2005-11-02
CVE-1999-0315
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/138
SUN:00138
XF:fdformat-bo
CVE-1999-0316
Buffer overflow in Linux splitvt command gives root access to local users.
1999-09-29
2022-08-17
CVE-1999-0316
CIAC:G-08
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0316
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0316
XF:linux-splitvt
CVE-1999-0317
Buffer overflow in Linux su command gives root access to local users.
2000-02-04
2022-08-17
CVE-1999-0317
BUGTRAQ:19990818 slackware-3.5 /bin/su buffer overflow
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0317
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0317
XF:su-bo
CVE-1999-0318
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
2000-01-04
2022-08-17
CVE-1999-0318
BUGTRAQ:19961125 Security Problems in XMCD
BUGTRAQ:19961125 XMCD v2.1 released (was: Security Problems in XMCD)
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0318
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0318
XF:xmcd-envbo
CVE-1999-0319
Buffer overflow in xmcd 2.1 allows local users to gain access through a user resource setting.
2000-02-04
2022-08-17
CVE-1999-0319
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0319
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0319
XF:xmcd-tiflestr
CVE-1999-0320
SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.
1999-09-29
2005-11-02
CVE-1999-0320
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/166
SUN:00166
XF:sun-rpc.cmsd
CVE-1999-0321
Buffer overflow in Solaris kcms_configure command allows local users to gain root access.
1999-09-29
2022-08-17
CVE-1999-0321
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0321
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0321
XF:sun-kcms-configure-bo
CVE-1999-0322
The open() function in FreeBSD allows local attackers to write to arbitrary files.
2000-01-04
2004-09-02
CVE-1999-0322
FREEBSD:FreeBSD-SA-97:05
http://www.osvdb.org/6092
OSVDB:6092
XF:freebsd-open
CVE-1999-0323
FreeBSD mmap function allows users to modify append-only or immutable files.
2000-06-02
2005-11-02
CVE-1999-0323
FREEBSD:FreeBSD-SA-98:04
ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1998-003.txt.asc
NETBSD:1998-003
XF:bsd-mmap
CVE-1999-0324
ppl program in HP-UX allows local users to create root files through symlinks.
1999-09-29
2005-11-02
CVE-1999-0324
CIAC:H-31
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9702-053
HP:HPSBUX9702-053
XF:hp-ppllog
CVE-1999-0325
vhe_u_mnt program in HP-UX allows local users to create root files through symlinks.
1999-09-29
2005-11-02
CVE-1999-0325
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9406-013
HP:HPSBUX9406-013
XF:hp-vhe
CVE-1999-0326
Vulnerability in HP-UX mediainit program.
1999-09-29
2005-11-02
CVE-1999-0326
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9710-071
HP:HPSBUX9710-071
XF:hp-mediainit
CVE-1999-0327
SGI syserr program allows local users to corrupt files.
1999-09-29
2005-11-02
CVE-1999-0327
ftp://patches.sgi.com/support/free/security/advisories/19971103-01-PX
SGI:19971103-01-PX
XF:sgi-syserr
CVE-1999-0328
SGI permissions program allows local users to gain root privileges.
1999-09-29
2005-11-02
CVE-1999-0328
ftp://patches.sgi.com/support/free/security/advisories/19971103-01-PX
SGI:19971103-01-PX
XF:sgi-permtool
CVE-1999-0329
SGI mediad program allows local users to gain root access.
1999-09-29
2005-11-02
CVE-1999-0329
ftp://patches.sgi.com/support/free/security/advisories/19980602-01-PX
SGI:19980602-01-PX
XF:sgi-mediad
CVE-1999-0330
Linux bdash game has a buffer overflow that allows local users to gain root access.
2000-02-04
2022-08-17
CVE-1999-0330
BUGTRAQ:19940101 (No Subject)
https://marc.info/?l=bugtraq&m=87602558319119&w=2
MISC:https://marc.info/?l=bugtraq&m=87602558319119&w=2
XF:bdash-bo
CVE-1999-0331
Buffer overflow in Internet Explorer 4.0(1).
2000-02-04
2022-08-17
CVE-1999-0331
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0331
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0331
XF:msie-bo
CVE-1999-0332
Buffer overflow in NetMeeting allows denial of service and remote command execution.
1999-09-29
2005-11-02
CVE-1999-0332
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q184346
MSKB:Q184346
XF:nt-netmeeting
CVE-1999-0333
HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.
2000-02-04
2022-08-17
CVE-1999-0333
HP:HPSBUX9810-085
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0333
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0333
RSI:RSI.0009.09-08-98.HP-UX.OMNIBACK
XF:omniback-remote
CVE-1999-0334
In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access.
1999-09-29
2022-08-17
CVE-1999-0334
CERT:CA-93.19.Solaris.Startup.vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0334
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0334
XF:sol-startup
CVE-1999-0335
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
1999-09-29
2022-08-16
CVE-1999-0335
CVE-1999-0336
Buffer overflow in mstm in HP-UX allows local users to gain root access.
2000-02-04
2022-08-17
CVE-1999-0336
BUGTRAQ:19961116 This week: turn me on, dead man
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0336
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0336
XF:hpux-mstm-bo
CVE-1999-0337
AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.
1999-09-29
2022-08-17
CVE-1999-0337
CERT:CA-94.10.IBM.AIX.bsh.vulnerability.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0337
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0337
XF:ibm-bsh
CVE-1999-0338
AIX Licensed Program Product performance tools allow local users to gain root access.
1999-09-29
2022-08-17
CVE-1999-0338
CERT:CA-94.03.AIX.performance.tools
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0338
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0338
XF:ibm-perf-tools
CVE-1999-0339
Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.
1999-09-29
2022-08-17
CVE-1999-0339
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0339
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0339
RSI:RSI.0007.05-26-98
XF:sol-sun-libauth
CVE-1999-0340
Buffer overflow in Linux Slackware crond program allows local users to gain root access.
1999-09-29
2022-08-17
CVE-1999-0340
KSRT:005
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0340
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0340
XF:linux-crond
CVE-1999-0341
Buffer overflow in the Linux mail program "deliver" allows local users to gain root access.
1999-09-29
2022-08-17
CVE-1999-0341
KSRT:006
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0341
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0341
XF:linux-deliver
CVE-1999-0342
Linux PAM modules allow local users to gain root access using temporary files.
1999-09-29
2022-08-17
CVE-1999-0342
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0342
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0342
REDHAT:http://www.redhat.com/corp/support/errata/rh42-errata-general.html#pam
XF:linux-pam-passwd-tmprace
CVE-1999-0343
A malicious Palace server can force a client to execute arbitrary programs.
2000-01-04
2022-08-17
CVE-1999-0343
BUGTRAQ:19981002 Announcements from The Palace (fwd)
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0343
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0343
XF:palace-malicious-servers-vuln
CVE-1999-0344
NT users can gain debug-level access on a system process using the Sechole exploit.
1999-09-29
2005-11-02
CVE-1999-0344
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-009
MS:MS98-009
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q190288
MSKB:Q190288
XF:nt-priv-fix
CVE-1999-0345
Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.
2000-02-04
2022-08-17
CVE-1999-0345
http://www.securityfocus.com/archive/1/62170
MISC:http://www.securityfocus.com/archive/1/62170
CVE-1999-0346
CGI PHP mlog script allows an attacker to read any file on the target server.
1999-09-29
2004-09-02
CVE-1999-0346
http://www.securityfocus.com/bid/713
BID:713
BUGTRAQ:19971019 Vulnerability in PHP Example Logging Scripts
http://www.osvdb.org/3397
OSVDB:3397
XF:http-cgi-php-mlog
CVE-1999-0347
Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character.
2000-02-04
2016-10-17
CVE-1999-0347
http://marc.info/?l=bugtraq&m=91745430007021&w=2
BUGTRAQ:19990126 Javascript ecurity bug in Internet Explorer
http://marc.info/?l=ntbugtraq&m=91756771207719&w=2
NTBUGTRAQ:19990126 Javascript ecurity bug in Internet Explorer
CVE-1999-0348
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
1999-09-29
2004-09-02
CVE-1999-0348
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q197003
MSKB:Q197003
NTBUGTRAQ:Jan27,1999
http://www.osvdb.org/930
OSVDB:930
CVE-1999-0349
A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.
1999-09-29
2005-11-02
CVE-1999-0349
BUGTRAQ:Jan27,1999
http://www.eeye.com/html/Research/Advisories/IIS%20Remote%20FTP%20Exploit/DoS%20Attack.html
EEYE:IIS Remote FTP Exploit/DoS Attack
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-003
MS:MS99-003
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q188348
MSKB:Q188348
XF:iis-remote-ftp
CVE-1999-0350
Race condition in the db_loader program in ClearCase gives local users root access by setting SUID bits.
1999-09-29
2022-08-17
CVE-1999-0350
L0PHT:Feb8,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0350
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0350
XF:clearcase-temp-race
CVE-1999-0351
FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client.
1999-09-29
2007-11-28
CVE-1999-0351
INFOWAR:01
http://attrition.org/security/advisory/misc/infowar/iw_sec_01.txt
MISC:http://attrition.org/security/advisory/misc/infowar/iw_sec_01.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/3389
XF:pasv-pizza-thief-dos(3389)
CVE-1999-0352
ControlIT 4.5 and earlier (aka Remotely Possible) has weak password encryption.
2000-02-04
2022-08-17
CVE-1999-0352
ISS:Multiple vulnerabilities in ControlIT(tm) (formerly Remotely Possible/32) enterprise management software
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0352
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0352
XF:controlit-passwd-encrypt
CVE-1999-0353
rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory.
1999-09-29
2009-03-01
CVE-1999-0353
http://www.ciac.org/ciac/bulletins/j-026.shtml
CIAC:J-026
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9902-091
HP:HPSBUX9902-091
XF:pcnfsd-world-write
CVE-1999-0354
Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious email message.
2000-02-04
2018-10-12
CVE-1999-0354
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-002
MS:MS99-002
NTBUGTRAQ:Jan27,1999
CVE-1999-0355
Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service.
1999-09-29
2022-08-17
CVE-1999-0355
ISS:Multiple vulnerabilities in ControlIT(tm) (formerly Remotely Possible/32) enterprise management software
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0355
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0355
XF:controlit-reboot
CVE-1999-0356
ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book.
2000-02-04
2022-08-17
CVE-1999-0356
ISS:Multiple vulnerabilities in ControlIT(tm) (formerly Remotely Possible/32) enterprise management software
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0356
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0356
XF:controlit-bookfile-access
CVE-1999-0357
Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets.
1999-09-29
2022-08-17
CVE-1999-0357
BUGTRAQ:19990125 Win98 crash?
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0357
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0357
XF:win98-oshare-dos
CVE-1999-0358
Digital Unix 4.0 has a buffer overflow in the inc program of the mh package.
2000-10-13
2005-11-02
CVE-1999-0358
http://www.securityfocus.com/archive/1/12121
BUGTRAQ:19990125 Digital Unix 4.0 exploitable buffer overflows
http://www.ciac.org/ciac/bulletins/j-027.shtml
CIAC:J-027
COMPAQ:SSRT0583U
XF:du-inc
CVE-1999-0359
ptylogin in Unix systems allows users to perform a denial of service by locking out modems, dial out with that modem, or obtain passwords.
2001-02-14
2022-08-17
CVE-1999-0359
BUGTRAQ:19990127 UNIX shell modem access vulnerabilities
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0359
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0359
XF:ptylogin-dos
CVE-1999-0360
MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely.
2000-02-04
2016-10-17
CVE-1999-0360
http://marc.info/?l=bugtraq&m=91763097004101&w=2
BUGTRAQ:19990130 Security Advisory for Internet Information Server 4 with Site
NTBUGTRAQ:Jan29,1999
CVE-1999-0361
NetWare version of LaserFiche stores usernames and passwords unencrypted, and allows administrative changes without logging.
2000-02-04
2022-08-17
CVE-1999-0361
BUGTRAQ:Jan29,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0361
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0361
CVE-1999-0362
WS_FTP server remote denial of service through cwd command.
1999-09-29
2005-11-02
CVE-1999-0362
http://www.securityfocus.com/bid/217
BID:217
http://www.eeye.com/html/Research/Advisories/AD02021999.html
EEYE:AD02021999
XF:wsftp-remote-dos
CVE-1999-0363
SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise.
1999-09-29
2005-11-02
CVE-1999-0363
http://www.securityfocus.com/bid/328
BID:328
BUGTRAQ:Feb02,1999
XF:plp-lpc-bo
CVE-1999-0364
Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data.
2000-02-04
2016-10-17
CVE-1999-0364
http://marc.info/?l=bugtraq&m=91816470220259&w=2
BUGTRAQ:19990204 Microsoft Access 97 Stores Database Password as Plaintext
CVE-1999-0365
The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry.
1999-09-29
2022-08-17
CVE-1999-0365
BUGTRAQ:Feb04,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0365
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0365
XF:metamail-header-commands
CVE-1999-0366
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.
1999-09-29
2005-11-02
CVE-1999-0366
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-004
MS:MS99-004
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q214840
MSKB:Q214840
XF:nt-sp4-auth-error
CVE-1999-0367
NetBSD netstat command allows local users to access kernel memory.
1999-09-29
2004-09-02
CVE-1999-0367
NETBSD:1999-002
http://www.osvdb.org/7571
OSVDB:7571
CVE-1999-0368
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
1999-09-29
2022-08-17
CVE-1999-0368
CERT:CA-99.03
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368
NETECT:palmetto.ftpd
XF:palmetto-ftpd-bo
CVE-1999-0369
The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.
1999-09-29
2005-11-02
CVE-1999-0369
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/183
SUN:00183
XF:sun-sdtcm-convert-bo
CVE-1999-0370
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.
2000-02-04
2003-05-08
CVE-1999-0370
http://www.securityfocus.com/bid/165
BID:165
SUN:00184
CVE-1999-0371
Lynx allows a local user to overwrite sensitive files through /tmp symlinks.
1999-09-29
2022-08-17
CVE-1999-0371
BUGTRAQ:19990211 Lynx /tmp problem
CERT:VB-97.05.lynx
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0371
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0371
XF:lynx-temp-files-race
CVE-1999-0372
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.
1999-09-29
2005-11-02
CVE-1999-0372
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-005
MS:MS99-005
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q217004
MSKB:Q217004
XF:nt-backoffice-setup
CVE-1999-0373
Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root.
1999-09-29
2022-08-17
CVE-1999-0373
ISS:Buffer Overflow in "Super" package in Debian Linux
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0373
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0373
XF:linux-super-bo
XF:linux-super-logging-bo
CVE-1999-0374
Debian GNU/Linux cfengine package is susceptible to a symlink attack.
1999-09-29
2022-08-17
CVE-1999-0374
BUGTRAQ:Feb16,1999
DEBIAN:19990215
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0374
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0374
XF:linux-cfengine-symlinks
CVE-1999-0375
Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands.
1999-09-29
2022-08-17
CVE-1999-0375
BUGTRAQ:Feb16,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0375
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0375
NAI:February 16, 1999
XF:nfr-webd-overflow
CVE-1999-0376
Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.
1999-09-29
2005-11-02
CVE-1999-0376
BUGTRAQ:Feb20,1999
L0PHT:Feb18,1999
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-006
MS:MS99-006
XF:nt-knowndlls-list
CVE-1999-0377
Process table attack in Unix systems allows a remote attacker to perform a denial of service by filling a machine's process tables through multiple connections to network services.
1999-09-29
2005-11-02
CVE-1999-0377
BUGTRAQ:Feb22,1999
http://www.securitytracker.com/id/1033881
SECTRACK:1033881
CVE-1999-0378
InterScan VirusWall for Solaris doesn't scan files for viruses when a single HTTP request includes two GET commands.
2000-07-12
2004-09-02
CVE-1999-0378
BUGTRAQ:19990222 BlackHats Advisory -- InterScan VirusWall
BUGTRAQ:19990225 Patch for InterScan VirusWall for Unix now available
http://www.osvdb.org/6167
OSVDB:6167
XF:viruswall-http-request
CVE-1999-0379
Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting.
1999-09-29
2005-11-02
CVE-1999-0379
http://www.securityfocus.com/bid/498
BID:498
BUGTRAQ:19990223 Microsoft Security Bulletin (MS99-007)
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-007
MS:MS99-007
http://www.osvdb.org/1019
OSVDB:1019
XF:win-resourcekit-taskpads
CVE-1999-0380
SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user.
2002-03-09
2002-02-20
CVE-1999-0380
http://www.securityfocus.com/bid/497
BID:497
http://marc.info/?l=bugtraq&m=91996412724720&w=2
BUGTRAQ:19990225 ALERT: SLMail 3.2 (and 3.1) with the Remote Administration Service
http://marc.info/?l=ntbugtraq&m=91999015212415&w=2
NTBUGTRAQ:199902225 ALERT: SLMail 3.2 (and 3.1) with the Remote Administration Service
http://marc.info/?l=ntbugtraq&m=92110501504997&w=2
NTBUGTRAQ:SLmail 3.2 Build 3113 (Web Administration Security Fix)
https://exchange.xforce.ibmcloud.com/vulnerabilities/5392
XF:slmail-ras-ntfs-bypass(5392)
CVE-1999-0381
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.
2000-02-04
2003-03-21
CVE-1999-0381
http://www.securityfocus.com/bid/342
BID:342
http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.990225011801.12757A-100000@eleet
BUGTRAQ:19990225 SUPER buffer overflow
XF:linux-super-logging-bo
CVE-1999-0382
The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.
1999-09-29
2005-11-02
CVE-1999-0382
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-008
MS:MS99-008
XF:nt-screen-saver
CVE-1999-0383
ACC Tigris allows public access without a login.
1999-09-29
2006-02-14
CVE-1999-0383
http://www.securityfocus.com/bid/183
BID:183
BUGTRAQ:19990103 Tigris vulnerability
http://www.osvdb.org/267
OSVDB:267
XF:acc-tigris-login
CVE-1999-0384
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.
1999-09-29
2005-11-02
CVE-1999-0384
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-001
MS:MS99-001
XF:forms-vuln-patch
CVE-1999-0385
The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.
1999-09-29
2005-11-02
CVE-1999-0385
ISS:LDAP Buffer overflow against Microsoft Directory Services
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-009
MS:MS99-009
XF:ldap-exchange-overflow
XF:ldap-mds-dos
CVE-1999-0386
Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.
1999-09-29
2004-09-02
CVE-1999-0386
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-010
MS:MS99-010
http://www.osvdb.org/111
OSVDB:111
XF:pws-file-access
CVE-1999-0387
A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords.
2000-07-12
2005-11-02
CVE-1999-0387
http://www.securityfocus.com/bid/829
BID:829
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-052
MS:MS99-052
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q168115
MSKB:Q168115
XF:9x-plaintext-pwd
CVE-1999-0388
DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root.
1999-09-29
2004-09-02
CVE-1999-0388
L0PHT:Jan3,1999
http://www.osvdb.org/3186
OSVDB:3186
XF:datalynx-suguard-relative-paths
CVE-1999-0389
Buffer overflow in the bootp server in the Debian Linux netstd package.
2000-02-04
2002-11-14
CVE-1999-0389
http://www.securityfocus.com/bid/324
BID:324
BUGTRAQ:19990103 [SECURITY] New versions of netstd fixes buffer overflows
DEBIAN:19990104
CVE-1999-0390
Buffer overflow in Dosemu Slang library in Linux.
2000-03-22
2005-11-02
CVE-1999-0390
http://www.securityfocus.com/bid/187
BID:187
BUGTRAQ:19990104 Dosemu/S-Lang Overflow + sploit
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-006.1.txt
CALDERA:CSSA-1999-006.1
CVE-1999-0391
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
1999-09-29
2022-08-17
CVE-1999-0391
L0PHT:Jan. 5, 1999
https://marc.info/?l=bugtraq&m=91552769809542&w=2
MISC:https://marc.info/?l=bugtraq&m=91552769809542&w=2
CVE-1999-0392
Buffer overflow in Thomas Boutell's cgic library version up to 1.05.
1999-09-29
2022-08-17
CVE-1999-0392
BUGTRAQ:Jan10,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0392
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0392
XF:http-cgic-library-bo
CVE-1999-0393
Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.
2000-10-13
2005-11-02
CVE-1999-0393
BUGTRAQ:19981212 ** Sendmail 8.9.2 DoS - exploit ** get what you want!
http://marc.info/?l=bugtraq&m=91694391227372&w=2
BUGTRAQ:19990121 Sendmail 8.8.x/8.9.x bugware
XF:sendmail-parsing-redirection
CVE-1999-0394
DPEC Online Courseware allows an attacker to change another user's password without knowing the original password.
2000-02-04
2022-08-17
CVE-1999-0394
BUGTRAQ:19990115 DPEC Online Courseware
https://marc.info/?l=bugtraq&m=91651770630788&w=2
MISC:https://marc.info/?l=bugtraq&m=91651770630788&w=2
CVE-1999-0395
A race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server.
2000-10-13
2005-11-02
CVE-1999-0395
http://xforce.iss.net/alerts/advise17.php
ISS:19990118 Vulnerability in the BackWeb Polite Agent Protocol
XF:backweb-polite-agent-protocol
CVE-1999-0396
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service.
1999-09-29
2022-08-17
CVE-1999-0396
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0396
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0396
NETBSD:1999-001
OPENBSD:Feb17,1999
XF:netbsd-tcp-race
CVE-1999-0397
The demo version of the Quakenbush NT Password Appraiser sends passwords across the network in plaintext.
2000-02-04
2022-08-17
CVE-1999-0397
BUGTRAQ:Jan21,1999
L0PHT:Jan21,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0397
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0397
CVE-1999-0398
In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.
2000-02-04
2022-08-17
CVE-1999-0398
BUGTRAQ:19990123 SSH 1.x and 2.x Daemon
BUGTRAQ:19990124 SSH Daemon
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0398
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0398
XF:ssh-exp-account-access
CVE-1999-0399
The DCC server command in the Mirc 5.5 client doesn't filter characters from file names properly, allowing remote attackers to place a malicious file in a different location, possibly allowing the attacker to execute commands.
2000-02-04
2022-08-17
CVE-1999-0399
BUGTRAQ:19990124 Mirc 5.5 'DCC Server' hole
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0399
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0399
XF:mirc-dcc-metachar-filename
CVE-1999-0400
Denial of service in Linux 2.2.0 running the ldd command on a core file.
2000-02-04
2005-11-02
CVE-1999-0400
http://www.securityfocus.com/bid/344
BID:344
BUGTRAQ:19990127 2.2.0 SECURITY (fwd)
XF:linux-kernel-ldd-dos
CVE-1999-0401
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.
2000-02-04
2022-08-17
CVE-1999-0401
BUGTRAQ:19990202 [patch] /proc race fixes for 2.2.1 (fwd)
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0401
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0401
XF:linux-race-condition-proc
CVE-1999-0402
wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.
1999-09-29
2022-08-17
CVE-1999-0402
BUGTRAQ:Feb2,1999
DEBIAN:19990220
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0402
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0402
XF:wget-permissions
CVE-1999-0403
A bug in Cyrix CPUs on Linux allows local users to perform a denial of service.
2000-10-13
2005-11-02
CVE-1999-0403
http://marc.info/?l=bugtraq&m=91821080015725&w=2
BUGTRAQ:19990204 Cyrix bug: freeze in hell, badboy
XF:cyrix-hang
CVE-1999-0404
Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution.
1999-09-29
2022-08-17
CVE-1999-0404
BUGTRAQ:Feb14,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0404
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0404
XF:mailmax-bo
CVE-1999-0405
A buffer overflow in lsof allows local users to obtain root privilege.
1999-09-29
2004-09-02
CVE-1999-0405
BUGTRAQ:Feb18,1999
DEBIAN:19990220a
HERT:002
http://www.osvdb.org/3163
OSVDB:3163
XF:lsof-bo
CVE-1999-0406
Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege.
2000-02-04
2022-08-17
CVE-1999-0406
BUGTRAQ:Feb19,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0406
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0406
XF:digital-networker-bo
CVE-1999-0407
By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.
2000-06-02
2005-11-02
CVE-1999-0407
http://marc.info/?l=bugtraq&m=91983486431506&w=2
BUGTRAQ:19990209 ALERT: IIS4 allows proxied password attacks over NetBIOS
http://marc.info/?l=bugtraq&m=92000623021036&w=2
BUGTRAQ:19990209 Re: IIS4 allows proxied password attacks over NetBIOS
XF:iis-iisadmpwd
CVE-1999-0408
Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server.
2000-01-04
2005-11-02
CVE-1999-0408
http://www.securityfocus.com/bid/337
BID:337
BUGTRAQ:19990225 Cobalt root exploit
XF:cobalt-raq-history-exposure
CVE-1999-0409
Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access.
2000-01-04
2005-11-02
CVE-1999-0409
http://www.securityfocus.com/bid/319
BID:319
BUGTRAQ:19990304 Linux /usr/bin/gnuplot overflow
XF:gnuplot-home-overflow
CVE-1999-0410
The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access.
1999-09-29
2005-11-02
CVE-1999-0410
http://www.securityfocus.com/bid/293
BID:293
BUGTRAQ:Mar5,1999
XF:sol-cancel
CVE-1999-0411
Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access.
2000-02-04
2022-08-17
CVE-1999-0411
BUGTRAQ:Feb19,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0411
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0411
XF:sco-startup-scripts
CVE-1999-0412
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.
1999-09-29
2005-11-02
CVE-1999-0412
http://www.securityfocus.com/bid/501
BID:501
BUGTRAQ:Feb19,1999
XF:iis-isapi-execute
CVE-1999-0413
A buffer overflow in the SGI X server allows local users to gain root access through the X server font path.
1999-09-29
2005-11-02
CVE-1999-0413
ftp://patches.sgi.com/support/free/security/advisories/19990301-01-PX
SGI:19990301-01-PX
XF:irix-font-path-overflow
CVE-1999-0414
In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection.
1999-09-29
2022-08-17
CVE-1999-0414
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0414
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0414
NAI:Linux Blind TCP Spoofing
XF:linux-blind-spoof
CVE-1999-0415
The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration.
2000-07-12
2005-11-02
CVE-1999-0415
http://ciac.llnl.gov/ciac/bulletins/j-034.shtml
CIAC:J-034
http://www.cisco.com/warp/public/770/7xxconn-pub.shtml
CISCO:19990311 Cisco 7xx TCP and HTTP Vulnerabilities
ISS:19990311 Remote Reconfiguration and Denial of Service Vulnerabilities in Cisco 700 ISDN Routers
XF:cisco-router-commands
XF:cisco-web-config
CVE-1999-0416
Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port.
2000-07-12
2005-11-02
CVE-1999-0416
http://ciac.llnl.gov/ciac/bulletins/j-034.shtml
CIAC:J-034
http://www.cisco.com/warp/public/770/7xxconn-pub.shtml
CISCO:19990311 Cisco 7xx TCP and HTTP Vulnerabilities
ISS:19990311 Remote Reconfiguration and Denial of Service Vulnerabilities in Cisco 700 ISDN Routers
XF:cisco-web-crash
CVE-1999-0417
64 bit Solaris 7 procfs allows local users to perform a denial of service.
1999-09-29
2004-09-02
CVE-1999-0417
http://www.securityfocus.com/bid/448
BID:448
BUGTRAQ:Mar9,1999
http://www.osvdb.org/1001
OSVDB:1001
XF:solaris-psinfo-crash
CVE-1999-0418
Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection.
2001-09-12
2016-10-17
CVE-1999-0418
http://marc.info/?l=bugtraq&m=92100018214316&w=2
BUGTRAQ:19990308 SMTP server account probing
CVE-1999-0419
When the Microsoft SMTP service attempts to send a message to a server and receives a 4xx error code, it quickly and repeatedly attempts to redeliver the message, causing a denial of service.
2000-02-04
2022-08-17
CVE-1999-0419
BUGTRAQ:19990319 Microsoft's SMTP service broken/stupid
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0419
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0419
XF:smtp-4xx-error-dos
CVE-1999-0420
umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program.
1999-09-29
2022-08-17
CVE-1999-0420
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0420
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0420
NETBSD:1999-006
CVE-1999-0421
During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password.
2000-01-04
2004-09-02
CVE-1999-0421
http://www.securityfocus.com/bid/338
BID:338
ISS:Short-Term High-Risk Vulnerability During Slackware 3.6 Network Installations
http://www.osvdb.org/981
OSVDB:981
XF:linux-slackware-install
CVE-1999-0422
In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.
1999-09-29
2022-08-17
CVE-1999-0422
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0422
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0422
NETBSD:1999-007
CVE-1999-0423
Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges.
1999-09-29
2005-11-02
CVE-1999-0423
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-093
HP:HPSBUX9903-093
XF:hp-hpterm-files
CVE-1999-0424
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
1999-09-29
2022-08-17
CVE-1999-0424
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424
SUSE:Mar18,1999
XF:netscape-talkback-overwrite
CVE-1999-0425
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.
1999-09-29
2022-08-17
CVE-1999-0425
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425
SUSE:Mar18,1999
XF:netscape-talkback-kill
CVE-1999-0426
The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.
2000-02-04
2022-08-17
CVE-1999-0426
BUGTRAQ:19990319 The default permissions on /dev/kmem is insecure.
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0426
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0426
CVE-1999-0427
Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long file names.
2000-02-04
2022-08-17
CVE-1999-0427
BUGTRAQ:19990320 Eudora Attachment Buffer Overflow
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0427
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0427
XF:eudora-long-attachments
CVE-1999-0428
OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
2000-01-04
2004-09-02
CVE-1999-0428
BUGTRAQ:19990322 OpenSSL/SSLeay Security Alert
http://www.osvdb.org/3936
OSVDB:3936
XF:ssl-session-reuse
CVE-1999-0429
The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference.
2000-10-13
2005-11-02
CVE-1999-0429
http://marc.info/?l=bugtraq&m=92221437025743&w=2
BUGTRAQ:19990323
http://marc.info/?l=bugtraq&m=92241547418689&w=2
BUGTRAQ:19990324 Re: LNotes encryption
http://marc.info/?l=bugtraq&m=92246997917866&w=2
BUGTRAQ:19990326 Lotus Notes Encryption Bug
http://marc.info/?l=bugtraq&m=92249282302994&w=2
BUGTRAQ:19990326 Re: Lotus Notes security advisory
XF:lotus-client-encryption
CVE-1999-0430
Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload.
1999-09-29
2004-09-02
CVE-1999-0430
CISCO:Cisco Catalyst Supervisor Remote Reload
ISS:Remote Denial of Service Vulnerability in Cisco Catalyst Series Ethernet Switches
http://www.osvdb.org/1103
OSVDB:1103
XF:cisco-catalyst-crash
CVE-1999-0431
Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service.
2000-02-04
2022-08-17
CVE-1999-0431
BUGTRAQ:19990324 DoS for Linux 2.1.89 - 2.2.3: 0 length fragment bug
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0431
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0431
XF:linux-zerolength-fragment
CVE-1999-0432
ftp on HP-UX 11.00 allows local users to gain privileges.
1999-09-29
2009-03-01
CVE-1999-0432
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-094
HP:HPSBUX9903-094
XF:hp-ftp
CVE-1999-0433
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
1999-09-29
2022-08-17
CVE-1999-0433
BUGTRAQ:19990321 X11R6 NetBSD Security Problem
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433
SUSE:Mar28,1999
XF:xfree86-temp-directories
CVE-1999-0434
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
2000-02-04
2004-04-20
CVE-1999-0434
http://www.securityfocus.com/bid/359
BID:359
BUGTRAQ:19990331 Bug in xfs
CVE-1999-0435
MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM.
2000-02-04
2022-08-17
CVE-1999-0435
HP:HPSBUX9903-096
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0435
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0435
CVE-1999-0436
Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges.
1999-09-29
2009-03-01
CVE-1999-0436
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-095
HP:HPSBUX9903-095
XF:hp-desms-servers
CVE-1999-0437
Remote attackers can perform a denial of service in WebRamp systems by sending a malicious string to the HTTP port.
1999-09-29
2022-08-17
CVE-1999-0437
ISS:WebRamp Denial of Service Attacks
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0437
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0437
XF:webramp-device-crash
CVE-1999-0438
Remote attackers can perform a denial of service in WebRamp systems by sending a malicious UDP packet to port 5353, changing its IP address.
1999-09-29
2022-08-17
CVE-1999-0438
ISS:WebRamp Denial of Service Attacks
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0438
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0438
XF:webramp-ipchange
CVE-1999-0439
Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.
2000-01-04
2022-08-17
CVE-1999-0439
BUGTRAQ:19990405 Re: [SECURITY] new version of procmail with security fixes
CALDERA:CSSA-1999:007
DEBIAN:19990422
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0439
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0439
XF:procmail-overflow
CVE-1999-0440
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
2000-10-13
2005-11-02
CVE-1999-0440
http://www.securityfocus.com/bid/1939
BID:1939
http://marc.info/?l=bugtraq&m=92333596624452&w=2
BUGTRAQ:19990405 Security Hole in Java 2 (and JDK 1.1.x)
http://java.sun.com/pr/1999/03/pr990329-01.html
CONFIRM:http://java.sun.com/pr/1999/03/pr990329-01.html
XF:java-unverified-code
CVE-1999-0441
Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service.
1999-09-29
2005-11-02
CVE-1999-0441
http://www.securityfocus.com/bid/509
BID:509
http://www.eeye.com/html/Research/Advisories/AD02221999.html
EEYE:AD02221999
XF:wingate-redirector-dos
CVE-1999-0442
Solaris ff.core allows local users to modify files.
1999-09-29
2005-11-02
CVE-1999-0442
http://www.securityfocus.com/bid/327
BID:327
BUGTRAQ:19990107 really silly ff.core exploit for Solaris
BUGTRAQ:19990108 ff.core exploit on Solaris (2.)7
BUGTRAQ:19990408 Solaris7 and ff.core
CVE-1999-0443
Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password.
2000-02-04
2002-03-01
CVE-1999-0443
http://www.securityfocus.com/archive/1/13204
BUGTRAQ:19990409 Patrol security bugs
XF:bmc-patrol-replay
CVE-1999-0444
Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.
2000-02-04
2022-08-17
CVE-1999-0444
BUGTRAQ:19990412 ARP problem in Windows9X/NT
https://marc.info/?l=bugtraq&m=92394891221029&w=2
MISC:https://marc.info/?l=bugtraq&m=92394891221029&w=2
XF:windows-arp-dos
CVE-1999-0445
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.
1999-09-29
2009-03-01
CVE-1999-0445
CISCO:Cisco IOS(R) Software Input Access List Leakage with NAT
http://www.osvdb.org/1104
OSVDB:1104
XF:cisco-natacl-leakage
CVE-1999-0446
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.
1999-09-29
2004-09-02
CVE-1999-0446
NETBSD:1999-008
http://www.osvdb.org/7051
OSVDB:7051
XF:netbsd-vfslocking-panic
CVE-1999-0447
Local users can gain privileges using the debug utility in the MPE/iX operating system.
1999-09-29
2005-11-02
CVE-1999-0447
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMP9904-006
HP:HPSBMP9904-006
XF:mpeix-debug
CVE-1999-0448
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
1999-09-29
2022-08-17
CVE-1999-0448
BUGTRAQ:19990121 IIS 4 Request Logging Security Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0448
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0448
XF:iis-http-request-logging
CVE-1999-0449
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.
1999-09-29
2004-09-02
CVE-1999-0449
http://www.securityfocus.com/bid/193
BID:193
BUGTRAQ:19990125 Re: [NTSEC] IIS 4 Advisory - ExAir sample site DoS
BUGTRAQ:19990126 IIS 4 Advisory - ExAir sample site DoS
NTBUGTRAQ:19990126 IIS 4 Advisory - ExAir sample site DoS
http://www.osvdb.org/2
OSVDB:2
http://www.osvdb.org/3
OSVDB:3
http://www.osvdb.org/4
OSVDB:4
XF:iis-exair-dos
CVE-1999-0450
In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe).
2000-02-04
2001-12-09
CVE-1999-0450
http://www.securityfocus.com/bid/194
BID:194
BUGTRAQ:19990122 Perl.exe and IIS security advisory
CVE-1999-0451
Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port.
2000-02-04
2002-03-14
CVE-1999-0451
http://www.securityfocus.com/bid/343
BID:343
BUGTRAQ:Jan19,1999
CVE-1999-0452
A service or application has a backdoor password that was placed there by the developer.
2000-02-04
2022-08-17
CVE-1999-0452
https://www.cve.org/CVERecord?id=CVE-1999-0452
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0452
CVE-1999-0453
An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP).
2000-02-04
2022-08-17
CVE-1999-0453
BUGTRAQ:19990118 Remote Cisco Identification
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0453
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0453
CVE-1999-0454
A remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso.
2000-02-04
2022-08-17
CVE-1999-0454
https://exchange.xforce.ibmcloud.com/vulnerabilities/2048
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/2048
CVE-1999-0455
The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly.
2000-02-04
2003-05-08
CVE-1999-0455
ALLAIRE:ASB-001
http://www.securityfocus.com/bid/115
BID:115
XF:coldfusion-expression-evaluator
CVE-1999-0457
Linux ftpwatch program allows local users to gain root privileges.
1999-09-29
2005-11-02
CVE-1999-0457
http://www.securityfocus.com/bid/317
BID:317
BUGTRAQ:Jan17,1999
DEBIAN:19990117
XF:ftpwatch-vuln
CVE-1999-0458
L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password information.
1999-09-29
2004-09-02
CVE-1999-0458
BUGTRAQ:Jan6,1999
http://www.osvdb.org/915
OSVDB:915
XF:l0phtcrack-temp-files
CVE-1999-0459
Local users can perform a denial of service in Alpha Linux, using MILO to force a reboot.
2000-02-04
2022-08-17
CVE-1999-0459
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0459
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0459
XF:linux-milo-halt
CVE-1999-0460
Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service.
2000-02-04
2002-03-14
CVE-1999-0460
http://www.securityfocus.com/bid/312
BID:312
BUGTRAQ:19990218 Linux autofs overflow in 2.0.36+
CVE-1999-0461
Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address.
2000-02-04
2022-08-17
CVE-1999-0461
https://www.cve.org/CVERecord?id=CVE-1999-0461
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0461
CVE-1999-0462
suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk.
2000-02-04
2005-11-02
CVE-1999-0462
http://www.securityfocus.com/bid/339
BID:339
BUGTRAQ:19990114 Secuity hole with perl (suidperl) and nosuid mounts on Linux
CVE-1999-0463
Remote attackers can perform a denial of service using IRIX fcagent.
1999-09-29
2005-11-02
CVE-1999-0463
ftp://patches.sgi.com/support/free/security/advisories/19981201-01-PX
SGI:19981201-01-PX
XF:sgi-fcagent-dos
CVE-1999-0464
Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames.
2000-06-02
2004-09-02
CVE-1999-0464
http://marc.info/?l=bugtraq&m=91553066310826&w=2
BUGTRAQ:19990104 Tripwire mess..
http://marc.info/?l=bugtraq&m=91592136122066&w=2
CONFIRM:http://marc.info/?l=bugtraq&m=91592136122066&w=2
http://www.osvdb.org/6609
OSVDB:6609
CVE-1999-0465
Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter.
2000-02-04
2022-08-17
CVE-1999-0465
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0465
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0465
XF:http-img-overflow
CVE-1999-0466
The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device.
1999-09-29
2004-09-02
CVE-1999-0466
NETBSD:1999-009
http://www.osvdb.org/905
OSVDB:905
CVE-1999-0467
The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter.
2000-02-04
2022-08-17
CVE-1999-0467
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0467
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0467
NTBUGTRAQ:19990409 Webcom's CGI Guestbook for Win32 web servers
XF:http-cgi-webcom-guestbook
CVE-1999-0468
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.
1999-09-29
2005-11-02
CVE-1999-0468
BUGTRAQ:Apr9,1999
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-012
MS:MS99-012
XF:ie-scriplet-fileread
CVE-1999-0469
Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web site and capture information from the client.
2000-02-04
2022-08-17
CVE-1999-0469
BUGTRAQ:19990409 IE 5.0 security vulnerabilities - %01 bug again
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0469
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0469
XF:ie-window-spoof
CVE-1999-0470
A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.
2000-01-04
2005-11-02
CVE-1999-0470
http://www.securityfocus.com/bid/482
BID:482
BUGTRAQ:19990409 New Novell Remote.NLM Password Decryption Algorithm with Exploit
XF:netware-remotenlm-passwords
CVE-1999-0471
The remote proxy server in Winroute allows a remote attacker to reconfigure the proxy without authentication through the "cancel" button.
1999-09-29
2022-08-17
CVE-1999-0471
BUGTRAQ:Apr9,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0471
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0471
XF:winroute-config
CVE-1999-0472
The SNMP default community name "public" is not properly removed in NetApps C630 Netcache, even if the administrator tries to disable it.
1999-09-29
2022-08-17
CVE-1999-0472
BUGTRAQ:Apr7,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0472
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0472
XF:netcache-snmp
CVE-1999-0473
The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred.
1999-09-29
2005-11-02
CVE-1999-0473
http://www.securityfocus.com/bid/145
BID:145
BUGTRAQ:19990407 rsync 2.3.1 release - security fix
CALDERA:CSSA-1999:010.0
DEBIAN:19990823
XF:rsync-permissions
CVE-1999-0474
The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory.
1999-09-29
2022-08-17
CVE-1999-0474
BUGTRAQ:Apr5,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0474
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0474
XF:icq-webserver-read
CVE-1999-0475
A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.
1999-09-29
2022-08-17
CVE-1999-0475
BUGTRAQ:Apr5,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0475
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0475
XF:procmail-race
CVE-1999-0476
A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.
2000-02-04
2022-08-17
CVE-1999-0476
BUGTRAQ:19990331 Potential vulnerability in SCO TermVision Windows 95 client
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0476
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0476
XF:sco-termvision-password
CVE-1999-0477
The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly.
2000-02-04
2003-05-08
CVE-1999-0477
http://www.securityfocus.com/bid/115
BID:115
L0PHT:Cold Fusion App Server
XF:coldfusion-expression-evaluator
CVE-1999-0478
Denial of service in HP-UX sendmail 8.8.6 related to accepting connections.
1999-09-29
2009-03-01
CVE-1999-0478
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9904-097
HP:HPSBUX9904-097
XF:sendmail-headers-dos
CVE-1999-0479
Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems.
1999-09-29
2005-11-02
CVE-1999-0479
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-092
HP:HPSBUX9903-092
XF:netscape-server-dos
CVE-1999-0480
Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack.
2000-02-04
2022-08-17
CVE-1999-0480
BUGTRAQ:19980315 Midnight Commander /tmp race
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0480
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0480
CVE-1999-0481
Denial of service in "poll" in OpenBSD.
1999-09-29
2004-09-02
CVE-1999-0481
OPENBSD:Mar22,1999
http://www.osvdb.org/7556
OSVDB:7556
CVE-1999-0482
OpenBSD kernel crash through TSS handling, as caused by the crashme program.
1999-09-29
2004-09-02
CVE-1999-0482
OPENBSD:Mar21,1999
http://www.osvdb.org/7557
OSVDB:7557
CVE-1999-0483
OpenBSD crash using nlink value in FFS and EXT2FS filesystems.
1999-09-29
2004-09-02
CVE-1999-0483
OPENBSD:Feb25,1999
http://www.osvdb.org/6129
OSVDB:6129
CVE-1999-0484
Buffer overflow in OpenBSD ping.
1999-09-29
2004-09-02
CVE-1999-0484
OPENBSD:Feb23,1999
http://www.osvdb.org/6130
OSVDB:6130
CVE-1999-0485
Remote attackers can cause a system crash through ipintr() in ipq in OpenBSD.
1999-09-29
2004-09-02
CVE-1999-0485
OPENBSD:Feb19,1999
http://www.osvdb.org/7558
OSVDB:7558
XF:openbsd-ipintr-race
CVE-1999-0486
Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the receiving client, potentially causing a system crash.
2000-02-04
2022-08-17
CVE-1999-0486
BUGTRAQ:19990420 AOL Instant Messenger URL Crash
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0486
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0486
CVE-1999-0487
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files.
1999-09-29
2005-11-02
CVE-1999-0487
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-011
MS:MS99-011
XF:ie-dhtml-control
CVE-1999-0488
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability.
2000-02-04
2018-10-12
CVE-1999-0488
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-012
MS:MS99-012
CVE-1999-0489
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013.
2000-02-04
2018-10-12
CVE-1999-0489
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-015
MS:MS99-015
CVE-1999-0490
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag.
2000-02-04
2018-10-12
CVE-1999-0490
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-012
MS:MS99-012
CVE-1999-0491
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.
2000-06-02
2005-11-02
CVE-1999-0491
http://www.securityfocus.com/bid/119
BID:119
http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9904202114070.6623-100000@smooth.Operator.org
BUGTRAQ:19990420 Bash Bug
ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-008.0.txt
CALDERA:CSSA-1999-008.0
CVE-1999-0492
The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses.
2000-02-04
2022-08-17
CVE-1999-0492
BUGTRAQ:Apr23,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0492
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0492
CVE-1999-0493
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd.
2000-06-02
2005-11-02
CVE-1999-0493
http://www.securityfocus.com/bid/450
BID:450
http://marc.info/?l=bugtraq&m=91547759121289&w=2
BUGTRAQ:19990103 SUN almost has a clue! (automountd)
http://www.cert.org/advisories/CA-99-05-statd-automountd.html
CERT:CA-99-05
http://www.ciac.org/ciac/bulletins/j-045.shtml
CIAC:J-045
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/186&type=0&nav=sec.sba
SUN:00186
CVE-1999-0494
Denial of service in WinGate proxy through a buffer overflow in POP3.
1999-09-29
2022-08-17
CVE-1999-0494
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0494
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0494
XF:wingate-pop3-user-bo
CVE-1999-0495
A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares.
2000-02-04
2022-08-17
CVE-1999-0495
https://exchange.xforce.ibmcloud.com/vulnerabilities/837
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/837
CVE-1999-0496
A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.
1999-09-29
2005-11-02
CVE-1999-0496
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q146965
MSKB:Q146965
XF:nt-getadmin
XF:nt-getadmin-present
CVE-1999-0497
Anonymous FTP is enabled.
2000-02-04
2022-08-17
CVE-1999-0497
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0497
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0497
CVE-1999-0498
TFTP is not running in a restricted directory, allowing a remote attacker to access sensitive information such as password files.
2000-02-04
2022-08-17
CVE-1999-0498
CERT:CA-91.18.Active.Internet.tftp.Attacks
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0498
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0498
CVE-1999-0499
NETBIOS share information may be published through SNMP registry keys in NT.
2000-02-04
2022-08-17
CVE-1999-0499
https://www.cve.org/CVERecord?id=CVE-1999-0499
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0499
CVE-1999-0501
A Unix account has a guessable password.
2000-02-04
2022-08-17
CVE-1999-0501
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0501
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0501
CVE-1999-0502
A Unix account has a default, null, blank, or missing password.
2000-02-04
2022-08-17
CVE-1999-0502
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0502
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0502
CVE-1999-0503
A Windows NT local user or administrator account has a guessable password.
2000-02-04
2022-08-17
CVE-1999-0503
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0503
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0503
CVE-1999-0504
A Windows NT local user or administrator account has a default, null, blank, or missing password.
2000-02-04
2022-08-17
CVE-1999-0504
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0504
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0504
CVE-1999-0505
A Windows NT domain user or administrator account has a guessable password.
2000-02-04
2022-08-17
CVE-1999-0505
https://www.cve.org/CVERecord?id=CVE-1999-0505
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0505
CVE-1999-0506
A Windows NT domain user or administrator account has a default, null, blank, or missing password.
2000-02-04
2022-08-17
CVE-1999-0506
https://www.cve.org/CVERecord?id=CVE-1999-0506
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0506
CVE-1999-0507
An account on a router, firewall, or other network device has a guessable password.
2000-02-04
2022-08-17
CVE-1999-0507
https://www.cve.org/CVERecord?id=CVE-1999-0507
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0507
CVE-1999-0508
An account on a router, firewall, or other network device has a default, null, blank, or missing password.
2000-02-04
2022-08-17
CVE-1999-0508
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0508
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0508
CVE-1999-0509
Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands.
2000-02-04
2022-08-17
CVE-1999-0509
CERT:CA-96.11
https://exchange.xforce.ibmcloud.com/vulnerabilities/146
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/146
CVE-1999-0510
A router or firewall allows source routed packets from arbitrary hosts.
2000-02-04
2022-08-17
CVE-1999-0510
https://www.cve.org/CVERecord?id=CVE-1999-0510
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0510
CVE-1999-0511
IP forwarding is enabled on a machine which is not a router or firewall.
2000-02-04
2022-08-17
CVE-1999-0511
https://www.cve.org/CVERecord?id=CVE-1999-0511
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0511
CVE-1999-0512
A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers.
2000-02-04
2022-08-17
CVE-1999-0512
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0512
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0512
CVE-1999-0513
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
1999-09-29
2022-08-17
CVE-1999-0513
CERT:CA-98.01.smurf
FREEBSD:FreeBSD-SA-98:06
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0513
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0513
XF:smurf
CVE-1999-0514
UDP messages to broadcast addresses are allowed, allowing for a Fraggle attack that can cause a denial of service by flooding the target.
1999-09-29
2022-08-17
CVE-1999-0514
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0514
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0514
XF:fraggle
CVE-1999-0515
An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv.
2000-02-04
2022-08-17
CVE-1999-0515
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0515
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0515
CVE-1999-0516
An SNMP community name is guessable.
2000-02-04
2022-08-17
CVE-1999-0516
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0516
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0516
CVE-1999-0517
An SNMP community name is the default (e.g. public), null, or missing.
2000-02-04
2022-08-17
CVE-1999-0517
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0517
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0517
CVE-1999-0518
A NETBIOS/SMB share password is guessable.
2000-02-04
2022-08-17
CVE-1999-0518
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0518
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0518
CVE-1999-0519
A NETBIOS/SMB share password is the default, null, or missing.
2000-02-04
2022-08-17
CVE-1999-0519
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0519
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0519
CVE-1999-0520
A system-critical NETBIOS/SMB share has inappropriate access control.
2000-02-04
2022-08-17
CVE-1999-0520
https://exchange.xforce.ibmcloud.com/vulnerabilities/3
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/3
CVE-1999-0521
An NIS domain name is easily guessable.
2000-02-04
2022-08-17
CVE-1999-0521
http://www.cert.org/advisories/CA-1992-13.html
MISC:http://www.cert.org/advisories/CA-1992-13.html
CVE-1999-0522
The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate.
2000-02-04
2022-08-17
CVE-1999-0522
CERT:CA-96.10
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0522
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0522
CVE-1999-0523
ICMP echo (ping) is allowed from arbitrary hosts.
2000-02-04
2022-08-17
CVE-1999-0523
https://www.cve.org/CVERecord?id=CVE-1999-0523
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0523
CVE-1999-0524
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
2000-02-04
2017-07-10
CVE-1999-0524
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
https://kc.mcafee.com/corporate/index?page=content&id=SB10053
CONFIRM:https://kc.mcafee.com/corporate/index?page=content&id=SB10053
http://descriptions.securescout.com/tc/11010
MISC:http://descriptions.securescout.com/tc/11010
http://descriptions.securescout.com/tc/11011
MISC:http://descriptions.securescout.com/tc/11011
http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1434
MISC:http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1434
http://www.osvdb.org/95
OSVDB:95
https://exchange.xforce.ibmcloud.com/vulnerabilities/306
XF:icmp-netmask(306)
https://exchange.xforce.ibmcloud.com/vulnerabilities/322
XF:icmp-timestamp(322)
CVE-1999-0525
IP traceroute is allowed from arbitrary hosts.
2000-02-04
2022-08-17
CVE-1999-0525
https://www.cve.org/CVERecord?id=CVE-1999-0525
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0525
CVE-1999-0526
An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.
1999-09-29
2005-11-02
CVE-1999-0526
http://www.kb.cert.org/vuls/id/704969
CERT-VN:VU#704969
XF:xcheck-keystroke
CVE-1999-0527
The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten.
2000-02-04
2022-08-17
CVE-1999-0527
https://exchange.xforce.ibmcloud.com/vulnerabilities/6253
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/6253
CVE-1999-0528
A router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of.
2000-02-04
2022-08-17
CVE-1999-0528
https://exchange.xforce.ibmcloud.com/vulnerabilities/8372
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/8372
CVE-1999-0529
A router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc.
2000-02-04
2022-08-17
CVE-1999-0529
https://www.cve.org/CVERecord?id=CVE-1999-0529
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0529
CVE-1999-0530
A system is operating in "promiscuous" mode which allows it to perform packet sniffing.
2000-02-04
2022-08-17
CVE-1999-0530
https://exchange.xforce.ibmcloud.com/vulnerabilities/778
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/778
CVE-1999-0531
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO."
2000-02-04
2005-11-02
CVE-1999-0531
CVE-1999-0532
A DNS server allows zone transfers.
2000-02-04
2022-08-17
CVE-1999-0532
https://www.cve.org/CVERecord?id=CVE-1999-0532
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0532
CVE-1999-0533
A DNS server allows inverse queries.
2000-02-04
2022-08-17
CVE-1999-0533
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0533
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0533
CVE-1999-0534
A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.
2000-02-04
2022-08-17
CVE-1999-0534
https://www.cve.org/CVERecord?id=CVE-1999-0534
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0534
CVE-1999-0535
A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.
2000-02-04
2022-08-17
CVE-1999-0535
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0535
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0535
CVE-1999-0537
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
2000-02-04
2022-08-17
CVE-1999-0537
https://www.cve.org/CVERecord?id=CVE-1999-0537
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0537
CVE-1999-0539
A trust relationship exists between two Unix hosts.
2000-02-04
2022-08-17
CVE-1999-0539
https://exchange.xforce.ibmcloud.com/vulnerabilities/723
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/723
CVE-1999-0541
A password for accessing a WWW URL is guessable.
2000-02-04
2022-08-17
CVE-1999-0541
https://www.cve.org/CVERecord?id=CVE-1999-0541
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0541
CVE-1999-0546
The Windows NT guest account is enabled.
2000-02-04
2022-08-17
CVE-1999-0546
https://www.cve.org/CVERecord?id=CVE-1999-0546
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0546
CVE-1999-0547
An SSH server allows authentication through the .rhosts file.
2000-02-04
2022-08-17
CVE-1999-0547
https://exchange.xforce.ibmcloud.com/vulnerabilities/315
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/315
CVE-1999-0548
A superfluous NFS server is running, but it is not importing or exporting any file systems.
2000-02-04
2022-08-17
CVE-1999-0548
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0548
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0548
CVE-1999-0549
Windows NT automatically logs in an administrator upon rebooting.
2000-02-04
2022-08-17
CVE-1999-0549
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0549
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0549
CVE-1999-0550
A router's routing tables can be obtained from arbitrary hosts.
2000-02-04
2022-08-17
CVE-1999-0550
https://www.cve.org/CVERecord?id=CVE-1999-0550
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0550
CVE-1999-0551
HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests.
1999-09-29
2005-11-02
CVE-1999-0551
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9804-078
HP:HPSBUX9804-078
XF:hp-openmail
CVE-1999-0554
NFS exports system-critical data to the world, e.g. / or a password file.
2000-02-04
2022-08-17
CVE-1999-0554
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0554
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0554
CVE-1999-0555
A Unix account with a name other than "root" has UID 0, i.e. root privileges.
2000-02-04
2022-08-17
CVE-1999-0555
https://www.cve.org/CVERecord?id=CVE-1999-0555
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0555
CVE-1999-0556
Two or more Unix accounts have the same UID.
2000-02-04
2022-08-17
CVE-1999-0556
https://exchange.xforce.ibmcloud.com/vulnerabilities/876
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/876
CVE-1999-0559
A system-critical Unix file or directory has inappropriate permissions.
2000-02-04
2022-08-17
CVE-1999-0559
https://www.cve.org/CVERecord?id=CVE-1999-0559
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0559
CVE-1999-0560
A system-critical Windows NT file or directory has inappropriate permissions.
2000-02-04
2022-08-17
CVE-1999-0560
https://www.cve.org/CVERecord?id=CVE-1999-0560
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0560
CVE-1999-0561
IIS has the #exec function enabled for Server Side Include (SSI) files.
2000-02-04
2022-08-17
CVE-1999-0561
https://www.cve.org/CVERecord?id=CVE-1999-0561
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0561
CVE-1999-0562
The registry in Windows NT can be accessed remotely by users who are not administrators.
2000-02-04
2017-10-18
CVE-1999-0562
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1023
OVAL:oval:org.mitre.oval:def:1023
CVE-1999-0564
An attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled.
2000-02-04
2022-08-17
CVE-1999-0564
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0564
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0564
CVE-1999-0565
A Sendmail alias allows input to be piped to a program.
2000-02-04
2022-08-17
CVE-1999-0565
https://www.cve.org/CVERecord?id=CVE-1999-0565
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0565
CVE-1999-0566
An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.
1999-09-29
2022-08-17
CVE-1999-0566
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0566
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0566
XF:ibm-syslogd
XF:syslog-flood
CVE-1999-0568
rpc.admind in Solaris is not running in a secure mode.
2000-02-04
2022-08-17
CVE-1999-0568
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0568
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0568
CVE-1999-0569
A URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file.
2000-02-04
2022-08-17
CVE-1999-0569
https://www.cve.org/CVERecord?id=CVE-1999-0569
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0569
CVE-1999-0570
Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.
2000-02-04
2022-08-17
CVE-1999-0570
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0570
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0570
CVE-1999-0571
A router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts.
2000-02-04
2022-08-17
CVE-1999-0571
BUGTRAQ:Feb5,1999
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0571
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0571
CVE-1999-0572
.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.
2000-02-04
2022-08-17
CVE-1999-0572
https://exchange.xforce.ibmcloud.com/vulnerabilities/178
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/178
CVE-1999-0575
A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking.
2000-02-04
2022-08-17
CVE-1999-0575
https://www.cve.org/CVERecord?id=CVE-1999-0575
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0575
CVE-1999-0576
A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories.
2000-02-04
2022-08-17
CVE-1999-0576
https://www.cve.org/CVERecord?id=CVE-1999-0576
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0576
CVE-1999-0577
A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.
2000-02-04
2022-08-17
CVE-1999-0577
https://www.cve.org/CVERecord?id=CVE-1999-0577
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0577
CVE-1999-0578
A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.
2000-02-04
2022-08-17
CVE-1999-0578
https://exchange.xforce.ibmcloud.com/vulnerabilities/228
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/228
CVE-1999-0579
A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.
2000-02-04
2022-08-17
CVE-1999-0579
https://exchange.xforce.ibmcloud.com/vulnerabilities/228
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/228
CVE-1999-0580
The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, system-critical permissions.
2000-02-04
2022-08-17
CVE-1999-0580
https://www.cve.org/CVERecord?id=CVE-1999-0580
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0580
CVE-1999-0581
The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions.
2000-02-04
2022-08-17
CVE-1999-0581
https://www.cve.org/CVERecord?id=CVE-1999-0581
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0581
CVE-1999-0582
A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.
2000-02-04
2022-08-17
CVE-1999-0582
https://www.cve.org/CVERecord?id=CVE-1999-0582
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0582
CVE-1999-0583
There is a one-way or two-way trust relationship between Windows NT domains.
2000-02-04
2022-08-17
CVE-1999-0583
https://exchange.xforce.ibmcloud.com/vulnerabilities/1284
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/1284
CVE-1999-0584
A Windows NT file system is not NTFS.
2000-02-04
2022-08-17
CVE-1999-0584
https://exchange.xforce.ibmcloud.com/vulnerabilities/195
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/195
CVE-1999-0585
A Windows NT administrator account has the default name of Administrator.
2000-02-04
2022-08-17
CVE-1999-0585
https://www.cve.org/CVERecord?id=CVE-1999-0585
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0585
CVE-1999-0586
A network service is running on a nonstandard port.
2000-02-04
2022-08-17
CVE-1999-0586
https://www.cve.org/CVERecord?id=CVE-1999-0586
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0586
CVE-1999-0587
A WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data.
2000-02-04
2022-08-17
CVE-1999-0587
https://www.cve.org/CVERecord?id=CVE-1999-0587
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0587
CVE-1999-0588
A filter in a router or firewall allows unusual fragmented packets.
2000-02-04
2022-08-17
CVE-1999-0588
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0588
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0588
CVE-1999-0589
A system-critical Windows NT registry key has inappropriate permissions.
2000-02-04
2022-08-17
CVE-1999-0589
https://www.cve.org/CVERecord?id=CVE-1999-0589
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0589
CVE-1999-0590
A system does not present an appropriate legal message or warning to a user who is accessing it.
2000-02-04
2022-08-17
CVE-1999-0590
http://ciac.llnl.gov/ciac/bulletins/j-043.shtml
MISC:http://ciac.llnl.gov/ciac/bulletins/j-043.shtml
CVE-1999-0591
An event log in Windows NT has inappropriate access permissions.
2000-02-04
2022-08-17
CVE-1999-0591
https://www.cve.org/CVERecord?id=CVE-1999-0591
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0591
CVE-1999-0592
The Logon box of a Windows NT system displays the name of the last user who logged in.
2000-02-04
2022-08-17
CVE-1999-0592
https://exchange.xforce.ibmcloud.com/vulnerabilities/1353
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/1353
CVE-1999-0593
The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in.
2000-02-04
2017-07-10
CVE-1999-0593
http://technet.microsoft.com/en-us/library/cc722469.aspx
CONFIRM:http://technet.microsoft.com/en-us/library/cc722469.aspx
http://www.microsoft.com/technet/archive/winntas/deploy/confeat/06wntpcc.mspx?mfr=true
MISC:http://www.microsoft.com/technet/archive/winntas/deploy/confeat/06wntpcc.mspx?mfr=true
http://osvdb.org/59333
OSVDB:59333
https://exchange.xforce.ibmcloud.com/vulnerabilities/1291
XF:nt-shutdown-without-logon(1291)
CVE-1999-0594
A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive.
2000-02-04
2022-08-17
CVE-1999-0594
https://exchange.xforce.ibmcloud.com/vulnerabilities/1294
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/1294
CVE-1999-0595
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.
2000-02-04
2022-08-17
CVE-1999-0595
https://exchange.xforce.ibmcloud.com/vulnerabilities/216
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/216
MSKB:Q182086
CVE-1999-0596
A Windows NT log file has an inappropriate maximum size or retention period.
2000-02-04
2022-08-17
CVE-1999-0596
https://exchange.xforce.ibmcloud.com/vulnerabilities/2577
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/2577
CVE-1999-0597
A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire.
2000-02-04
2022-08-17
CVE-1999-0597
https://exchange.xforce.ibmcloud.com/vulnerabilities/1343
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/1343
CVE-1999-0598
A network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.
2000-02-04
2022-08-17
CVE-1999-0598
http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html
MISC:http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html
CVE-1999-0599
A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers.
2000-02-04
2022-08-17
CVE-1999-0599
http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html
MISC:http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html
CVE-1999-0600
A network intrusion detection system (IDS) does not verify the checksum on a packet.
2000-02-04
2022-08-17
CVE-1999-0600
http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html
MISC:http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html
CVE-1999-0601
A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.
2000-02-04
2022-08-17
CVE-1999-0601
http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html
MISC:http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html
CVE-1999-0602
A network intrusion detection system (IDS) does not properly reassemble fragmented packets.
2000-02-04
2022-08-17
CVE-1999-0602
http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html
MISC:http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html
CVE-1999-0603
In Windows NT, an inappropriate user is a member of a group, e.g. Administrator, Backup Operators, Domain Admins, Domain Guests, Power Users, Print Operators, Replicators, System Operators, etc.
2000-02-04
2022-08-17
CVE-1999-0603
https://www.cve.org/CVERecord?id=CVE-1999-0603
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0603
CVE-1999-0604
An incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information.
2000-02-04
2016-10-17
CVE-1999-0604
http://marc.info/?l=bugtraq&m=92462991805485&w=2
BUGTRAQ:19990420 Shopping Carts exposing CC data
CVE-1999-0605
An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private information.
2000-02-04
2016-10-17
CVE-1999-0605
http://marc.info/?l=bugtraq&m=92462991805485&w=2
BUGTRAQ:19990420 Shopping Carts exposing CC data
CVE-1999-0606
An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could disclose private information.
2000-02-04
2016-10-17
CVE-1999-0606
http://marc.info/?l=bugtraq&m=92462991805485&w=2
BUGTRAQ:19990420 Shopping Carts exposing CC data
CVE-1999-0607
quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insufficient access control, which allows remote attackers to obtain the cleartext administrator password and gain privileges.
2000-02-04
2016-10-17
CVE-1999-0607
http://marc.info/?l=bugtraq&m=92462991805485&w=2
BUGTRAQ:19990420 Shopping Carts exposing CC data
CVE-1999-0608
An incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information.
2001-05-07
2005-11-02
CVE-1999-0608
http://marc.info/?l=bugtraq&m=92462991805485&w=2
BUGTRAQ:19990420 Shopping Carts exposing CC data
http://www.pdgsoft.com/Security/security.html.
CONFIRM:http://www.pdgsoft.com/Security/security.html.
https://exchange.xforce.ibmcloud.com/vulnerabilities/3857
XF:pdgsoftcart-misconfig(3857)
CVE-1999-0609
An incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information.
2000-02-04
2016-10-17
CVE-1999-0609
http://marc.info/?l=bugtraq&m=92462991805485&w=2
BUGTRAQ:19990420 Shopping Carts exposing CC data
CVE-1999-0610
An incorrect configuration of the Webcart CGI program could disclose private information.
2000-02-04
2016-10-17
CVE-1999-0610
http://marc.info/?l=bugtraq&m=92462991805485&w=2
BUGTRAQ:19990420 Shopping Carts exposing CC data
CVE-1999-0611
A system-critical Windows NT registry key has an inappropriate value.
2000-02-04
2022-08-17
CVE-1999-0611
https://www.cve.org/CVERecord?id=CVE-1999-0611
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0611
CVE-1999-0612
A version of finger is running that exposes valid user information to any entity on the network.
1999-09-29
2022-08-17
CVE-1999-0612
https://www.cve.org/CVERecord?id=CVE-1999-0612
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0612
XF:finger-out
XF:finger-running
CVE-1999-0613
The rpc.sprayd service is running.
2000-02-04
2022-08-17
CVE-1999-0613
https://www.cve.org/CVERecord?id=CVE-1999-0613
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0613
CVE-1999-0614
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The FTP service is running."
2000-02-04
2003-03-21
CVE-1999-0614
CVE-1999-0615
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The SNMP service is running."
2000-02-04
2002-05-09
CVE-1999-0615
CVE-1999-0616
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The TFTP service is running."
2000-02-04
2003-03-21
CVE-1999-0616
CVE-1999-0617
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The SMTP service is running."
2000-02-04
2003-03-21
CVE-1999-0617
CVE-1999-0618
The rexec service is running.
2000-02-04
2022-08-17
CVE-1999-0618
https://www.cve.org/CVERecord?id=CVE-1999-0618
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0618
XF:rexec
CVE-1999-0619
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The Telnet service is running."
2000-02-04
2003-03-21
CVE-1999-0619
CVE-1999-0620
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A component service related to NIS is running."
2000-02-04
2003-03-21
CVE-1999-0620
CVE-1999-0621
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A component service related to NETBIOS is running."
2000-02-04
2002-02-02
CVE-1999-0621
CVE-1999-0622
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A component service related to DNS service is running."
2000-02-04
2003-03-21
CVE-1999-0622
CVE-1999-0623
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The X Windows service is running."
2000-02-04
2003-03-21
CVE-1999-0623
CVE-1999-0624
The rstat/rstatd service is running.
2000-02-04
2022-08-17
CVE-1999-0624
https://www.cve.org/CVERecord?id=CVE-1999-0624
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0624
XF:rstat-out
XF:rstatd
CVE-1999-0625
The rpc.rquotad service is running.
2000-02-04
2022-08-17
CVE-1999-0625
https://www.cve.org/CVERecord?id=CVE-1999-0625
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0625
CVE-1999-0626
A version of rusers is running that exposes valid user information to any entity on the network.
1999-09-29
2022-08-17
CVE-1999-0626
https://www.cve.org/CVERecord?id=CVE-1999-0626
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0626
XF:ruser
XF:rusersd
CVE-1999-0627
The rexd service is running, which uses weak authentication that can allow an attacker to execute commands.
1999-09-29
2022-08-17
CVE-1999-0627
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0627
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0627
XF:rexd
CVE-1999-0628
The rwho/rwhod service is running, which exposes machine status and user information.
1999-09-29
2022-08-17
CVE-1999-0628
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0628
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0628
XF:rwhod
CVE-1999-0629
The ident/identd service is running.
2000-02-04
2022-08-17
CVE-1999-0629
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0629
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0629
CVE-1999-0630
The NT Alerter and Messenger services are running.
2000-02-04
2022-08-17
CVE-1999-0630
http://support.microsoft.com/support/kb/articles/q189/2/71.asp
MISC:http://support.microsoft.com/support/kb/articles/q189/2/71.asp
CVE-1999-0631
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The NFS service is running."
2000-02-04
2003-03-21
CVE-1999-0631
CVE-1999-0632
The RPC portmapper service is running.
2000-02-04
2022-08-17
CVE-1999-0632
https://www.cve.org/CVERecord?id=CVE-1999-0632
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0632
CVE-1999-0633
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The HTTP/WWW service is running."
2000-02-04
2003-03-21
CVE-1999-0633
CVE-1999-0634
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The SSH service is running."
2000-02-04
2003-03-21
CVE-1999-0634
CVE-1999-0635
The echo service is running.
2000-02-04
2003-03-21
CVE-1999-0635
http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041434.html
FULLDISC:20060116 ACT P202S VoIP wireless phone multiple undocumented ports/services
http://secunia.com/advisories/18514
SECUNIA:18514
CVE-1999-0636
The discard service is running.
2000-02-04
2022-08-17
CVE-1999-0636
https://www.cve.org/CVERecord?id=CVE-1999-0636
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0636
CVE-1999-0637
The systat service is running.
2000-02-04
2022-08-17
CVE-1999-0637
https://www.cve.org/CVERecord?id=CVE-1999-0637
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0637
CVE-1999-0638
The daytime service is running.
2000-02-04
2022-08-17
CVE-1999-0638
https://www.cve.org/CVERecord?id=CVE-1999-0638
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0638
CVE-1999-0639
The chargen service is running.
2000-02-04
2022-08-17
CVE-1999-0639
https://www.cve.org/CVERecord?id=CVE-1999-0639
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0639
CVE-1999-0640
The Gopher service is running.
2000-02-04
2022-08-17
CVE-1999-0640
https://www.cve.org/CVERecord?id=CVE-1999-0640
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0640
CVE-1999-0641
The UUCP service is running.
2000-02-04
2022-08-17
CVE-1999-0641
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0641
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0641
CVE-1999-0642
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A POP service is running."
2000-02-04
2003-03-21
CVE-1999-0642
CVE-1999-0643
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The IMAP service is running."
2000-02-04
2003-03-21
CVE-1999-0643
CVE-1999-0644
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The NNTP news service is running."
2000-02-04
2003-03-21
CVE-1999-0644
CVE-1999-0645
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The IRC service is running."
2000-02-04
2003-03-21
CVE-1999-0645
CVE-1999-0646
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The LDAP service is running."
2000-02-04
2003-03-21
CVE-1999-0646
CVE-1999-0647
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The bootparam (bootparamd) service is running."
2000-02-04
2003-05-08
CVE-1999-0647
CVE-1999-0648
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The X25 service is running."
2000-02-04
2003-03-21
CVE-1999-0648
CVE-1999-0649
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The FSP service is running."
2000-02-04
2005-11-02
CVE-1999-0649
CVE-1999-0650
The netstat service is running, which provides sensitive information to remote attackers.
2000-02-04
2017-07-10
CVE-1999-0650
https://exchange.xforce.ibmcloud.com/vulnerabilities/72
XF:netstat(72)
CVE-1999-0651
The rsh/rlogin service is running.
2000-02-04
2022-08-17
CVE-1999-0651
https://exchange.xforce.ibmcloud.com/vulnerabilities/2995
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/2995
CVE-1999-0652
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A database service is running, e.g. a SQL server, Oracle, or mySQL."
2000-02-04
2005-11-02
CVE-1999-0652
CVE-1999-0653
A component service related to NIS+ is running.
2000-02-04
2022-08-17
CVE-1999-0653
https://www.cve.org/CVERecord?id=CVE-1999-0653
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0653
CVE-1999-0654
The OS/2 or POSIX subsystem in NT is enabled.
2000-02-04
2022-08-17
CVE-1999-0654
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0654
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0654
CVE-1999-0655
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE. Notes: the former description is: "A service may include useful information in its banner or help function (such as the name and version), making it useful for information gathering activities."
2000-02-04
2001-12-09
CVE-1999-0655
CVE-1999-0656
The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.
2000-02-04
2017-07-10
CVE-1999-0656
http://ca.com/au/securityadvisor/vulninfo/Vuln.aspx?ID=1638
MISC:http://ca.com/au/securityadvisor/vulninfo/Vuln.aspx?ID=1638
https://exchange.xforce.ibmcloud.com/vulnerabilities/348
XF:linux-ugidd(348)
CVE-1999-0657
WinGate is being used.
2000-02-04
2022-08-17
CVE-1999-0657
https://www.cve.org/CVERecord?id=CVE-1999-0657
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0657
CVE-1999-0658
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "DCOM is running."
2000-02-04
2003-03-21
CVE-1999-0658
CVE-1999-0659
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A Windows NT Primary Domain Controller (PDC) or Backup Domain Controller (BDC) is present."
2000-02-04
2003-03-21
CVE-1999-0659
CVE-1999-0660
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE. It might be more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A hacker utility, back door, or Trojan Horse is installed on a system, e.g. NetBus, Back Orifice, Rootkit, etc."
2000-02-04
2003-03-21
CVE-1999-0660
CVE-1999-0661
A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.
2000-02-04
2016-10-17
CVE-1999-0661
http://www.securityfocus.com/bid/5921
BID:5921
http://marc.info/?l=bugtraq&m=102821663814127&w=2
BUGTRAQ:20020801 OpenSSH Security Advisory: Trojaned Distribution Files
http://marc.info/?l=bugtraq&m=102820843403741&w=2
BUGTRAQ:20020801 trojan horse in recent openssh (version 3.4 portable 1)
http://online.securityfocus.com/archive/1/294539
BUGTRAQ:20021009 Re: CERT Advisory CA-2002-28 Trojan Horse Sendmail
http://www.cert.org/advisories/CA-1994-07.html
CERT:CA-1994-07
http://www.cert.org/advisories/CA-1994-14.html
CERT:CA-1994-14
http://www.cert.org/advisories/CA-1999-01.html
CERT:CA-1999-01
http://www.cert.org/advisories/CA-1999-02.html
CERT:CA-1999-02
http://www.cert.org/advisories/CA-2002-28.html
CERT:CA-2002-28
http://www.iss.net/security_center/static/10313.php
XF:sendmail-backdoor(10313)
CVE-1999-0662
A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.
2000-02-04
2022-08-17
CVE-1999-0662
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0662
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0662
CVE-1999-0663
A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.
2000-02-04
2022-08-17
CVE-1999-0663
https://www.cve.org/CVERecord?id=CVE-1999-0663
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0663
CVE-1999-0664
An application-critical Windows NT registry key has inappropriate permissions.
2000-02-04
2022-08-17
CVE-1999-0664
https://www.cve.org/CVERecord?id=CVE-1999-0664
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0664
CVE-1999-0665
An application-critical Windows NT registry key has an inappropriate value.
2000-02-04
2022-08-17
CVE-1999-0665
https://www.cve.org/CVERecord?id=CVE-1999-0665
MISC:https://www.cve.org/CVERecord?id=CVE-1999-0665
CVE-1999-0667
The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service.
2000-02-04
2022-08-17
CVE-1999-0667
https://marc.info/?l=bugtraq&m=87602880019797&w=2
MISC:https://marc.info/?l=bugtraq&m=87602880019797&w=2
CVE-1999-0668
The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
2000-06-02
2005-11-02
CVE-1999-0668
http://www.securityfocus.com/bid/598
BID:598
BUGTRAQ:19990821 IE 5.0 allows executing programs
http://ciac.llnl.gov/ciac/bulletins/j-064.shtml
CIAC:J-064
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-032
MS:MS99-032
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q240308
MSKB:Q240308
XF:ms-scriptlet-eyedog-unsafe
CVE-1999-0669
The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
2000-02-04
2003-03-21
CVE-1999-0669
http://ciac.llnl.gov/ciac/bulletins/j-064.shtml
CIAC:J-064
MS:MS99-032
MSKB:Q240308
XF:ms-scriptlet-eyedog-unsafe
CVE-1999-0670
Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands.
2000-02-04
2018-10-12
CVE-1999-0670
http://ciac.llnl.gov/ciac/bulletins/j-064.shtml
CIAC:J-064
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-032
MS:MS99-032
CVE-1999-0671
Buffer overflow in ToxSoft NextFTP client through CWD command.
2000-10-13
2005-11-02
CVE-1999-0671
http://www.securityfocus.com/bid/572
BID:572
XF:toxsoft-nextftp-cwd-bo
CVE-1999-0672
Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics.
2000-10-13
2005-11-02
CVE-1999-0672
http://www.securityfocus.com/bid/573
BID:573
XF:fujitsu-topic-bo
CVE-1999-0673
Buffer overflow in ALMail32 POP3 client via From: or To: headers.
2000-02-04
2003-03-21
CVE-1999-0673
http://www.securityfocus.com/bid/574
BID:574
CVE-1999-0674
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
2000-01-04
2005-11-02
CVE-1999-0674
http://www.securityfocus.com/bid/570
BID:570
BUGTRAQ:19990809 profil(2) bug, a simple test program
http://www.ciac.org/ciac/bulletins/j-067.shtml
CIAC:J-067
FREEBSD:FreeBSD-SA-99:02
NETBSD:1999-011
OPENBSD:Aug 9,1999
XF:netbsd-profil
CVE-1999-0675
Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host.
2000-10-13
2004-09-02
CVE-1999-0675
http://www.securityfocus.com/bid/576
BID:576
http://www.securityfocus.com/archive/1/23615
BUGTRAQ:19990809 FW1 UDP Port 0 DoS
http://www.osvdb.org/1038
OSVDB:1038
XF:checkpoint-port
CVE-1999-0676
sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.
2000-04-18
2005-11-02
CVE-1999-0676
http://www.securityfocus.com/bid/575
BID:575
http://www.securityfocus.com/templates/archive.pike?list=1&msg=19990809134220.A1191@hades.chaoz.org
BUGTRAQ:19990808 sdtcm_convert
XF:sun-sdtcm-convert
CVE-1999-0677
The WebRamp web administration utility has a default password.
2000-02-04
2003-03-21
CVE-1999-0677
http://www.securityfocus.com/bid/577
BID:577
BUGTRAQ:19990802 [LoWNOISE] Password hunting with webramp
CVE-1999-0678
A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.
2000-03-22
2005-11-02
CVE-1999-0678
http://www.securityfocus.com/bid/318
BID:318
BUGTRAQ:19990405 An issue with Apache on Debian
XF:apache-debian-usrdoc
CVE-1999-0679
Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows remote attackers to execute commands via m_invite invite option.
2000-10-13
2005-11-02
CVE-1999-0679
http://www.securityfocus.com/bid/581
BID:581
BUGTRAQ:19990813 w00w00's efnet ircd advisory (exploit included)
http://www.efnet.org/archive/servers/hybrid/ChangeLog
CONFIRM:http://www.efnet.org/archive/servers/hybrid/ChangeLog
XF:hybrid-ircd-minvite-bo
CVE-1999-0680
Windows NT Terminal Server performs extra work when a client opens a new connection but before it is authenticated, allowing for a denial of service.
2000-01-04
2005-11-02
CVE-1999-0680
http://www.securityfocus.com/bid/571
BID:571
http://www.ciac.org/ciac/bulletins/j-057.shtml
CIAC:J-057
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-028
MS:MS99-028
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q238600
MSKB:Q238600
XF:nt-terminal-dos
CVE-1999-0681
Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL.
2001-05-07
2005-11-02
CVE-1999-0681
http://www.securityfocus.com/bid/568
BID:568
http://archives.neohapsis.com/archives/bugtraq/1999-q3/0381.html
BUGTRAQ:19990807 Crash FrontPage Remotely...
https://exchange.xforce.ibmcloud.com/vulnerabilities/3117
XF:frontpage-pws-dos(3117)
CVE-1999-0682
Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying features are enabled.
2000-01-04
2005-11-02
CVE-1999-0682
http://www.securityfocus.com/bid/567
BID:567
http://www.ciac.org/ciac/bulletins/j-056.shtml
CIAC:J-056
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-027
MS:MS99-027
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q237927
MSKB:Q237927
XF:exchange-relay
CVE-1999-0683
Denial of service in Gauntlet Firewall via a malformed ICMP packet.
2000-01-18
2004-09-02
CVE-1999-0683
http://www.securityfocus.com/bid/556
BID:556
BUGTRAQ:19990729 Remotely Lock Up Gauntlet 5.0
http://www.osvdb.org/1029
OSVDB:1029
XF:gauntlet-dos
CVE-1999-0684
Denial of service in Sendmail 8.8.6 in HPUX.
2000-02-04
2022-08-17
CVE-1999-0684
HP:HPSBUX9904-097
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0684
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0684
CVE-1999-0685
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
2000-01-04
2005-11-02
CVE-1999-0685
http://www.securityfocus.com/bid/618
BID:618
BUGTRAQ:19991209 Netscape communicator 4.06J, 4.5J-4.6J, 4.61e Buffer Overflow
CVE-1999-0686
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
2000-01-04
2005-11-02
CVE-1999-0686
BUGTRAQ:19990514 TGAD DoS
BUGTRAQ:19990610 Re: VVOS/Netscape Bug
http://www.ciac.org/ciac/bulletins/j-046.shtml
CIAC:J-046
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9906-098
HP:HPSBUX9906-098
XF:hp-tgad-dos
CVE-1999-0687
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
2000-01-04
2009-03-01
CVE-1999-0687
http://www.securityfocus.com/bid/637
BID:637
BUGTRAQ:19990913 Vulnerability in ttsession
CERT:CA-99-11
http://www.ciac.org/ciac/bulletins/k-001.shtml
CIAC:K-001
COMPAQ:SSRT0617U_TTSESSION
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103
HP:HPSBUX9909-103
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192
SUN:00192
XF:cde-ttsession-rpc-auth
CVE-1999-0688
Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x.
2000-01-04
2009-03-01
CVE-1999-0688
http://www.securityfocus.com/bid/545
BID:545
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9907-101
HP:HPSBUX9907-101
XF:hp-sd-bo
CVE-1999-0689
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
2000-01-04
2005-11-02
CVE-1999-0689
http://www.securityfocus.com/bid/636
BID:636
BUGTRAQ:19990913 Vulnerability in dtspcd
CERT:CA-99-11
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103
HP:HPSBUX9909-103
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1880
OVAL:oval:org.mitre.oval:def:1880
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192
SUN:00192
XF:cde-dtspcd-file-auth
CVE-1999-0690
HP CDE program includes the current directory in root's PATH variable.
2000-01-04
2005-11-02
CVE-1999-0690
http://www.ciac.org/ciac/bulletins/j-053.shtml
CIAC:J-053
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9907-100
HP:HPSBUX9907-100
XF:hp-cde-directory
CVE-1999-0691
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
2000-01-04
2005-11-02
CVE-1999-0691
http://www.securityfocus.com/bid/635
BID:635
BUGTRAQ:19990913 Vulnerability in dtaction
CERT:CA-99-11
COMPAQ:SSRTO615U_DTACTION
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103
HP:HPSBUX9909-103
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3078
OVAL:oval:org.mitre.oval:def:3078
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192
SUN:00192
XF:cde-dtaction-username-bo
CVE-1999-0692
The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges.
2000-01-04
2005-11-02
CVE-1999-0692
CERT:CA-99-09
http://www.ciac.org/ciac/bulletins/j-052.shtml
CIAC:J-052
ftp://patches.sgi.com/support/free/security/advisories/19990701-01-P
SGI:19990701-01-P
XF:sgi-arrayd
CVE-1999-0693
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
2000-01-04
2005-11-02
CVE-1999-0693
http://www.securityfocus.com/bid/641
BID:641
CERT:CA-99-11
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103
HP:HPSBUX9909-103
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4374
OVAL:oval:org.mitre.oval:def:4374
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192
SUN:00192
XF:cde-dtsession-env-bo
CVE-1999-0694
Denial of service in AIX ptrace system call allows local users to crash the system.
2000-01-18
2005-11-02
CVE-1999-0694
http://www.ciac.org/ciac/bulletins/j-055.shtml
CIAC:J-055
IBM:ERS-SVA-E01-1999:002.1
XF:aix-ptrace-halt
CVE-1999-0695
The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. (dot dot) attack.
2000-01-04
2004-09-02
CVE-1999-0695
http://www.securityfocus.com/bid/620
BID:620
BUGTRAQ:19990904 [Sybase] software vendors do not think about old bugs
http://www.osvdb.org/1064
OSVDB:1064
XF:http-powerdynamo-dotdotslash
CVE-1999-0696
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).
2000-06-02
2009-03-01
CVE-1999-0696
BUGTRAQ:19990709 Exploit of rpc.cmsd
CERT:CA-99-08
http://www.ciac.org/ciac/bulletins/j-051.shtml
CIAC:J-051
COMPAQ:SSRT0614U_RPC_CMSD
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9908-102
HP:HPSBUX9908-102
SCO:SB-99.12
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/188
SUN:00188
SUNBUG:4230754
XF:sun-cmsd-bo
CVE-1999-0697
SCO Doctor allows local users to gain root privileges through a Tools option.
2000-10-13
2005-11-02
CVE-1999-0697
http://www.securityfocus.com/bid/621
BID:621
BUGTRAQ:19990908 SCO 5.0.5 /bin/doctor nightmare
XF:sco-doctor-execute
CVE-1999-0698
Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux.
2000-02-04
2022-08-17
CVE-1999-0698
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0698
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0698
CVE-1999-0699
The Bluestone Sapphire web server allows session hijacking via easily guessable session IDs.
2000-01-04
2005-11-02
CVE-1999-0699
http://www.securityfocus.com/bid/623
BID:623
BUGTRAQ:19990908 [Security] Spoofed Id in Bluestone Sapphire/Web
CVE-1999-0700
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.
2000-01-04
2005-11-02
CVE-1999-0700
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-026
MS:MS99-026
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q237185
MSKB:Q237185
XF:nt-malformed-dialer
CVE-1999-0701
After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.
2000-01-04
2005-11-02
CVE-1999-0701
http://www.securityfocus.com/bid/626
BID:626
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-036
MS:MS99-036
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q173039
MSKB:Q173039
XF:nt-install-unattend-file
CVE-1999-0702
Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Export Favorites feature, aka the "ImportExportFavorites" vulnerability.
2000-01-04
2005-11-02
CVE-1999-0702
http://www.securityfocus.com/bid/627
BID:627
BUGTRAQ:19990909 IE 5.0 security vulnerabilities - ImportExportFavorites - at least creating and overwriting files, probably executing programs
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037
MS:MS99-037
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q241361
MSKB:Q241361
XF:ie5-import-export-favorites
CVE-1999-0703
OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character and block devices.
2000-01-04
2005-11-02
CVE-1999-0703
BUGTRAQ:19990805 4.4 BSD issue -- chflags
http://www.ciac.org/ciac/bulletins/j-066.shtml
CIAC:J-066
FREEBSD:FreeBSD-SA-99:01
OPENBSD:Jul30,1999
XF:openbsd-chflags-fchflags-permitted
CVE-1999-0704
Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
2000-01-04
2005-11-02
CVE-1999-0704
http://www.securityfocus.com/bid/614
BID:614
CALDERA:CSSA-1999:024.0
CERT:CA-99-12
DEBIAN:19991018
FREEBSD:SA-99:06
REDHAT:RHSA-1999:032-01
XF:amd-bo
CVE-1999-0705
Buffer overflow in INN inews program.
2000-01-04
2005-11-02
CVE-1999-0705
http://www.securityfocus.com/bid/616
BID:616
CALDERA:CSSA-1999-026
DEBIAN:19990907
REDHAT:RHSA1999033_01
SUSE:19990831 Security hole in INN
XF:inn-inews-bo
CVE-1999-0706
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.
2000-01-04
2005-11-02
CVE-1999-0706
http://www.securityfocus.com/bid/583
BID:583
DEBIAN:19990807
SUSE:19990817 Security hole in i4l (xmonisdn)
CVE-1999-0707
The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization.
2000-01-04
2005-11-02
CVE-1999-0707
http://www.securityfocus.com/bid/493
BID:493
http://www.ciac.org/ciac/bulletins/j-050.shtml
CIAC:J-050
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9906-099
HP:HPSBUX9906-099
XF:hp-visualize-conference-ftp
CVE-1999-0708
Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field.
2000-01-18
2005-11-02
CVE-1999-0708
http://www.securityfocus.com/bid/651
BID:651
BUGTRAQ:19990921 BP9909-00: cfingerd local buffer overflow
CVE-1999-0710
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
2000-01-04
2011-07-16
CVE-1999-0710
http://www.securityfocus.com/bid/2059
BID:2059
BUGTRAQ:19990725 Redhat 6.0 cachemgr.cgi lameness
http://www.redhat.com/support/errata/archives/rh52-errata-general.html#squid
CONFIRM:http://www.redhat.com/support/errata/archives/rh52-errata-general.html#squid
http://www.debian.org/security/2004/dsa-576
DEBIAN:DSA-576
http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html
FEDORA:FEDORA-2005-373
http://fedoranews.org/updates/FEDORA--.shtml
FEDORA:FLSA-2006:152809
http://www.redhat.com/support/errata/RHSA-1999-025.html
REDHAT:RHSA-1999:025
http://www.redhat.com/support/errata/RHSA-2005-489.html
REDHAT:RHSA-2005:489
https://exchange.xforce.ibmcloud.com/vulnerabilities/2385
XF:http-cgi-cachemgr(2385)
CVE-1999-0711
The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root.
2000-04-18
2005-11-02
CVE-1999-0711
http://marc.info/?t=92550157100002&w=2&r=1
BUGTRAQ:19990430 *Huge* security hole in Oracle 8.0.5 with Intellegent agent installed
http://marc.info/?l=bugtraq&m=92609807906778&w=2
BUGTRAQ:19990506 Oracle Security Followup, patch and FAQ: setuid on oratclsh
XF:oracle-oratclsh
CVE-1999-0712
A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.
2000-02-04
2022-08-17
CVE-1999-0712
CALDERA:CSSA-1999:009
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0712
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0712
XF:linux-coas
CVE-1999-0713
The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.
2000-01-04
2005-11-02
CVE-1999-0713
BUGTRAQ:19990404 Digital Unix 4.0E /var permission
http://www.ciac.org/ciac/bulletins/j-044.shtml
CIAC:J-044
COMPAQ:SSRT0600U
XF:cde-dtlogin
CVE-1999-0714
Vulnerability in Compaq Tru64 UNIX edauth command.
2000-01-04
2022-08-17
CVE-1999-0714
COMPAQ:SSRT0588U
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0714
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0714
XF:du-edauth
CVE-1999-0715
Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.
2000-01-04
2005-11-02
CVE-1999-0715
BUGTRAQ:19990519 Buffer Overruns in RAS allows execution of arbitary code as system
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-016
MS:MS99-016
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q230677
MSKB:Q230677
XF:nt-ras-bo
CVE-1999-0716
Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.
2000-01-04
2005-11-02
CVE-1999-0716
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-015
MS:MS99-015
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q231605
MSKB:Q231605
XF:nt-helpfile-bo
CVE-1999-0717
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
2000-01-04
2005-11-02
CVE-1999-0717
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-014
MS:MS99-014
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q231304
MSKB:Q231304
XF:excel-virus-warning
CVE-1999-0718
IBM GINA, when used for OS/2 domain authentication of Windows NT users, allows local users to gain administrator privileges by changing the GroupMapping registry key.
2004-09-01
2003-03-21
CVE-1999-0718
http://www.securityfocus.com/bid/608
BID:608
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9908&L=ntbugtraq&F=&S=&P=5534
NTBUGTRAQ:19990823 IBM Gina security warning
https://exchange.xforce.ibmcloud.com/vulnerabilities/3166
XF:ibm-gina-group-add(3166)
CVE-1999-0719
The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code.
2000-06-02
2005-11-02
CVE-1999-0719
http://www.securityfocus.com/bid/563
BID:563
BUGTRAQ:19990802 Gnumeric potential security hole.
REDHAT:RHSA-1999:023-01
XF:gnu-guile-plugin-export
CVE-1999-0720
The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users.
2000-04-18
2005-11-02
CVE-1999-0720
http://www.securityfocus.com/bid/597
BID:597
http://www.securityfocus.com/templates/archive.pike?list=1&msg=lcamtuf.4.05.9907041223290.355-300000@nimue.ids.pl
BUGTRAQ:19990823 [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD / lynx / vlock / mc / glibc 2.0.x
XF:linux-pt-chown
CVE-1999-0721
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
2000-01-04
2005-11-02
CVE-1999-0721
BINDVIEW:Phantom Technical Advisory
http://www.ciac.org/ciac/bulletins/j-049.shtml
CIAC:J-049
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-020
MS:MS99-020
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q231457
MSKB:Q231457
XF:msrpc-lsa-lookupnames-dos
CVE-1999-0722
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages.
2000-01-04
2005-11-02
CVE-1999-0722
http://www.securityfocus.com/bid/558
BID:558
CERT:CA-99-10
XF:cobalt-raq2-default-config
CVE-1999-0723
The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.
2000-01-04
2005-11-02
CVE-1999-0723
http://www.securityfocus.com/bid/478
BID:478
http://www.ciac.org/ciac/bulletins/j-049.shtml
CIAC:J-049
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-021
MS:MS99-021
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q233323
MSKB:Q233323
NTBUGTRAQ:19990411 Death by MessageBox
XF:nt-csrss-dos
CVE-1999-0724
Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function.
2000-01-04
2004-09-02
CVE-1999-0724
OPENBSD:Aug12,1999
http://www.osvdb.org/6128
OSVDB:6128
XF:openbsd-uio_offset-bo
CVE-1999-0725
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page".
2000-01-04
2005-11-02
CVE-1999-0725
http://www.securityfocus.com/bid/477
BID:477
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-022
MS:MS99-022
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q233335
MSKB:Q233335
https://exchange.xforce.ibmcloud.com/vulnerabilities/2302
XF:iis-double-byte-code-page(2302)
CVE-1999-0726
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
2000-01-04
2005-11-02
CVE-1999-0726
http://www.securityfocus.com/bid/499
BID:499
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-023
MS:MS99-023
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q234557
MSKB:Q234557
XF:nt-malformed-image-header
CVE-1999-0727
A kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.
2000-03-22
2004-09-02
CVE-1999-0727
OPENBSD:19990608 Packets that should have been handled by IPsec may be transmitted as cleartext
http://www.osvdb.org/6127
OSVDB:6127
XF:openbsd-ipsec-cleartext
CVE-1999-0728
A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.
2000-01-04
2005-11-02
CVE-1999-0728
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-024
MS:MS99-024
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q236359
MSKB:Q236359
XF:nt-ioctl-dos
CVE-1999-0729
Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to conduct a denial of service through the ldap_search request.
2001-05-07
2004-09-02
CVE-1999-0729
http://www.securityfocus.com/bid/601
BID:601
http://www.ciac.org/ciac/bulletins/j-061.shtml
CIAC:J-061
http://xforce.iss.net/alerts/advise34.php
ISS:19990823 Denial of Service Attack against Lotus Notes Domino Server 4.6
http://www.osvdb.org/1057
OSVDB:1057
XF:lotus-ldap-bo
CVE-1999-0730
The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack.
2000-01-04
2022-08-17
CVE-1999-0730
DEBIAN:19990612
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0730
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0730
CVE-1999-0731
The KDE klock program allows local users to unlock a session using malformed input.
2000-01-04
2021-01-19
CVE-1999-0731
http://www.securityfocus.com/bid/489
BID:489
BUGTRAQ:19990623 Security flaw in klock
CALDERA:CSSA-1999:017
https://github.com/KDE/kde1-kdebase/commit/04906bd5de2f220bf100b605dad37b4a1d9a91a6
MISC:https://github.com/KDE/kde1-kdebase/commit/04906bd5de2f220bf100b605dad37b4a1d9a91a6
SUSE:19990629 Security hole in Klock
CVE-1999-0732
The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.
2000-01-04
2022-08-17
CVE-1999-0732
DEBIAN:19990823b
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0732
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0732
XF:smtp-refuser-tmp
CVE-1999-0733
Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable.
2000-03-22
2005-11-02
CVE-1999-0733
http://www.securityfocus.com/bid/490
BID:490
BUGTRAQ:19990626 VMWare Advisory - buffer overflows
BUGTRAQ:19990626 VMware Security Alert
BUGTRAQ:19990705 Re: VMWare Advisory.. - exploit
XF:vmware-bo
CVE-1999-0734
A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication.
2000-01-18
2005-11-02
CVE-1999-0734
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-19990819-dbaccess
CISCO:19990819 CiscoSecure Access Control Server for UNIX Remote Administration Vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/3133
XF:ciscosecure-read-write(3133)
CVE-1999-0735
KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories.
2000-01-04
2005-11-02
CVE-1999-0735
http://www.securityfocus.com/bid/300
BID:300
CALDERA:CSSA-1999:016
ISS:KDE K-Mail File Creation Vulnerability
http://www.redhat.com/support/errata/RHSA1999015_01.html
REDHAT:RHSA-1999:015-01
CVE-1999-0736
The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
2000-02-04
2018-10-12
CVE-1999-0736
L0PHT:May7,1999
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-013
MS:MS99-013
MSKB:Q231368
MSKB:Q232449
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A932
OVAL:oval:org.mitre.oval:def:932
CVE-1999-0737
The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
2000-02-04
2018-10-12
CVE-1999-0737
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-013
MS:MS99-013
MSKB:Q231656
CVE-1999-0738
The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
2000-02-04
2018-10-12
CVE-1999-0738
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-013
MS:MS99-013
MSKB:Q231368
MSKB:Q232449
CVE-1999-0739
The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
2000-02-04
2018-10-12
CVE-1999-0739
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-013
MS:MS99-013
MSKB:Q231368
MSKB:Q232449
CVE-1999-0740
Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.
2000-03-22
2005-11-02
CVE-1999-0740
http://www.securityfocus.com/bid/594
BID:594
CALDERA:CSSA-1999:022
REDHAT:RHSA1999029_01
XF:linux-telnetd-term
CVE-1999-0741
QMS CrownNet Unix Utilities for 2060 allows root to log on without a password.
2000-02-04
2003-03-21
CVE-1999-0741
http://www.securityfocus.com/bid/593
BID:593
BUGTRAQ:19990818 QMS 2060 printer security hole
XF:qms-2060-no-root-password
CVE-1999-0742
The Debian mailman package uses weak authentication, which allows attackers to gain privileges.
2000-01-18
2005-11-02
CVE-1999-0742
http://www.securityfocus.com/bid/480
BID:480
DEBIAN:19990623
CVE-1999-0743
Trn allows local users to overwrite other users' files via symlinks.
2000-01-18
2005-11-02
CVE-1999-0743
BUGTRAQ:19990819 Insecure use of file in /tmp by trn
DEBIAN:19990823c
SUSE:19990824 Security hole in trn
https://exchange.xforce.ibmcloud.com/vulnerabilities/3144
XF:trn-symlinks(3144)
CVE-1999-0744
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
2000-01-04
2005-11-02
CVE-1999-0744
http://www.securityfocus.com/bid/603
BID:603
ISS:Buffer Overflow in Netscape Enterprise and FastTrack Web Servers
CVE-1999-0745
Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C Set ++ compiler.
2000-01-04
2005-11-02
CVE-1999-0745
http://www.securityfocus.com/bid/590
BID:590
http://www.ciac.org/ciac/bulletins/j-059.shtml
CIAC:J-059
IBM:ERS-SVA-E01-1999:003.1
XF:aix-pdnsd-bo
CVE-1999-0746
A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.
2000-03-22
2005-11-02
CVE-1999-0746
http://www.securityfocus.com/bid/587
BID:587
BUGTRAQ:19990814 DOS against SuSE's identd
SUSE:19990824 Security hole in netcfg
XF:suse-identd-dos
CVE-1999-0747
Denial of service in BSDi Symmetric Multiprocessing (SMP) when an fstat call is made when the system has a high CPU load.
2000-04-18
2005-11-02
CVE-1999-0747
http://www.securityfocus.com/bid/589
BID:589
http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.BSI.4.10.9908170253560.19291-100000@saturn.psn.net
BUGTRAQ:19990816 Symmetric Multiprocessing (SMP) Vulnerbility in BSDi 4.0.1
XF:bsdi-smp-dos
CVE-1999-0748
Buffer overflows in Red Hat net-tools package.
2000-02-04
2022-08-17
CVE-1999-0748
http://www.redhat.com/support/errata/RHSA1999017_01.html
MISC:http://www.redhat.com/support/errata/RHSA1999017_01.html
REDHAT:RHSA-1999:017-01
CVE-1999-0749
Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.
2000-01-04
2005-11-02
CVE-1999-0749
http://www.securityfocus.com/bid/586
BID:586
BUGTRAQ:19990815 telnet.exe heap overflow - remotely exploitable
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-033
MS:MS99-033
XF:win-ie5-telnet-heap-overflow
CVE-1999-0750
Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account.
2000-02-04
2003-05-08
CVE-1999-0750
http://www.securityfocus.com/bid/630
BID:630
BUGTRAQ:19990913 Hotmail security vulnerability - injecting JavaScript using 'STYLE' tag
CVE-1999-0751
Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.
2000-01-04
2005-11-02
CVE-1999-0751
http://www.securityfocus.com/bid/631
BID:631
BUGTRAQ:19990913 Accept overflow on Netscape Enterprise Server 3.6 SP2
https://exchange.xforce.ibmcloud.com/vulnerabilities/3256
XF:netscape-accept-bo(3256)
CVE-1999-0752
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.
2000-01-04
2022-08-17
CVE-1999-0752
BUGTRAQ:19990706 Netscape Enterprise Server SSL Handshake Bug
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0752
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0752
CVE-1999-0753
The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories.
2000-01-18
2005-11-02
CVE-1999-0753
http://www.securityfocus.com/bid/591
BID:591
BUGTRAQ:19990817 Stupid bug in W3-msql
XF:mini-sql-w3-msql-cgi
CVE-1999-0754
The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable.
2000-06-02
2005-11-02
CVE-1999-0754
http://www.securityfocus.com/bid/255
BID:255
BUGTRAQ:19990511 INN 2.0 and higher. Root compromise potential
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-011.0.txt
CALDERA:CSSA-1999-011.0
http://www.redhat.com/corp/support/errata/inn99_05_22.html
MISC:http://www.redhat.com/corp/support/errata/inn99_05_22.html
SUSE:19990518 Security hole in INN
XF:inn-innconf-env
CVE-1999-0755
Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.
2000-01-04
2005-11-02
CVE-1999-0755
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-017
MS:MS99-017
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q230681
MSKB:Q230681
XF:nt-ras-pwcache
CVE-1999-0756
ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility.
2001-09-18
2005-11-02
CVE-1999-0756
http://www.allaire.com/handlers/index.cfm?ID=10968&Method=Full
ALLAIRE:ASB99-07
https://exchange.xforce.ibmcloud.com/vulnerabilities/2207
XF:coldfusion-admin-dos(2207)
CVE-1999-0757
The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates.
2001-02-14
2017-12-18
CVE-1999-0757
http://www.allaire.com/handlers/index.cfm?ID=10969&Method=Full
ALLAIRE:ASB99-08
https://exchange.xforce.ibmcloud.com/vulnerabilities/2208
XF:coldfusion-encryption(2208)
CVE-1999-0758
Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.
2001-05-07
2022-08-17
CVE-1999-0758
ALLAIRE:ASB99-06
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0758
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0758
XF:netscape-space-view
CVE-1999-0759
Buffer overflow in FuseMAIL POP service via long USER and PASS commands.
2000-10-13
2005-11-02
CVE-1999-0759
http://www.securityfocus.com/bid/634
BID:634
BUGTRAQ:19990913 Many kind of POP3/SMTP server softwares for Windows have buffer overflow bug
http://www.crosswinds.net/~fuseware/faq.html#8
CONFIRM:http://www.crosswinds.net/~fuseware/faq.html#8
XF:fuseware-popmail-bo
CVE-1999-0760
Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges.
2001-05-07
2005-11-02
CVE-1999-0760
http://www.allaire.com/handlers/index.cfm?ID=11714&Method=Full
ALLAIRE:ASB99-10
http://www.securityfocus.com/bid/550
BID:550
https://exchange.xforce.ibmcloud.com/vulnerabilities/3288
XF:coldfusion-server-cfml-tags(3288)
CVE-1999-0761
Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program.
2000-01-04
2004-09-02
CVE-1999-0761
http://www.securityfocus.com/bid/644
BID:644
FREEBSD:FreeBSD-SA-99:05
http://www.osvdb.org/1074
OSVDB:1074
XF:freebsd-fts-lib-bo
CVE-1999-0762
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
2000-01-04
2022-08-17
CVE-1999-0762
BUGTRAQ:19990524 Netscape Communicator JavaScript in <TITLE> security vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762
XF:netscape-title
CVE-1999-0763
NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.
2000-01-04
2004-09-02
CVE-1999-0763
NETBSD:1999-010
http://www.osvdb.org/6540
OSVDB:6540
XF:netbsd-arp
CVE-1999-0764
NetBSD allows ARP packets to overwrite static ARP entries.
2000-01-04
2004-09-02
CVE-1999-0764
NETBSD:1999-010
http://www.osvdb.org/6539
OSVDB:6539
XF:netbsd-arp
CVE-1999-0765
SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor.
2000-01-04
2005-11-02
CVE-1999-0765
http://www.securityfocus.com/bid/262
BID:262
BUGTRAQ:19990619 IRIX midikeys root exploit.
ftp://patches.sgi.com/support/free/security/advisories/19990501-01-A
SGI:19990501-01-A
XF:irix-midikeys
CVE-1999-0766
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.
2000-01-04
2005-11-02
CVE-1999-0766
http://www.securityfocus.com/bid/600
BID:600
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-031
MS:MS99-031
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q240346
MSKB:Q240346
XF:msvm-verifier-java
CVE-1999-0767
Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.
2000-02-04
2022-08-17
CVE-1999-0767
https://marc.info/?l=bugtraq&m=87602167420557&w=2
MISC:https://marc.info/?l=bugtraq&m=87602167420557&w=2
SUN:00189
CVE-1999-0768
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.
2000-01-18
2005-11-02
CVE-1999-0768
http://www.securityfocus.com/bid/602
BID:602
REDHAT:RHSA-1999:030-02
SUSE:19990829 Security hole in cron
CVE-1999-0769
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
2000-01-04
2005-11-02
CVE-1999-0769
http://www.securityfocus.com/bid/611
BID:611
CALDERA:CSSA-1999:023.0
DEBIAN:19990830 cron
REDHAT:RHSA-1999:030-02
SUSE:19990829 Security hole in cron
CVE-1999-0770
Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems.
2000-01-18
2004-09-02
CVE-1999-0770
http://www.securityfocus.com/bid/549
BID:549
BUGTRAQ:19990729 Simple DOS attack on FW-1
CHECKPOINT:ACK DOS ATTACK
http://www.osvdb.org/1027
OSVDB:1027
CVE-1999-0771
The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack.
2000-01-04
2022-08-17
CVE-1999-0771
BUGTRAQ:19990526 Infosec.19990526.compaq-im.a
COMPAQ:SSRT0612U
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0771
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0771
XF:management-agent-file-read
CVE-1999-0772
Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301.
2000-01-04
2022-08-17
CVE-1999-0772
BUGTRAQ:19990527 Re: Infosec.19990526.compaq-im.a (New DoS and correction to my previous post)
COMPAQ:SSRT0612U
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0772
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0772
XF:management-agent-dos
CVE-1999-0773
Buffer overflow in Solaris lpset program allows local users to gain root access.
2000-04-18
2005-11-02
CVE-1999-0773
http://www.netspace.org/cgi-bin/wa?A2=ind9905B&L=bugtraq&P=R2017
BUGTRAQ:19990511 Solaris2.6 and 2.7 lpset overflow
XF:sol-lpset-bo
CVE-1999-0774
Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names.
2000-01-04
2005-11-02
CVE-1999-0774
http://www.securityfocus.com/bid/617
BID:617
BUGTRAQ:19990830 Babcia Padlina Ltd. security advisory: mars_nwe buffer overf
REDHAT:RHSA1999037_01
SUSE:19990916 Security hole in mars nwe
CVE-1999-0775
Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.
2000-01-18
2022-08-17
CVE-1999-0775
CISCO:19990610 Cisco IOS Software established Access List Keyword Error
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0775
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0775
XF:cisco-gigaswitch
CVE-1999-0776
Alibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack.
2000-02-04
2003-03-21
CVE-1999-0776
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9905&L=NTBUGTRAQ&P=R1533
NTBUGTRAQ:19990506 ".."-hole in Alibaba 2.0
XF:http-alibaba-dotdot
CVE-1999-0777
IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.
2000-01-04
2005-11-02
CVE-1999-0777
http://www.securityfocus.com/bid/658
BID:658
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-039
MS:MS99-039
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q241407
MSKB:Q241407
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q242559
MSKB:Q242559
XF:iis-ftp-no-access-files
CVE-1999-0778
Buffer overflow in Xi Graphics Accelerated-X server allows local users to gain root access via a long display or query parameter.
2000-03-22
2005-11-02
CVE-1999-0778
http://www.securityfocus.com/bid/488
BID:488
BUGTRAQ:19990626 KSR[T] #011: Accelerated-X
KSRT:011
XF:accelx-display-bo
CVE-1999-0779
Denial of service in HP-UX SharedX recserv program.
2000-01-04
2009-03-01
CVE-1999-0779
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9810-086
HP:HPSBUX9810-086
XF:hp-sharedx
CVE-1999-0780
KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.
2000-04-25
2005-11-02
CVE-1999-0780
http://marc.info/?l=bugtraq&m=91141486301691&w=2
BUGTRAQ:19981118 Multiple KDE security vulnerabilities (root compromise)
XF:kde-klock-process-kill
CVE-1999-0781
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
2000-04-25
2005-11-02
CVE-1999-0781
http://marc.info/?l=bugtraq&m=91141486301691&w=2
BUGTRAQ:19981118 Multiple KDE security vulnerabilities (root compromise)
XF:kde-klock-bindir-trojans
CVE-1999-0782
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
2000-04-25
2005-11-02
CVE-1999-0782
http://marc.info/?l=bugtraq&m=91141486301691&w=2
BUGTRAQ:19981118 Multiple KDE security vulnerabilities (root compromise)
XF:kde-kppp-directory-create
CVE-1999-0783
FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system.
2000-03-22
2004-09-02
CVE-1999-0783
http://www.ciac.org/ciac/bulletins/i-057.shtml
CIAC:I-057
FREEBSD:FreeBSD-SA-98:05
http://www.osvdb.org/6090
OSVDB:6090
XF:freebsd-nfs-link-dos
CVE-1999-0784
Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP.
2001-02-14
2005-11-02
CVE-1999-0784
http://archives.neohapsis.com/archives/bugtraq/1998_4/0764.html
BUGTRAQ:19981228 Oracle8 TNSLSNR DoS
http://archives.neohapsis.com/archives/bugtraq/1999_1/0056.html
BUGTRAQ:19990104 Re: Fw:"NERP" DoS attack possible in Oracle
http://archives.neohapsis.com/archives/ntbugtraq/1998/msg00536.html
NTBUGTRAQ:19980827 NERP DoS attack possible in Oracle
CVE-1999-0785
The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in the inn.conf file.
2000-03-22
2005-11-02
CVE-1999-0785
http://www.securityfocus.com/bid/254
BID:254
BUGTRAQ:19990511 INN 2.0 and higher. Root compromise potential
SUSE:19990518 Security hole in INN
XF:inn-pathrun
CVE-1999-0786
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.
2000-03-22
2005-11-02
CVE-1999-0786
http://www.securityfocus.com/bid/659
BID:659
BUGTRAQ:19990922 LD_PROFILE local root exploit for solaris 2.6
CVE-1999-0787
The SSH authentication agent follows symlinks via a UNIX domain socket.
2000-10-13
2005-11-02
CVE-1999-0787
http://www.securityfocus.com/bid/660
BID:660
http://marc.info/?l=bugtraq&m=93760201002154&w=2
BUGTRAQ:19990917 A few bugs...
http://marc.info/?l=bugtraq&m=93832856804415&w=2
BUGTRAQ:19990924 [Fwd: Truth about ssh 1.2.27 vulnerability]
XF:ssh-socket-auth-symlink-dos
CVE-1999-0788
Arkiea nlservd allows remote attackers to conduct a denial of service.
2000-10-13
2005-11-02
CVE-1999-0788
http://www.securityfocus.com/bid/662
BID:662
http://marc.info/?l=bugtraq&m=93837184228248&w=2
BUGTRAQ:19990924 Multiple vendor Knox Arkiea local root/remote DoS
XF:arkiea-backup-nlserverd-remote-dos
CVE-1999-0789
Buffer overflow in AIX ftpd in the libc library.
2000-03-22
2005-11-02
CVE-1999-0789
http://www.securityfocus.com/bid/679
BID:679
BUGTRAQ:19990928 Remote bufferoverflow exploit for ftpd from AIX 4.3.2 running on an RS6000
http://www.ciac.org/ciac/bulletins/j-072.shtml
CIAC:J-072
IBM:ERS-SVA-E01-1999:004.1
XF:aix-ftpd-bo
CVE-1999-0790
A remote attacker can read information from a Netscape user's cache via JavaScript.
2000-04-18
2005-11-02
CVE-1999-0790
http://home.netscape.com/security/notes/jscachebrowsing.html
MISC:http://home.netscape.com/security/notes/jscachebrowsing.html
XF:netscape-javascript
CVE-1999-0791
Hybrid Network cable modems do not include an authentication mechanism for administration, allowing remote attackers to compromise the system through the HSMP protocol.
2000-10-13
2005-11-02
CVE-1999-0791
http://www.securityfocus.com/bid/695
BID:695
BUGTRAQ:19991006 KSR[T] Advisories #012: Hybrid Network's Cable Modems
KSRT:012
XF:hybrid-anon-cable-modem-reconfig
CVE-1999-0792
ROUTERmate has a default SNMP community name which allows remote attackers to modify its configuration.
2000-02-04
2003-05-08
CVE-1999-0792
http://www2.merton.ox.ac.uk/~security/rootshell/0022.html
MISC:http://www2.merton.ox.ac.uk/~security/rootshell/0022.html
CVE-1999-0793
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.
2000-01-04
2005-11-02
CVE-1999-0793
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-043
MS:MS99-043
XF:ie-java-redirect
CVE-1999-0794
Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file.
2000-01-04
2005-11-02
CVE-1999-0794
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-044
MS:MS99-044
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q241900
MSKB:Q241900
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q241901
MSKB:Q241901
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q241902
MSKB:Q241902
XF:excel-sylk
CVE-1999-0795
The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.
2000-02-04
2022-08-17
CVE-1999-0795
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0795
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0795
NAI:NAI-27
CVE-1999-0796
FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks.
2000-03-22
2004-09-02
CVE-1999-0796
FREEBSD:SA-98.03
http://www.osvdb.org/6089
OSVDB:6089
XF:freebsd-ttcp-spoof
CVE-1999-0797
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.
2000-03-22
2005-11-02
CVE-1999-0797
http://www.ciac.org/ciac/bulletins/i-070.shtml
CIAC:I-070
ISS:19980629 Distributed DoS attack against NIS/NIS+ based networks.
XF:sun-nis-nisplus
CVE-1999-0798
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
2000-02-04
2016-10-17
CVE-1999-0798
http://marc.info/?l=bugtraq&m=91278867118128&w=2
BUGTRAQ:19981204 bootpd remote vulnerability
CVE-1999-0799
Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location.
2000-04-18
2022-08-17
CVE-1999-0799
BUGTRAQ:19970725 Exploitable buffer overflow in bootpd (most unices)
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0799
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0799
XF:bootpd-bo
CVE-1999-0800
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
2001-05-07
2004-09-02
CVE-1999-0800
http://www.allaire.com/handlers/index.cfm?ID=9602&Method=Full
ALLAIRE:ASB99-05
http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00332.html
NTBUGTRAQ:19990211 ACFUG List: Alert: Allaire Forums GetFile bug
http://www.osvdb.org/944
OSVDB:944
https://exchange.xforce.ibmcloud.com/vulnerabilities/1748
XF:allaire-forums-file-read(1748)
CVE-1999-0801
BMC Patrol allows remote attackers to gain access to an agent by spoofing frames.
2002-03-09
2002-03-01
CVE-1999-0801
http://www.securityfocus.com/archive/1/13204
BUGTRAQ:19990409 Patrol security bugs
http://www.iss.net/security_center/static/2075.php
XF:bmc-patrol-frames(2075)
CVE-1999-0802
Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon.
2000-01-04
2005-11-02
CVE-1999-0802
BUGTRAQ:19990503 MSIE 5 FAVICON BUG
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-018
MS:MS99-018
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q231450
MSKB:Q231450
XF:ie-favicon
CVE-1999-0803
The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack.
2000-04-25
2004-09-02
CVE-1999-0803
http://marc.info/?l=bugtraq&m=92765973207648&w=2
BUGTRAQ:19990525 IBM eNetwork Firewall for AIX
http://www.osvdb.org/962
OSVDB:962
XF:ibm-enfirewall-tmpfiles
CVE-1999-0804
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
2000-01-04
2005-11-02
CVE-1999-0804
http://www.securityfocus.com/bid/302
BID:302
BUGTRAQ:19990601 Linux kernel 2.2.x vulnerability/exploit
CALDERA:CSSA-1999:013
DEBIAN:19990607
REDHAT:19990603 Kernel Update
SUSE:19990602 Denial of Service on the 2.2 kernel
CVE-1999-0805
Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests.
2001-02-14
2017-12-18
CVE-1999-0805
http://archives.neohapsis.com/archives/bugtraq/1999_2/0439.html
BUGTRAQ:19990512 DoS with Netware 4.x's TTS
https://exchange.xforce.ibmcloud.com/vulnerabilities/2184
XF:novell-tts-dos(2184)
CVE-1999-0806
Buffer overflow in Solaris dtprintinfo program.
2000-03-22
2004-09-02
CVE-1999-0806
BUGTRAQ:19990510 Solaris2.6,2.7 dtprintinfo exploits
http://www.osvdb.org/6552
OSVDB:6552
XF:cde-dtprintinfo
CVE-1999-0807
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.
2000-01-04
2022-08-17
CVE-1999-0807
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0807
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0807
XF:netscape-dirsvc-password
CVE-1999-0808
Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options.
2001-09-12
2016-10-17
CVE-1999-0808
http://marc.info/?l=bugtraq&m=90221101925960&w=2
BUGTRAQ:19980518 DHCP 1.0 and 2.0 SECURITY ALERT! (fwd)
http://ciac.llnl.gov/ciac/bulletins/i-053.shtml
CIAC:I-053
ftp://ftp.isc.org/isc/dhcp/dhcp-1.0-history/dhcp-1.0.0-1.0pl1.diff.gz
MISC:ftp://ftp.isc.org/isc/dhcp/dhcp-1.0-history/dhcp-1.0.0-1.0pl1.diff.gz
CVE-1999-0809
Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".
2000-01-04
2022-08-17
CVE-1999-0809
BUGTRAQ:19990709 Communicator 4.[56]x, JavaScript used to bypass cookie settings
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809
CVE-1999-0810
Denial of service in Samba NETBIOS name service daemon (nmbd).
2000-01-04
2022-08-17
CVE-1999-0810
BUGTRAQ:19990721 Samba 2.0.5 security fixes
CALDERA:CSSA-1999:018.0
DEBIAN:19990731
DEBIAN:19990804
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0810
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0810
REDHAT:RHSA-1999:022-02
SUSE:19990816 Security hole in Samba
CVE-1999-0811
Buffer overflow in Samba smbd program via a malformed message command.
2000-01-18
2005-11-02
CVE-1999-0811
http://www.securityfocus.com/bid/536
BID:536
BUGTRAQ:19990721 Samba 2.0.5 security fixes
CALDERA:CSSA-1999:018.0
DEBIAN:19990731 Samba
REDHAT:RHSA-1999:022-02
SUSE:19990816 Security hole in Samba
XF:samba-message-bo
CVE-1999-0812
Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations.
2000-01-04
2022-08-17
CVE-1999-0812
BUGTRAQ:19990721 Samba 2.0.5 security fixes
CALDERA:CSSA-1999:018.0
DEBIAN:19990731
DEBIAN:19990804
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0812
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0812
REDHAT:RHSA-1999:022-02
SUSE:19990816 Security hole in Samba
CVE-1999-0813
Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges.
2000-04-18
2022-08-17
CVE-1999-0813
BUGTRAQ:19980724 CFINGERD root security hole
BUGTRAQ:19990810 Severe bug in cfingerd before 1.4.0
DEBIAN:19990814
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0813
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0813
XF:cfingerd-privileges
CVE-1999-0814
Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.
2000-01-04
2005-11-02
CVE-1999-0814
http://www.redhat.com/support/errata/RHSA-1999-027.html
REDHAT:RHSA-1999:027
CVE-1999-0815
Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries.
2002-03-09
2002-02-20
CVE-1999-0815
http://support.microsoft.com/support/kb/articles/q196/2/70.asp
MSKB:Q196270
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A952
OVAL:oval:org.mitre.oval:def:952
https://exchange.xforce.ibmcloud.com/vulnerabilities/1974
XF:nt-snmpagent-leak(1974)
CVE-1999-0816
The Motorola CableRouter allows any remote user to connect to and configure the router on port 1024.
2000-02-04
2003-05-08
CVE-1999-0816
http://www.netspace.org/cgi-bin/wa?A2=ind9805B&L=bugtraq&P=R1621
BUGTRAQ:19980510 Security Vulnerability in Motorola CableRouters
XF:motorola-cable-default-pass
CVE-1999-0817
Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.
2000-01-04
2022-08-17
CVE-1999-0817
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0817
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0817
SUSE:19990915 Security hole in lynx
CVE-1999-0818
Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable.
2000-02-04
2003-03-21
CVE-1999-0818
http://www.securityfocus.com/bid/831
BID:831
http://www.securityfocus.com/templates/archive.pike?list=1&msg=38433B7F5A.53F4SHADOWPENGUIN@fox.nightland.net
BUGTRAQ:19991130 another hole of Solaris7 kcms_configure
CVE-1999-0819
NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it.
2000-06-02
2005-11-02
CVE-1999-0819
http://marc.info/?l=bugtraq&m=94398141118586&w=2
BUGTRAQ:19991130 NTmail and VRFY
NTBUGTRAQ:19991130 NTmail and VRFY
XF:nt-mail-vrfy
CVE-1999-0820
FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands.
2000-07-12
2004-09-02
CVE-1999-0820
http://www.securityfocus.com/bid/838
BID:838
BUGTRAQ:19991130 Several FreeBSD-3.3 vulnerabilities
http://www.osvdb.org/5996
OSVDB:5996
XF:freebsd-seyon-dir-add
CVE-1999-0821
FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument.
2000-02-04
2003-05-08
CVE-1999-0821
http://www.securityfocus.com/bid/838
BID:838
BUGTRAQ:19991130 Several FreeBSD-3.3 vulnerabilities
CVE-1999-0822
Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.
2000-02-04
2003-05-08
CVE-1999-0822
http://www.securityfocus.com/bid/830
BID:830
BUGTRAQ:19991130 qpop3.0b20 and below - notes and exploit
BUGTRAQ:19991130 serious Qpopper 3.0 vulnerability
CVE-1999-0823
Buffer overflow in FreeBSD xmindpath allows local users to gain privileges via -f argument.
2000-10-13
2004-09-02
CVE-1999-0823
http://www.securityfocus.com/bid/839
BID:839
BUGTRAQ:19991130 Several FreeBSD-3.3 vulnerabilities
http://www.osvdb.org/1150
OSVDB:1150
XF:freebsd-xmindpath
CVE-1999-0824
A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.
2000-04-25
2005-11-02
CVE-1999-0824
http://www.securityfocus.com/bid/833
BID:833
BUGTRAQ:19991130 Subst.exe carelessness (fwd)
NTBUGTRAQ:19991130 SUBST problem
CVE-1999-0825
The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.
2000-02-04
2003-05-08
CVE-1999-0825
http://www.securityfocus.com/bid/849
BID:849
BUGTRAQ:19991203 UnixWare read/modify users' mail
BUGTRAQ:19991215 Recent postings about SCO UnixWare 7
BUGTRAQ:19991223 FYI, SCO Security patches available.
CVE-1999-0826
Buffer overflow in FreeBSD angband allows local users to gain privileges.
2000-10-13
2004-09-02
CVE-1999-0826
http://www.securityfocus.com/bid/840
BID:840
BUGTRAQ:19991130 Several FreeBSD-3.3 vulnerabilities
http://www.osvdb.org/1151
OSVDB:1151
XF:angband-bo
CVE-1999-0827
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
2000-02-04
2022-08-17
CVE-1999-0827
BUGTRAQ:19991130 Default IE 5.0 security settings allow frame spoofing
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0827
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0827
CVE-1999-0828
UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.
2000-02-04
2003-03-21
CVE-1999-0828
http://www.securityfocus.com/bid/853
BID:853
BUGTRAQ:19991203 UnixWare and the dacread permission
BUGTRAQ:19991204 UnixWare pkg* command exploits
BUGTRAQ:19991220 SCO OpenServer Security Status
BUGTRAQ:19991223 FYI, SCO Security patches available.
CVE-1999-0829
HP Secure Web Console uses weak encryption.
2000-02-04
2022-08-17
CVE-1999-0829
BUGTRAQ:19991201 HP Secure Web Console
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0829
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0829
CVE-1999-0830
Buffer overflow in SCO UnixWare Xsco command via a long argument.
2000-02-04
2022-08-17
CVE-1999-0830
BUGTRAQ:19991126 [w00giving '99 #6]: UnixWare 7's Xsco
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0830
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0830
CVE-1999-0831
Denial of service in Linux syslogd via a large number of connections.
2000-01-18
2005-11-02
CVE-1999-0831
http://www.securityfocus.com/bid/809
BID:809
BUGTRAQ:19991130 [david@slackware.com: New Patches for Slackware 4.0 Available]
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-035.0.txt
CALDERA:CSSA-1999-035.0
REDHAT:RHSA1999055-01
SUSE:19991118 syslogd-1.3.33 (a1)
XF:slackware-syslogd-dos
CVE-1999-0832
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.
2000-06-02
2005-11-02
CVE-1999-0832
http://www.securityfocus.com/bid/782
BID:782
http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.20.9911091058140.12964-100000@mail.zigzag.pl
BUGTRAQ:19991109 undocumented bugs - nfsd
BUGTRAQ:19991130 [david@slackware.com: New Patches for Slackware 4.0 Available]
ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-033.0.txt
CALDERA:CSSA-1999-033.0
http://www.debian.org/security/1999/19991111
DEBIAN:19991111 buffer overflow in nfs server
http://www.redhat.com/support/errata/rh42-errata-general.html#NFS
REDHAT:RHSA-1999:053-01
http://www.novell.com/linux/security/advisories/suse_security_announce_29.html
SUSE:19991110 Security hole in nfs-server < 2.2beta47 within nkita
XF:linux-nfs-maxpath-bo
CVE-1999-0833
Buffer overflow in BIND 8.2 via NXT records.
2000-01-04
2005-11-02
CVE-1999-0833
http://www.securityfocus.com/bid/788
BID:788
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt
CALDERA:CSSA-1999-034.1
CERT:CA-99-14
DEBIAN:19991116 Denial of service vulnerabilities in bind
REDHAT:RHSA-1999:054-01
SUSE:19991111 Security hole in bind8 < 8.2.2p2 and bind4 < 4.9.7-REL
XF:bind-nxt-bo
CVE-1999-0834
Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library.
2000-01-18
2005-11-02
CVE-1999-0834
http://www.securityfocus.com/bid/843
BID:843
BUGTRAQ:19991201 Security Advisory: Buffer overflow in RSAREF2
BUGTRAQ:19991202 OpenBSD sslUSA26 advisory (Re: CORE-SDI: Buffer overflow in RSAREF2)
CERT:CA-99-15
XF:rsaref-bo
CVE-1999-0835
Denial of service in BIND named via malformed SIG records.
2000-01-04
2005-11-02
CVE-1999-0835
http://www.securityfocus.com/bid/788
BID:788
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt
CALDERA:CSSA-1999-034.1
CERT:CA-99-14
DEBIAN:19991116 Denial of service vulnerabilities in bind
REDHAT:RHSA-1999:054-01
SUSE:19991111 Security hole in bind8 < 8.2.2p2 and bind4 < 4.9.7-REL
XF:bind-sigrecord-dos
CVE-1999-0836
UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.
2000-06-02
2005-11-02
CVE-1999-0836
http://www.securityfocus.com/bid/842
BID:842
http://www.securityfocus.com/templates/archive.pike?list=1&msg=19991202160111.20553.qmail@nwcst282.netaddress.usa.net
BUGTRAQ:19991202 UnixWare 7 uidadmin exploit + discussion
ftp://ftp.sco.com/SSE/security_bulletins/SB-99.22a
SCO:SB-99.22a
XF:unixware-uid-admin
CVE-1999-0837
Denial of service in BIND by improperly closing TCP sessions via so_linger.
2000-01-04
2005-11-02
CVE-1999-0837
http://www.securityfocus.com/bid/788
BID:788
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt
CALDERA:CSSA-1999-034.1
CERT:CA-99-14
DEBIAN:19991116 Denial of service vulnerabilities in bind
REDHAT:RHSA-1999:054-01
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194
SUN:00194
SUSE:19991111 Security hole in bind8 < 8.2.2p2 and bind4 < 4.9.7-REL
XF:bind-solinger-dos
CVE-1999-0838
Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE command.
2000-06-02
2005-11-02
CVE-1999-0838
http://www.securityfocus.com/bid/859
BID:859
BUGTRAQ:19991202 Remote DoS Attack in Serv-U FTP-Server v2.5a Vulnerability
XF:servu-ftp-site-bo
CVE-1999-0839
Windows NT Task Scheduler installed with Internet Explorer 5 allows a user to gain privileges by modifying the job after it has been scheduled.
2000-01-04
2005-11-02
CVE-1999-0839
http://www.securityfocus.com/bid/828
BID:828
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-051
MS:MS99-051
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q246972
MSKB:Q246972
NTBUGTRAQ:19991130 Windows NT Task Scheduler vulnerability allows user to administrator elevation
XF:ie-task-scheduler-privs
CVE-1999-0840
Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option.
2000-02-04
2017-07-10
CVE-1999-0840
http://www.securityfocus.com/bid/832
BID:832
http://www.security-express.com/archives/bugtraq/1999-q4/0122.html
BUGTRAQ:19991129 Solaris7 dtmail/dtmailpr/mailtool Buffer Overflow
http://www.securiteam.com/exploits/3J5QQPPQ0O.html
MISC:http://www.securiteam.com/exploits/3J5QQPPQ0O.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/3579
XF:solaris-dtmail-overflow(3579)
https://exchange.xforce.ibmcloud.com/vulnerabilities/3580
XF:solaris-dtmailpr-overflow(3580)
CVE-1999-0841
Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type.
2000-02-04
2017-07-10
CVE-1999-0841
http://www.securityfocus.com/bid/832
BID:832
http://www.security-express.com/archives/bugtraq/1999-q4/0122.html
BUGTRAQ:19991129 Solaris7 dtmail/dtmailpr/mailtool Buffer Overflow
http://www.securiteam.com/exploits/3J5QQPPQ0O.html
MISC:http://www.securiteam.com/exploits/3J5QQPPQ0O.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/3732
XF:cde-mailtool-bo(3732)
CVE-1999-0842
Symantec Mail-Gear 1.0 web interface server allows remote users to read arbitrary files via a .. (dot dot) attack.
2000-06-02
2004-09-02
CVE-1999-0842
http://www.securityfocus.com/bid/827
BID:827
http://www.securityfocus.com/templates/archive.pike?list=1&msg=NCBBKFKDOLAGKIAPMILPCEAFCBAA.labs@ussrback.com
BUGTRAQ:19991129 Symantec Mail-Gear 1.0 Web interface Server Directory Traversal Vulnerability
NTBUGTRAQ:19991129 Symantec Mail-Gear 1.0 Web interface Server Directory Traversal Vulnerability
http://www.osvdb.org/1144
OSVDB:1144
XF:symantec-mail-dir-traversal
CVE-1999-0843
Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port.
2000-02-04
2022-08-17
CVE-1999-0843
BUGTRAQ:19991104 Cisco NAT DoS (VD#1)
BUGTRAQ:19991128 Re: Cisco NAT DoS (VD#1)
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0843
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0843
CVE-1999-0844
Denial of service in MDaemon WorldClient and WebConfig services via a long URL.
2000-02-04
2003-03-21
CVE-1999-0844
http://www.securityfocus.com/bid/820
BID:820
http://www.securityfocus.com/bid/823
BID:823
BUGTRAQ:19991130 Fwd: RE: Multiples Remotes DoS Attacks in MDaemon Server v2.8.5.0 Vulnerability
NTBUGTRAQ:19991124 Remote DoS Attack in WorldClient Server v2.0.0.0 Vulnerability
CVE-1999-0845
Buffer overflow in SCO su program allows local users to gain root access via a long username.
2000-02-04
2022-08-17
CVE-1999-0845
BUGTRAQ:19991126 [w00giving '99 #5 and w00news]: UnixWare 7's su
BUGTRAQ:19991128 SCO su patches
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0845
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0845
SCO:99.19
CVE-1999-0846
Denial of service in MDaemon 2.7 via a large number of connection attempts.
2000-02-04
2022-08-17
CVE-1999-0846
BUGTRAQ:19991129 MDaemon 2.7 J DoS
BUGTRAQ:19991130 Fwd: RE: Multiples Remotes DoS Attacks in MDaemon Server v2.8.5.0 Vulnerability
https://marc.info/?l=bugtraq&m=94398020817351&w=2
MISC:https://marc.info/?l=bugtraq&m=94398020817351&w=2
CVE-1999-0847
Buffer overflow in free internet chess server (FICS) program, xboard.
2000-01-18
2022-08-17
CVE-1999-0847
BUGTRAQ:19991129 FICS buffer overflow
https://marc.info/?l=bugtraq&m=94407791819019&w=2
MISC:https://marc.info/?l=bugtraq&m=94407791819019&w=2
XF:fics-board-bo
CVE-1999-0848
Denial of service in BIND named via consuming more than "fdmax" file descriptors.
2000-01-04
2005-11-02
CVE-1999-0848
http://www.securityfocus.com/bid/788
BID:788
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt
CALDERA:CSSA-1999-034.1
CERT:CA-99-14
DEBIAN:19991116 Denial of service vulnerabilities in bind
REDHAT:RHSA-1999:054-01
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194
SUN:00194
SUSE:19991111 Security hole in bind8 < 8.2.2p2 and bind4 < 4.9.7-REL
XF:bind-fdmax-dos
CVE-1999-0849
Denial of service in BIND named via maxdname.
2000-01-04
2005-11-02
CVE-1999-0849
http://www.securityfocus.com/bid/788
BID:788
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt
CALDERA:CSSA-1999-034.1
CERT:CA-99-14
DEBIAN:19991116 Denial of service vulnerabilities in bind
REDHAT:RHSA-1999:054-01
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194
SUN:00194
SUSE:19991111 Security hole in bind8 < 8.2.2p2 and bind4 < 4.9.7-REL
XF:bind-maxdname-bo
CVE-1999-0850
The default permissions for Endymion MailMan allow local users to read email or modify files.
2000-02-04
2003-05-08
CVE-1999-0850
http://www.securityfocus.com/bid/845
BID:845
BUGTRAQ:19991202 Insecure default permissions for MailMan Professional Edition, version 3.0.18
CVE-1999-0851
Denial of service in BIND named via naptr.
2000-01-04
2005-11-02
CVE-1999-0851
http://www.securityfocus.com/bid/788
BID:788
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt
CALDERA:CSSA-1999-034.1
CERT:CA-99-14
DEBIAN:19991116 Denial of service vulnerabilities in bind
REDHAT:RHSA-1999:054-01
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194
SUN:00194
SUSE:19991111 Security hole in bind8 < 8.2.2p2 and bind4 < 4.9.7-REL
XF:bind-naptr-dos
CVE-1999-0852
IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin.
2000-02-04
2003-05-08
CVE-1999-0852
http://www.securityfocus.com/bid/844
BID:844
BUGTRAQ:19991202 WebSphere protections from installation
CVE-1999-0853
Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure.
2000-01-18
2005-11-02
CVE-1999-0853
http://www.securityfocus.com/bid/847
BID:847
ISS:19991201 Buffer Overflow in Netscape Enterprise and FastTrack Authentication Procedure
XF:netscape-fasttrack-auth-bo
CVE-1999-0854
Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file.
2000-06-02
2005-11-02
CVE-1999-0854
BUGTRAQ:19991130 Ultimate Bulletin Board v5.3x? Bug
http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-02-22&msg=NDBBLKOPOLNKELHPDEFKIEPGCAAA.renzo.toma@veronica.nl
BUGTRAQ:20000225 FW: Important UBB News For Licensed Users
http://www.ultimatebb.com/home/versions.shtml
CONFIRM:http://www.ultimatebb.com/home/versions.shtml
XF:http-ultimate-bbs
CVE-1999-0855
Buffer overflow in FreeBSD gdc program.
2000-02-04
2003-03-21
CVE-1999-0855
http://www.securityfocus.com/bid/834
BID:834
BUGTRAQ:19991130 FreeBSD 3.3 gated-3.1.5 local exploit
CVE-1999-0856
login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist.
2000-06-02
2022-08-17
CVE-1999-0856
BUGTRAQ:19991202 Slackware 7.0 - login bug
https://marc.info/?l=bugtraq&m=94416739411280&w=2
MISC:https://marc.info/?l=bugtraq&m=94416739411280&w=2
XF:slackware-remote-login
CVE-1999-0857
FreeBSD gdc program allows local users to modify files via a symlink attack.
2000-02-04
2003-03-21
CVE-1999-0857
http://www.securityfocus.com/bid/835
BID:835
BUGTRAQ:19991130 FreeBSD 3.3 gated-3.1.5 local exploit
CVE-1999-0858
Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server.
2000-01-04
2005-11-02
CVE-1999-0858
http://www.securityfocus.com/bid/846
BID:846
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-054
MS:MS99-054
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q247333
MSKB:Q247333
XF:ie-wpad-proxy-settings
CVE-1999-0859
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
2000-06-02
2004-09-02
CVE-1999-0859
http://www.securityfocus.com/bid/837
BID:837
BUGTRAQ:19991130 Solaris 2.x chkperm/arp vulnerabilities
http://www.osvdb.org/6994
OSVDB:6994
SUNBUG:4296166
XF:sol-arp-parse
CVE-1999-0860
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.
2000-02-04
2003-05-08
CVE-1999-0860
http://www.securityfocus.com/bid/837
BID:837
BUGTRAQ:19991130 Solaris 2.x chkperm/arp vulnerabilities
CVE-1999-0861
Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.
2000-01-04
2005-11-02
CVE-1999-0861
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-053
MS:MS99-053
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q244613
MSKB:Q244613
XF:iis-ssl-isapi-filter
CVE-1999-0862
Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file.
2000-02-04
2022-08-17
CVE-1999-0862
BUGTRAQ:19991202 PostgreSQL RPM's permission problems
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0862
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0862
CVE-1999-0863
Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI.
2000-02-04
2022-08-17
CVE-1999-0863
BUGTRAQ:19970617 Seyon vulnerability - IRIX
BUGTRAQ:19991108 FreeBSD 3.3's seyon vulnerability
BUGTRAQ:19991130 Several FreeBSD-3.3 vulnerabilities
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0863
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0863
CVE-1999-0864
UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.
2000-06-02
2005-11-02
CVE-1999-0864
http://www.securityfocus.com/bid/851
BID:851
http://www.securityfocus.com/templates/archive.pike?list=1&msg=19991203020720.13115.qmail@nwcst289.netaddress.usa.net
BUGTRAQ:19991202 UnixWare coredumps follow symlinks
http://marc.info/?l=bugtraq&m=94530783815434&w=2
BUGTRAQ:19991215 Recent postings about SCO UnixWare 7
http://marc.info/?l=bugtraq&m=94581379905584&w=2
BUGTRAQ:19991220 SCO OpenServer Security Status
http://marc.info/?l=bugtraq&m=94606167110764&w=2
BUGTRAQ:19991223 FYI, SCO Security patches available.
XF:sco-coredump-symlink
CVE-1999-0865
Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port.
2000-06-02
2005-11-02
CVE-1999-0865
http://www.securityfocus.com/bid/860
BID:860
http://marc.info/?l=bugtraq&m=94426440413027&w=2
BUGTRAQ:19991203 CommuniGatePro 3.1 for NT DoS
http://marc.info/?l=ntbugtraq&m=94454565726775&w=2
NTBUGTRAQ:19991203 CommuniGatePro 3.1 for NT Buffer Overflow
XF:communigate-pro-bo
CVE-1999-0866
Buffer overflow in UnixWare xauto program allows local users to gain root privilege.
2000-06-02
2005-11-02
CVE-1999-0866
http://www.securityfocus.com/bid/848
BID:848
BUGTRAQ:19991203 UnixWare gain root with non-su/gid binaries
http://marc.info/?l=bugtraq&m=94530783815434&w=2
BUGTRAQ:19991215 Recent postings about SCO UnixWare 7
http://marc.info/?l=bugtraq&m=94581379905584&w=2
BUGTRAQ:19991220 SCO OpenServer Security Status
http://marc.info/?l=bugtraq&m=94606167110764&w=2
BUGTRAQ:19991223 FYI, SCO Security patches available.
ftp://ftp.sco.com/SSE/security_bulletins/SB-99.24a
SCO:SB-99.24a
XF:sco-xauto-bo
CVE-1999-0867
Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.
2000-01-04
2005-11-02
CVE-1999-0867
http://www.securityfocus.com/bid/579
BID:579
http://www.ciac.org/ciac/bulletins/j-058.shtml
CIAC:J-058
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-029
MS:MS99-029
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q238349
MSKB:Q238349
XF:http-iis-malformed-header
CVE-1999-0868
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
2000-01-04
2022-08-17
CVE-1999-0868
CERT:CA-97.08
https://www.cs.ait.ac.th/joomla3/index.php/security-advisories?CERT/CA97/msg00027.shtml
MISC:https://www.cs.ait.ac.th/joomla3/index.php/security-advisories?CERT/CA97/msg00027.shtml
XF:inn-ucbmail-shell-meta
CVE-1999-0869
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing.
2000-01-04
2005-11-02
CVE-1999-0869
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-020
MS:MS98-020
MSKB:167614
XF:http-frame-spoof
CVE-1999-0870
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.
2000-01-04
2005-11-02
CVE-1999-0870
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-015
MS:MS98-015
MSKB:169245
XF:ie-usp-cuartango
CVE-1999-0871
Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability.
2000-01-04
2006-08-17
CVE-1999-0871
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-013
MS:MS98-013
http://www.osvdb.org/7837
OSVDB:7837
https://exchange.xforce.ibmcloud.com/vulnerabilities/3668
XF:ie-crossframe-file-read(3668)
CVE-1999-0872
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
2000-02-04
2003-03-21
CVE-1999-0872
http://www.securityfocus.com/bid/611
BID:611
http://www.securityfocus.com/bid/759
BID:759
REDHAT:RHSA-1999:030-02
CVE-1999-0873
Buffer overflow in Skyfull mail server via MAIL FROM command.
2000-10-13
2005-11-02
CVE-1999-0873
http://www.securityfocus.com/bid/759
BID:759
XF:skyfull-mail-from-bo
CVE-1999-0874
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
2000-06-02
2004-09-02
CVE-1999-0874
CERT:CA-99-07
http://www.ciac.org/ciac/bulletins/j-048.shtml
CIAC:J-048
http://www.eeye.com/html/Research/Advisories/AD06081999.html
EEYE:AD06081999
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-019
MS:MS99-019
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q234905
MSKB:Q234905
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A915
OVAL:oval:org.mitre.oval:def:915
XF:iis-htr-overflow
CVE-1999-0875
DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.
2000-01-18
2005-11-02
CVE-1999-0875
http://www.securityfocus.com/bid/578
BID:578
L0PHT:19990811
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q216141
MSKB:Q216141
XF:irdp-gateway-spoof
CVE-1999-0876
Buffer overflow in Internet Explorer 4.0 via EMBED tag.
2000-01-04
2005-11-02
CVE-1999-0876
http://support.microsoft.com/support/kb/articles/q176/6/97.asp
MSKB:Q176697
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q185959
MSKB:Q185959
CVE-1999-0877
Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME.
2000-01-04
2005-11-02
CVE-1999-0877
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-042
MS:MS99-042
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q243638
MSKB:Q243638
XF:ie-iframe-exec
CVE-1999-0878
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.
2000-01-04
2007-10-16
CVE-1999-0878
AUSCERT:AA-1999.01
http://www.securityfocus.com/bid/599
BID:599
CERT:CA-99-13
COMPAQ:SSRT0622
REDHAT:RHSA1999031_01
XF:wu-ftpd-dir-name
CVE-1999-0879
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file.
2000-01-04
2022-08-17
CVE-1999-0879
CERT:CA-99-13
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0879
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0879
XF:wuftp-message-file-root
CVE-1999-0880
Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.
2000-01-04
2022-08-17
CVE-1999-0880
CERT:CA-99-13
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0880
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0880
XF:wuftp-site-newer-dos
CVE-1999-0881
Falcon web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
2000-01-18
2004-09-02
CVE-1999-0881
http://www.securityfocus.com/bid/743
BID:743
BINDVIEW:Falcon Web Server
BUGTRAQ:19991025 Falcon Web Server
http://www.osvdb.org/1127
OSVDB:1127
XF:falcon-path-parsing
CVE-1999-0882
Falcon web server allows remote attackers to determine the absolute path of the web root via long file names.
2000-02-04
2022-08-17
CVE-1999-0882
BINDVIEW:Falcon Web Server
BUGTRAQ:19991025 Falcon Web Server
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0882
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0882
CVE-1999-0883
Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine.
2000-01-04
2005-11-02
CVE-1999-0883
http://www.securityfocus.com/bid/742
BID:742
BUGTRAQ:19991024 RFP9905: Zeus webserver remote root compromise
http://www.osvdb.org/1126
OSVDB:1126
https://exchange.xforce.ibmcloud.com/vulnerabilities/3380
XF:zeus-remote-root(3380)
CVE-1999-0884
The Zeus web server administrative interface uses weak encryption for its passwords.
2000-01-04
2005-11-02
CVE-1999-0884
http://www.securityfocus.com/bid/742
BID:742
BUGTRAQ:19991024 RFP9905: Zeus webserver remote root compromise
http://www.osvdb.org/8186
OSVDB:8186
https://exchange.xforce.ibmcloud.com/vulnerabilities/3833
XF:zeus-weak-password(3833)
CVE-1999-0885
Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.
2000-02-04
2003-05-08
CVE-1999-0885
http://www.securityfocus.com/bid/770
BID:770
http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-11-01&msg=01BF261F.928821E0.kerb@fnusa.com
BUGTRAQ:19991103 More Alibaba Web Server problems...
XF:alibaba-url-file-manipulation
CVE-1999-0886
The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager.
2000-01-04
2005-11-02
CVE-1999-0886
http://www.securityfocus.com/bid/645
BID:645
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-041
MS:MS99-041
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q242294
MSKB:Q242294
XF:nt-rasman-pathname
CVE-1999-0887
FTGate web interface server allows remote attackers to read files via a .. (dot dot) attack.
2000-01-04
2004-09-02
CVE-1999-0887
BUGTRAQ:19991104 FTGate Version 2.1 Web interface Server Directory Traversal Vulnerability
http://www.eeye.com/html/Research/Advisories/AD05261999.html
EEYE:AD05261999
http://www.osvdb.org/1137
OSVDB:1137
CVE-1999-0888
dbsnmp in Oracle Intelligent Agent allows local users to gain privileges by setting the ORACLE_HOME environmental variable, which dbsnmp uses to find the nmiconf.tcl script.
2000-04-18
2005-11-02
CVE-1999-0888
http://www.securityfocus.com/bid/585
BID:585
BUGTRAQ:19990817 Security Bug in Oracle
XF:oracle-dbsnmp
CVE-1999-0889
Cisco 675 routers running CBOS allow remote attackers to establish telnet sessions if an exec or superuser password has not been set.
2000-04-25
2004-09-02
CVE-1999-0889
BUGTRAQ:19990810 Cisco 675 password nonsense
http://www.osvdb.org/39
OSVDB:39
XF:cisco-cbos-telnet
CVE-1999-0890
iHTML Merchant allows remote attackers to obtain sensitive information or execute commands via a code parsing error.
2000-03-22
2005-11-02
CVE-1999-0890
http://www.securityfocus.com/bid/694
BID:694
BUGTRAQ:19990928 Team Asylum: iHTML Merchant Vulnerabilities
http://www.ihtmlmerchant.com/support_patches_feedback.htm
CONFIRM:http://www.ihtmlmerchant.com/support_patches_feedback.htm
XF:ihtml-merchant-file-access
CVE-1999-0891
The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect.
2000-01-04
2006-08-17
CVE-1999-0891
http://www.securityfocus.com/bid/674
BID:674
http://www.kb.cert.org/vuls/id/37828
CERT-VN:VU#37828
http://www.ciac.org/ciac/bulletins/k-002.shtml
CIAC:K-002
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-040
MS:MS99-040
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q242542
MSKB:Q242542
http://www.osvdb.org/11274
OSVDB:11274
XF:ie-download-behavior
CVE-1999-0892
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.
2000-01-04
2022-08-17
CVE-1999-0892
BUGTRAQ:19991018 Netscape 4.x buffer overflow
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892
CVE-1999-0893
userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.
2000-03-22
2022-08-17
CVE-1999-0893
BUGTRAQ:19991011 SCO OpenServer 5.0.5 overwrite /etc/shadow
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0893
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0893
XF:sco-openserver-userosa-script
CVE-1999-0894
Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.
2000-01-04
2022-08-17
CVE-1999-0894
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0894
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0894
REDHAT:RHSA1999042-01
CVE-1999-0895
Firewall-1 does not properly restrict access to LDAP attributes.
2000-04-25
2004-09-02
CVE-1999-0895
http://www.securityfocus.com/bid/725
BID:725
http://www.securityfocus.com/templates/archive.pike?list=1&msg=19991020150002.21047.qmail@tarjan.mediaways.net
BUGTRAQ:19991020 Checkpoint FireWall-1 V4.0: possible bug in LDAP authentication
http://www.osvdb.org/1117
OSVDB:1117
XF:checkpoint-ldap-auth
CVE-1999-0896
Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password.
2000-03-22
2005-11-02
CVE-1999-0896
http://www.securityfocus.com/bid/767
BID:767
BUGTRAQ:19991109 RealNetworks RealServer G2 buffer overflow.
http://service.real.com/help/faq/servg260.html
MISC:http://service.real.com/help/faq/servg260.html
XF:realserver-g2-pw-bo
CVE-1999-0897
iChat ROOMS Webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.
2000-04-25
2005-11-02
CVE-1999-0897
http://marc.info/?l=bugtraq&m=90538488231977&w=2
BUGTRAQ:19980908 bug in iChat 3.0 (maybe others)
XF:ichat-file-read-vuln
CVE-1999-0898
Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request.
2000-01-18
2005-11-02
CVE-1999-0898
http://www.securityfocus.com/bid/768
BID:768
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-047
MS:MS99-047
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q243649
MSKB:Q243649
XF:nt-printer-spooler-bo
CVE-1999-0899
The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider.
2000-01-18
2005-11-02
CVE-1999-0899
http://www.securityfocus.com/bid/769
BID:769
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-047
MS:MS99-047
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q243649
MSKB:Q243649
XF:nt-printer-spooler-bo
CVE-1999-0900
Buffer overflow in rpc.yppasswdd allows a local user to gain privileges via MD5 hash generation.
2000-01-04
2022-08-17
CVE-1999-0900
DEBIAN:19991027 nis
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0900
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0900
REDHAT:RHSA1999046-01
SUSE:19991023 Security hole in ypserv < 1.3.9
CVE-1999-0901
ypserv allows a local user to modify the GECOS and login shells of other users.
2000-01-04
2022-08-17
CVE-1999-0901
DEBIAN:19991027 nis
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0901
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0901
REDHAT:RHSA1999046-01
SUSE:19991023 Security hole in ypserv < 1.3.9
CVE-1999-0902
ypserv allows local administrators to modify password tables.
2000-01-04
2022-08-17
CVE-1999-0902
DEBIAN:19991027 nis
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0902
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0902
REDHAT:RHSA1999046-01
SUSE:19991023 Security hole in ypserv < 1.3.9
CVE-1999-0903
genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767.
2000-04-18
2022-08-17
CVE-1999-0903
BUGTRAQ:19991025 IBM AIX Packet Filter module
BUGTRAQ:19991027 Re: IBM AIX Packet Filter module (followup)
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0903
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0903
XF:aix-genfilt-filtering
CVE-1999-0904
Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username.
2000-10-13
2005-11-02
CVE-1999-0904
http://www.securityfocus.com/bid/771
BID:771
BUGTRAQ:19991103 Remote DoS Attack in BFTelnet Server v1.1 for Windows NT
XF:bftelnet-username-dos
CVE-1999-0905
Denial of service in Axent Raptor firewall via malformed zero-length IP options.
2000-01-18
2004-09-02
CVE-1999-0905
http://www.securityfocus.com/bid/736
BID:736
BUGTRAQ:19991020 Remote DoS in Axent's Raptor 6.0
http://www.osvdb.org/1121
OSVDB:1121
XF:raptor-ipoptions-dos
CVE-1999-0906
Buffer overflow in sccw allows local users to gain root access via the HOME environmental variable.
2000-04-18
2005-11-02
CVE-1999-0906
http://www.securityfocus.com/bid/656
BID:656
BUGTRAQ:19990923 SuSE 6.2 sccw overflow exploit
SUSE:19990926 Security hole in sccw (Part II)
XF:linux-sccw-bo
CVE-1999-0907
sccw allows local users to read arbitrary files.
2000-01-04
2022-08-17
CVE-1999-0907
BUGTRAQ:19990916 SuSE 6.2 /usr/bin/sccw read any file
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0907
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0907
SUSE:19990921 Security Hole in sccw-1.1 and earlier
CVE-1999-0908
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.
2000-03-22
2005-11-02
CVE-1999-0908
http://www.securityfocus.com/bid/655
BID:655
BUGTRAQ:19990921 solaris DoS
XF:sun-tcp-mutex-enter-dos
CVE-1999-0909
Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability.
2000-01-04
2005-11-02
CVE-1999-0909
http://www.securityfocus.com/bid/646
BID:646
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-038
MS:MS99-038
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q238453
MSKB:Q238453
NAI:Windows IP Source Routing Vulnerability
XF:nt-ip-source-route
CVE-1999-0910
Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.
2000-02-04
2018-10-12
CVE-1999-0910
http://www.securityfocus.com/bid/625
BID:625
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-035
MS:MS99-035
CVE-1999-0911
Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.
2000-02-04
2005-03-08
CVE-1999-0911
http://www.securityfocus.com/bid/612
BID:612
BUGTRAQ:19990827 ProFTPD
BUGTRAQ:19990907 ProFTP-1.2.0pre4 buffer overflow -- once more
http://www.debian.org/security/1999/19990210
DEBIAN:19990210
FREEBSD:FreeBSD-SA-99:03
CVE-1999-0912
FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files.
2000-10-13
2004-09-02
CVE-1999-0912
http://www.securityfocus.com/bid/653
BID:653
BUGTRAQ:19990921 FreeBSD-specific denial of service
http://www.osvdb.org/1079
OSVDB:1079
XF:freebsd-vfscache-dos
CVE-1999-0913
dfire.cgi script in Dragon-Fire IDS allows remote users to execute commands via shell metacharacters.
2000-02-04
2016-10-17
CVE-1999-0913
http://www.securityfocus.com/bid/564
BID:564
http://marc.info/?l=bugtraq&m=93383593909438&w=2
BUGTRAQ:19990804 NSW Dragon Fire gets drowned
CVE-1999-0914
Buffer overflow in the FTP client in the Debian GNU/Linux netstd package.
2000-01-04
2005-11-02
CVE-1999-0914
http://www.securityfocus.com/bid/324
BID:324
BUGTRAQ:19990103 [SECURITY] New versions of netstd fixes buffer overflows
DEBIAN:19990104
CVE-1999-0915
URL Live! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
2000-01-04
2004-09-02
CVE-1999-0915
http://www.securityfocus.com/bid/746
BID:746
BUGTRAQ:19991028 URL Live! 1.0 WebServer
http://www.osvdb.org/1129
OSVDB:1129
CVE-1999-0916
WebTrends software stores account names and passwords in a file which does not have restricted access permissions.
2000-03-22
2022-08-17
CVE-1999-0916
ISS:19990629 Bad Permissions on Passwords Stored by WebTrends Software
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0916
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0916
CVE-1999-0917
The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files.
2000-01-04
2005-11-02
CVE-1999-0917
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-018
MS:MS99-018
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q231452
MSKB:Q231452
XF:legacy-activex-local-drive
CVE-1999-0918
Denial of service in various Windows systems via malformed, fragmented IGMP packets.
2000-01-04
2005-11-02
CVE-1999-0918
http://www.securityfocus.com/bid/514
BID:514
BUGTRAQ:19990703 IGMP fragmentation bug in Windows 98/2000
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-034
MS:MS99-034
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q238329
MSKB:Q238329
XF:igmp-dos
CVE-1999-0919
A memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections.
2000-02-04
2017-12-18
CVE-1999-0919
http://www.netspace.org/cgi-bin/wa?A2=ind9805B&L=bugtraq&P=R1621
BUGTRAQ:19980510 Security Vulnerability in Motorola CableRouters
https://exchange.xforce.ibmcloud.com/vulnerabilities/2004
XF:motorola-cable-crash(2004)
CVE-1999-0920
Buffer overflow in the pop-2d POP daemon in the IMAP package allows remote attackers to gain privileges via the FOLD command.
2000-03-22
2005-11-02
CVE-1999-0920
http://www.securityfocus.com/bid/283
BID:283
BUGTRAQ:19990526 Remote vulnerability in pop2d
DEBIAN:19990607a
XF:pop2-fold-bo
CVE-1999-0921
BMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service.
2002-03-09
2002-03-01
CVE-1999-0921
http://www.securityfocus.com/bid/1879
BID:1879
http://www.securityfocus.com/archive/1/13204
BUGTRAQ:19990409 Patrol security bugs
http://www.iss.net/security_center/static/4291.php
XF:bmc-patrol-udp-dos(4291)
CVE-1999-0922
An example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file.
2001-05-07
2005-11-02
CVE-1999-0922
http://www.allaire.com/handlers/index.cfm?ID=8739&Method=Full
ALLAIRE:ASB99-02
XF:coldfusion-sourcewindow
CVE-1999-0923
Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls.
2001-02-14
2005-11-02
CVE-1999-0923
http://www.allaire.com/handlers/index.cfm?ID=8739&Method=Full
ALLAIRE:ASB99-02
CVE-1999-0924
The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service.
2001-05-07
2004-09-02
CVE-1999-0924
http://www.allaire.com/handlers/index.cfm?ID=8739&Method=Full
ALLAIRE:ASB99-02
http://www.osvdb.org/3236
OSVDB:3236
https://exchange.xforce.ibmcloud.com/vulnerabilities/1742
XF:coldfusion-syntax-checker(1742)
CVE-1999-0925
UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers.
2000-02-04
2016-10-17
CVE-1999-0925
http://marc.info/?l=bugtraq&m=90486243124867&w=2
BUGTRAQ:19980903 Web servers / possible DOS Attack / mime header flooding
CVE-1999-0926
Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
2001-09-12
2002-01-10
CVE-1999-0926
http://archives.neohapsis.com/archives/bugtraq/1998_3/0742.html
BUGTRAQ:19990903 Web servers / possible DOS Attack / mime header flooding
CVE-1999-0927
NTMail allows remote attackers to read arbitrary files via a .. (dot dot) attack.
2000-10-13
2005-11-02
CVE-1999-0927
http://www.securityfocus.com/bid/279
BID:279
http://www.eeye.com/html/Research/Advisories/AD05261999.html
EEYE:AD05261999
XF:ntmail-fileread
CVE-1999-0928
Buffer overflow in SmartDesk WebSuite allows remote attackers to cause a denial of service via a long URL.
2000-10-13
2005-11-02
CVE-1999-0928
http://www.securityfocus.com/bid/278
BID:278
BUGTRAQ:19990525 Buffer overflow in SmartDesk WebSuite v2.1
XF:websuite-dos
CVE-1999-0929
Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.
2000-02-04
2022-08-17
CVE-1999-0929
BUGTRAQ:19990616 Novell NetWare webservers DoS
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0929
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0929
CVE-1999-0930
wwwboard allows a remote attacker to delete message board articles via a malformed argument.
2002-03-09
2002-03-01
CVE-1999-0930
http://www.securityfocus.com/bid/1795
BID:1795
BUGTRAQ:19980903 wwwboard.pl vulnerability
http://www.worldwidemart.com/scripts/faq/wwwboard/q5.shtml
CONFIRM:http://www.worldwidemart.com/scripts/faq/wwwboard/q5.shtml
https://exchange.xforce.ibmcloud.com/vulnerabilities/2344
XF:http-cgi-wwwboard(2344)
CVE-1999-0931
Buffer overflow in Mediahouse Statistics Server allows remote attackers to execute commands.
2000-03-22
2005-11-02
CVE-1999-0931
http://www.securityfocus.com/bid/734
BID:734
BUGTRAQ:19990930 Security flaw in Mediahouse Statistics Server v4.28 & 5.01
XF:mediahouse-stats-login-bo
CVE-1999-0932
Mediahouse Statistics Server allows remote attackers to read the administrator password, which is stored in cleartext in the ss.cfg file.
2000-10-13
2005-11-02
CVE-1999-0932
http://www.securityfocus.com/bid/735
BID:735
BUGTRAQ:19990930 Security flaw in Mediahouse Statistics Server v4.28 & 5.01
XF:mediahouse-stats-adminpw-cleartext
CVE-1999-0933
TeamTrack web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
2000-01-04
2004-09-02
CVE-1999-0933
http://www.securityfocus.com/bid/689
BID:689
BUGTRAQ:19991001 RFP9904: TeamTrack webserver vulnerability
http://www.osvdb.org/1096
OSVDB:1096
CVE-1999-0934
classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters.
2000-01-04
2005-11-02
CVE-1999-0934
http://www.securityfocus.com/bid/2020
BID:2020
EL8:19991215 Classifieds (classifieds.cgi)
https://exchange.xforce.ibmcloud.com/vulnerabilities/3102
XF:http-cgi-classifieds-read(3102)
CVE-1999-0935
classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form.
2000-01-04
2022-08-17
CVE-1999-0935
EL8:19991215 Classifieds (classifieds.cgi)
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0935
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0935
CVE-1999-0936
BNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters.
2000-01-04
2022-08-17
CVE-1999-0936
EL8:19981203 BNBSurvey (survey.cgi)
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0936
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0936
CVE-1999-0937
BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable.
2000-01-04
2022-08-17
CVE-1999-0937
EL8:19981203 BNBForm (bnbform.cgi)
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0937
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0937
CVE-1999-0938
MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages.
2000-01-04
2022-08-17
CVE-1999-0938
CERT:VN-99-03
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0938
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0938
XF:sdr-execute
CVE-1999-0939
Denial of service in Debian IRC Epic/epic4 client via a long string.
2000-01-04
2005-11-02
CVE-1999-0939
http://www.securityfocus.com/bid/605
BID:605
BUGTRAQ:19990826 [SECURITY] New versions of epic4 fixes possible DoS vulnerability
DEBIAN:19990826
CVE-1999-0940
Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages.
2000-01-04
2022-08-17
CVE-1999-0940
CALDERA:CSSA-1999-031
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0940
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0940
SUSE:19990927 Security hole in mutt
CVE-1999-0941
Mutt mail client allows a remote attacker to execute commands via shell metacharacters.
2000-02-04
2016-10-17
CVE-1999-0941
http://marc.info/?l=bugtraq&m=90221104526154&w=2
BUGTRAQ:19980728 mutt x.x
CVE-1999-0942
UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmental variable to find a script which it executes.
2000-10-13
2022-08-17
CVE-1999-0942
BUGTRAQ:19991005 SCO UnixWare 7.1 local root exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0942
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0942
XF:sco-unixware-dos7utils-root-privs
CVE-1999-0943
Buffer overflow in OpenLink 3.2 allows remote attackers to gain privileges via a long GET request to the web configurator.
2000-01-04
2005-11-02
CVE-1999-0943
http://www.securityfocus.com/bid/720
BID:720
BUGTRAQ:19991015 OpenLink 3.2 Advisory
CVE-1999-0944
IBM WebSphere ikeyman tool uses weak encryption to store a password for a key database that is used for SSL connections.
2000-02-04
2022-08-17
CVE-1999-0944
BUGTRAQ:19991024 password leak in IBM WebSphere / HTTP Server / ikeyman
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0944
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0944
CVE-1999-0945
Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands.
2001-05-07
2005-11-02
CVE-1999-0945
http://www.ciac.org/ciac/bulletins/i-080.shtml
CIAC:I-080
http://xforce.iss.net/alerts/advise4.php
ISS:19980724 Denial of Service attacks against Microsoft Exchange 5.0 to 5.5
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q169174
MSKB:Q169174
https://exchange.xforce.ibmcloud.com/vulnerabilities/1223
XF:exchange-dos(1223)
CVE-1999-0946
Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag.
2000-10-13
2005-11-02
CVE-1999-0946
http://www.securityfocus.com/bid/760
BID:760
http://marc.info/?l=bugtraq&m=94157187815629&w=2
BUGTRAQ:19991102 Some holes for Win/UNIX softwares
XF:yamaha-midiplug-embed
CVE-1999-0947
AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters.
2000-01-04
2005-11-02
CVE-1999-0947
http://www.securityfocus.com/bid/762
BID:762
http://marc.info/?l=bugtraq&m=94157187815629&w=2
BUGTRAQ:19991102 Some holes for Win/UNIX softwares
CVE-1999-0948
Buffer overflow in uum program for Canna input system allows local users to gain root privileges.
2000-02-04
2004-04-20
CVE-1999-0948
http://www.securityfocus.com/bid/757
BID:757
BUGTRAQ:19991102 Some holes for Win/UNIX softwares
CVE-1999-0949
Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.
2000-02-04
2003-10-15
CVE-1999-0949
http://www.securityfocus.com/bid/757
BID:757
BUGTRAQ:19991102 Some holes for Win/UNIX softwares
CVE-1999-0950
Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.
2000-04-25
2005-11-02
CVE-1999-0950
http://www.securityfocus.com/bid/747
BID:747
BUGTRAQ:19991027 WFTPD v2.40 FTPServer remotely exploitable buffer overflow vulnerability
XF:wftpd-mkd-bo
CVE-1999-0951
Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote attackers to execute commands.
2000-01-04
2004-09-02
CVE-1999-0951
http://www.securityfocus.com/bid/739
BID:739
BUGTRAQ:19991022 Imagemap CGI overflow exploit
http://www.osvdb.org/3380
OSVDB:3380
XF:http-cgi-imagemap-bo
CVE-1999-0952
Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.
2000-02-04
2016-10-17
CVE-1999-0952
http://marc.info/?l=bugtraq&m=91759216618637&w=2
BUGTRAQ:19990126 Buffer overflow in Solaris 2.6/2.7 /usr/bin/lpstat
CVE-1999-0953
WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers.
2000-01-04
2022-08-17
CVE-1999-0953
BUGTRAQ:19980903 wwwboard.pl vulnerability
BUGTRAQ:19990916 More fun with WWWBoard
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0953
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0953
CVE-1999-0954
WWWBoard has a default username and default password.
2000-10-13
2005-11-02
CVE-1999-0954
http://www.securityfocus.com/bid/649
BID:649
BUGTRAQ:19990916 More fun with WWWBoard
CVE-1999-0955
Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command.
2000-01-18
2022-08-17
CVE-1999-0955
CERT:CA-94.08
CIAC:E-17
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0955
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0955
XF:ftp-exec
CVE-1999-0956
The NeXT NetInfo _writers property allows local users to gain root privileges or conduct a denial of service.
2000-01-04
2022-08-17
CVE-1999-0956
CERT:CA-93.02a
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0956
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0956
XF:next-netinfo
CVE-1999-0957
MajorCool mj_key_cache program allows local users to modify files via a symlink attack.
2000-04-25
2022-08-17
CVE-1999-0957
BUGTRAQ:19970618 Security hole in MajorCool 1.0.3
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0957
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0957
XF:majorcool-file-overwrite-vuln
CVE-1999-0958
sudo 1.5.x allows local users to execute arbitrary commands via a .. (dot dot) attack.
2000-04-18
2005-11-02
CVE-1999-0958
http://marc.info/?l=bugtraq&m=88465708614896&w=2
BUGTRAQ:19980112 Re: hole in sudo for MP-RAS.
XF:sudo-dot-dot-attack
CVE-1999-0959
IRIX startmidi program allows local users to modify arbitrary files via a symlink attack.
2000-07-12
2005-11-02
CVE-1999-0959
AUSCERT:AA-97-05
http://www.securityfocus.com/bid/469
BID:469
BUGTRAQ:19970209 IRIX: Bug in startmidi
http://www.osvdb.org/8447
OSVDB:8447
ftp://patches.sgi.com/support/free/security/advisories/19980301-01-PX
SGI:19980301-01-PX
https://exchange.xforce.ibmcloud.com/vulnerabilities/1634
XF:irix-startmidi-file-creation(1634)
CVE-1999-0960
IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option.
2000-01-04
2005-11-02
CVE-1999-0960
AUSCERT:AA-96.11
ftp://patches.sgi.com/support/free/security/advisories/19980301-01-PX
SGI:19980301-01-PX
XF:irix-cdplayer-directory-create
CVE-1999-0961
HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation.
2000-04-18
2005-11-02
CVE-1999-0961
http://marc.info/?l=bugtraq&m=87602167419906&w=2
BUGTRAQ:19960921 Vunerability in HP sysdiag ?
CIAC:H-03
XF:hp-sysdiag-symlink
CVE-1999-0962
Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option.
2000-01-04
2004-09-02
CVE-1999-0962
AUSCERT:AA-96.13
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9701-045
HP:HPSBUX9701-045
http://www.osvdb.org/6415
OSVDB:6415
XF:hp-password-cmd-bo
CVE-1999-0963
FreeBSD mount_union command allows local users to gain root privileges via a symlink attack.
2000-01-04
2004-09-02
CVE-1999-0963
BUGTRAQ:19960517 BoS: SECURITY BUG in FreeBSD
CERT:VB-96.06
http://www.osvdb.org/6088
OSVDB:6088
XF:freebsd-mount-union-root
CVE-1999-0964
Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code via a long PATH_LOCALE environment variable.
2000-03-22
2004-09-02
CVE-1999-0964
FREEBSD:FreeBSD-SA-97:01
http://www.osvdb.org/6086
OSVDB:6086
XF:freebsd-setlocale-bo
CVE-1999-0965
Race condition in xterm allows local users to modify arbitrary files via the logging option.
2000-01-04
2022-08-17
CVE-1999-0965
CERT:CA-93.17
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0965
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0965
XF:xterm
CVE-1999-0966
Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0].
2000-03-22
2022-08-17
CVE-1999-0966
L0PHT:19970127 Solaris libc - getopt(3)
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0966
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0966
CVE-1999-0967
Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.
2000-01-04
2022-08-17
CVE-1999-0967
L0PHT:19971101 Microsoft Internet Explorer 4.0 Suite
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0967
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0967
CVE-1999-0968
Buffer overflow in BNC IRC proxy allows remote attackers to gain privileges.
2002-03-09
2002-03-01
CVE-1999-0968
http://www.securityfocus.com/bid/1927
BID:1927
http://www.securityfocus.com/archive/1/11711
BUGTRAQ:19981226 bnc exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/1546
XF:bnc-proxy-bo(1546)
CVE-1999-0969
The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork.
2000-01-04
2005-11-02
CVE-1999-0969
ISS:19980929 "Snork" Denial of Service Attack Against Windows NT RPC Service
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-014
MS:MS98-014
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q193233
MSKB:Q193233
NTBUGTRAQ:19980929 ISS Security Advisory: Snork
XF:snork-dos
CVE-1999-0970
The OmniHTTPD visadmin.exe program allows a remote attacker to conduct a denial of service via a malformed URL which causes a large number of temporary files to be created.
2000-02-04
2017-12-18
CVE-1999-0970
http://www.securityfocus.com/bid/1808
BID:1808
http://www.securityfocus.com/archive/1/14311
BUGTRAQ:19990605 Remote Exploit (Bug) in OmniHTTPd Web Server
https://exchange.xforce.ibmcloud.com/vulnerabilities/2271
XF:omnihttpd-dos(2271)
CVE-1999-0971
Buffer overflow in Exim allows local users to gain root privileges via a long :include: option in a .forward file.
2000-10-13
2005-11-02
CVE-1999-0971
http://www.securityfocus.com/archive/1/7301
BUGTRAQ:19970722 Security hole in exim 1.62: local root exploit
XF:exim-include-overflow
CVE-1999-0972
Buffer overflow in Xshipwars xsw program.
2000-01-04
2005-11-02
CVE-1999-0972
http://www.securityfocus.com/bid/863
BID:863
BUGTRAQ:19991209 xsw 1.24 remote buffer overflow
CVE-1999-0973
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.
2000-01-04
2005-11-02
CVE-1999-0973
http://www.securityfocus.com/bid/858
BID:858
BUGTRAQ:19991206 [w00giving #8] Solaris 2.7's snoop
BUGTRAQ:19991209 Clarification needed on the snoop vuln(s) (fwd)
CVE-1999-0974
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.
2000-01-04
2005-11-02
CVE-1999-0974
http://www.securityfocus.com/bid/864
BID:864
BUGTRAQ:19991209 Clarification needed on the snoop vuln(s) (fwd)
ISS:19991209 Buffer Overflow in Solaris Snoop
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/190
SUN:00190
CVE-1999-0975
The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed.
2000-01-04
2005-11-02
CVE-1999-0975
http://www.securityfocus.com/bid/868
BID:868
BUGTRAQ:19991207 Local user can fool another to run executable. .CNT/.GID/.HLP M$WINNT
CVE-1999-0976
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail.
2000-06-02
2005-11-02
CVE-1999-0976
http://www.securityfocus.com/bid/857
BID:857
BUGTRAQ:19991207 [Debian] New version of sendmail released
OPENBSD:19991204
XF:sendmail-bi-alias
CVE-1999-0977
Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.
2000-01-04
2004-09-02
CVE-1999-0977
http://www.securityfocus.com/bid/2354
BID:2354
http://www.securityfocus.com/bid/866
BID:866
BUGTRAQ:19991210 Re: Solaris sadmind Buffer Overflow Vulnerability
BUGTRAQ:19991210 Solaris sadmind Buffer Overflow Vulnerability
CERT:CA-99-16
http://www.osvdb.org/2558
OSVDB:2558
SF-INCIDENTS:19991209 sadmind
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/191
SUN:00191
XF:sol-sadmind-amslverify-bo
CVE-1999-0978
htdig allows remote attackers to execute commands via filenames with shell metacharacters.
2000-01-04
2005-11-02
CVE-1999-0978
http://www.securityfocus.com/bid/867
BID:867
DEBIAN:19991209
CVE-1999-0979
The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed.
2000-01-04
2005-11-02
CVE-1999-0979
http://www.securityfocus.com/bid/869
BID:869
BUGTRAQ:19991209 Fundamental flaw in UnixWare 7 security
http://marc.info/?l=bugtraq&m=94530783815434&w=2
BUGTRAQ:19991215 Recent postings about SCO UnixWare 7
CVE-1999-0980
Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request.
2000-01-04
2005-11-02
CVE-1999-0980
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-055
MS:MS99-055
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q246045
MSKB:Q246045
CVE-1999-0981
Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect."
2000-01-04
2005-11-02
CVE-1999-0981
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-050
MS:MS99-050
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q246094
MSKB:Q246094
CVE-1999-0982
The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file.
2000-01-04
2022-08-17
CVE-1999-0982
BUGTRAQ:19991206 Solaris WBEM 1.0: plaintext password stored in world readable file
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0982
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0982
CVE-1999-0983
Whois Internic Lookup program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry.
2000-02-04
2022-08-17
CVE-1999-0983
BUGTRAQ:19991109 Whois.cgi - ADVISORY.
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0983
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0983
CVE-1999-0984
Matt's Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry.
2000-02-04
2022-08-17
CVE-1999-0984
BUGTRAQ:19991109 Whois.cgi - ADVISORY.
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0984
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0984
CVE-1999-0985
CC Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry.
2000-02-04
2022-08-17
CVE-1999-0985
BUGTRAQ:19991109 Whois.cgi - ADVISORY.
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0985
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0985
CVE-1999-0986
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
2000-01-04
2005-11-02
CVE-1999-0986
http://www.securityfocus.com/bid/870
BID:870
BUGTRAQ:19991209 Big problem on 2.0.x?
CVE-1999-0987
Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name.
2000-01-04
2005-11-02
CVE-1999-0987
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q237923
MSKB:Q237923
NTBUGTRAQ:19991118 NT System Policy for Win95 Not downloaded when adding a space after domain name
CVE-1999-0988
UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.
2000-02-04
2022-08-17
CVE-1999-0988
BUGTRAQ:19991204 UnixWare pkg* command exploits
BUGTRAQ:19991215 Recent postings about SCO UnixWare 7
BUGTRAQ:19991220 SCO OpenServer Security Status
BUGTRAQ:19991223 FYI, SCO Security patches available.
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0988
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0988
CVE-1999-0989
Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol.
2000-01-04
2005-11-02
CVE-1999-0989
http://www.securityfocus.com/bid/861
BID:861
BUGTRAQ:19991205 new IE5 remote exploit
NTBUGTRAQ:19991205 new IE5 remote exploit
CVE-1999-0990
Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system.
2000-02-04
2022-08-17
CVE-1999-0990
BUGTRAQ:19991205 gdm thing
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0990
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0990
CVE-1999-0991
Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name.
2000-01-04
2005-11-02
CVE-1999-0991
http://www.securityfocus.com/bid/862
BID:862
BUGTRAQ:19991206 Remote DoS Attack in GoodTech Telnet Server NT v2.2.1 Vulnerability
NTBUGTRAQ:19991206 Remote DoS Attack in GoodTech Telnet Server NT v2.2.1 Vulnerability
CVE-1999-0992
HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP).
2000-01-18
2005-11-02
CVE-1999-0992
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9912-107
HP:HPSBUX9912-107
CVE-1999-0993
Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed.
2000-02-04
2022-08-17
CVE-1999-0993
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0993
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0993
NTBUGTRAQ:19991213 Changing ACL's in Exchange Server
CVE-1999-0994
Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords.
2000-01-18
2005-11-02
CVE-1999-0994
http://www.securityfocus.com/bid/873
BID:873
BINDVIEW:19991216 Windows NT's SYSKEY feature
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-056
MS:MS99-056
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q248183
MSKB:Q248183
CVE-1999-0995
Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request."
2000-01-18
2005-11-02
CVE-1999-0995
http://www.securityfocus.com/bid/875
BID:875
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-057
MS:MS99-057
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q248185
MSKB:Q248185
NAI:19991216 Windows NT LSA Remote Denial of Service
CVE-1999-0996
Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request.
2000-03-22
2008-03-03
CVE-1999-0996
BUGTRAQ:19991216 Infoseek Ultraseek Remote Buffer Overflow
http://www.eeye.com/html/Research/Advisories/AD19991215.html
EEYE:AD19991215
NTBUGTRAQ:19991216 Infoseek Ultraseek Remote Buffer Overflow
http://www.osvdb.org/6490
OSVDB:6490
XF:infoseek-ultraseek-bo
CVE-1999-0997
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
2000-04-25
2004-09-02
CVE-1999-0997
BUGTRAQ:19991220 Security vulnerability in certain wu-ftpd (and derivitives) configurations (fwd)
http://www.debian.org/security/2003/dsa-377
DEBIAN:DSA-377
XF:wuftp-ftp-conversion
CVE-1999-0998
Cisco Cache Engine allows an attacker to replace content in the cache.
2000-03-22
2022-08-17
CVE-1999-0998
BUGTRAQ:19991216 Cisco Security Advisory: Cisco Cache Engine Authentication Vulnerabilities
CISCO:19991216 Cisco Cache Engine Authentication Vulnerabilities
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0998
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0998
XF:cisco-cache-engine-replace
CVE-1999-0999
Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.
2000-01-18
2005-11-02
CVE-1999-0999
http://www.securityfocus.com/bid/817
BID:817
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-059
MS:MS99-059
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q248749
MSKB:Q248749
CVE-1999-1000
The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics.
2000-03-22
2022-08-17
CVE-1999-1000
BUGTRAQ:19991216 Cisco Security Advisory: Cisco Cache Engine Authentication Vulnerabilities
CISCO:19991216 Cisco Cache Engine Authentication Vulnerabilities
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-1000
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-1000
XF:cisco-cache-engine-performance
CVE-1999-1001
Cisco Cache Engine allows a remote attacker to gain access via a null username and password.
2000-01-18
2022-08-17
CVE-1999-1001
BUGTRAQ:19991216 Cisco Security Advisory: Cisco Cache Engine Authentication Vulnerabilities
CISCO:19991216 Cisco Cache Engine Authentication Vulnerabilities
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-1001
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-1001
CVE-1999-1002
Netscape Navigator uses weak encryption for storing a user's Netscape mail password.
2000-02-04
2016-10-17
CVE-1999-1002
http://marc.info/?l=bugtraq&m=94536309217214&w=2
BUGTRAQ:19991216 Reinventing the wheel (aka "Decoding Netscape Mail passwords")
http://marc.info/?l=bugtraq&m=94570673523998&w=2
BUGTRAQ:19991220 Netscape password scrambling
http://www.rstcorp.com/news/bad-crypto.html
MISC:http://www.rstcorp.com/news/bad-crypto.html
CVE-1999-1003
War FTP Daemon 1.70 allows remote attackers to cause a denial of service by flooding it with connections.
2000-02-04
2022-08-17
CVE-1999-1003
BUGTRAQ:19991214 Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability
BUGTRAQ:19991216 Statement: Local / Remote D.o.S Attack in War FTP Daemon 1.70
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-1003
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-1003
CVE-1999-1004
Buffer overflow in the POP server POProxy for the Norton Anti-Virus protection NAV2000 program via a large USER command.
2000-10-13
2004-09-02
CVE-1999-1004
http://www.securityfocus.com/archive/1/38970
BUGTRAQ:19991217 NAV2000 Email Protection DoS
http://www.securityfocus.com/archive/1/39194
BUGTRAQ:19991220 Norton Email Protection Remote Overflow (Addendum)
http://service1.symantec.com/SUPPORT/nav.nsf/df0a595864594c86852567ac0063608c/6206f660a1f2516a882568660082c930?OpenDocument&Highlight=0,poproxy
CONFIRM:http://service1.symantec.com/SUPPORT/nav.nsf/df0a595864594c86852567ac0063608c/6206f660a1f2516a882568660082c930?OpenDocument&Highlight=0,poproxy
http://www.osvdb.org/6267
OSVDB:6267
CVE-1999-1005
Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter.
2000-04-25
2004-09-02
CVE-1999-1005
http://www.securityfocus.com/bid/879
BID:879
http://marc.info/?l=bugtraq&m=94571433731824&w=2
BUGTRAQ:19991219 Groupewise Web Interface
http://www.osvdb.org/3413
OSVDB:3413
XF:groupwise-web-read-files
CVE-1999-1006
Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter.
2000-02-04
2016-10-17
CVE-1999-1006
http://marc.info/?l=bugtraq&m=94571433731824&w=2
BUGTRAQ:19991219 Groupewise Web Interface
CVE-1999-1007
Buffer overflow in VDO Live Player allows remote attackers to execute commands on the VDO client via a malformed .vdo file.
2000-04-25
2005-11-02
CVE-1999-1007
http://www.securityfocus.com/bid/872
BID:872
http://marc.info/?l=bugtraq&m=94512259331599&w=2
BUGTRAQ:19991213 VDO Live Player 3.02 Buffer Overflow
XF:vdolive-bo-execute
CVE-1999-1008
xsoldier program allows local users to gain root access via a long argument.
2000-04-18
2005-11-02
CVE-1999-1008
http://www.securityfocus.com/bid/871
BID:871
BUGTRAQ:19991215 FreeBSD 3.3 xsoldier root exploit
http://marc.info/?l=freebsd-security&m=94531826621620&w=2
MISC:http://marc.info/?l=freebsd-security&m=94531826621620&w=2
XF:unix-xsoldier-overflow
CVE-1999-1009
The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system.
2000-02-04
2022-08-17
CVE-1999-1009
BUGTRAQ:19991213 Privacy hole in Go Express Search
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-1009
MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-1009
CVE-1999-1010
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
2000-04-25
2005-11-02
CVE-1999-1010
http://marc.info/?l=bugtraq&m=94519142415338&w=2
BUGTRAQ:19991214 sshd1 allows unencrypted sessions regardless of server policy
XF:ssh-policy-bypass
CVE-1999-1011
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.
2000-06-02
2004-09-02
CVE-1999-1011
https://www.securityfocus.com/bid/529
BID:529
http://www.ciac.org/ciac/bulletins/j-054.shtml
CIAC:J-054
ISS:19990809 Vulnerabilities in Microsoft Remote Data Service
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-004
MS:MS98-004
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-025
MS:MS99-025
http://www.osvdb.org/272
OSVDB:272
XF:nt-iis-rds
CVE-1999-1012
SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string.
2001-09-12
2002-03-22
CVE-1999-1012
http://www.securityfocus.com/bid/173
BID:173
http://www.securityfocus.com/archive/1/13527
BUGTRAQ:19990504 AS/400
CVE-1999-1013
named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via the -f parameter and a malformed zone file.
2001-09-12
2016-10-17
CVE-1999-1013
http://www.securityfocus.com/bid/673
BID:673
http://marc.info/?l=bugtraq&m=93837026726954&w=2
BUGTRAQ:19990923 named-xfer hole on AIX (fwd)
CVE-1999-1014
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.
2002-03-09
2002-02-16
CVE-1999-1014
http://www.securityfocus.com/bid/672
BID:672
http://marc.info/?l=bugtraq&m=93727925026476&w=2
BUGTRAQ:19990913 Solaris 2.7 /usr/bin/mail
http://marc.info/?l=bugtraq&m=93846422810162&w=2
BUGTRAQ:19990927 Working Solaris x86 /usr/bin/mail exploit
SUNBUG:4276509
https://exchange.xforce.ibmcloud.com/vulnerabilities/3297
XF:sun-usrbinmail-local-bo(3297)
CVE-1999-1015
Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command.
2001-09-12
2016-10-17
CVE-1999-1015
http://www.securityfocus.com/bid/61
BID:61
http://marc.info/?l=bugtraq&m=89200657216213&w=2
BUGTRAQ:19980408 AppleShare IP Mail Server
CVE-1999-1016
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.
2001-09-12
2016-10-17
CVE-1999-1016
http://www.securityfocus.com/bid/606
BID:606
http://marc.info/?l=ntbugtraq&m=93578772920970&w=2
NTBUGTRAQ:19990827 HTML code to crash IE5 and Outlook Express 5
CVE-1999-1017
Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message.
2001-09-12
2016-10-17
CVE-1999-1017
http://www.securityfocus.com/bid/544
BID:544
http://marc.info/?l=ntbugtraq&m=93316253431588&w=2
NTBUGTRAQ:19990728 Seattle Labs EMURL Vulnerability
CVE-1999-1018
IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets.
2001-09-12
2016-10-17
CVE-1999-1018
http://www.securityfocus.com/bid/543
BID:543
http://marc.info/?l=bugtraq&m=93312523904591&w=2
BUGTRAQ:19990727 Linux 2.2.10 ipchains Advisory
CVE-1999-1019
SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable (processd) with a Trojan horse, facilitating a root or Administrator compromise.
2002-03-09
2002-03-01
CVE-1999-1019
http://www.securityfocus.com/bid/495
BID:495
http://marc.info/?l=bugtraq&m=93024398713491&w=2
BUGTRAQ:19990623 Cabletron Spectrum security vulnerability
http://marc.info/?l=bugtraq&m=93024398513475&w=2
BUGTRAQ:19990624 Re: Cabletron Spectrum security vulnerability
CVE-1999-1020
The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE.
2001-09-12
2017-12-18
CVE-1999-1020
http://www.securityfocus.com/bid/484
BID:484
http://marc.info/?l=bugtraq&m=90613355902262&w=2
BUGTRAQ:19980918 NMRC Advisory - Default NDS Rights
https://exchange.xforce.ibmcloud.com/vulnerabilities/1364
XF:novell-nds(1364)
CVE-1999-1021
NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade.
2002-03-09
2002-02-16
CVE-1999-1021
http://www.securityfocus.com/bid/47
BID:47
http://www.cert.org/advisories/CA-1992-15.html
CERT:CA-1992-15
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/117&type=0&nav=sec.sba
SUN:00117
https://exchange.xforce.ibmcloud.com/vulnerabilities/82
XF:nfs-uid(82)
CVE-1999-1022
serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.
2001-09-12
2017-12-18
CVE-1999-1022
http://www.securityfocus.com/bid/464
BID:464
http://www.securityfocus.com/archive/1/930
BUGTRAQ:19941002
https://exchange.xforce.ibmcloud.com/vulnerabilities/2111
XF:sgi-serialports(2111)
CVE-1999-1023
useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired.
2001-09-12
2016-10-17
CVE-1999-1023
http://www.securityfocus.com/bid/426
BID:426
http://marc.info/?l=bugtraq&m=92904175406756&w=2
BUGTRAQ:19990610 Sun Useradd program expiration date bug
CVE-1999-1024
ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a denial of service via a packet with a zero length header, which causes an infinite loop and core dump when tcpdump prints the packet.
2001-09-12
2016-10-17
CVE-1999-1024
http://www.securityfocus.com/bid/313
BID:313
http://marc.info/?l=bugtraq&m=92955903802773&w=2
BUGTRAQ:19990616 tcpdump 3.4 bug?
http://marc.info/?l=bugtraq&m=92963447601748&w=2
BUGTRAQ:19990617 Re: tcpdump 3.4 bug?
http://marc.info/?l=bugtraq&m=92989907627051&w=2
BUGTRAQ:19990620 Re: tcpdump 3.4 bug? (final)
CVE-1999-1025
CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.
2001-09-12
2016-10-17
CVE-1999-1025
http://www.securityfocus.com/bid/294
BID:294
http://marc.info/?l=bugtraq&m=90831127921062&w=2
BUGTRAQ:19981012 Annoying Solaris/CDE/NIS+ bug
http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fpatches%2F106027&zone_32=411568%2A%20
SUNBUG:4115685
CVE-1999-1026
aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file.
2001-09-12
2016-10-17
CVE-1999-1026
http://www.securityfocus.com/bid/292
BID:292
http://marc.info/?l=bugtraq&m=87602167420343&w=2
BUGTRAQ:19961220 Solaris 2.5 x86 aspppd (semi-exploitable-hole)
CVE-1999-1027
Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program.
2002-03-09
2002-02-16
CVE-1999-1027
http://www.securityfocus.com/bid/290
BID:290
http://marc.info/?l=bugtraq&m=90221101925880&w=2
BUGTRAQ:19980507 admintool mode 0777 in Solaris 2.6 HW3/98
SUNBUG:4178998
https://exchange.xforce.ibmcloud.com/vulnerabilities/7296
XF:solaris-admintool-world-writable(7296)
CVE-1999-1028
Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631.
2002-03-09
2002-02-16
CVE-1999-1028
http://www.securityfocus.com/bid/288
BID:288
http://marc.info/?l=ntbugtraq&m=92807524225090&w=2
NTBUGTRAQ:19990528 DoS against PC Anywhere
http://www.iss.net/security_center/static/2256.php
XF:pcanywhere-dos(2256)
CVE-1999-1029
SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs.
2001-09-12
2017-12-18
CVE-1999-1029
http://www.securityfocus.com/bid/277
BID:277
http://marc.info/?l=bugtraq&m=92663402004280&w=2
BUGTRAQ:19990513 - J.J.F. / Hackers Team warns for SSHD 2.x brute force password hacking
https://exchange.xforce.ibmcloud.com/vulnerabilities/2193
XF:ssh2-bruteforce(2193)
CVE-1999-1030
counter.exe 2.70 allows a remote attacker to cause a denial of service (hang) via an HTTP request that ends in %0A (newline), which causes a malformed entry in the counter log that produces an access violation.
2001-09-12
2016-10-17
CVE-1999-1030
http://www.securityfocus.com/bid/267
BID:267
http://marc.info/?l=bugtraq&m=92713790426690&w=2
BUGTRAQ:19990519 Denial of Service in Counter.exe version 2.70
http://marc.info/?l=ntbugtraq&m=92707671717292&w=2
NTBUGTRAQ:19990519 Denial of Service in Counter.exe version 2.70
CVE-1999-1031
counter.exe 2.70 allows a remote attacker to cause a denial of service (hang) via a long argument.
2001-09-12
2016-10-17
CVE-1999-1031
http://www.securityfocus.com/bid/267
BID:267
http://marc.info/?l=bugtraq&m=92713790426690&w=2
BUGTRAQ:19990519 Denial of Service in Counter.exe version 2.70
http://marc.info/?l=ntbugtraq&m=92707671717292&w=2
NTBUGTRAQ:19990519 Denial of Service in Counter.exe version 2.70
CVE-1999-1032
Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges.
2002-03-09
2002-02-20
CVE-1999-1032
http://www.securityfocus.com/bid/26
BID:26
http://www.cert.org/advisories/CA-1991-11.html
CERT:CA-1991-11
http://ciac.llnl.gov/ciac/bulletins/b-36.shtml
CIAC:B-36
https://exchange.xforce.ibmcloud.com/vulnerabilities/584
XF:ultrix-telnet(584)
CVE-1999-1033
Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.
2001-09-12
2016-10-17
CVE-1999-1033
http://www.securityfocus.com/bid/252
BID:252
http://marc.info/?l=bugtraq&m=92647407427342&w=2
BUGTRAQ:19990511 Outlook Express Win98 bug
http://marc.info/?l=bugtraq&m=92663402004275&w=2
BUGTRAQ:19990512 Outlook Express Win98 bug, addition.
CVE-1999-1034
Vulnerability in login in AT&T System V Release 4 allows local users to gain privileges.
2002-03-09
2002-02-20
CVE-1999-1034
http://www.securityfocus.com/bid/23
BID:23
http://www.cert.org/advisories/CA-1991-08.html
CERT:CA-1991-08
http://www.ciac.org/ciac/bulletins/b-28.shtml
CIAC:B-28
https://exchange.xforce.ibmcloud.com/vulnerabilities/583
XF:sysv-login(583)
CVE-1999-1035
IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability.
2002-03-09
2002-02-20
CVE-1999-1035
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-019
MS:MS98-019
http://support.microsoft.com/support/kb/articles/q192/2/96.asp
MSKB:Q192296
https://exchange.xforce.ibmcloud.com/vulnerabilities/1823
XF:iis-get-dos(1823)
CVE-1999-1036
COPS 1.04 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files in (1) res_diff, (2) ca.src, and (3) mail.chk.
2001-09-12
2016-10-17
CVE-1999-1036
http://marc.info/?l=bugtraq&m=90221103125976&w=2
BUGTRAQ:19980626 vulnerability in satan, cops & tiger
CVE-1999-1037
rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rex.$$ file.
2002-03-09
2002-02-20
CVE-1999-1037
http://marc.info/?l=bugtraq&m=90221103125976&w=2
BUGTRAQ:19980626 vulnerability in satan, cops & tiger
http://marc.info/?l=bugtraq&m=90221103125986&w=2
BUGTRAQ:19980627 Re: vulnerability in satan, cops & tiger
http://www.osvdb.org/3147
OSVDB:3147
http://www.iss.net/security_center/static/7167.php
XF:satan-rexsatan-symlink(7167)
CVE-1999-1038
Tiger 2.2.3 allows local users to overwrite arbitrary files via a symlink attack on various temporary files in Tiger's default working directory, as defined by the WORKDIR variable.
2001-09-12
2016-10-17
CVE-1999-1038
http://marc.info/?l=bugtraq&m=90221103125976&w=2
BUGTRAQ:19980626 vulnerability in satan, cops & tiger
CVE-1999-1039
Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise.
2001-09-12
2005-11-02
CVE-1999-1039
ftp://patches.sgi.com/support/free/security/advisories/19980502-01-P3030
SGI:19980502-01-P3030
CVE-1999-1040
Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable.
2001-09-12
2016-10-17
CVE-1999-1040
http://marc.info/?l=bugtraq&m=89217373930054&w=2
BUGTRAQ:19980408 SGI O2 ipx security issue
http://ciac.llnl.gov/ciac/bulletins/i-055.shtml
CIAC:I-055
ftp://patches.sgi.com/support/free/security/advisories/19980501-01-P2869
SGI:19980501-01-P
CVE-1999-1041
Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 allows a local user to gain root access via (1) a long TERM environmental variable and (2) a long entry in the .mscreenrc file.
2001-09-12
2016-10-17
CVE-1999-1041
http://www.securityfocus.com/archive/1/10420
BUGTRAQ:19980827 SCO mscreen vul.
http://marc.info/?l=bugtraq&m=90686250717719&w=2
BUGTRAQ:19980926 Root exploit for SCO OpenServer.
http://www.cert.org/vendor_bulletins/VB-98.10.sco.mscreen
CERT:VB-98.10
ftp://ftp.sco.com/SSE/security_bulletins/SB-98.05a
SCO:SB-98.05a
CVE-1999-1042
Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings.
2001-09-12
2002-03-01
CVE-1999-1042
http://www.cisco.com/warp/public/770/crmtmp-pub.shtml
CISCO:19980813 CRM Temporary File Vulnerability
CVE-1999-1043
Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error).
2001-09-12
2018-10-12
CVE-1999-1043
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-007
MS:MS98-007
CVE-1999-1044
Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges.
2002-03-09
2002-02-20
CVE-1999-1044
http://ciac.llnl.gov/ciac/bulletins/i-050.shtml
CIAC:I-050
http://ciac.llnl.gov/ciac/bulletins/i-050.shtml
COMPAQ:SSRT0495U
http://www.iss.net/security_center/static/7431.php
XF:dgux-advfs-softlinks(7431)
CVE-1999-1045
pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request.
2002-03-09
2002-02-20
CVE-1999-1045
http://marc.info/?l=bugtraq&m=88490880523890&w=2
BUGTRAQ:19980115 [rootshell] Security Bulletin #7
http://marc.info/?l=bugtraq&m=88492978527261&w=2
BUGTRAQ:19980115 pnserver exploit..
http://marc.info/?l=bugtraq&m=90338245305236&w=2
BUGTRAQ:19980817 Re: Real Audio Server Version 5 bug?
http://service.real.com/help/faq/serv501.html
MISC:http://service.real.com/help/faq/serv501.html
http://www.osvdb.org/6979
OSVDB:6979
http://www.iss.net/security_center/static/7297.php
XF:realserver-pnserver-remote-dos(7297)
CVE-1999-1046
Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181.
2001-09-12
2017-12-18
CVE-1999-1046
http://www.securityfocus.com/bid/504
BID:504
http://marc.info/?l=bugtraq&m=92038879607336&w=2
BUGTRAQ:19990302 Multiple IMail Vulnerabilites
https://exchange.xforce.ibmcloud.com/vulnerabilities/1897
XF:imail-imonitor-overflow(1897)
CVE-1999-1047
When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular order, Gauntlet allows remote attackers to bypass firewall access restrictions, and does not log the activities.
2002-03-09
2002-02-16
CVE-1999-1047
http://marc.info/?l=bugtraq&m=94026690521279&w=2
BUGTRAQ:19991018 Gauntlet 5.0 BSDI warning
http://marc.info/?l=bugtraq&m=94036662326185&w=2
BUGTRAQ:19991019 Re: Gauntlet 5.0 BSDI warning
http://www.iss.net/security_center/static/3397.php
XF:gauntlet-bsdi-bypass(3397)
CVE-1999-1048
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory.
2002-03-09
2002-03-01
CVE-1999-1048
http://marc.info/?l=bugtraq&m=87602746719555&w=2
BUGTRAQ:19970821 Buffer overflow in /bin/bash
http://www.securityfocus.com/archive/1/10542
BUGTRAQ:19980905 BASH buffer overflow, LiNUX x86 exploit
http://www.debian.org/security/1998/19980909
DEBIAN:19980909 problem with very long pathnames
http://www.osvdb.org/8345
OSVDB:8345
https://exchange.xforce.ibmcloud.com/vulnerabilities/3414
XF:linux-bash-bo(3414)
CVE-1999-1049
ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password.
2001-09-12
2016-10-17
CVE-1999-1049
http://marc.info/?l=bugtraq&m=91972006211238&w=2
BUGTRAQ:19990222 Severe Security Hole in ARCserve NT agents (fwd)
CVE-1999-1050
Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template.
2001-09-12
2017-12-18
CVE-1999-1050
http://www.securityfocus.com/bid/798
BID:798
http://www.securityfocus.com/bid/799
BID:799
http://www.securityfocus.com/archive/1/34600
BUGTRAQ:19991112 FormHandler.cgi
http://www.securityfocus.com/archive/1/34939
BUGTRAQ:19991116 Re: FormHandler.cgi
https://exchange.xforce.ibmcloud.com/vulnerabilities/3550
XF:formhandler-cgi-absolute-path(3550)
CVE-1999-1051
Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter.
2001-09-12
2002-01-10
CVE-1999-1051
http://www.securityfocus.com/archive/1/34939
BUGTRAQ:19991116 Re: FormHandler.cgi
CVE-1999-1052
Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.
2001-09-12
2016-10-17
CVE-1999-1052
http://marc.info/?l=bugtraq&m=93582550911564&w=2
BUGTRAQ:19990824 Front Page form_results
CVE-1999-1053
guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
2001-09-12
2002-01-10
CVE-1999-1053
http://www.securityfocus.com/bid/776
BID:776
http://www.securityfocus.com/archive/1/33674
BUGTRAQ:19991105 Guestbook.pl, sloppy SSI handling in Apache? (VD#2)
http://www.securityfocus.com/archive/82/27296
VULN-DEV:19990913 Guestbook perl script (long)
http://www.securityfocus.com/archive/82/27560
VULN-DEV:19990916 Re: Guestbook perl script (error fix)
CVE-1999-1054
The default configuration of FLEXlm license manager 6.0d, and possibly other versions, allows remote attackers to shut down the server via the lmdown command.
2001-09-12
2016-10-17
CVE-1999-1054
http://marc.info/?l=bugtraq&m=90675672323825&w=2
BUGTRAQ:19980925 Globetrotter FlexLM 'lmdown' bogosity
CVE-1999-1055
Microsoft Excel 97 does not warn the user before executing worksheet functions, which could allow attackers to execute arbitrary commands by using the CALL function to execute a malicious DLL, aka the Excel "CALL Vulnerability."
2002-03-09
2002-03-01
CVE-1999-1055
http://www.securityfocus.com/bid/179
BID:179
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-018
MS:MS98-018
https://exchange.xforce.ibmcloud.com/vulnerabilities/1737
XF:excel-call(1737)
CVE-1999-1056
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1395. Reason: This candidate is a duplicate of CVE-1999-1395. Notes: All CVE users should reference CVE-1999-1395 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
2001-09-12
2005-02-03
CVE-1999-1056
CVE-1999-1057
VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command.
2002-03-09
2002-02-20
CVE-1999-1057
http://www.securityfocus.com/bid/12
BID:12
http://www.cert.org/advisories/CA-1990-07.html
CERT:CA-1990-07
http://ciac.llnl.gov/ciac/bulletins/b-04.shtml
CIAC:B-04
http://www.iss.net/security_center/static/7137.php
XF:vms-analyze-processdump-privileges(7137)
CVE-1999-1058
Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD commands.
2001-09-12
2017-12-18
CVE-1999-1058
http://www.securityfocus.com/bid/818
BID:818
http://marc.info/?l=bugtraq&m=94329968617085&w=2
BUGTRAQ:19991122 Remote DoS Attack in Vermillion FTP Daemon (VFTPD) v1.23 Vulnerability
http://marc.info/?l=ntbugtraq&m=94337185023159&w=2
NTBUGTRAQ:19991122 Remote DoS Attack in Vermillion FTP Daemon (VFTPD) v1.23 Vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/3543
XF:vermillion-ftp-cwd-overflow(3543)
CVE-1999-1059
Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands.
2002-03-09
2002-02-20
CVE-1999-1059
http://www.securityfocus.com/bid/36
BID:36
http://www.cert.org/advisories/CA-1992-04.html
CERT:CA-1992-04
http://www.iss.net/security_center/static/3159.php
XF:att-rexecd(3159)
CVE-1999-1060
Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by connecting to port 31457 from a host with a long DNS hostname.
2001-09-12
2016-10-17
CVE-1999-1060
http://www.securityfocus.com/bid/340
BID:340
http://marc.info/?l=bugtraq&m=91937090211855&w=2
BUGTRAQ:19990217 Tetrix 1.13.16 is Vulnerable
CVE-1999-1061
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging.
2001-09-12
2017-12-18
CVE-1999-1061
http://marc.info/?l=bugtraq&m=87602248518480&w=2
BUGTRAQ:19971004 HP Laserjet 4M Plus DirectJet Problem
https://exchange.xforce.ibmcloud.com/vulnerabilities/1876
XF:laserjet-unpassworded(1876)
CVE-1999-1062
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100.
2001-09-12
2017-12-18
CVE-1999-1062
http://marc.info/?l=bugtraq&m=87602248518480&w=2
BUGTRAQ:19971004 HP Laserjet 4M Plus DirectJet Problem
https://exchange.xforce.ibmcloud.com/vulnerabilities/1876
XF:laserjet-unpassworded(1876)
CVE-1999-1063
CDomain whois_raw.cgi whois CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the fqdn parameter.
2001-09-12
2017-12-18
CVE-1999-1063
http://www.securityfocus.com/bid/304
BID:304
http://www.securityfocus.com/archive/1/14019
BUGTRAQ:19990601 whois_raw.cgi problem
https://exchange.xforce.ibmcloud.com/vulnerabilities/2251
XF:http-cgi-cdomain(2251)
CVE-1999-1064
Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow attackers to cause a denial of service and possibly execute arbitrary commands by executing WindowMaker with a long program name (argv[0]).
2001-09-12
2016-10-17
CVE-1999-1064
http://www.securityfocus.com/bid/596
BID:596
http://marc.info/?l=bugtraq&m=93555317429630&w=2
BUGTRAQ:19990822
http://marc.info/?l=bugtraq&m=93582070508957&w=2
BUGTRAQ:19990824 Re: WindowMaker bugs (was sub:none )
CVE-1999-1065
Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 14238 while the manager is in network mode.
2001-09-12
2016-10-17
CVE-1999-1065
http://marc.info/?l=bugtraq&m=94175465525422&w=2
BUGTRAQ:19991104 Palm Hotsync vulnerable to DoS attack
CVE-1999-1066
Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smurf" style attack on another host, by spoofing the connection request.
2001-09-12
2016-10-17
CVE-1999-1066
http://marc.info/?l=bugtraq&m=94589559631535&w=2
BUGTRAQ:19991222 Quake "smurf" - Quake War Utils
CVE-1999-1067
SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering activities.
2001-09-12
2016-10-17
CVE-1999-1067
http://marc.info/?l=bugtraq&m=87602167420919&w=2
BUGTRAQ:19970507 Re: SGI Security Advisory 19970501-01-A - Vulnerability in webdist.cgi
XF:sgi-machineinfo
CVE-1999-1068
Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request.
2001-09-12
2016-10-17
CVE-1999-1068
http://marc.info/?l=bugtraq&m=87602661419366&w=2
BUGTRAQ:19970723 DoS against Oracle Webserver 2.1 with PL/SQL stored procedures
CVE-1999-1069
Directory traversal vulnerability in carbo.dll in iCat Carbo Server 3.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the icatcommand parameter.
2001-09-12
2017-12-18
CVE-1999-1069
http://www.securityfocus.com/bid/2126
BID:2126
http://www.securityfocus.com/archive/1/7943
BUGTRAQ:19971108 Security bug in iCat Suite version 3.0
https://exchange.xforce.ibmcloud.com/vulnerabilities/1620
XF:icat-carbo-server-vuln(1620)
CVE-1999-1070
Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.
2001-09-12
2001-12-14
CVE-1999-1070
http://www.securityfocus.com/archive/1/10021
BUGTRAQ:19980725 Annex DoS
CVE-1999-1071
Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file.
2001-09-12
2017-12-18
CVE-1999-1071
http://marc.info/?l=bugtraq&m=91248445931140&w=2
BUGTRAQ:19981130 Security bugs in Excite for Web Servers 1.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/1417
XF:excite-world-write(1417)
CVE-1999-1072
Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi.
2001-09-12
2016-10-17
CVE-1999-1072
http://marc.info/?l=bugtraq&m=91248445931140&w=2
BUGTRAQ:19981130 Security bugs in Excite for Web Servers 1.1
CVE-1999-1073
Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack.
2001-09-12
2016-10-17
CVE-1999-1073
http://marc.info/?l=bugtraq&m=91248445931140&w=2
BUGTRAQ:19981130 Security bugs in Excite for Web Servers 1.1
CVE-1999-1074
Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking.
2002-03-09
2002-03-01
CVE-1999-1074
http://www.securityfocus.com/bid/98
BID:98
http://www.securityfocus.com/archive/1/9138
BUGTRAQ:19980501 Warning! Webmin Security Advisory
http://www.webmin.com/webmin/changes.html
CONFIRM:http://www.webmin.com/webmin/changes.html
CVE-1999-1075
inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd.
2001-09-12
2016-10-17
CVE-1999-1075
http://marc.info/?l=bugtraq&m=89025820612530&w=2
BUGTRAQ:19980318 AIX 4.1.5 DoS attack (aka "Port 1025 problem")
CVE-1999-1076
Idle locking function in MacOS 9 allows local users to bypass the password protection of idled sessions by selecting the "Log Out" option and selecting a "Cancel" option in the dialog box for an application that attempts to verify that the user wants to log out, which returns the attacker into the locked session.
2001-09-12
2016-10-17
CVE-1999-1076
http://www.securityfocus.com/bid/745
BID:745
http://marc.info/?l=bugtraq&m=94096348604173&w=2
BUGTRAQ:19991026 Mac OS 9 Idle Lock Bug
CVE-1999-1077
Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock.
2001-09-12
2016-10-17
CVE-1999-1077
http://www.securityfocus.com/bid/756
BID:756
http://marc.info/?l=bugtraq&m=94149318124548&w=2
BUGTRAQ:19991101 Re: Mac OS 9 Idle Lock Bug
CVE-1999-1078
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.
2001-09-12
2002-03-22
CVE-1999-1078
http://www.securityfocus.com/bid/547
BID:547
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9907&L=ntbugtraq&D=0&P=10370&F=P
NTBUGTRAQ:19990729 WS_FTP Pro 6.0 Weak Password Encryption Vulnerability
CVE-1999-1079
Vulnerability in ptrace in AIX 4.3 allows local users to gain privileges by attaching to a setgid program.
2001-09-12
2016-10-17
CVE-1999-1079
http://www-1.ibm.com/servlet/support/manager?rs=0&rt=0&org=apars&doc=08E0B1A1B85472A1852567C90031BB36
AIXAPAR:IX80470
http://www.securityfocus.com/bid/439
BID:439
http://marc.info/?l=bugtraq&m=92601792420088&w=2
BUGTRAQ:19990506 AIX Security Fixes Update
http://marc.info/?l=bugtraq&m=93587956513233&w=2
BUGTRAQ:19990825 AIX security summary
CVE-1999-1080
rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf.
2002-06-25
2002-06-15
CVE-1999-1080
http://www.securityfocus.com/bid/250
BID:250
http://marc.info/?l=bugtraq&m=92633694100270&w=2
BUGTRAQ:19990510 SunOS 5.7 rmmount, no nosuid.
http://marc.info/?l=bugtraq&m=93971288323395&w=2
BUGTRAQ:19991011
SUNBUG:4205437
https://exchange.xforce.ibmcloud.com/vulnerabilities/8350
XF:solaris-rmmount-gain-root(8350)
CVE-1999-1081
Vulnerability in files.pl script in Novell WebServer Examples Toolkit 2 allows remote attackers to read arbitrary files.
2001-09-12
2017-12-18
CVE-1999-1081
http://www.roxanne.org/faqs/www-secure/wwwsf4.html#Q35
MISC:http://www.roxanne.org/faqs/www-secure/wwwsf4.html#Q35
http://www.w3.org/Security/Faq/wwwsf8.html#Q87
MISC:http://www.w3.org/Security/Faq/wwwsf8.html#Q87
https://exchange.xforce.ibmcloud.com/vulnerabilities/2054
XF:http-nov-files(2054)
CVE-1999-1082
Directory traversal vulnerability in Jana proxy web server 1.40 allows remote attackers to ready arbitrary files via a "......" (modified dot dot) attack.
2001-09-12
2016-10-17
CVE-1999-1082
http://www.securityfocus.com/bid/699
BID:699
http://marc.info/?l=bugtraq&m=93941794201059&w=2
BUGTRAQ:19991008 Jana webserver exploit
CVE-1999-1083
Directory traversal vulnerability in Jana proxy web server 1.45 allows remote attackers to ready arbitrary files via a .. (dot dot) attack.
2001-09-12
2016-10-17
CVE-1999-1083
http://www.securityfocus.com/bid/699
BID:699
http://marc.info/?l=bugtraq&m=95730430727064&w=2
BUGTRAQ:20000502 Security Bug in Jana HTTP Server
CVE-1999-1084
The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash.
2001-09-12
2018-10-12
CVE-1999-1084
http://www.securityfocus.com/bid/1044
BID:1044
http://www.ciac.org/ciac/bulletins/k-029.shtml
CIAC:K-029
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-008
MS:MS00-008
http://support.microsoft.com/support/kb/articles/q103/8/61.asp
MSKB:Q103861
http://marc.info/?l=ntbugtraq&m=90222453431604&w=2
NTBUGTRAQ:19980622 Yet another "get yourself admin rights exploit":
CVE-1999-1085
SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote attackers to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and computing a valid CRC-32 checksum for the packet, aka the "SSH insertion attack."
2002-03-09
2002-02-20
CVE-1999-1085
http://marc.info/?l=bugtraq&m=90221103125884&w=2
BUGTRAQ:19980612 CORE-SDI-04: SSH insertion attack
http://marc.info/?l=bugtraq&m=90221104525878&w=2
BUGTRAQ:19980703 UPDATE: SSH insertion attack
http://www.kb.cert.org/vuls/id/13877
CERT-VN:VU#13877
CISCO:20010627 Multiple SSH Vulnerabilities
http://www.iss.net/security_center/static/1126.php
XF:ssh-insert(1126)
CVE-1999-1086
Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.
2001-09-12
2016-10-17
CVE-1999-1086
http://www.securityfocus.com/bid/528
BID:528
http://marc.info/?l=bugtraq&m=93214475111651&w=2
BUGTRAQ:19990715 NMRC Advisory: Netware 5 Client Hijacking
CVE-1999-1087
Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server.
2002-03-09
2006-09-10
CVE-1999-1087
http://www.microsoft.com/Windows/Ie/security/dotless.asp
CONFIRM:http://www.microsoft.com/Windows/Ie/security/dotless.asp
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-016
MS:MS98-016
http://support.microsoft.com/support/kb/articles/q168/6/17.asp
MSKB:Q168617
http://www.osvdb.org/7828
OSVDB:7828
https://exchange.xforce.ibmcloud.com/vulnerabilities/2209
XF:ie-dotless(2209)
CVE-1999-1088
Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges.
2001-09-12
2017-12-18
CVE-1999-1088
http://ciac.llnl.gov/ciac/bulletins/h-21.shtml
CIAC:H-21
HP:HPSBUX9701-050
https://exchange.xforce.ibmcloud.com/vulnerabilities/2012
XF:hp-chsh(2012)
CVE-1999-1089
Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument.
2001-09-12
2017-07-10
CVE-1999-1089
AUSCERT:AA-96.18
http://marc.info/?l=bugtraq&m=87602167420285&w=2
BUGTRAQ:19961209 the HP Bug of the Week!
http://ciac.llnl.gov/ciac/bulletins/h-16.shtml
CIAC:H-16
http://ciac.llnl.gov/ciac/bulletins/h-21.shtml
CIAC:H-21
HP:HPSBUX9701-049
https://exchange.xforce.ibmcloud.com/vulnerabilities/2008
XF:hp-chfn(2008)
CVE-1999-1090
The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files.
2002-03-09
2002-03-01
CVE-1999-1090
http://www.cert.org/advisories/CA-1991-15.html
CERT:CA-1991-15
https://exchange.xforce.ibmcloud.com/vulnerabilities/1844
XF:ftp-ncsa(1844)
CVE-1999-1091
UNIX news readers tin and rtin create the /tmp/.tin_log file with insecure permissions and follow symlinks, which allows attackers to modify the permissions of files writable by the user via a symlink attack.
2001-09-12
2017-12-18
CVE-1999-1091
http://marc.info/?l=bugtraq&m=87602167419839&w=2
BUGTRAQ:19960903 Re: BoS: [BUG] Vulnerability in TIN
http://marc.info/?l=bugtraq&m=87602167419835&w=2
BUGTRAQ:19960903 [BUG] Vulnerability in TIN
http://marc.info/?l=bugtraq&m=87602167420726&w=2
BUGTRAQ:19970329 symlink bug in tin/rtin
https://exchange.xforce.ibmcloud.com/vulnerabilities/431
XF:tin-tmpfile(431)
CVE-1999-1092
tin 1.40 creates the .tin directory with insecure permissions, which allows local users to read passwords from the .inputhistory file.
2001-09-12
2016-10-17
CVE-1999-1092
http://marc.info/?l=bugtraq&m=94286179032648&w=2
BUGTRAQ:19991117 default permissions for tin
CVE-1999-1093
Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page.
2002-03-09
2002-02-20
CVE-1999-1093
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-011
MS:MS98-011
http://support.microsoft.com/support/kb/articles/q191/2/00.asp
MSKB:Q191200
http://www.iss.net/security_center/static/1276.php
XF:java-script-patch(1276)
CVE-1999-1094
Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue."
2002-03-09
2002-03-01
CVE-1999-1094
http://marc.info/?l=bugtraq&m=88480839506155&w=2
BUGTRAQ:19980114 L0pht Advisory MSIE4.0(1)
http://support.microsoft.com/support/kb/articles/q176/6/97.asp
MSKB:Q176697
https://exchange.xforce.ibmcloud.com/vulnerabilities/917
XF:iemk-bug(917)
CVE-1999-1095
sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.
2001-09-12
2016-10-17
CVE-1999-1095
http://marc.info/?l=bugtraq&m=87619953510834&w=2
BUGTRAQ:19971006 KSR[T] Advisory #3: updatedb / crontabs
http://marc.info/?l=bugtraq&m=88886870129518&w=2
BUGTRAQ:19980302 overwrite any file with updatedb
http://marc.info/?l=bugtraq&m=88890116304676&w=2
BUGTRAQ:19980303 updatedb stuff
BUGTRAQ:19980303 updatedb: sort patch
CVE-1999-1096
Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable.
2001-09-12
2017-12-18
CVE-1999-1096
http://marc.info/?l=bugtraq&m=90221101925954&w=2
BUGTRAQ:19980516 kde exploit
http://marc.info/?l=bugtraq&m=90221101925959&w=2
BUGTRAQ:19980517 simple kde exploit fix
https://exchange.xforce.ibmcloud.com/vulnerabilities/1644
XF:kde-klock-home-bo(1644)
CVE-1999-1097
Microsoft NetMeeting 2.1 allows one client to read the contents of another client's clipboard via a CTRL-C in the chat box when the box is empty.
2001-09-12
2017-12-18
CVE-1999-1097
http://marc.info/?l=bugtraq&m=92586457816446&w=2
BUGTRAQ:19990504 Microsoft Netmeeting Hole
https://exchange.xforce.ibmcloud.com/vulnerabilities/2187
XF:netmeeting-clipboard(2187)
CVE-1999-1098
Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing.
2002-03-09
2002-02-20
CVE-1999-1098
http://www.cert.org/advisories/CA-1995-03.html
CERT:CA-1995-03
http://www.ciac.org/ciac/bulletins/f-12.shtml
CIAC:F-12
http://www.osvdb.org/4881
OSVDB:4881
http://www.iss.net/security_center/static/516.php
XF:bsd-telnet(516)
CVE-1999-1099
Kerberos 4 allows remote attackers to obtain sensitive information via a malformed UDP packet that generates an error string that inadvertently includes the realm name and the last user.
2002-03-09
2002-02-20
CVE-1999-1099
http://marc.info/?l=bugtraq&m=87602167420184&w=2
BUGTRAQ:19961122 L0pht Kerberos Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/65
XF:kerberos-user-grab(65)
CVE-1999-1100
Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack.
2002-03-09
2002-03-01
CVE-1999-1100
http://ciac.llnl.gov/ciac/bulletins/i-056.shtml
CIAC:I-056
http://www.cisco.com/warp/public/770/pixkey-pub.shtml
CISCO:19980616 PIX Private Link Key Processing and Cryptography Issues
https://exchange.xforce.ibmcloud.com/vulnerabilities/1579
XF:cisco-pix-parse-error(1579)
CVE-1999-1101
Kabsoftware Lydia utility uses weak encryption to store user passwords in the lydia.ini file, which allows local users to easily decrypt the passwords and gain privileges.
2001-09-12
2003-05-08
CVE-1999-1101
http://www.securityfocus.com/archive/1/12618
BUGTRAQ:19990219 Yet Another password storing problem (was: Re: Possible Netscape Crypto Security Flaw)
CVE-1999-1102
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
2002-03-09
2002-03-01
CVE-1999-1102
http://www.aenigma.net/resources/maillist/bugtraq/1994/0091.htm
BUGTRAQ:19940307 8lgm Advisory Releases
http://ciac.llnl.gov/ciac/bulletins/e-25.shtml
CIAC:E-25a
http://www.phreak.org/archives/security/8lgm/8lgm.lpr
MISC:http://www.phreak.org/archives/security/8lgm/8lgm.lpr
CVE-1999-1103
dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter.
2002-03-09
2002-02-20
CVE-1999-1103
http://www.cert.org/vendor_bulletins/VB-96.05.dec
CERT:VB-96.05
http://ciac.llnl.gov/ciac/bulletins/g-18.shtml
CIAC:G-18
http://www.tao.ca/fire/bos/0209.html
MISC:http://www.tao.ca/fire/bos/0209.html
http://www.iss.net/security_center/static/7138.php
XF:osf-dxconsole-gain-privileges(7138)
CVE-1999-1104
Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords.
2002-03-09
2002-02-20
CVE-1999-1104
http://marc.info/?l=bugtraq&m=87602167418931&w=2
BUGTRAQ:19951205 Cracked: WINDOWS.PWL
http://marc.info/?l=bugtraq&m=88536273725787&w=2
BUGTRAQ:19980120 How to recover private keys for various Microsoft products
http://support.microsoft.com/support/kb/articles/q140/5/57.asp
MSKB:Q140557
http://marc.info/?l=ntbugtraq&m=88540877601866&w=2
NTBUGTRAQ:19980121 How to recover private keys for various Microsoft products
http://www.iss.net/security_center/static/71.php
XF:win95-nbsmbpwl(71)
CVE-1999-1105
Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive.
2002-03-09
2002-02-20
CVE-1999-1105
http://www.zdnet.com/eweek/reviews/1016/tr42bug.html
CONFIRM:http://www.zdnet.com/eweek/reviews/1016/tr42bug.html
http://www.net-security.sk/bugs/NT/netware1.html
MISC:http://www.net-security.sk/bugs/NT/netware1.html
http://www.iss.net/security_center/static/7231.php
XF:win95-netware-hidden-share(7231)
CVE-1999-1106
Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument.
2001-09-12
2017-12-18
CVE-1999-1106
http://www.securityfocus.com/bid/92
BID:92
http://www.securityfocus.com/archive/1/9121
BUGTRAQ:19980429 Security hole in kppp
https://exchange.xforce.ibmcloud.com/vulnerabilities/1643
XF:kde-kppp-account-bo(1643)
CVE-1999-1107
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.
2001-09-12
2017-12-18
CVE-1999-1107
http://marc.info/?l=bugtraq&m=91141486301691&w=2
BUGTRAQ:19981118 Multiple KDE security vulnerabilities (root compromise)
https://exchange.xforce.ibmcloud.com/vulnerabilities/1650
XF:kde-kppp-path-bo(1650)
CVE-1999-1108
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1107. Reason: This candidate is a duplicate of CVE-1999-1107. Notes: All CVE users should reference CVE-1999-1107 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
2001-09-12
2005-02-03
CVE-1999-1108
CVE-1999-1109
Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated.
2002-03-09
2002-02-16
CVE-1999-1109
http://www.securityfocus.com/bid/904
BID:904
http://marc.info/?l=bugtraq&m=94632241202626&w=2
BUGTRAQ:19991222 Re: procmail / Sendmail - five bugs
http://marc.info/?l=bugtraq&m=94780566911948&w=2
BUGTRAQ:20000113 Re: procmail / Sendmail - five bugs
http://www.iss.net/security_center/static/7760.php
XF:sendmail-etrn-dos(7760)
CVE-1999-1110
Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client.
2001-09-12
2002-01-10
CVE-1999-1110
http://www.securityfocus.com/bid/793
BID:793
http://www.securityfocus.com/archive/1/34675
BUGTRAQ:19991114 IE 5.0 and Windows Media Player ActiveX object allow checking the existence of local files and directories
CVE-1999-1111
Vulnerability in StackGuard before 1.21 allows remote attackers to bypass the Random and Terminator Canary security mechanisms by using a non-linear attack which directly modifies a pointer to a return address instead of using a buffer overflow to reach the return address entry itself.
2002-03-09
2001-11-28
CVE-1999-1111
http://www.securityfocus.com/bid/786
BID:786
http://marc.info/?l=bugtraq&m=94218618329838&w=2
BUGTRAQ:19911109 ImmuniX OS Security Alert: StackGuard 1.21 Released
https://exchange.xforce.ibmcloud.com/vulnerabilities/3524
XF:immunix-stackguard-bo(3524)
CVE-1999-1112
Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header.
2001-09-12
2017-12-18
CVE-1999-1112
http://www.securityfocus.com/bid/781
BID:781
http://www.securityfocus.com/archive/1/34066
BUGTRAQ:19991109 Irfan view 3.07 buffer overflow
http://stud4.tuwien.ac.at/~e9227474/main2.html
MISC:http://stud4.tuwien.ac.at/~e9227474/main2.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/3549
XF:irfan-view32-bo(3549)
CVE-1999-1113
Buffer overflow in Eudora Internet Mail Server (EIMS) 2.01 and earlier on MacOS systems allows remote attackers to cause a denial of service via a long USER command to port 106.
2001-09-12
2016-10-17
CVE-1999-1113
http://www.securityfocus.com/bid/75
BID:75
http://marc.info/?l=bugtraq&m=89258194718577&w=2
BUGTRAQ:19980414 MacOS based buffer overflows...
CVE-1999-1114
Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges.
2002-03-09
2002-03-01
CVE-1999-1114
ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-96.17.suid_exec.vul
AUSCERT:AA-96.17
http://www.securityfocus.com/bid/467
BID:467
http://ciac.llnl.gov/ciac/bulletins/h-15a.shtml
CIAC:H-15A
ftp://patches.sgi.com/support/free/security/advisories/19980405-01-I
SGI:19980405-01-I
https://exchange.xforce.ibmcloud.com/vulnerabilities/2100
XF:ksh-suid_exec(2100)
CVE-1999-1115
Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh).
2002-03-09
2002-02-20
CVE-1999-1115
http://www.securityfocus.com/bid/7
BID:7
http://www.cert.org/advisories/CA-1990-04.html
CERT:CA-1990-04
http://www.ciac.org/ciac/bulletins/a-30.shtml
CIAC:A-30
http://www.iss.net/security_center/static/6721.php
XF:apollo-suidexec-unauthorized-access(6721)
CVE-1999-1116
Vulnerability in runpriv in Indigo Magic System Administration subsystem of SGI IRIX 6.3 and 6.4 allows local users to gain root privileges.
2002-03-09
2002-03-01
CVE-1999-1116
http://www.securityfocus.com/bid/462
BID:462
http://www.osvdb.org/1009
OSVDB:1009
ftp://patches.sgi.com/support/free/security/advisories/19970503-01-PX
SGI:19970503-01-PX
https://exchange.xforce.ibmcloud.com/vulnerabilities/2108
XF:sgi-runpriv(2108)
CVE-1999-1117
lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter.
2002-03-09
2002-03-01
CVE-1999-1117
http://www.securityfocus.com/bid/455
BID:455
http://marc.info/?l=bugtraq&w=2&r=1&s=lquerypv&q=b
BUGTRAQ:19961124
http://marc.info/?l=bugtraq&m=87602167420196&w=2
BUGTRAQ:19961125 AIX lquerypv
http://marc.info/?l=bugtraq&m=87602167420195&w=2
BUGTRAQ:19961125 lquerypv fix
http://ciac.llnl.gov/ciac/bulletins/h-13.shtml
CIAC:H-13
https://exchange.xforce.ibmcloud.com/vulnerabilities/1752
XF:ibm-lquerypv(1752)
CVE-1999-1118
ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters.
2002-03-09
2002-02-11
CVE-1999-1118
http://www.securityfocus.com/bid/433
BID:433
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/165&type=0&nav=sec.sba
SUN:00165
https://exchange.xforce.ibmcloud.com/vulnerabilities/817
XF:sun-ndd(817)
CVE-1999-1119
FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands.
2002-03-09
2002-03-01
CVE-1999-1119
http://www.securityfocus.com/bid/41
BID:41
http://www.cert.org/advisories/CA-1992-09.html
CERT:CA-1992-09
https://exchange.xforce.ibmcloud.com/vulnerabilities/3154
XF:aix-anon-ftp(3154)
CVE-1999-1120
netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges.
2002-03-09
2002-03-01
CVE-1999-1120
http://www.securityfocus.com/bid/395
BID:395
http://marc.info/?l=bugtraq&m=87602167420403&w=2
BUGTRAQ:19970104 Irix: netprint story
http://www.osvdb.org/993
OSVDB:993
ftp://patches.sgi.com/support/free/security/advisories/19961203-01-PX
SGI:19961203-01-PX
ftp://patches.sgi.com/support/free/security/advisories/19961203-02-PX
SGI:19961203-02-PX
https://exchange.xforce.ibmcloud.com/vulnerabilities/2107
XF:sgi-netprint(2107)
CVE-1999-1121
The default configuration for UUCP in AIX before 3.2 allows local users to gain root privileges.
2002-03-09
2002-03-01
CVE-1999-1121
http://www.securityfocus.com/bid/38
BID:38
http://www.cert.org/advisories/CA-1992-06.html
CERT:CA-1992-06
http://www.osvdb.org/891
OSVDB:891
https://exchange.xforce.ibmcloud.com/vulnerabilities/554
XF:ibm-uucp(554)
CVE-1999-1122
Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges.
2002-03-09
2002-02-16
CVE-1999-1122
http://www.securityfocus.com/bid/3
BID:3
http://www.cert.org/advisories/CA-1989-02.html
CERT:CA-1989-02
http://www.ciac.org/ciac/bulletins/ciac-08.shtml
CIAC:CIAC-08
SUNBUG:1019265
https://exchange.xforce.ibmcloud.com/vulnerabilities/6695
XF:sun-restore-gain-privileges(6695)
CVE-1999-1123
The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall.
2001-09-12
2017-12-18
CVE-1999-1123
http://www.securityfocus.com/bid/21
BID:21
http://www.securityfocus.com/bid/22
BID:22
http://www.cert.org/advisories/CA-1991-07.html
CERT:CA-1991-07
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/107&type=0&nav=sec.sba
SUN:00107
https://exchange.xforce.ibmcloud.com/vulnerabilities/582
XF:sun-sourcetapes(582)
CVE-1999-1124
HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from the local host.
2001-09-12
2003-05-08
CVE-1999-1124
http://packetstorm.securify.com/mag/phrack/phrack54/P54-08
MISC:http://packetstorm.securify.com/mag/phrack/phrack54/P54-08
CVE-1999-1125
Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file.
2001-09-12
2016-10-17
CVE-1999-1125
http://marc.info/?l=bugtraq&m=87602880019796&w=2
BUGTRAQ:19970919 Instresting practises of Oracle [Oracle Webserver]
CVE-1999-1126
Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".
2001-09-12
2017-12-18
CVE-1999-1126
http://ciac.llnl.gov/ciac/bulletins/i-086.shtml
CIAC:I-086
http://www.cisco.com/warp/public/770/crmtmp-pub.shtml
CISCO:19980813 CRM Temporary File Vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/1575
XF:cisco-crm-file-vuln(1575)
CVE-1999-1127
Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability.
2002-03-09
2002-02-20
CVE-1999-1127
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-017
MS:MS98-017
http://support.microsoft.com/support/kb/articles/Q195/7/33.asp
MSKB:Q195733
http://www.iss.net/security_center/static/523.php
XF:nt-spoolss(523)
CVE-1999-1128
Internet Explorer 3.01 on Windows 95 allows remote malicious web sites to execute arbitrary commands via a .isp file, which is automatically downloaded and executed without prompting the user.
2001-09-12
2003-05-08
CVE-1999-1128
http://members.tripod.com/~unibyte/iebug3.htm
MISC:http://members.tripod.com/~unibyte/iebug3.htm
http://oliver.efri.hr/~crv/security/bugs/NT/ie3.html
MISC:http://oliver.efri.hr/~crv/security/bugs/NT/ie3.html
CVE-1999-1129
Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag.
2001-09-12
2017-12-18
CVE-1999-1129
http://www.securityfocus.com/bid/615
BID:615
http://www.securityfocus.com/archive/1/26008
BUGTRAQ:19990901 VLAN Security
http://www.cisco.com/univercd/cc/td/doc/product/lan/28201900/1928v8x/eescg8x/aleakyv.htm
MISC:http://www.cisco.com/univercd/cc/td/doc/product/lan/28201900/1928v8x/eescg8x/aleakyv.htm
https://exchange.xforce.ibmcloud.com/vulnerabilities/3294
XF:cisco-catalyst-vlan-frames(3294)
CVE-1999-1130
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file.
2001-09-12
2016-10-17
CVE-1999-1130
http://www.securityfocus.com/bid/559
BID:559
http://marc.info/?l=bugtraq&m=93346448121208&w=2
BUGTRAQ:19990730 Netscape Enterprise Server yeilds source of JHTML
http://marc.info/?l=ntbugtraq&m=93337389603117&w=2
NTBUGTRAQ:19990730 Netscape Enterprise Server yeilds source of JHTML
CVE-1999-1131
Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or organization.
2002-03-09
2002-03-01
CVE-1999-1131
http://www.cert.org/vendor_bulletins/VB-97.12.opengroup
CERT:VB-97.12
http://ciac.llnl.gov/ciac/bulletins/i-060.shtml
CIAC:I-060
ftp://patches.sgi.com/support/free/security/advisories/19980601-01-PX
SGI:19980601-01-PX
https://exchange.xforce.ibmcloud.com/vulnerabilities/1123
XF:sgi-osf-dce-dos(1123)
CVE-1999-1132
Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs.
2002-03-09
2002-02-20
CVE-1999-1132
http://marc.info/?l=bugtraq&m=90763508011966&w=2
BUGTRAQ:19981005 NMRC Advisory - Lame NT Token Ring DoS
http://support.microsoft.com/support/kb/articles/Q179/1/57.asp
MSKB:Q179157
http://marc.info/?l=ntbugtraq&m=90760603030452&w=2
NTBUGTRAQ:19981002 NMRC Advisory - Lame NT Token Ring DoS
http://www.iss.net/security_center/static/1399.php
XF:token-ring-dos(1399)
CVE-1999-1133
HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users.
2001-09-12
2017-12-18
CVE-1999-1133
http://marc.info/?l=bugtraq&m=87602880019776&w=2
HP:HPSBUX9709-069
https://exchange.xforce.ibmcloud.com/vulnerabilities/499
XF:hp-vue-dt(499)
CVE-1999-1134
Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066.
2001-09-12
2002-02-20
CVE-1999-1134
http://ciac.llnl.gov/ciac/bulletins/e-23.shtml
CIAC:E-23
http://packetstorm.securify.com/advisories/hpalert/008
HP:HPSBUX9404-008
http://www.iss.net/security_center/static/2284.php
XF:hp-vue(2284)
CVE-1999-1135
Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4994 and PHSS_5438.
2001-09-12
2017-12-18
CVE-1999-1135
http://packetstorm.securify.com/advisories/hpalert/027
HP:HPSBUX9504-027
https://exchange.xforce.ibmcloud.com/vulnerabilities/2284
XF:hp-vue(2284)
CVE-1999-1136
Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems.
2002-03-09
2009-03-01
CVE-1999-1136
http://marc.info/?l=bugtraq&m=90221104526177&w=2
BUGTRAQ:19980729 HP-UX Predictive & Netscape SSL Vulnerabilities
http://www.ciac.org/ciac/bulletins/i-081.shtml
CIAC:I-081
http://cert.ip-plus.net/bulletin-archive/msg00040.html
HP:HPSBMP9807-005
http://www.codetalker.com/advisories/vendor/hp/hpsbux9807-081.html
HP:HPSBUX9807-081
https://exchange.xforce.ibmcloud.com/vulnerabilities/1413
XF:mpeix-predictive(1413)
CVE-1999-1137
The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone.
2002-03-09
2002-02-11
CVE-1999-1137
http://www.ciac.org/ciac/bulletins/e-01.shtml
CIAC:E-01
http://www.osvdb.org/6436
OSVDB:6436
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/122&type=0&nav=sec.sba
SUN:00122
https://exchange.xforce.ibmcloud.com/vulnerabilities/549
XF:sun-audio(549)
CVE-1999-1138
SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other users to gain access to those accounts since /tmp and /usr/tmp are world-writable.
2002-03-09
2002-03-01
CVE-1999-1138
http://www.cert.org/advisories/CA-1993-13.html
CERT:CA-1993-13
https://exchange.xforce.ibmcloud.com/vulnerabilities/546
XF:sco-homedir(546)
CVE-1999-1139
Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file.
2002-03-09
2002-02-20
CVE-1999-1139
http://marc.info/?l=bugtraq&m=87602880019745&w=2
BUGTRAQ:19970901 HP UX Bug :)
http://security-archive.merton.ox.ac.uk/bugtraq-199801/0122.html
BUGTRAQ:19980121 HP-UX CUE, CUD and LAND vulnerabilities
http://www.ciac.org/ciac/bulletins/i-027b.shtml
CIAC:I-027B
http://www.codetalker.com/advisories/vendor/hp/hpsbux9801-074.html
HP:HPSBUX9801-074
http://www.iss.net/security_center/static/2007.php
XF:hp-cue(2007)
CVE-1999-1140
Buffer overflow in CrackLib 2.5 may allow local users to gain root privileges via a long GECOS field.
2002-03-09
2002-03-01
CVE-1999-1140
http://marc.info/?l=bugtraq&m=88209041500913&w=2
BUGTRAQ:19971214 buffer overflows in cracklib?!
http://www.cert.org/vendor_bulletins/VB-97.16.CrackLib
CERT:VB-97.16
https://exchange.xforce.ibmcloud.com/vulnerabilities/1539
XF:cracklib-bo(1539)
CVE-1999-1141
Ascom Timeplex router allows remote attackers to obtain sensitive information or conduct unauthorized activities by entering debug mode through a sequence of CTRL-D characters.
2001-09-12
2017-12-18
CVE-1999-1141
http://marc.info/?l=bugtraq&m=87602167420981&w=2
BUGTRAQ:19970515 MicroSolved finds hole in Ascom Timeplex Router Security
https://exchange.xforce.ibmcloud.com/vulnerabilities/1824
XF:ascom-timeplex-debug(1824)
CVE-1999-1142
SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3) sendmail, that change the real and effective user ids to the same user.
2002-03-09
2002-02-11
CVE-1999-1142
http://www.cert.org/advisories/CA-1992-11.html
CERT:CA-1992-11
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/116
SUN:00116
https://exchange.xforce.ibmcloud.com/vulnerabilities/3152
XF:sun-env(3152)
CVE-1999-1143
Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs.
2002-03-09
2002-03-01
CVE-1999-1143
http://ciac.llnl.gov/ciac/bulletins/h-65.shtml
CIAC:H-065
ftp://patches.sgi.com/support/free/security/advisories/19970504-01-PX
SGI:19970504-01-PX
https://exchange.xforce.ibmcloud.com/vulnerabilities/2109
XF:sgi-rld(2109)
CVE-1999-1144
Certain files in MPower in HP-UX 10.x are installed with insecure permissions, which allows local users to gain privileges.
2002-03-09
2002-03-01
CVE-1999-1144
http://www.codetalker.com/advisories/vendor/hp/hpsbux9701-051.html
HP:HPSBUX9701-051
https://exchange.xforce.ibmcloud.com/vulnerabilities/2056
XF:hp-mpower(2056)
CVE-1999-1145
Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges.
2002-03-09
2002-03-01
CVE-1999-1145
http://ciac.llnl.gov/ciac/bulletins/h-21.shtml
CIAC:H-21
http://www.securityfocus.com/templates/advisory.html?id=1514
HP:HPSBUX9701-044
https://exchange.xforce.ibmcloud.com/vulnerabilities/2059
XF:hp-glanceplus(2059)
CVE-1999-1146
Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges.
2002-03-09
2002-03-01
CVE-1999-1146
http://www.securityfocus.com/advisories/1555
HP:HPSBUX9405-011
https://exchange.xforce.ibmcloud.com/vulnerabilities/2060
XF:hp-glanceplus-gpm(2060)
CVE-1999-1147
Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows remote attackers to execute arbitrary commands via a long string to the Agent port (1827), which is handled by smaxagent.exe.
2002-03-09
2001-12-14
CVE-1999-1147
http://marc.info/?l=bugtraq&m=91273739726314&w=2
BUGTRAQ:19981204 [SAFER-981204.DOS.1.3] Buffer Overflow in Platinum PCM 7.0
BUGTRAQ:19981207 Re: [SAFER-981204.DOS.1.3] Buffer Overflow in Platinum PCM 7.0
http://www.osvdb.org/3164
OSVDB:3164
https://exchange.xforce.ibmcloud.com/vulnerabilities/1430
XF:pcm-dos-execute(1430)
CVE-1999-1148
FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time.
2002-03-09
2002-03-01
CVE-1999-1148
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-006
MS:MS98-006
http://support.microsoft.com/support/kb/articles/Q189/2/62.ASP
MSKB:Q189262
https://exchange.xforce.ibmcloud.com/vulnerabilities/1215
XF:iis-passive-ftp(1215)
CVE-1999-1149
Buffer overflow in CSM Proxy 4.1 allows remote attackers to cause a denial of service (crash) via a long string to the FTP port.
2001-09-12
2017-12-18
CVE-1999-1149
http://marc.info/?l=bugtraq&m=90221104525993&w=2
BUGTRAQ:19980716 S.A.F.E.R. Security Bulletin 980708.DOS.1.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/1422
XF:csm-proxy-dos(1422)
CVE-1999-1150
Livingston Portmaster routers running ComOS use the same initial sequence number (ISN) for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions.
2001-09-12
2017-12-18
CVE-1999-1150
http://www.securityfocus.com/archive/1/9723
BUGTRAQ:19980630 Livingston Portmaster - ISN generation is loosy!
https://exchange.xforce.ibmcloud.com/vulnerabilities/1882
XF:portmaster-fixed-isn(1882)
CVE-1999-1151
Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the integrator without providing a username or password.
2001-09-12
2017-12-18
CVE-1999-1151
http://marc.info/?l=bugtraq&m=90296493106214&w=2
BUGTRAQ:19980603 Compaq/Microcom 6000 DoS + more
https://exchange.xforce.ibmcloud.com/vulnerabilities/2089
XF:microcom-dos(2089)
CVE-1999-1152
Compaq/Microcom 6000 Access Integrator does not disconnect a client after a certain number of failed login attempts, which allows remote attackers to guess usernames or passwords via a brute force attack.
2001-09-12
2016-10-17
CVE-1999-1152
http://marc.info/?l=bugtraq&m=90296493106214&w=2
BUGTRAQ:19980603 Compaq/Microcom 6000 DoS + more
CVE-1999-1153
HAMcards Postcard CGI script 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address.
2001-09-12
2017-12-18
CVE-1999-1153
http://www.securityfocus.com/archive/1/11175
BUGTRAQ:19981109 Several new CGI vulnerabilities
https://exchange.xforce.ibmcloud.com/vulnerabilities/1400
XF:cgi-perl-mail-programs(1400)
CVE-1999-1154
LakeWeb Filemail CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address.
2001-09-12
2017-12-18
CVE-1999-1154
http://www.securityfocus.com/archive/1/11175
BUGTRAQ:19981109 Several new CGI vulnerabilities
http://lakeweb.com/scripts/
MISC:http://lakeweb.com/scripts/
https://exchange.xforce.ibmcloud.com/vulnerabilities/1400
XF:cgi-perl-mail-programs(1400)
CVE-1999-1155
LakeWeb Mail List CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address.
2001-09-12
2017-12-18
CVE-1999-1155
http://www.securityfocus.com/archive/1/11175
BUGTRAQ:19981109 Several new CGI vulnerabilities
http://lakeweb.com/scripts/
MISC:http://lakeweb.com/scripts/
https://exchange.xforce.ibmcloud.com/vulnerabilities/1400
XF:cgi-perl-mail-programs(1400)
CVE-1999-1156
BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns.
2002-03-09
2002-03-01
CVE-1999-1156
NTBUGTRAQ:19990517 Vulnerabilities in BisonWare FTP Server 3.5
https://exchange.xforce.ibmcloud.com/vulnerabilities/2254
XF:bisonware-port-crash(2254)
CVE-1999-1157
Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface.
2002-03-09
2002-03-01
CVE-1999-1157
http://support.microsoft.com/support/kb/articles/Q192/7/74.ASP
MSKB:Q192774
https://exchange.xforce.ibmcloud.com/vulnerabilities/3894
XF:tcpipsys-icmp-dos(3894)
CVE-1999-1158
Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these modules such as passwd, yppasswd, and nispasswd.
2001-09-12
2002-02-11
CVE-1999-1158
ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-97.09.Solaris.passwd.buffer.overrun.vul
AUSCERT:AA-97.09
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/139&type=0&nav=sec.sba
SUN:00139
CVE-1999-1159
SSH 2.0.11 and earlier allows local users to request remote forwarding from privileged ports without being root.
2002-03-09
2001-12-14
CVE-1999-1159
http://marc.info/?l=bugtraq&m=91495920911490&w=2
BUGTRAQ:19981229 ssh2 security problem (and patch) (fwd)
https://exchange.xforce.ibmcloud.com/vulnerabilities/1471
XF:ssh-privileged-port-forward(1471)
CVE-1999-1160
Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges.
2002-03-09
2002-02-20
CVE-1999-1160
http://ciac.llnl.gov/ciac/bulletins/h-33.shtml
CIAC:H-33
http://marc.info/?l=bugtraq&m=87602167420581&w=2
HP:HPSBUX9702-055
http://www.iss.net/security_center/static/7437.php
XF:hp-ftpd-kftpd(7437)
CVE-1999-1161
Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump.
2002-03-09
2002-02-20
CVE-1999-1161
AUSCERT:AA-97.07
http://marc.info/?l=bugtraq&m=87602167420102&w=2
BUGTRAQ:19961103 Re: Untitled
http://marc.info/?l=bugtraq&m=87602167420103&w=2
BUGTRAQ:19961104 ppl bugs
http://ciac.llnl.gov/ciac/bulletins/h-32.shtml
CIAC:H-32
http://www.codetalker.com/advisories/vendor/hp/hpsbux9704-057.html
HP:HPSBUX9704-057
http://www.iss.net/security_center/static/7438.php
XF:hp-ppl(7438)
CVE-1999-1162
Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers to cause a denial of service by preventing users from being able to log into the system.
2002-03-09
2002-02-20
CVE-1999-1162
http://www.cert.org/advisories/CA-1993-08.html
CERT:CA-1993-08
http://www.iss.net/security_center/static/542.php
XF:sco-passwd-deny(542)
CVE-1999-1163
Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation.
2002-03-09
2002-02-20
CVE-1999-1163
http://marc.info/?l=bugtraq&m=94347039929958&w=2
HP:HPSBUX9911-105
http://www.iss.net/security_center/static/7439.php
XF:hp-ssp(7439)
CVE-1999-1164
Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang.
2001-09-12
2016-10-17
CVE-1999-1164
http://marc.info/?l=bugtraq&m=93041631215856&w=2
BUGTRAQ:19990625 Outlook denial of service
CVE-1999-1165
GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files.
2001-09-12
2016-10-17
CVE-1999-1165
http://www.securityfocus.com/bid/535
BID:535
http://www.securityfocus.com/archive/1/2478
BUGTRAQ:19950317 GNU finger 1.37 executes ~/.fingerrc with gid root
http://marc.info/?l=bugtraq&m=93268249021561&w=2
BUGTRAQ:19990721 old gnu finger bugs
CVE-1999-1166
Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.
2001-09-12
2002-03-22
CVE-1999-1166
http://www.securityfocus.com/bid/523
BID:523
http://www.securityfocus.com/archive/1/18156
BUGTRAQ:19990711 Linux 2.0.37 segment limit bug
CVE-1999-1167
Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation.
2002-03-09
2002-02-20
CVE-1999-1167
http://www.wired.com/news/technology/0,1282,20677,00.html
CONFIRM:http://www.wired.com/news/technology/0,1282,20677,00.html
http://www.wired.com/news/technology/0,1282,20636,00.html
MISC:http://www.wired.com/news/technology/0,1282,20636,00.html
http://www.iss.net/security_center/static/7252.php
XF:thirdvoice-cross-site-scripting(7252)
CVE-1999-1168
install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file.
2001-09-12
2003-05-08
CVE-1999-1168
http://www.securityfocus.com/archive/1/12640
BUGTRAQ:19990220 ISS install.iss security hole
CVE-1999-1169
nobo 1.2 allows remote attackers to cause a denial of service (crash) via a series of large UDP packets.
2001-09-12
2003-05-08
CVE-1999-1169
http://www.securityfocus.com/archive/1/12284
BUGTRAQ:19990204 NOBO denial of service
CVE-1999-1170
IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
2001-09-12
2016-10-17
CVE-1999-1170
http://www.securityfocus.com/bid/218
BID:218
http://marc.info/?l=ntbugtraq&m=91816507920544&w=2
NTBUGTRAQ:19990204 WS FTP Server Remote DoS Attack
CVE-1999-1171
IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
2001-09-12
2016-10-17
CVE-1999-1171
http://www.securityfocus.com/bid/218
BID:218
http://marc.info/?l=ntbugtraq&m=91816507920544&w=2
NTBUGTRAQ:19990204 WS FTP Server Remote DoS Attack
CVE-1999-1172
By design, Maximizer Enterprise 4 calendar and address book program allows arbitrary users to modify the calendar of other users when the calendar is being shared.
2001-09-12
2001-11-28
CVE-1999-1172
http://www.securityfocus.com/archive/1/11947
BUGTRAQ:19990114 security hole in Maximizer
CVE-1999-1173
Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, which allows local users to (1) modify Word Perfect behavior by modifying files in the working directory, or (2) modify files of other users via a symlink attack.
2001-09-12
2016-10-17
CVE-1999-1173
http://marc.info/?l=bugtraq&m=91404045014047&w=2
BUGTRAQ:19981218 wordperfect 8 for linux security
CVE-1999-1174
ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power down, manually replacing the known disk with the target disk, and using the known password to access the target disk.
2001-09-12
2003-05-08
CVE-1999-1174
http://www.counterpane.com/crypto-gram-9812.html#doghouse
MISC:http://www.counterpane.com/crypto-gram-9812.html#doghouse
CVE-1999-1175
Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.
2002-03-09
2002-03-01
CVE-1999-1175
http://www.ciac.org/ciac/bulletins/i-054.shtml
CIAC:I-054
http://www.cisco.com/warp/public/770/wccpauth-pub.shtml
CISCO:19980513 Cisco Web Cache Control Protocol Router Vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/1577
XF:cisco-wccp-vuln(1577)
CVE-1999-1176
Buffer overflow in cidentd ident daemon allows local users to gain root privileges via a long line in the .authlie script.
2001-09-12
2016-10-17
CVE-1999-1176
http://marc.info/?l=bugtraq&m=88466930416716&w=2
BUGTRAQ:19980110 Cidentd
http://marc.info/?l=bugtraq&m=90554230925545&w=2
BUGTRAQ:19980911 Re: security problems with jidentd
http://spisa.act.uji.es/spi/progs/codigo/www.hack.co.za/exploits/daemon/ident/cidentd.c
MISC:http://spisa.act.uji.es/spi/progs/codigo/www.hack.co.za/exploits/daemon/ident/cidentd.c
CVE-1999-1177
Directory traversal vulnerability in nph-publish before 1.2 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the pathname for an upload operation.
2002-03-09
2002-03-01
CVE-1999-1177
http://www-genome.wi.mit.edu/WWW/tools/CGI_scripts/server_publish/nph-publish
CONFIRM:http://www-genome.wi.mit.edu/WWW/tools/CGI_scripts/server_publish/nph-publish
http://www.w3.org/Security/Faq/wwwsf4.html
MISC:http://www.w3.org/Security/Faq/wwwsf4.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/2055
XF:http-cgi-nphpublish(2055)
CVE-1999-1178
Sambar Server 4.1 beta allows remote attackers to obtain sensitive information about the server via an HTTP request for the dumpenv.pl script.
2001-09-12
2017-12-18
CVE-1999-1178
http://www.securityfocus.com/archive/1/9505
BUGTRAQ:19980610 Sambar Server Beta BUG..
https://exchange.xforce.ibmcloud.com/vulnerabilities/3223
XF:sambar-dump-env(3223)
CVE-1999-1179
Vulnerability in man.sh CGI script, included in May 1998 issue of SysAdmin Magazine, allows remote attackers to execute arbitrary commands.
2001-09-12
2003-05-08
CVE-1999-1179
http://www.securityfocus.com/archive/1/9330
BUGTRAQ:19980515 May SysAdmin man.sh security hole
CVE-1999-1180
O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat.
2001-09-12
2003-05-08
CVE-1999-1180
http://www.tryc.on.ca/archives/bugtraq/1999_1/0612.html
BUGTRAQ:19990216 Website Pro v2.0 (NT) Configuration Issues
http://oliver.efri.hr/~crv/security/bugs/NT/buffer.html
MISC:http://oliver.efri.hr/~crv/security/bugs/NT/buffer.html
CVE-1999-1181
Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges.
2002-03-09
2002-02-20
CVE-1999-1181
http://ciac.llnl.gov/ciac/bulletins/j-003.shtml
CIAC:J-003
ftp://patches.sgi.com/support/free/security/advisories/19980901-01-PX
SGI:19980901-01-PX
http://www.iss.net/security_center/static/7441.php
XF:irix-register(7441)
CVE-1999-1182
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
2001-09-12
2016-10-17
CVE-1999-1182
http://marc.info/?l=bugtraq&m=87602661419318&w=2
BUGTRAQ:19970717 KSR[T] Advisory #2: ld.so
http://marc.info/?l=bugtraq&m=87602661419351&w=2
BUGTRAQ:19970722 ld.so vulnerability
http://marc.info/?l=bugtraq&m=88661732807795&w=2
BUGTRAQ:19980204 An old ld-linux.so hole
CVE-1999-1183
System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type.
2001-09-12
2006-07-04
CVE-1999-1183
http://www.osvdb.org/8556
OSVDB:8556
ftp://patches.sgi.com/support/free/security/advisories/19980403-01-PX
SGI:19980403-01-PX
ftp://patches.sgi.com/support/free/security/advisories/19980403-02-PX
SGI:19980403-02-PX
http://www.iss.net/security_center/static/809.php
XF:sgi-mailcap(809)
CVE-1999-1184
Buffer overflow in Elm 2.4 and earlier allows local users to gain privileges via a long TERM environmental variable.
2001-09-12
2016-10-17
CVE-1999-1184
http://marc.info/?l=bugtraq&m=87602167420967&w=2
BUGTRAQ:19970513
http://marc.info/?l=bugtraq&m=87602167420970&w=2
BUGTRAQ:19970514 Re: ELM overflow
CVE-1999-1185
Buffer overflow in SCO mscreen allows local users to gain root privileges via a long terminal entry (TERM) in the .mscreenrc file.
2001-09-12
2017-07-10
CVE-1999-1185
BUGTRAQ:19980827 SCO mscreen vul.
http://marc.info/?l=bugtraq&m=90686250717719&w=2
BUGTRAQ:19980926 Root exploit for SCO OpenServer.
CERT:VB-98.10
SCO:98.05
https://exchange.xforce.ibmcloud.com/vulnerabilities/1379
XF:sco-openserver-mscreen-bo(1379)
CVE-1999-1186
rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter.
2001-09-12
2016-10-17
CVE-1999-1186
http://marc.info/?l=bugtraq&m=87602167418966&w=2
BUGTRAQ:19960102 rxvt security hole
CVE-1999-1187
Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail.
2001-09-12
2017-12-18
CVE-1999-1187
http://marc.info/?l=bugtraq&m=87602167419803&w=2
BUGTRAQ:19960826 [BUG] Vulnerability in PINE
https://exchange.xforce.ibmcloud.com/vulnerabilities/416
XF:pine-tmpfile(416)
CVE-1999-1188
mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database.
2002-03-09
2001-12-14
CVE-1999-1188
http://marc.info/?l=bugtraq&m=91479159617803&w=2
BUGTRAQ:19981227 mysql: mysqld creates world readable logs..
https://exchange.xforce.ibmcloud.com/vulnerabilities/1568
XF:mysql-readable-log-files(1568)
CVE-1999-1189
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
2004-09-01
2004-07-22
CVE-1999-1189
http://www.securityfocus.com/bid/822
BID:822
http://www.securityfocus.com/archive/1/36306
BUGTRAQ:19991124 Netscape Communicator 4.7 - Navigator Overflows
http://www.securityfocus.com/archive/1/36608
BUGTRAQ:19991127 Netscape Communicator 4.7 - Navigator Overflows
https://exchange.xforce.ibmcloud.com/vulnerabilities/7884
XF:netscape-long-argument-bo(7884)
CVE-1999-1190
Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message.
2001-09-12
2002-03-03
CVE-1999-1190
http://www.securityfocus.com/bid/801
BID:801
http://www.securiteam.com/exploits/E-MailClub__FROM__remote_buffer_overflow.html
MISC:http://www.securiteam.com/exploits/E-MailClub__FROM__remote_buffer_overflow.html
CVE-1999-1191
Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
2002-03-09
2002-02-16
CVE-1999-1191
ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-97.18.solaris.chkey.buffer.overflow.vul
AUSCERT:AA-97.18
http://www.securityfocus.com/bid/207
BID:207
http://marc.info/?l=bugtraq&m=87602167418335&w=2
BUGTRAQ:19970519 Re: Finally, most of an exploit for Solaris 2.5.1's ps.
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/144
SUN:00144
http://www.iss.net/security_center/static/7442.php
XF:solaris-chkey-bo(7442)
CVE-1999-1192
Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
2002-03-09
2002-02-16
CVE-1999-1192
http://www.securityfocus.com/bid/206
BID:206
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/143
SUN:00143
http://www.iss.net/security_center/static/7444.php
XF:solaris-eeprom-bo(7444)
CVE-1999-1193
The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root.
2002-03-09
2002-03-01
CVE-1999-1193
http://www.securityfocus.com/bid/20
BID:20
http://www.cert.org/advisories/CA-1991-06.html
CERT:CA-1991-06
https://exchange.xforce.ibmcloud.com/vulnerabilities/581
XF:next-me(581)
CVE-1999-1194
chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which allows local users to gain privileges.
2002-03-09
2002-03-01
CVE-1999-1194
http://www.securityfocus.com/bid/17
BID:17
http://www.cert.org/advisories/CA-1991-05.html
CERT:CA-1991-05
https://exchange.xforce.ibmcloud.com/vulnerabilities/577
XF:dec-chroot(577)
CVE-1999-1195
NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly.
2001-09-12
2016-10-17
CVE-1999-1195
http://www.securityfocus.com/bid/169
BID:169
http://marc.info/?l=bugtraq&m=92588169005196&w=2
BUGTRAQ:19990505 NAI AntiVirus Update Problem
http://marc.info/?l=ntbugtraq&m=92587579032534&w=2
NTBUGTRAQ:19990505 NAI AntiVirus Update Problem
CVE-1999-1196
Hummingbird Exceed X version 5 allows remote attackers to cause a denial of service via malformed data to port 6000.
2001-09-12
2003-05-08
CVE-1999-1196
http://www.securityfocus.com/bid/158
BID:158
http://www.securityfocus.com/archive/1/13451
BUGTRAQ:19990427 NT/Exceed D.O.S.
CVE-1999-1197
TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a user who tries to redirect console output and input, which could allow a local user to gain privileges.
2002-03-09
2002-02-16
CVE-1999-1197
http://www.securityfocus.com/bid/14
BID:14
http://www.cert.org/advisories/CA-1990-12.html
CERT:CA-1990-12
http://www.iss.net/security_center/static/7140.php
XF:sunos-tioccons-console-redirection(7140)
CVE-1999-1198
BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges.
2002-03-09
2002-02-20
CVE-1999-1198
http://www.securityfocus.com/bid/11
BID:11
http://www.cert.org/advisories/CA-1990-06.html
CERT:CA-1990-06
http://ciac.llnl.gov/ciac/bulletins/b-01.shtml
CIAC:B-01
http://www.iss.net/security_center/static/7141.php
XF:nextstep-builddisk-root-access(7141)
CVE-1999-1199
Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.
2004-09-01
2021-06-06
CVE-1999-1199
http://marc.info/?l=bugtraq&m=90252779826784&w=2
BUGTRAQ:19980807 YA Apache DoS attack
http://marc.info/?l=bugtraq&m=90276683825862&w=2
BUGTRAQ:19980808 Debian Apache Security Update
http://marc.info/?l=bugtraq&m=90286768232093&w=2
BUGTRAQ:19980810 Apache DoS Attack
http://marc.info/?l=bugtraq&m=90280517007869&w=2
BUGTRAQ:19980811 Apache 'sioux' DOS fix for TurboLinux
http://www.redhat.com/support/errata/rh51-errata-general.html#apache
CONFIRM:http://www.redhat.com/support/errata/rh51-errata-general.html#apache
https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/
https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E
MLIST:[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/
https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E
MLIST:[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html
CVE-1999-1200
Vintra SMTP MailServer allows remote attackers to cause a denial of service via a malformed "EXPN *@" command.
2001-09-12
2017-12-18
CVE-1999-1200
http://marc.info/?l=ntbugtraq&m=90222454131610&w=2
NTBUGTRAQ:19980720 DOS in Vintra systems Mailserver software.
https://exchange.xforce.ibmcloud.com/vulnerabilities/1617
XF:vintra-mail-dos(1617)
CVE-1999-1201
Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing.
2004-09-01
2004-07-22
CVE-1999-1201
http://www.securityfocus.com/bid/225
BID:225
http://marc.info/?l=ntbugtraq&m=91849617221319&w=2
NTBUGTRAQ:19990206 New Windows 9x Bug: TCP Chorusing
https://exchange.xforce.ibmcloud.com/vulnerabilities/7542
XF:win-multiple-ip-dos(7542)
CVE-1999-1202
StarTech (1) POP3 proxy server and (2) telnet server allows remote attackers to cause a denial of service via a long USER command.
2001-09-12
2017-12-18
CVE-1999-1202
http://marc.info/?l=bugtraq&m=90221104525873&w=2
BUGTRAQ:19980703 Windows95 Proxy DoS Vulnerabilites
https://exchange.xforce.ibmcloud.com/vulnerabilities/2088
XF:startech-pop3-overflow(2088)
CVE-1999-1203
Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier.
2002-03-09
2002-02-20
CVE-1999-1203
http://marc.info/?l=bugtraq&m=91868964203769&w=2
BUGTRAQ:19990210 Security problems in ISDN equipment authentication
http://marc.info/?l=bugtraq&m=91888117502765&w=2
BUGTRAQ:19990212 PPP/ISDN multilink security issue - summary
http://www.iss.net/security_center/static/7498.php
XF:ascend-ppp-isdn-dos(7498)
CVE-1999-1204
Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default "ANY" address and result in access to more systems than intended by the administrator.
2002-03-09
2002-02-20
CVE-1999-1204
http://marc.info/?l=bugtraq&m=90221101925912&w=2
BUGTRAQ:19980511 Firewall-1 Reserved Keywords Vulnerability
http://www.checkpoint.com/techsupport/config/keywords.html
CONFIRM:http://www.checkpoint.com/techsupport/config/keywords.html
http://www.osvdb.org/4416
OSVDB:4416
https://exchange.xforce.ibmcloud.com/vulnerabilities/7293
XF:fw1-user-defined-keywords-access(7293)
CVE-1999-1205
nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information.
2002-03-09
2002-03-01
CVE-1999-1205
http://marc.info/?l=bugtraq&m=87602167419195&w=2
BUGTRAQ:19960607 HP-UX B.10.01 vulnerability
CIAC:G-34
http://packetstormsecurity.org/advisories/ibm-ers/96-08
HP:HPSBUX9607-035
https://exchange.xforce.ibmcloud.com/vulnerabilities/414
XF:hp-nettune(414)
CVE-1999-1206
SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and possibly other platforms and operating systems, installs two ActiveX controls that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via a malicious web page that references (1) the Launch control, or (2) the RegObj control.
2001-09-12
2016-10-17
CVE-1999-1206
http://www.securityfocus.com/bid/555
BID:555
http://marc.info/?l=bugtraq&m=93336970231857&w=2
BUGTRAQ:19990729 New ActiveX security problems in Windows 98 PCs
http://www.systemsoft.com/l-2/l-3/support-systemwizard.htm
CONFIRM:http://www.systemsoft.com/l-2/l-3/support-systemwizard.htm
CVE-1999-1207
Buffer overflow in web-admin tool in NetXRay 2.6 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request.
2001-09-12
2017-12-18
CVE-1999-1207
http://www.efri.hr/~crv/security/bugs/NT/netxtray.html
MISC:http://www.efri.hr/~crv/security/bugs/NT/netxtray.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/907
XF:netxray-bo(907)
CVE-1999-1208
Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument.
2002-03-09
2002-03-01
CVE-1999-1208
http://marc.info/?l=bugtraq&m=87602661419330&w=2
BUGTRAQ:19970721 AIX ping (Exploit)
http://marc.info/?l=bugtraq&m=87602661419337&w=2
BUGTRAQ:19970721 AIX ping, lchangelv, xlock fixes
https://exchange.xforce.ibmcloud.com/vulnerabilities/803
XF:ping-bo(803)
CVE-1999-1209
Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges.
2002-03-09
2002-03-01
CVE-1999-1209
http://marc.info/?l=bugtraq&m=88131151000069&w=2
BUGTRAQ:19971204 scoterm exploit
http://www.cert.org/vendor_bulletins/VB-97.14.scoterm
CERT:VB-97.14
https://exchange.xforce.ibmcloud.com/vulnerabilities/690
XF:sco-scoterm(690)
CVE-1999-1210
xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access.
2001-09-12
2017-12-18
CVE-1999-1210
http://marc.info/?l=bugtraq&m=87936891504885&w=2
BUGTRAQ:19971112 Digital Unix Security Problem
https://exchange.xforce.ibmcloud.com/vulnerabilities/613
XF:dec-xterm(613)
CVE-1999-1211
Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local users to gain root privileges.
2001-09-12
2017-12-18
CVE-1999-1211
http://www.cert.org/advisories/CA-1991-02.html
CERT:CA-1991-02
https://exchange.xforce.ibmcloud.com/vulnerabilities/574
XF:sun-intelnetd(574)
CVE-1999-1212
Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges.
2001-09-12
2017-12-18
CVE-1999-1212
http://www.cert.org/advisories/CA-1991-02.html
CERT:CA-1991-02
https://exchange.xforce.ibmcloud.com/vulnerabilities/574
XF:sun-intelnetd(574)
CVE-1999-1213
Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service.
2001-09-12
2017-12-18
CVE-1999-1213
http://www2.dataguard.no/bugtraq/1997_4/0001.html
HP:HPSBUX9710-070
https://exchange.xforce.ibmcloud.com/vulnerabilities/571
XF:hp-telnetdos(571)
CVE-1999-1214
The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID.
2002-03-09
2002-03-01
CVE-1999-1214
http://www.openbsd.com/advisories/signals.txt
MISC:http://www.openbsd.com/advisories/signals.txt
http://www.openbsd.com/advisories/signals.txt
OPENBSD:19970915 Vulnerability in I/O Signal Handling
http://www.osvdb.org/11062
OSVDB:11062
https://exchange.xforce.ibmcloud.com/vulnerabilities/556
XF:openbsd-iosig(556)
CVE-1999-1215
LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges.
2002-03-09
2002-03-01
CVE-1999-1215
http://www.cert.org/advisories/CA-1993-12.html
CERT:CA-1993-12
http://ciac.llnl.gov/ciac/bulletins/d-21.shtml
CIAC:D-21
https://exchange.xforce.ibmcloud.com/vulnerabilities/545
XF:novell-login(545)
CVE-1999-1216
Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command.
2001-09-12
2017-12-18
CVE-1999-1216
http://www.cert.org/advisories/CA-1993-07.html
CERT:CA-1993-07
http://ciac.llnl.gov/ciac/bulletins/d-15.shtml
CIAC:D-15
https://exchange.xforce.ibmcloud.com/vulnerabilities/541
XF:cisco-sourceroute(541)
CVE-1999-1217
The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories.
2004-09-01
2002-07-12
CVE-1999-1217
http://marc.info/?l=ntbugtraq&m=87602726319426&w=2
NTBUGTRAQ:19970723 NT security - why bother?
http://marc.info/?l=ntbugtraq&m=87602726319435&w=2
NTBUGTRAQ:19970725 Re: NT security - why bother?
https://exchange.xforce.ibmcloud.com/vulnerabilities/526
XF:nt-path(526)
CVE-1999-1218
Vulnerability in finger in Commodore Amiga UNIX 2.1p2a and earlier allows local users to read arbitrary files.
2001-09-12
2017-12-18
CVE-1999-1218
http://www.cert.org/advisories/CA-1993-04.html
CERT:CA-1993-04
https://exchange.xforce.ibmcloud.com/vulnerabilities/522
XF:amiga-finger(522)
CVE-1999-1219
Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command.
2001-09-12
2017-12-18
CVE-1999-1219
AUSCERT:AA-94.04a
http://www.securityfocus.com/bid/468
BID:468
http://www.cert.org/advisories/CA-1994-13.html
CERT:CA-1994-13
http://ciac.llnl.gov/ciac/bulletins/e-33.shtml
CIAC:E-33
https://exchange.xforce.ibmcloud.com/vulnerabilities/511
XF:sgi-prn-mgr(511)
CVE-1999-1220
Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header.
2001-09-12
2017-12-18
CVE-1999-1220
http://www.securityfocus.com/archive/1/7527
BUGTRAQ:19970824 Vulnerability in Majordomo
https://exchange.xforce.ibmcloud.com/vulnerabilities/502
XF:majordomo-advertise(502)
CVE-1999-1221
dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file.
2001-09-12
2017-12-18
CVE-1999-1221
http://marc.info/?l=bugtraq&m=87602167420141&w=2
BUGTRAQ:19961117 Digital Unix v3.x (v4.x?) security vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/399
XF:dgux-chpwd(399)
CVE-1999-1222
Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cause a denial of service (crash) by returning 0.0.0.0 as the IP address for a DNS host name lookup.
2002-03-09
2002-03-01
CVE-1999-1222
http://support.microsoft.com/support/kb/articles/Q188/5/71.ASP
MSKB:Q188571
https://exchange.xforce.ibmcloud.com/vulnerabilities/3893
XF:dns-netbtsys-dos(3893)
CVE-1999-1223
IIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which the URL contains a large number of / (forward slash) characters.
2002-03-09
2002-03-01
CVE-1999-1223
http://support.microsoft.com/support/kb/articles/q187/5/03.asp
MSKB:Q187503
https://exchange.xforce.ibmcloud.com/vulnerabilities/3892
XF:url-asp-av(3892)
CVE-1999-1224
IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
2001-09-12
2017-12-18
CVE-1999-1224
http://marc.info/?l=bugtraq&m=87635124302928&w=2
BUGTRAQ:19971008 L0pht Advisory: IMAP4rev1 imapd server
https://exchange.xforce.ibmcloud.com/vulnerabilities/349
XF:imapd-core(349)
CVE-1999-1225
rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.
2001-09-12
2017-12-18
CVE-1999-1225
http://www.securityfocus.com/archive/1/7526
BUGTRAQ:19970824 Serious security flaw in rpc.mountd on several operating systems.
https://exchange.xforce.ibmcloud.com/vulnerabilities/347
XF:mountd-file-exists(347)
CVE-1999-1226
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.
2002-03-09
2001-11-28
CVE-1999-1226
http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html
MISC:http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/3436
XF:netscape-huge-key-dos(3436)
CVE-1999-1227
Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file.
2001-09-12
2017-12-18
CVE-1999-1227
http://www.ethereal.com/lists/ethereal-dev/199907/msg00126.html
MISC:http://www.ethereal.com/lists/ethereal-dev/199907/msg00126.html
http://www.ethereal.com/lists/ethereal-dev/199907/msg00130.html
MISC:http://www.ethereal.com/lists/ethereal-dev/199907/msg00130.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/3334
XF:ethereal-dev-capturec-root(3334)
CVE-1999-1228
Various modems that do not implement a guard time, or are configured with a guard time of 0, can allow remote attackers to execute arbitrary modem commands such as ATH, ATH0, etc., via a "+++" sequence that appears in ICMP packets, the subject of an e-mail message, IRC commands, and others.
2001-09-12
2017-12-18
CVE-1999-1228
http://marc.info/?l=bugtraq&m=90695973308453&w=2
BUGTRAQ:19980927 1+2=3, +++ATH0=Old school DoS
http://www.macintouch.com/modemsecurity.html
MISC:http://www.macintouch.com/modemsecurity.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/3320
XF:global-village-modem-dos(3320)
CVE-1999-1229
Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file.
2001-09-12
2017-12-18
CVE-1999-1229
http://www.securityfocus.com/archive/1/8590
BUGTRAQ:19980225 Quake 2 Linux 3.13 (and lower) allow users to read arbitrary files
https://exchange.xforce.ibmcloud.com/vulnerabilities/733
XF:linux-quake2(733)
CVE-1999-1230
Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself.
2001-09-12
2017-12-18
CVE-1999-1230
http://www.securityfocus.com/archive/1/8282
BUGTRAQ:19971224 Quake II Remote Denial of Service
https://exchange.xforce.ibmcloud.com/vulnerabilities/698
XF:quake2-dos(698)
CVE-1999-1231
ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote attackers to determine user account names on the server.
2001-09-12
2017-12-18
CVE-1999-1231
http://www.securityfocus.com/archive/1/14758
BUGTRAQ:19990609 ssh advirsory
https://exchange.xforce.ibmcloud.com/vulnerabilities/2276
XF:ssh-leak(2276)
CVE-1999-1232
Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program.
2001-09-12
2017-12-18
CVE-1999-1232
http://marc.info/?l=bugtraq&m=87602167420994&w=2
BUGTRAQ:19970516 Irix and WWW
http://www.osvdb.org/8559
OSVDB:8559
https://exchange.xforce.ibmcloud.com/vulnerabilities/3316
XF:sgi-day5datacopier(3316)
CVE-1999-1233
IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the "Domain Resolution" vulnerability.
2002-03-09
2002-03-01
CVE-1999-1233
http://www.securityfocus.com/bid/657
BID:657
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-039
MS:MS99-039
http://support.microsoft.com/support/kb/articles/Q241/5/62.asp
MSKB:241562
https://exchange.xforce.ibmcloud.com/vulnerabilities/3306
XF:iis-unresolved-domain-access(3306)
CVE-1999-1234
LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo.
2001-09-12
2017-12-18
CVE-1999-1234
http://marc.info/?l=ntbugtraq&m=94096671308565&w=2
BUGTRAQ:19991026 Re: LSA vulnerability on NT40 SP5
https://exchange.xforce.ibmcloud.com/vulnerabilities/3293
XF:msrpc-samr-open-dos(3293)
CVE-1999-1235
Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link.
2001-09-12
2017-12-18
CVE-1999-1235
http://ntbugtraq.ntadvice.com/default.asp?pid=36&sid=1&A2=ind9904&L=NTBUGTRAQ&P=R179
NTBUGTRAQ:19990331 Minor Bug in IE5.0
http://packetderm.cotse.com/mailing-lists/ntbugtraq/1999/0364.html
NTBUGTRAQ:19990825 IE5 FTP password exposure & index.dat null ACL problem
https://exchange.xforce.ibmcloud.com/vulnerabilities/3289
XF:nt-ie5-user-ftp-password(3289)
CVE-1999-1236
Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf.
2001-09-12
2017-12-18
CVE-1999-1236
http://www.securityfocus.com/bid/731
BID:731
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9910&L=ntbugtraq&F=&S=&P=662
NTBUGTRAQ:19991001 Vulnerabilities in the Internet Anywhere Mail Server
https://exchange.xforce.ibmcloud.com/vulnerabilities/3285
XF:iams-passwords-plaintext(3285)
CVE-1999-1237
Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
2001-09-12
2017-12-18
CVE-1999-1237
http://www.securityfocus.com/archive/1/14384
BUGTRAQ:19990606 Buffer overflows in smbval library
https://exchange.xforce.ibmcloud.com/vulnerabilities/2272
XF:smbvalid-bo(2272)
CVE-1999-1238
Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 and earlier allows local users to gain privileges.
2001-09-12
2017-12-18
CVE-1999-1238
http://www.securityfocus.com/advisories/1531
HP:HPSBUX9409-017
https://exchange.xforce.ibmcloud.com/vulnerabilities/2262
XF:hp-core-diag-fileset(2262)
CVE-1999-1239
HP-UX 9.x does not properly enable the Xauthority mechanism in certain conditions, which could allow local users to access the X display even when they have not explicitly been authorized to do so.
2001-09-12
2017-12-18
CVE-1999-1239
http://www.securityfocus.com/advisories/1559
HP:HPSBUX9407-015
https://exchange.xforce.ibmcloud.com/vulnerabilities/2261
XF:hp-xauthority(2261)
CVE-1999-1240
Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message.
2001-09-12
2017-12-18
CVE-1999-1240
http://www.securityfocus.com/archive/1/5784
BUGTRAQ:19961126 Major Security Vulnerabilities in Remote CD Databases
https://exchange.xforce.ibmcloud.com/vulnerabilities/2203
XF:cddbd-bo(2203)
CVE-1999-1241
Internet Explorer, with a security setting below Medium, allows remote attackers to execute arbitrary commands via a malicious web page that uses the FileSystemObject ActiveX object.
2001-09-12
2017-12-18
CVE-1999-1241
http://oliver.efri.hr/~crv/security/bugs/NT/activex4.html
MISC:http://oliver.efri.hr/~crv/security/bugs/NT/activex4.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/2173
XF:ie-filesystemobject(2173)
CVE-1999-1242
Vulnerability in subnetconfig in HP-UX 9.01 and 9.0 allows local users to gain privileges.
2001-09-12
2017-12-18
CVE-1999-1242
http://packetstormsecurity.org/advisories/hpalert/003
HP:HPSBUX9402-003
https://exchange.xforce.ibmcloud.com/vulnerabilities/2162
XF:hp-subnet-config(2162)
CVE-1999-1243
SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges.
2002-03-09
2002-03-01
CVE-1999-1243
http://ciac.llnl.gov/ciac/bulletins/f-16.shtml
CIAC:F-16
ftp://patches.sgi.com/support/free/security/advisories/19950301-01-P373
SGI:19950301-01-P373
https://exchange.xforce.ibmcloud.com/vulnerabilities/2113
XF:sgi-permissions(2113)
CVE-1999-1244
IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file.
2001-09-12
2017-12-18
CVE-1999-1244
http://www.securityfocus.com/archive/1/13303
BUGTRAQ:19990415 FSA-99.04-IPFILTER-v3.2.10
https://exchange.xforce.ibmcloud.com/vulnerabilities/2087
XF:ipfilter-temp-file(2087)
CVE-1999-1245
vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote attackers to obtain sensitive information.
2001-09-12
2017-12-18
CVE-1999-1245
https://exchange.xforce.ibmcloud.com/vulnerabilities/2086
XF:ucd-snmpd-community(2086)
CVE-1999-1246
Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.
2002-03-09
2002-03-01
CVE-1999-1246
http://support.microsoft.com/support/kb/articles/Q229/9/72.asp
MSKB:Q229972
https://exchange.xforce.ibmcloud.com/vulnerabilities/2068
XF:siteserver-directmail-passwords(2068)
CVE-1999-1247
Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges.
2001-09-12
2017-12-18
CVE-1999-1247
http://packetstormsecurity.org/advisories/hpalert/006
HP:HPSBUX9402-006
https://exchange.xforce.ibmcloud.com/vulnerabilities/2061
XF:hp-dce9000(2061)
CVE-1999-1248
Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges.
2001-09-12
2017-12-18
CVE-1999-1248
http://packetstormsecurity.org/advisories/hpalert/019
HP:HPSBUX9411-019
https://exchange.xforce.ibmcloud.com/vulnerabilities/2058
XF:hp-supportwatch(2058)
CVE-1999-1249
movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges.
2002-03-09
2002-03-01
CVE-1999-1249
http://www.codetalker.com/advisories/vendor/hp/hpsbux9701-047.html
HP:HPSBUX9701-047
http://www.osvdb.org/8099
OSVDB:8099
https://exchange.xforce.ibmcloud.com/vulnerabilities/2057
XF:hp-movemail(2057)
CVE-1999-1250
Vulnerability in CGI program in the Lasso application by Blue World, as used on WebSTAR and other servers, allows remote attackers to read arbitrary files.
2001-09-12
2017-12-18
CVE-1999-1250
http://www.securityfocus.com/archive/1/7506
BUGTRAQ:19970819 Lasso CGI security hole (fwd)
https://exchange.xforce.ibmcloud.com/vulnerabilities/2044
XF:http-cgi-lasso(2044)
CVE-1999-1251
Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service.
2001-09-12
2017-12-18
CVE-1999-1251
http://packetstormsecurity.org/advisories/hpalert/043
HP:HPSBUX9612-043
https://exchange.xforce.ibmcloud.com/vulnerabilities/2010
XF:hp-audio-panic(2010)
CVE-1999-1252
Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges.
2001-09-12
2017-12-18
CVE-1999-1252
http://www.cert.org/vendor_bulletins/VB-96.15.sco
CERT:VB-96.15
ftp://ftp.sco.COM/SSE/security_bulletins/SB.96:02a
SCO:96:002
https://exchange.xforce.ibmcloud.com/vulnerabilities/1966
XF:sco-system-call(1966)
CVE-1999-1253
Vulnerability in a kernel error handling routine in SCO OpenServer 5.0.2 and earlier, and SCO Internet FastStart 1.0, allows local users to gain root privileges.
2001-09-12
2017-12-18
CVE-1999-1253
http://www.cert.org/vendor_bulletins/VB-96.10.sco
CERT:VB-96.10
ftp://ftp.sco.com/SSE/security_bulletins/SB.96:01a
SCO:96:001
https://exchange.xforce.ibmcloud.com/vulnerabilities/1965
XF:sco-kernel(1965)
CVE-1999-1254
Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.
2001-09-12
2017-12-18
CVE-1999-1254
http://marc.info/?l=ntbugtraq&m=92099515709467&w=2
NTBUGTRAQ:19990308 Winfreeze EXPLOIT Win9x/NT
https://exchange.xforce.ibmcloud.com/vulnerabilities/1947
XF:win-redirects-freeze(1947)
CVE-1999-1255
Hyperseek allows remote attackers to modify the hyperseek configuration by directly calling the admin.cgi program with an edit_file action parameter.
2001-09-12
2017-12-18
CVE-1999-1255
http://www.rootshell.com/archive-j457nxiqi3gq59dv/199902/hyperseek.txt.html
MISC:http://www.rootshell.com/archive-j457nxiqi3gq59dv/199902/hyperseek.txt.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/1914
XF:hyperseek-modify(1914)
CVE-1999-1256
Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition stores the database master password in plaintext in the spoolmain.log file when a new database is created, which allows local users to obtain the password from that file.
2001-09-12
2017-12-18
CVE-1999-1256
http://www.securityfocus.com/archive/1/12744
BUGTRAQ:19990304 Oracle Plaintext Password
http://marc.info/?l=ntbugtraq&m=92056752115116&w=2
NTBUGTRAQ:19990304 Oracle Plaintext Password
https://exchange.xforce.ibmcloud.com/vulnerabilities/1902
XF:oracle-passwords(1902)
CVE-1999-1257
Xyplex terminal server 6.0.1S1, and possibly other versions, allows remote attackers to bypass the password prompt by entering (1) a CTRL-Z character, or (2) a ? (question mark).
2001-09-12
2017-12-18
CVE-1999-1257
http://www.securityfocus.com/archive/1/8134
BUGTRAQ:19971126 Xyplex terminal server bug
https://exchange.xforce.ibmcloud.com/vulnerabilities/1825
XF:xyplex-controlz-login(1825)
https://exchange.xforce.ibmcloud.com/vulnerabilities/1826
XF:xyplex-question-login(1826)
CVE-1999-1258
rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent remote access to the daemon, which allows remote attackers to obtain sensitive system information.
2002-03-09
2002-02-11
CVE-1999-1258
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/102
SUN:00102
https://exchange.xforce.ibmcloud.com/vulnerabilities/1782
XF:sun-pwdauthd(1782)
CVE-1999-1259
Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information.
2002-03-09
2002-03-01
CVE-1999-1259
http://support.microsoft.com/support/kb/articles/q189/5/29.asp
MSKB:Q189529
https://exchange.xforce.ibmcloud.com/vulnerabilities/1780
XF:office-extraneous-data(1780)
CVE-1999-1260
mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive server information such as logged users, database names, and server version via the ServerStats query.
2001-09-12
2017-12-18
CVE-1999-1260
http://marc.info/?l=bugtraq&m=91910115718150&w=2
BUGTRAQ:19990215 KSR[T] Advisory #10: mSQL ServerStats
https://exchange.xforce.ibmcloud.com/vulnerabilities/1777
XF:msql-serverstats(1777)
CVE-1999-1261
Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command.
2001-09-12
2017-12-18
CVE-1999-1261
http://www.securityfocus.com/archive/1/12433
BUGTRAQ:19990211 Rainbow Six Buffer Overflow.....
https://exchange.xforce.ibmcloud.com/vulnerabilities/1772
XF:rainbowsix-nick-bo(1772)
CVE-1999-1262
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities.
2002-03-09
2002-03-01
CVE-1999-1262
http://www.securityfocus.com/archive/1/12231
BUGTRAQ:19990202 Unsecured server in applets under Netscape
https://exchange.xforce.ibmcloud.com/vulnerabilities/1727
XF:java-socket-open(1727)
CVE-1999-1263
Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file.
2002-03-09
2002-03-01
CVE-1999-1263
http://marc.info/?l=bugtraq&m=87773365324657&w=2
BUGTRAQ:19971024 Vulnerability in metamail
https://exchange.xforce.ibmcloud.com/vulnerabilities/1677
XF:metamail-file-creation(1677)
CVE-1999-1264
WebRamp M3 router does not disable remote telnet or HTTP access to itself, even when access has been explicitly disabled.
2001-09-12
2017-12-19
CVE-1999-1264
http://www.securityfocus.com/archive/1/12048
BUGTRAQ:19990121 WebRamp M3 remote network access bug
http://marc.info/?l=bugtraq&m=91815321510224&w=2
BUGTRAQ:19990203 WebRamp M3 Perceived Bug
https://exchange.xforce.ibmcloud.com/vulnerabilities/1670
XF:webramp-remote-access(1670)
CVE-1999-1265
SMTP server in SLmail 3.1 and earlier allows remote attackers to cause a denial of service via malformed commands whose arguments begin with a "(" (parenthesis) character, such as (1) SEND, (2) VRFY, (3) EXPN, (4) MAIL FROM, (5) RCPT TO.
2001-09-12
2017-12-18
CVE-1999-1265
BUGTRAQ:19980922 Re: WARNING! SMTP Denial of Service in SLmail ver 3.1
http://marc.info/?l=bugtraq&m=90649892424117&w=2
BUGTRAQ:19980922 WARNING! SMTP Denial of Service in SLmail ver 3.1
http://marc.info/?l=ntbugtraq&m=90650438826447&w=2
NTBUGTRAQ:19980922 WARNING! SMTP Denial of Service in SLmail ver 3.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/1664
XF:slmail-parens-overload(1664)
CVE-1999-1266
rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system.
2001-09-12
2017-12-18
CVE-1999-1266
http://www.securityfocus.com/archive/1/6978
BUGTRAQ:19970613 rshd gives away usernames
https://exchange.xforce.ibmcloud.com/vulnerabilities/1660
XF:rsh-username-leaks(1660)
CVE-1999-1267
KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server.
2001-09-12
2017-12-18
CVE-1999-1267
http://marc.info/?l=bugtraq&m=87602167420906&w=2
BUGTRAQ:19970505 Hole in the KDE desktop
https://exchange.xforce.ibmcloud.com/vulnerabilities/1646
XF:kde-flawed-ipc(1646)
CVE-1999-1268
Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices.
2001-09-12
2017-12-18
CVE-1999-1268
http://lists.kde.org/?l=kde-devel&m=91560433413263&w=2
MISC:http://lists.kde.org/?l=kde-devel&m=91560433413263&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/1645
XF:kde-konsole-hijack(1645)
CVE-1999-1269
Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file.
2001-09-12
2017-12-18
CVE-1999-1269
http://www.securityfocus.com/archive/1/8506
BUGTRAQ:19980206 serious security hole in KDE Beta 3
https://exchange.xforce.ibmcloud.com/vulnerabilities/1641
XF:kde-kss-file-clobber(1641)
CVE-1999-1270
KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.
2001-09-12
2017-12-18
CVE-1999-1270
http://lists.kde.org/?l=kde-devel&m=90221974029738&w=2
MISC:http://lists.kde.org/?l=kde-devel&m=90221974029738&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/1639
XF:kde-kmail-passphrase-leak(1639)
CVE-1999-1271
Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users.
2001-09-12
2017-12-18
CVE-1999-1271
http://www.securityfocus.com/archive/1/9511
BUGTRAQ:19980611 Unsecure passwords in Macromedia Dreamweaver
https://exchange.xforce.ibmcloud.com/vulnerabilities/1636
XF:dreamweaver-weak-passwords(1636)
CVE-1999-1272
Buffer overflows in CDROM Confidence Test program (cdrom) allow local users to gain root privileges.
2001-09-12
2017-12-18
CVE-1999-1272
ftp://patches.sgi.com/support/free/security/advisories/19980301-01-PX
SGI:19980301-01-PX
https://exchange.xforce.ibmcloud.com/vulnerabilities/1635
XF:irix-cdrom-confidence(1635)
CVE-1999-1273
Squid Internet Object Cache 1.1.20 allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences.
2001-09-12
2017-12-18
CVE-1999-1273
http://www.securityfocus.com/archive/1/8551
BUGTRAQ:19980220 Simple way to bypass squid ACLs
https://exchange.xforce.ibmcloud.com/vulnerabilities/1627
XF:squid-regexp-acl(1627)
CVE-1999-1274
iPass RoamServer 3.1 creates temporary files with world-writable permissions.
2001-09-12
2017-12-18
CVE-1999-1274
http://www.securityfocus.com/archive/1/8307
BUGTRAQ:19971229 iPass RoamServer 3.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/1625
XF:ipass-temporary-files(1625)
CVE-1999-1275
Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges.
2001-09-12
2017-12-18
CVE-1999-1275
http://www.securityfocus.com/archive/1/9478
BUGTRAQ:19970908 Password unsecurity in cc:Mail release 8
https://exchange.xforce.ibmcloud.com/vulnerabilities/1619
XF:lotus-ccmail-passwords(1619)
CVE-1999-1276
fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device.
2002-03-09
2002-03-01
CVE-1999-1276
http://www.debian.org/security/1998/19981207
DEBIAN:19981207 fte-console: does not drop its root priviliges
https://exchange.xforce.ibmcloud.com/vulnerabilities/1609
XF:fte-console-privileges(1609)
CVE-1999-1277
BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password.
2001-09-12
2017-12-18
CVE-1999-1277
http://marc.info/?l=ntbugtraq&m=91487886514546&w=2
NTBUGTRAQ:19981224 BackWeb - Password issue (used by NAI for Corporate customer notification).
https://exchange.xforce.ibmcloud.com/vulnerabilities/1565
XF:backweb-cleartext-passwords(1565)
CVE-1999-1278
nlog CGI scripts do not properly filter shell metacharacters from the IP address argument, which could allow remote attackers to execute certain commands via (1) nlog-smb.pl or (2) rpc-nlog.pl.
2001-09-12
2017-12-18
CVE-1999-1278
http://marc.info/?l=bugtraq&m=91470326629357&w=2
BUGTRAQ:19981225 Re: Nlog v1.0 Released - Nmap 2.x log management / analyzing tool
http://marc.info/?l=bugtraq&m=91471400632145&w=2
BUGTRAQ:19981226 Nlog 1.1b released - security holes fixed
https://exchange.xforce.ibmcloud.com/vulnerabilities/1549
XF:http-cgi-nlog-metachars(1549)
https://exchange.xforce.ibmcloud.com/vulnerabilities/1550
XF:http-cgi-nlog-netbios(1550)
CVE-1999-1279
An interaction between the AS/400 shared folders feature and Microsoft SNA Server 3.0 and earlier allows users to view each other's folders when the users share the same Local APPC LU.
2002-03-09
2002-03-01
CVE-1999-1279
http://support.microsoft.com/support/kb/articles/q138/0/01.asp
MSKB:Q138001
https://exchange.xforce.ibmcloud.com/vulnerabilities/1548
XF:snaserver-shared-folders(1548)
CVE-1999-1280
Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant for development and testing, which logs user names and passwords in cleartext in the test.log file.
2001-09-12
2017-12-18
CVE-1999-1280
http://www.securityfocus.com/archive/1/11512
BUGTRAQ:19981203 Remote Tools w/Exceed v.6.0.1.0 fer 95
https://exchange.xforce.ibmcloud.com/vulnerabilities/1547
XF:exceed-cleartext-passwords(1547)
CVE-1999-1281
Development version of Breeze Network Server allows remote attackers to cause the system to reboot by accessing the configbreeze CGI program.
2001-09-12
2017-12-18
CVE-1999-1281
http://www.securityfocus.com/archive/1/11720
BUGTRAQ:19981226 Breeze Network Server remote reboot and other bogosity.
https://exchange.xforce.ibmcloud.com/vulnerabilities/1544
XF:breeze-remote-reboot(1544)
CVE-1999-1282
RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges.
2001-09-12
2017-12-18
CVE-1999-1282
http://www.securityfocus.com/archive/1/11543
BUGTRAQ:19981210 RealSystem passwords
https://exchange.xforce.ibmcloud.com/vulnerabilities/1542
XF:realsystem-readable-conf-file(1542)
CVE-1999-1283
Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag.
2001-09-12
2017-12-18
CVE-1999-1283
http://www.securityfocus.com/archive/1/10320
BUGTRAQ:19980814 URL exploit to crash Opera Browser
https://exchange.xforce.ibmcloud.com/vulnerabilities/1541
XF:opera-slash-crash(1541)
CVE-1999-1284
NukeNabber allows remote attackers to cause a denial of service by connecting to the NukeNabber port (1080) without sending any data, which causes the CPU usage to rise to 100% from the report.exe program that is executed upon the connection.
2002-03-09
2002-02-17
CVE-1999-1284
http://www.securityfocus.com/archive/1/11131
BUGTRAQ:19981105 various *lame* DoS attacks
http://marc.info/?l=bugtraq&m=91063407332594&w=2
BUGTRAQ:19981107 Re: various *lame* DoS attacks
http://www.dynamsol.com/puppet/text/new.txt
MISC:http://www.dynamsol.com/puppet/text/new.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/1540
XF:nukenabber-timeout-dos(1540)
CVE-1999-1285
Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.
2001-09-12
2017-12-18
CVE-1999-1285
http://marc.info/?l=bugtraq&m=91495921611500&w=2
BUGTRAQ:19981227 [patch] fix for urandom read(2) not interruptible
https://exchange.xforce.ibmcloud.com/vulnerabilities/1472
XF:linux-random-read-dos(1472)
CVE-1999-1286
addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file.
2001-09-12
2017-12-18
CVE-1999-1286
http://www.securityfocus.com/bid/330
BID:330
http://marc.info/?l=bugtraq&m=87602167420927&w=2
BUGTRAQ:19970509 Re: Irix: misc
ftp://patches.sgi.com/support/free/security/advisories/19961203-02-PX
MISC:ftp://patches.sgi.com/support/free/security/advisories/19961203-02-PX
http://www.osvdb.org/8560
OSVDB:8560
https://exchange.xforce.ibmcloud.com/vulnerabilities/1433
XF:irix-addnetpr(1433)
CVE-1999-1287
Vulnerability in Analog 3.0 and earlier allows remote attackers to read arbitrary files via the forms interface.
2001-09-12
2017-12-18
CVE-1999-1287
http://www.statslab.cam.ac.uk/~sret1/analog/security.html
CONFIRM:http://www.statslab.cam.ac.uk/~sret1/analog/security.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/1410
XF:analog-remote-file(1410)
CVE-1999-1288
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.
2002-03-09
2002-03-01
CVE-1999-1288
http://www.securityfocus.com/archive/1/11397
BUGTRAQ:19981119 Vulnerability in Samba on RedHat, Caldera and PHT TurboLinux
http://www.caldera.com/support/security/advisories/SA-1998.35.txt
CALDERA:SA-1998.35
https://exchange.xforce.ibmcloud.com/vulnerabilities/1406
XF:samba-wsmbconf(1406)
CVE-1999-1289
ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network configuration.
2001-09-12
2017-12-18
CVE-1999-1289
http://www.securityfocus.com/archive/1/11233
BUGTRAQ:19981111 WARNING: Another ICQ IP address vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/1398
XF:icq-ip-info(1398)
CVE-1999-1290
Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string.
2002-03-09
2002-03-01
CVE-1999-1290
http://marc.info/?l=bugtraq&m=91127951426494&w=2
BUGTRAQ:19981117 nftp vulnerability (fwd)
http://www.ayukov.com/nftp/history.html
CONFIRM:http://www.ayukov.com/nftp/history.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/1397
XF:nftp-bo(1397)
CVE-1999-1291
TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target.
2001-09-12
2017-12-18
CVE-1999-1291
http://www.securityfocus.com/archive/1/10789
BUGTRAQ:19981005 New Windows Vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/1383
XF:nt-brkill(1383)
CVE-1999-1292
Buffer overflow in web administration feature of Kolban Webcam32 4.8.3 and earlier allows remote attackers to execute arbitrary commands via a long URL.
2001-09-12
2017-12-18
CVE-1999-1292
http://xforce.iss.net/alerts/advise7.php
ISS:19980901 Remote Buffer Overflow in the Kolban Webcam32 Program
https://exchange.xforce.ibmcloud.com/vulnerabilities/1366
XF:webcam32-buffer-overflow(1366)
CVE-1999-1293
mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core.
2001-09-12
2016-10-17
CVE-1999-1293
http://marc.info/?l=bugtraq&m=88413292830649&w=2
BUGTRAQ:19980106 Apache security advisory
http://www.apache.org/info/security_bulletin_1.2.5.html
CONFIRM:http://www.apache.org/info/security_bulletin_1.2.5.html
CVE-1999-1294
Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore permissions, which are inherited by programs such as File Manager that are started from the Shortcut Bar, which could allow local users to read folders for which they do not have permission.
2002-03-09
2002-02-20
CVE-1999-1294
http://support.microsoft.com/support/kb/articles/q146/6/04.asp
MSKB:Q146604
https://exchange.xforce.ibmcloud.com/vulnerabilities/562
XF:nt-filemgr(562)
CVE-1999-1295
Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 does not properly initialize the grouplist for users who belong to a large number of groups, which could allow those users to gain access to resources that are protected by DFS.
2001-09-12
2017-12-18
CVE-1999-1295
http://www.cert.org/vendor_bulletins/VB-96.16.transarc
CERT:VB-96.16
https://exchange.xforce.ibmcloud.com/vulnerabilities/7154
XF:dfs-login-groups(7154)
CVE-1999-1296
Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRB_CONF environmental variable.
2001-09-12
2016-10-17
CVE-1999-1296
http://marc.info/?l=bugtraq&m=87602167420878&w=2
BUGTRAQ:19970429 vulnerabilities in kerberos
CVE-1999-1297
cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.
2002-03-09
2002-02-17
CVE-1999-1297
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fpatches%2F100452&zone_32=10045%2A%20
SUNBUG:1077164
https://exchange.xforce.ibmcloud.com/vulnerabilities/7482
XF:sun-cmdtool-echo(7482)
CVE-1999-1298
Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user without a password and with /bin/date as the shell, which could allow attackers to gain access to certain system resources.
2002-03-09
2002-02-17
CVE-1999-1298
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-97:03.sysinstall.asc
FREEBSD:FreeBSD-SA-97:03
http://www.osvdb.org/6087
OSVDB:6087
http://www.iss.net/security_center/static/7537.php
XF:freebsd-sysinstall-ftp-password(7537)
CVE-1999-1299
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.
2001-09-12
2016-10-17
CVE-1999-1299
http://marc.info/?l=bugtraq&m=87602167420509&w=2
BUGTRAQ:19970203 Linux rcp bug
CVE-1999-1300
Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users to read arbitrary files and modify system accounting configuration.
2001-09-12
2002-03-01
CVE-1999-1300
http://ciac.llnl.gov/ciac/bulletins/b-31.shtml
CIAC:B-31
CVE-1999-1301
A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly other programs.
2002-03-09
2002-02-17
CVE-1999-1301
http://ciac.llnl.gov/ciac/bulletins/g-31.shtml
CIAC:G-31
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-96:17.rzsz.asc
FREEBSD:FreeBSD-SA-96:17
http://www.iss.net/security_center/static/7540.php
XF:rzsz-command-execution(7540)
CVE-1999-1302
Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local users to gain root access.
2001-09-12
2017-07-10
CVE-1999-1302
http://ftp.cerias.purdue.edu/pub/advisories/cert/cert_bulletins/VB-94:01.sco
CERT:VB-94:01
http://ciac.llnl.gov/ciac/bulletins/f-05.shtml
CIAC:F-05
http://www.osvdb.org/8797
OSVDB:8797
http://ciac.llnl.gov/ciac/bulletins/f-05.shtml
SCO:94:001
https://exchange.xforce.ibmcloud.com/vulnerabilities/7586
XF:sco-pt_chmod(7586)
CVE-1999-1303
Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users to gain root access.
2001-09-12
2001-11-28
CVE-1999-1303
http://ciac.llnl.gov/ciac/bulletins/f-05.shtml
CIAC:F-05
http://ciac.llnl.gov/ciac/bulletins/f-05.shtml
SCO:94:001
CVE-1999-1304
Vulnerability in login in SCO UNIX 4.2 and earlier allows local users to gain root access.
2001-09-12
2001-11-28
CVE-1999-1304
http://ciac.llnl.gov/ciac/bulletins/f-05.shtml
CIAC:F-05
http://ciac.llnl.gov/ciac/bulletins/f-05.shtml
SCO:94:001
CVE-1999-1305
Vulnerability in "at" program in SCO UNIX 4.2 and earlier allows local users to gain root access.
2001-09-12
2001-11-28
CVE-1999-1305
http://ciac.llnl.gov/ciac/bulletins/f-05.shtml
CIAC:F-05
http://ciac.llnl.gov/ciac/bulletins/f-05.shtml
SCO:94:001
CVE-1999-1306
Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.
2001-09-12
2002-02-20
CVE-1999-1306
http://www.cert.org/advisories/CA-1992-20.html
CERT:CA-1992-20
CVE-1999-1307
Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges.
2001-09-12
2002-03-01
CVE-1999-1307
http://www.dataguard.no/bugtraq/1994_4/0676.html
BUGTRAQ:19941209 Novell security advisory on sadc, urestore and the suid_exec feature
http://ciac.llnl.gov/ciac/bulletins/f-06.shtml
CIAC:F-06
CVE-1999-1308
Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges.
2001-09-12
2002-02-17
CVE-1999-1308
http://ciac.llnl.gov/ciac/bulletins/h-09.shtml
CIAC:H-09
http://ciac.llnl.gov/ciac/bulletins/h-91.shtml
CIAC:H-91
http://ciac.llnl.gov/ciac/bulletins/h-91.shtml
HP:HPSBUX9611-041
http://www.iss.net/security_center/static/7594.php
XF:hp-large-uid-gid(7594)
CVE-1999-1309
Sendmail before 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option.
2002-03-09
2002-02-20
CVE-1999-1309
http://www.dataguard.no/bugtraq/1994_1/0040.html
BUGTRAQ:19940314 sendmail -d problem (OLD yet still here)
http://www.dataguard.no/bugtraq/1994_1/0048.html
BUGTRAQ:19940315 Security problem in sendmail versions 8.x.x
http://www.dataguard.no/bugtraq/1994_1/0042.html
BUGTRAQ:19940315 anyone know details?
http://www.dataguard.no/bugtraq/1994_1/0043.html
BUGTRAQ:19940315 so...
http://www.dataguard.no/bugtraq/1994_1/0078.html
BUGTRAQ:19940327 sendmail exploit script - resend
http://www.cert.org/advisories/CA-94.12.sendmail.vulnerabilities
CERT:CA-1994-12
https://exchange.xforce.ibmcloud.com/vulnerabilities/7155
XF:sendmail-debug-gain-root(7155)
CVE-1999-1310
** REJECT **
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1022. Reason: This candidate is a duplicate of CVE-1999-1022. Notes: All CVE users should reference CVE-1999-1022 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
2001-09-12
2005-02-03
CVE-1999-1310
CVE-1999-1311
Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows local users to bypass authentication and gain privileges.
2001-09-12
2002-03-03
CVE-1999-1311
http://ciac.llnl.gov/ciac/bulletins/h-21.shtml
CIAC:H-21
http://ciac.llnl.gov/ciac/bulletins/h-21.shtml
HP:HPSBUX9701-046
CVE-1999-1312
Vulnerability in DEC OpenVMS VAX 5.5-2 through 5.0, and OpenVMS AXP 1.0, allows local users to gain system privileges.
2001-09-12
2017-12-18
CVE-1999-1312
http://www.cert.org/advisories/CA-1993-05.html
CERT:CA-1993-05
https://exchange.xforce.ibmcloud.com/vulnerabilities/7142
XF:openvms-local-privilege-elevation(7142)
CVE-1999-1313
Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands.
2001-09-12
2017-12-18
CVE-1999-1313
http://ciac.llnl.gov/ciac/bulletins/g-24.shtml
CIAC:G-24
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-96:11.man.asc
FREEBSD:FreeBSD-SA-96:11
https://exchange.xforce.ibmcloud.com/vulnerabilities/7348
XF:bsd-man-command-sequence(7348)
CVE-1999-1314
Vulnerability in union file system in FreeBSD 2.2 and earlier, and possibly other operating systems, allows local users to cause a denial of service (system reload) via a series of certain mount_union commands.
2001-09-12
2002-02-20
CVE-1999-1314
http://ciac.llnl.gov/ciac/bulletins/g-24.shtml
CIAC:G-24
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-96:10.mount_union.asc
FREEBSD:FreeBSD-SA-96:10
http://www.iss.net/security_center/static/7429.php
XF:unionfs-mount-ordering(7429)
CVE-1999-1315
Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP and VAX/VMS systems allow local users to gain privileges or cause a denial of service.
2001-09-12
2002-03-01
CVE-1999-1315
http://ciac.llnl.gov/ciac/bulletins/f-04.shtml
CIAC:F-04
CVE-1999-1316
Passfilt.dll in Windows NT SP2 allows users to create a password that contains the user's name, which could make it easier for an attacker to guess.
2002-03-09
2002-02-20
CVE-1999-1316
http://support.microsoft.com/support/kb/articles/Q247/9/75.asp
MSKB:Q247975
https://exchange.xforce.ibmcloud.com/vulnerabilities/7391
XF:passfilt-fullname(7391)
CVE-1999-1317
Windows NT 4.0 SP4 and earlier allows local users to gain privileges by modifying the symbolic link table in the \?? object folder using a different case letter (upper or lower) to point to a different device.
2002-03-09
2002-02-20
CVE-1999-1317
http://support.microsoft.com/support/kb/articles/q222/1/59.asp
MSKB:Q222159
http://marc.info/?l=ntbugtraq&m=92127046701349&w=2
NTBUGTRAQ:19990312 [ ALERT ] Case Sensitivity and Symbolic Links
http://marc.info/?l=ntbugtraq&m=92162979530341&w=2
NTBUGTRAQ:19990314 AW: [ ALERT ] Case Sensitivity and Symbolic Links
https://exchange.xforce.ibmcloud.com/vulnerabilities/7398
XF:nt-symlink-case(7398)
CVE-1999-1318
/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includes the current working directory (.), which allows local users to gain privileges via Trojan horse programs.
2002-03-09
2002-02-17
CVE-1999-1318
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fpatches%2F100630&zone_32=112193%2A%20
SUNBUG:1121935
http://www.iss.net/security_center/static/7480.php
XF:sun-su-path(7480)
CVE-1999-1319
Vulnerability in object server program in SGI IRIX 5.2 through 6.1 allows remote attackers to gain root privileges in certain configurations.
2001-09-12
2002-02-20
CVE-1999-1319
ftp://patches.sgi.com/support/free/security/advisories/19960101-01-PX
SGI:19960101-01-PX
http://www.iss.net/security_center/static/7430.php
XF:irix-object-server(7430)
CVE-1999-1320
Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing.
2002-03-09
2002-02-20
CVE-1999-1320
http://ciac.llnl.gov/ciac/bulletins/d-01.shtml
CIAC:D-01
http://www.iss.net/security_center/static/7213.php
XF:netware-packet-spoofing-privileges(7213)
CVE-1999-1321
Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing.
2002-03-09
2002-03-01
CVE-1999-1321
http://lists.netspace.org/cgi-bin/wa?A2=ind9811A&L=bugtraq&P=R4814
BUGTRAQ:19981105 security patch for ssh-1.2.26 kerberos code
http://www.osvdb.org/4883
OSVDB:4883
CVE-1999-1322
The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext.
2001-09-12
2016-10-17
CVE-1999-1322
http://marc.info/?l=ntbugtraq&m=91096758513985&w=2
NTBUGTRAQ:19981112 exchverify.log
http://marc.info/?l=ntbugtraq&m=91133714919229&w=2
NTBUGTRAQ:19981117 Re: exchverify.log - update #1
NTBUGTRAQ:19981125 Re: exchverify.log - update #2
NTBUGTRAQ:19981216 Arcserve Exchange Client security issue being fixed
NTBUGTRAQ:19990305 Cheyenne InocuLAN for Exchange plain text password still there
NTBUGTRAQ:19990426 ArcServe Exchange Client Security Issue still unresolved
CVE-1999-1323
Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE.
2001-09-12
2016-10-17
CVE-1999-1323
http://marc.info/?l=ntbugtraq&m=92370067416739&w=2
NTBUGTRAQ:19990409 NAV for MS Exchange & Internet Email Gateways
CVE-1999-1324
VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which makes it easier for attackers to conduct brute force password guessing.
2002-03-09
2002-02-20
CVE-1999-1324
http://ciac.llnl.gov/ciac/bulletins/d-06.shtml
CIAC:D-06
https://exchange.xforce.ibmcloud.com/vulnerabilities/7225
XF:openvms-sysgen-enabled(7225)
CVE-1999-1325
SAS System 5.18 on VAX/VMS is installed with insecure permissions for its directories and startup file, which allows local users to gain privileges.
2002-03-09
2002-02-20
CVE-1999-1325
http://ciac.llnl.gov/ciac/bulletins/c-19.shtml
CIAC:C-19
https://exchange.xforce.ibmcloud.com/vulnerabilities/7261
XF:vaxvms-sas-gain-privileges(7261)
CVE-1999-1326
wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files.
2002-03-09
2002-02-20
CVE-1999-1326
http://marc.info/?l=bugtraq&m=87602167420401&w=2
BUGTRAQ:19970104 serious security bug in wu-ftpd v2.4
http://marc.info/?l=bugtraq&m=87602167420408&w=2
BUGTRAQ:19970105 BoS: serious security bug in wu-ftpd v2.4 -- PATCH
https://exchange.xforce.ibmcloud.com/vulnerabilities/7169
XF:wuftpd-abor-gain-privileges(7169)
CVE-1999-1327
Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable.
2002-03-09
2002-02-20
CVE-1999-1327
http://marc.info/?l=bugtraq&m=90221103125826&w=2
BUGTRAQ:19980601 Re: SECURITY: Red Hat Linux 5.1 linuxconf bug (fwd)
http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf
CONFIRM:http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf
http://www.osvdb.org/6065
OSVDB:6065
http://www.iss.net/security_center/static/7239.php
XF:linuxconf-lang-bo(7239)
CVE-1999-1328
linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.
2002-03-09
2002-02-20
CVE-1999-1328
http://marc.info/?l=bugtraq&m=90383955231511&w=2
BUGTRAQ:19980823 Security concerns in linuxconf shipped w/RedHat 5.1
BUGTRAQ:19980826 [djb@redhat.com: Unidentified subject!]
http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf
CONFIRM:http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf
http://www.osvdb.org/6068
OSVDB:6068
http://www.iss.net/security_center/static/7232.php
XF:linuxconf-symlink-gain-privileges(7232)
CVE-1999-1329
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.
2002-03-09
2002-02-20
CVE-1999-1329
http://www.redhat.com/support/errata/rh50-errata-general.html#SysVinit
CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#SysVinit
http://www.iss.net/security_center/static/7250.php
XF:sysvinit-root-bo(7250)
CVE-1999-1330
The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.
2002-03-09
2002-02-20
CVE-1999-1330
http://marc.info/?l=bugtraq&m=87602661419259&w=2
BUGTRAQ:19970709 [linux-security] so-called snprintf() in db-1.85.4 (fwd)
http://lists.openresources.com/Debian/debian-bugs-closed/msg00581.html
CONFIRM:http://lists.openresources.com/Debian/debian-bugs-closed/msg00581.html
http://www.redhat.com/support/errata/rh42-errata-general.html#db
CONFIRM:http://www.redhat.com/support/errata/rh42-errata-general.html#db
http://www.iss.net/security_center/static/7244.php
XF:linux-libdb-snprintf-bo(7244)
CVE-1999-1331
netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface.
2002-03-09
2002-02-20
CVE-1999-1331
http://www.redhat.com/support/errata/rh42-errata-general.html#netcfg
CONFIRM:http://www.redhat.com/support/errata/rh42-errata-general.html#netcfg
http://www.iss.net/security_center/static/7245.php
XF:netcfg-ethernet-dos(7245)
CVE-1999-1332
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.
2002-03-09
2002-02-20
CVE-1999-1332
http://www.securityfocus.com/bid/7845
BID:7845
http://marc.info/?l=bugtraq&m=88603844115233&w=2
BUGTRAQ:19980128 GZEXE - the big problem
http://www.redhat.com/support/errata/rh50-errata-general.html#gzip
CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#gzip
http://www.debian.org/security/2003/dsa-308
DEBIAN:DSA-308
http://www.osvdb.org/3812
OSVDB:3812
http://www.iss.net/security_center/static/7241.php
XF:gzip-gzexe-tmp-symlink(7241)
CVE-1999-1333
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.
2002-03-09
2002-02-20
CVE-1999-1333
http://marc.info/?l=bugtraq&m=89042322924057&w=2
BUGTRAQ:19980319 ncftp 2.4.2 MkDirs bug
http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp
CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp
http://www.osvdb.org/6111
OSVDB:6111
http://www.iss.net/security_center/static/7240.php
XF:ncftp-autodownload-command-execution(7240)
CVE-1999-1334
Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via (1) long From: headers, (2) long Reply-To: headers, or (3) via a long -f (filterfile) command line argument.
2001-09-12
2016-10-17
CVE-1999-1334
http://marc.info/?l=bugtraq&m=88609666024181&w=2
BUGTRAQ:19980129 KSR[T] Advisory #7: filter
http://www.redhat.com/support/errata/rh50-errata-general.html#elm
CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#elm
CVE-1999-1335
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.
2002-03-09
2002-02-20
CVE-1999-1335
http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp
CONFIRM:http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp
https://exchange.xforce.ibmcloud.com/vulnerabilities/7251
XF:cmusnmp-read-write(7251)
CVE-1999-1336
3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29 allows remote attackers to cause a denial of service (reboot) via a flood of IAC packets to the telnet port.
2002-03-09
2002-03-01
CVE-1999-1336
http://marc.info/?l=bugtraq&m=93458364903256&w=2
BUGTRAQ:19990812 3com hiperarch flaw [hiperbomb.c]
http://marc.info/?l=bugtraq&m=93492615408725&w=2
BUGTRAQ:19990816 Re: 3com hiperarch flaw [hiperbomb.c]
http://www.osvdb.org/6057
OSVDB:6057
CVE-1999-1337
FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.
2003-04-02
2003-03-17
CVE-1999-1337
http://marc.info/?l=bugtraq&m=93370073207984&w=2
BUGTRAQ:19990801 midnight commander vulnerability(?) (fwd)
http://www.osvdb.org/5921
OSVDB:5921
http://www.iss.net/security_center/static/9873.php
XF:midnight-commander-data-disclosure(9873)
CVE-1999-1338
Delegate proxy 5.9.3 and earlier creates files and directories in the DGROOT with world-writable permissions.
2001-09-12
2016-10-17
CVE-1999-1338
http://marc.info/?l=bugtraq&m=93259112204664&w=2
BUGTRAQ:19990721 Delegate creates directories writable for anyone
CVE-1999-1339
Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command.
2002-03-09
2002-02-20
CVE-1999-1339
http://marc.info/?l=bugtraq&m=93277426802802&w=2
BUGTRAQ:19990722 Linux +ipchains+ ping -R
http://marc.info/?l=bugtraq&m=93277766505061&w=2
BUGTRAQ:19990722 Re: ping -R causes kernel panic on a forwarding machine ( 2.2.5 a nd 2 .2.10)
http://www.kernel.org/pub/linux/kernel/v2.2/patch-2.2.11.gz
CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.2/patch-2.2.11.gz
http://www.osvdb.org/6105
OSVDB:6105
http://www.iss.net/security_center/static/7257.php
XF:ipchains-ping-route-dos(7257)
CVE-1999-1340
Buffer overflow in faxalter in hylafax 4.0.2 allows local users to gain privileges via a long -m command line argument.
2001-09-12
2016-10-17
CVE-1999-1340
http://www.securityfocus.com/bid/765
BID:765
http://marc.info/?l=bugtraq&m=94173799532589&w=2
BUGTRAQ:19991104 hylafax-4.0.2 local exploit
CVE-1999-1341
Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices.
2002-03-09
2002-03-07
CVE-1999-1341
http://marc.info/?l=bugtraq&m=94061108411308&w=2
BUGTRAQ:19991022 Local user can send forged packets
https://exchange.xforce.ibmcloud.com/vulnerabilities/7858
XF:linux-tiocsetd-forge-packets(7858)
CVE-1999-1342
ICQ ActiveList Server allows remote attackers to cause a denial of service (crash) via malformed packets to the server's UDP port.
2001-09-12
2016-10-17
CVE-1999-1342
http://marc.info/?l=ntbugtraq&m=94042342010662&w=2
NTBUGTRAQ:19991017 ICQ ActiveList Server Exploit...
CVE-1999-1343
HTTP server for Xerox DocuColor 4 LP allows remote attackers to cause a denial of service (hang) via a long URL that contains a large number of . characters.
2001-09-12
2016-10-17
CVE-1999-1343
http://marc.info/?l=bugtraq&m=93986405412867&w=2
BUGTRAQ:19991013 Xerox DocuColor 4 LP D.O.S
CVE-1999-1344
Auto_FTP.pl script in Auto_FTP 0.2 stores usernames and passwords in plaintext in the auto_ftp.conf configuration file.
2001-09-12
2016-10-17
CVE-1999-1344
http://marc.info/?l=bugtraq&m=93923873006014&w=2
BUGTRAQ:19991005 Auto_FTP v0.02 Advisory
CVE-1999-1345
Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being transferred.
2001-09-12
2016-10-17
CVE-1999-1345
http://marc.info/?l=bugtraq&m=93923873006014&w=2
BUGTRAQ:19991005 Auto_FTP v0.02 Advisory
CVE-1999-1346
PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file.
2001-09-12
2016-10-17
CVE-1999-1346
http://marc.info/?l=bugtraq&m=93942774609925&w=2
BUGTRAQ:19991007 Problems with redhat 6 Xsession and pam.d/rlogin.
CVE-1999-1347
Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm.
2001-09-12
2016-10-17
CVE-1999-1347
http://marc.info/?l=bugtraq&m=93942774609925&w=2
BUGTRAQ:19991007 Problems with redhat 6 Xsession and pam.d/rlogin.
CVE-1999-1348
Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service.
2001-09-12
2016-10-17
CVE-1999-1348
http://marc.info/?l=bugtraq&m=93220073515880&w=2
BUGTRAQ:19990630 linuxconf doesn't seem to deal correctly with /etc/pam.d/reboot
CVE-1999-1349
NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote attackers to cause a denial of service (resource exhaustion) via certain packets, possibly with the Urgent (URG) flag set, to port 111.
2001-09-12
2016-10-17
CVE-1999-1349
http://marc.info/?l=bugtraq&m=93923679004325&w=2
BUGTRAQ:19991006 Omni-NFS/X Enterprise (nfsd.exe) DOS
CVE-1999-1350
ARCAD Systemhaus 0.078-5 installs critical programs and files with world-writeable permissions, which could allow local users to gain privileges by replacing a program with a Trojan horse.
2001-09-12
2016-10-17
CVE-1999-1350
http://marc.info/?l=bugtraq&m=93871933521519&w=2
BUGTRAQ:19990929 Multiple Vendor ARCAD permission problems
CVE-1999-1351
Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the "Listen to !nick <soundname> requests" option enabled allows remote attackers to read arbitrary files via a .. (dot dot) in a DCC GET request.
2002-03-09
2002-02-17
CVE-1999-1351
http://marc.info/?l=bugtraq&m=93845560631314&w=2
BUGTRAQ:19990924 Kvirc bug
http://www.iss.net/security_center/static/7761.php
XF:kvirc-dot-directory-traversal(7761)
CVE-1999-1352
mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges.
2001-09-12
2016-10-17
CVE-1999-1352
http://marc.info/?l=bugtraq&m=93855134409747&w=2
BUGTRAQ:19990928 Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]
CVE-1999-1353
Nosque MsgCore 2.14 stores passwords in cleartext: (1) the administrator password in the AdmPasswd registry key, and (2) user passwords in the Userbase.dbf data file, which could allow local users to gain privileges.
2001-09-12
2017-04-28
CVE-1999-1353
http://marc.info/?l=ntbugtraq&m=93698162708211&w=2
BUGTRAQ:19990907 MsgCore mailserver stores passwords in clear text
CVE-1999-1354
E-mail client in Softarc FirstClass Internet Server 5.506 and earlier stores usernames and passwords in cleartext in the files (1) home.fc for version 5.506, (2) network.fc for version 3.5, or (3) FCCLIENT.LOG when logging is enabled.
2001-09-12
2016-10-17
CVE-1999-1354
http://marc.info/?l=ntbugtraq&m=93637687305327&w=2
NTBUGTRAQ:19990830 SoftArc's FirstClass E-mail Client
http://marc.info/?l=ntbugtraq&m=93698283309513&w=2
NTBUGTRAQ:19990909 SoftArc's FirstClass E-mail Client
CVE-1999-1355
BMC Patrol component, when installed with Compaq Insight Management Agent 4.23 and earlier, or Management Agents for Servers 4.40 and earlier, creates a PFCUser account with a default password and potentially dangerous privileges.
2001-09-12
2017-12-18
CVE-1999-1355
http://www.compaq.com/products/servers/management/advisory.html
CONFIRM:http://www.compaq.com/products/servers/management/advisory.html
http://marc.info/?l=ntbugtraq&m=93542118727732&w=2
NTBUGTRAQ:19990817 Compaq PFCUser account
http://marc.info/?l=ntbugtraq&m=93654336516711&w=2
NTBUGTRAQ:19990905 Case ID SSRT0620 - PFCUser account communication
http://marc.info/?l=ntbugtraq&m=93759822430801&w=2
NTBUGTRAQ:19990915 (I) UPDATE - PFCUser Account,
http://marc.info/?l=ntbugtraq&m=94183795025294&w=2
NTBUGTRAQ:19991105 UPDATE: SSRT0620 Compaq Foundation Agents v4.40B PFCUser issues
https://exchange.xforce.ibmcloud.com/vulnerabilities/3231
XF:management-pfcuser(3231)
CVE-1999-1356
Compaq Integration Maintenance Utility as used in Compaq Insight Manager agent before SmartStart 4.50 modifies the legal notice caption (LegalNoticeCaption) and text (LegalNoticeText) in Windows NT, which could produce a legal notice that is in violation of the security policy.
2002-03-09
2002-02-17
CVE-1999-1356
http://marc.info/?l=bugtraq&m=93646669500991&w=2
BUGTRAQ:19990902 Compaq CIM UG Overwrites Legal Notice
http://marc.info/?l=ntbugtraq&m=93637792706047&w=2
NTBUGTRAQ:19990902 Compaq CIM UG Overwrites Legal Notice
http://marc.info/?l=ntbugtraq&m=93759822830815&w=2
NTBUGTRAQ:19990917 Re: Compaq CIM UG Overwrites Legal Notice
http://www.iss.net/security_center/static/7763.php
XF:compaq-smartstart-legal-notice(7763)
CVE-1999-1357
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
2001-09-12
2016-10-17
CVE-1999-1357
http://marc.info/?l=bugtraq&m=93915331626185&w=2
BUGTRAQ:19991005 Time to update those CGIs again
CVE-1999-1358
When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only.
2002-03-09
2002-02-20
CVE-1999-1358
http://support.microsoft.com/support/kb/articles/q157/6/73.asp
MSKB:Q157673
http://www.iss.net/security_center/static/7400.php
XF:nt-user-policy-update(7400)
CVE-1999-1359
When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies.
2002-03-09
2002-02-20
CVE-1999-1359
http://support.microsoft.com/support/kb/articles/q163/8/75.asp
MSKB:Q163875
http://www.iss.net/security_center/static/7401.php
XF:nt-group-policy-longname(7401)
CVE-1999-1360
Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle.
2002-03-09
2002-02-20
CVE-1999-1360
http://support.microsoft.com/support/kb/articles/q160/6/50.asp
MSKB:Q160650
http://www.iss.net/security_center/static/7402.php
XF:nt-kernel-handle-dos(7402)
CVE-1999-1361
Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages.
2001-09-12
2016-10-17
CVE-1999-1361
http://marc.info/?l=bugtraq&m=90221101925891&w=2
BUGTRAQ:19980509 coke.c
CVE-1999-1362
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.
2002-06-25
2002-02-20
CVE-1999-1362
http://support.microsoft.com/support/kb/articles/q160/6/01.asp
MSKB:Q160601
http://www.iss.net/security_center/static/7403.php
XF:nt-win32k-dos(7403)
CVE-1999-1363
Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool.
2002-03-09
2002-02-20
CVE-1999-1363
http://support.microsoft.com/support/kb/articles/q163/1/43.asp
MSKB:Q163143
http://www.iss.net/security_center/static/7405.php
XF:nt-nonpagedpool-dos(7405)
CVE-1999-1364
Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.
2001-09-12
2002-02-20
CVE-1999-1364
http://support.microsoft.com/support/kb/articles/q142/6/53.asp
MSKB:Q142653
http://www.iss.net/security_center/static/7421.php
XF:nt-threadcontext-dos(7421)
CVE-1999-1365
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default.
2004-09-01
2004-07-22
CVE-1999-1365
http://www.securityfocus.com/bid/515
BID:515
http://marc.info/?l=ntbugtraq&m=93069418400856&w=2
NTBUGTRAQ:19990628 NT runs Explorer.exe, Taskmgr.exe etc. from wrong location
http://marc.info/?l=ntbugtraq&m=93127894731200&w=2
NTBUGTRAQ:19990630 Update: NT runs explorer.exe, etc...
https://exchange.xforce.ibmcloud.com/vulnerabilities/2336
XF:nt-login-default-folder(2336)
CVE-1999-1366
Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to easily decrypt the passwords and read e-mail.
2001-09-12
2016-10-17
CVE-1999-1366
http://marc.info/?l=bugtraq&m=92714118829880&w=2
BUGTRAQ:19990515 Pegasus Mail weak encryption
CVE-1999-1367
Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users.
2001-09-12
2002-03-22
CVE-1999-1367
http://www.pcworld.com/news/article/0,aid,10842,00.asp
MISC:http://www.pcworld.com/news/article/0,aid,10842,00.asp
CVE-1999-1368
AV Option for MS Exchange Server option for InoculateIT 4.53, and possibly other versions, only scans the Inbox folder tree of a Microsoft Exchange server, which could allow viruses to escape detection if a user's rules cause the message to be moved to a different mailbox.
2001-09-12
2016-10-17
CVE-1999-1368
http://marc.info/?l=ntbugtraq&m=92652152723629&w=2
NTBUGTRAQ:19990512 InoculateIT 4.53 Real-Time Exchange Scanner Flawed
http://marc.info/?l=ntbugtraq&m=97439568517355&w=2
NTBUGTRAQ:20001116 InoculateIT AV Option for MS Exchange Server
CVE-1999-1369
Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges.
2001-09-12
2016-10-17
CVE-1999-1369
http://marc.info/?l=bugtraq&m=92411181619110&w=2
BUGTRAQ:19990414 Real Media Server stores passwords in plain text
CVE-1999-1370
The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs.
2001-09-12
2016-10-17
CVE-1999-1370
http://marc.info/?l=ntbugtraq&m=92220197414799&w=2
NTBUGTRAQ:19990323 MSIE 5 installer disables screen saver
CVE-1999-1371
Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument.
2001-09-12
2017-07-10
CVE-1999-1371
http://marc.info/?l=bugtraq&m=92100752221493&w=2
BUGTRAQ:19990308 Solaris "/usr/bin/write" bug
http://www.securiteam.com/exploits/5ZP0O1P35O.html
MISC:http://www.securiteam.com/exploits/5ZP0O1P35O.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/7546
XF:solaris-write-bo(7546)
CVE-1999-1372
Triactive Remote Manager with Basic authentication enabled stores the username and password in cleartext in registry keys, which could allow local users to gain privileges.
2001-09-12
2016-10-17
CVE-1999-1372
http://marc.info/?l=bugtraq&m=91966339502073&w=2
BUGTRAQ:19990219 Plaintext Password in Tractive's Remote Manager Software
CVE-1999-1373
FORE PowerHub before 5.0.1 allows remote attackers to cause a denial of service (hang) via a TCP SYN scan with TCP/IP OS fingerprinting, e.g. via nmap.
2001-09-12
2016-10-17
CVE-1999-1373
http://marc.info/?l=bugtraq&m=91651770130771&w=2
BUGTRAQ:19990105 Re: Network Scan Vulnerability [SUMMARY]
CVE-1999-1374
perlshop.cgi shopping cart program stores sensitive customer information in directories and files that are under the web root, which allows remote attackers to obtain that information via an HTTP request.
2001-09-12
2016-10-17
CVE-1999-1374
http://marc.info/?l=bugtraq&m=92523159819402&w=2
BUGTRAQ:19990427 Re: Shopping Carts exposing CC data
CVE-1999-1375
FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.
2001-09-12
2016-10-17
CVE-1999-1375
http://www.securityfocus.com/bid/230
BID:230
http://marc.info/?l=ntbugtraq&m=91877455626320&w=2
NTBUGTRAQ:19990211 Using FSO in ASP to view just about anything
CVE-1999-1376
Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands.
2001-09-12
2016-10-17
CVE-1999-1376
http://marc.info/?l=bugtraq&m=91638375309890&w=2
BUGTRAQ:19990114 MS IIS 4.0 Security Advisory
http://marc.info/?l=ntbugtraq&m=91632724913080&w=2
NTBUGTRAQ:19990114 MS IIS 4.0 Security Advisory
CVE-1999-1377
Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.
2001-09-12
2002-03-03
CVE-1999-1377
http://pulhas.org/phrack/55/P55-07.html
MISC:http://pulhas.org/phrack/55/P55-07.html
CVE-1999-1378
dbmlparser.exe CGI guestbook program does not perform a chroot operation properly, which allows remote attackers to read arbitrary files.
2001-09-12
2016-10-17
CVE-1999-1378
http://marc.info/?l=bugtraq&m=93250710625956&w=2
BUGTRAQ:19990917 improper chroot in dbmlparser.exe
CVE-1999-1379
DNS allows remote attackers to use DNS name servers as traffic amplifiers via a UDP DNS query with a spoofed source address, which produces more traffic to the victim than was sent by the attacker.
2002-03-09
2014-01-14
CVE-1999-1379
ftp://ftp.auscert.org.au/pub/auscert/advisory/AL-1999.004.dns_dos
AUSCERT:AL-1999.004
http://marc.info/?l=bugtraq&m=93348057829957&w=2
BUGTRAQ:19990730 Possible Denial Of Service using DNS
http://marc.info/?l=bugtraq&m=93433758607623&w=2
BUGTRAQ:19990810 Possible Denial Of Service using DNS
http://ciac.llnl.gov/ciac/bulletins/j-063.shtml
CIAC:J-063
http://www.iss.net/security_center/static/7238.php
XF:dns-udp-query-dos(7238)
CVE-1999-1380
Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0.
2002-03-09
2002-02-17
CVE-1999-1380
http://mlarchive.ima.com/win95/1997/May/0342.html
MISC:http://mlarchive.ima.com/win95/1997/May/0342.html
http://news.zdnet.co.uk/story/0,,s2065518,00.html
MISC:http://news.zdnet.co.uk/story/0,,s2065518,00.html
http://www.net-security.sk/bugs/NT/nu20.html
MISC:http://www.net-security.sk/bugs/NT/nu20.html
http://www.iss.net/security_center/static/7188.php
XF:nu-tuneocx-activex-control(7188)
CVE-1999-1381
Buffer overflow in dbadmin CGI program 1.0.1 on Linux allows remote attackers to execute arbitrary commands.
2001-09-12
2016-10-17
CVE-1999-1381
http://marc.info/?l=bugtraq&m=90786656409618&w=2
BUGTRAQ:19981008 buffer overflow in dbadmin
CVE-1999-1382
NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program.
2002-03-09
2002-02-20
CVE-1999-1382
http://marc.info/?l=bugtraq&m=88427711321769&w=2
BUGTRAQ:19980108 NetWare NFS
http://marc.info/?l=bugtraq&m=90295697702474&w=2
BUGTRAQ:19980812 Re: Netware NFS (fwd)
http://support.novell.com/cgi-bin/search/tidfinder.cgi?2940551
CONFIRM:http://support.novell.com/cgi-bin/search/tidfinder.cgi?2940551
http://www.iss.net/security_center/static/7246.php
XF:netware-nfs-file-ownership(7246)
CVE-1999-1383
(1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable.
2001-09-12
2016-10-17
CVE-1999-1383
http://marc.info/?l=bugtraq&m=87602167419868&w=2
BUGTRAQ:19960913 tee see shell problems
http://www.dataguard.no/bugtraq/1996_3/0503.html
BUGTRAQ:19960919 Vulnerability in expansion of PS1 in bash & tcsh
CVE-1999-1384
Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program.
2002-03-09
2002-02-20
CVE-1999-1384
ftp://ftp.auscert.org.au/pub/auscert/advisory/AA-96.08.SGI.systour.vul
AUSCERT:AA-96.08
http://www.securityfocus.com/bid/470
BID:470
http://marc.info/?l=bugtraq&m=87602167420095&w=2
BUGTRAQ:19961030 (Another) vulnerability in new SGIs
ftp://patches.sgi.com/support/free/security/advisories/19961101-01-I
SGI:19961101-01-I
http://www.iss.net/security_center/static/7456.php
XF:irix-systour(7456)
CVE-1999-1385
Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable.
2002-03-09
2002-02-20
CVE-1999-1385
http://marc.info/?l=bugtraq&m=87602167420332&w=2
BUGTRAQ:19961219 Exploit for ppp bug (FreeBSD 2.1.0).
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-96:20.stack-overflow.asc
FREEBSD:FreeBSD-SA-96:20
http://www.osvdb.org/6085
OSVDB:6085
http://www.iss.net/security_center/static/7465.php
XF:ppp-bo(7465)
CVE-1999-1386
Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.
2002-03-09
2002-02-20
CVE-1999-1386
http://marc.info/?l=bugtraq&m=88932165406213&w=2
BUGTRAQ:19980308 another /tmp race: `perl -e' opens temp file not safely
http://www.redhat.com/support/errata/rh50-errata-general.html#perl
CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#perl
http://www.iss.net/security_center/static/7243.php
XF:perl-e-tmp-symlink(7243)
CVE-1999-1387
Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25.
2001-09-12
2016-10-17
CVE-1999-1387
http://marc.info/?l=bugtraq&m=87602167420731&w=2
BUGTRAQ:19970402 Fatal bug in NT 4.0 server
http://marc.info/?l=bugtraq&m=87602167420732&w=2
BUGTRAQ:19970403 Fatal bug in NT 4.0 server (more comments)
http://marc.info/?l=bugtraq&m=87602167420741&w=2
BUGTRAQ:19970407 DUMP of NT system crash
CVE-1999-1388
passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.
2001-09-12
2002-02-11
CVE-1999-1388
http://www2.dataguard.no/bugtraq/1994_2/0197.html
BUGTRAQ:19940513 [8lgm]-Advisory-7.UNIX.passwd.11-May-1994
http://www2.dataguard.no/bugtraq/1994_2/0207.html
BUGTRAQ:19940514 [8lgm]-Advisory-7.UNIX.passwd.11-May-1994.NEWFIX
http://www.dataguard.no/bugtraq/1994_4/0755.html
BUGTRAQ:19941218 Sun Patch Id #102060-01
CVE-1999-1389
US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 and 3.7.24 does not properly enforce access filters when the "set host prompt" setting is made for a port, which allows attackers to bypass restrictions by providing the hostname twice at the "host: " prompt.
2001-09-12
2016-10-17
CVE-1999-1389
http://www.securityfocus.com/bid/99
BID:99
http://marc.info/?l=bugtraq&m=90221101925916&w=2
BUGTRAQ:19980511 3Com/USR Total Control Chassis dialup port access filters
CVE-1999-1390
suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line.
2001-09-12
2003-05-08
CVE-1999-1390
http://www.securityfocus.com/bid/94
BID:94
http://darwin.bio.uci.edu/~mcoogan/bugtraq/msg00890.html
BUGTRAQ:19980428 [Debian 2.0] /usr/bin/suidexec gives root access
CVE-1999-1391
Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers allows local users to gain privileges via a combination of the npd program and weak directory permissions.
2001-09-12
2002-02-20
CVE-1999-1391
http://www.securityfocus.com/bid/10
BID:10
http://www.cert.org/advisories/CA-1990-06.html
CERT:CA-1990-06
http://ciac.llnl.gov/ciac/bulletins/b-01.shtml
CIAC:B-01
http://www.iss.net/security_center/static/7143.php
XF:nextstep-npd-root-access(7143)
CVE-1999-1392
Vulnerability in restore0.9 installation script in NeXT 1.0a and 1.0 allows local users to gain root privileges.
2001-09-12
2002-02-20
CVE-1999-1392
http://www.securityfocus.com/bid/9
BID:9
http://www.cert.org/advisories/CA-1990-06.html
CERT:CA-1990-06
http://ciac.llnl.gov/ciac/bulletins/b-01.shtml
CIAC:B-01
http://www.iss.net/security_center/static/7144.php
XF:nextstep-restore09-root-access(7144)
CVE-1999-1393
Control Panel "Password Security" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible.
2001-09-12
2002-03-22
CVE-1999-1393
http://www.securityfocus.com/bid/532
BID:532
http://freaky.staticusers.net/macsec/data/powerbooksecurity-data.html
MISC:http://freaky.staticusers.net/macsec/data/powerbooksecurity-data.html
CVE-1999-1394
BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device.
2001-09-12
2016-10-17
CVE-1999-1394
http://www.securityfocus.com/bid/510
BID:510
http://marc.info/?l=bugtraq&m=93094058620450&w=2
BUGTRAQ:19990702 BSD-fileflags
CVE-1999-1395
Vulnerability in Monitor utility (SYS$SHARE:SPISHR.EXE) in VMS 5.0 through 5.4-2 allows local users to gain privileges.
2001-09-12
2009-10-28
CVE-1999-1395
http://www.securityfocus.com/bid/51
BID:51
http://www.cert.org/advisories/CA-1992-18.html
CERT:CA-1992-18
http://www.cert.org/advisories/CA-92.16.VMS.Monitor.vulnerability
CERT:CA-92.16
http://osvdb.org/59332
OSVDB:59332
http://www.iss.net/security_center/static/7136.php
XF:vms-monitor-gain-privileges(7136)
CVE-1999-1396
Vulnerability in integer multiplication emulation code on SPARC architectures for SunOS 4.1 through 4.1.2 allows local users to gain root access or cause a denial of service (crash).
2001-09-12
2002-02-17
CVE-1999-1396
http://www.securityfocus.com/bid/49
BID:49
http://www.cert.org/advisories/CA-1992-15.html
CERT:CA-1992-15
http://www.iss.net/security_center/static/7150.php
XF:sun-integer-multiplication-access(7150)
CVE-1999-1397
Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed.
2004-09-01
2002-02-20
CVE-1999-1397
http://www.securityfocus.com/bid/476
BID:476
http://marc.info/?l=bugtraq&m=92242671024118&w=2
BUGTRAQ:19990323 Index Server 2.0 and the Registry
http://marc.info/?l=ntbugtraq&m=92223293409756&w=2
NTBUGTRAQ:19990323 Index Server 2.0 and the Registry
http://www.iss.net/security_center/static/7559.php
XF:iis-indexserver-reveal-path(7559)
CVE-1999-1398
Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.
2001-09-12
2016-10-17
CVE-1999-1398
http://www.securityfocus.com/bid/472
BID:472
http://marc.info/?l=bugtraq&m=87602167420921&w=2
BUGTRAQ:19970507 Irix: misc
http://www.insecure.org/sploits/irix.xfsdump.html
MISC:http://www.insecure.org/sploits/irix.xfsdump.html
CVE-1999-1399
spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed.
2001-09-12
2016-10-17
CVE-1999-1399
http://www.securityfocus.com/bid/471
BID:471
http://marc.info/?l=bugtraq&m=87602746719552&w=2
BUGTRAQ:19970820 SpaceWare 7.3 v1.0
CVE-1999-1400
The Economist screen saver 1999 with the "Password Protected" option enabled allows users with physical access to the machine to bypass the screen saver and read files by running Internet Explorer while the screen is still locked.
2001-09-12
2016-10-17
CVE-1999-1400
http://www.securityfocus.com/bid/466
BID:466
http://archives.indenial.com/hypermail/ntbugtraq/1999/June1999/0007.html
NTBUGTRAQ:19990603 Huge Exploit in NT 4.0 SP5 Screensaver with Password Protection Enabled
http://archives.indenial.com/hypermail/ntbugtraq/1999/June1999/0009.html
NTBUGTRAQ:19990603 Re: Huge Exploit in NT 4.0 SP5 Screensaver with Password Protecti on Enabled.
http://marc.info/?l=ntbugtraq&m=92851653600852&w=2
NTBUGTRAQ:19990604 Official response from The Economist re: 1999 Screen Saver
CVE-1999-1401
Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 sets insecure permissions for certain user files (iconbook and searchbook).
2001-09-12
2006-03-08
CVE-1999-1401
http://www.securityfocus.com/bid/463
BID:463
http://www.osvdb.org/8563
OSVDB:8563
ftp://patches.sgi.com/support/free/security/advisories/19961201-01-PX
SGI:19961201-01-PX
http://www.iss.net/security_center/static/7575.php
XF:irix-searchbook-permissions(7575)
CVE-1999-1402
The access permissions for a UNIX domain socket are ignored in Solaris 2.x and SunOS 4.x, and other BSD-based operating systems before 4.4, which could allow local users to connect to the socket and possibly disrupt or control the operations of the program using that socket.
2002-03-09
2002-02-20
CVE-1999-1402
http://www.securityfocus.com/bid/456
BID:456
http://marc.info/?l=bugtraq&m=87602167418317&w=2
BUGTRAQ:19970517 UNIX domain socket (Solarisx86 2.5)
http://marc.info/?l=bugtraq&m=87602248718482&w=2
BUGTRAQ:19971003 Solaris 2.6 and sockets
http://www.iss.net/security_center/static/7172.php
XF:sun-domain-socket-permissions(7172)
CVE-1999-1403
IBM/Tivoli OPC Tracker Agent version 2 release 1 creates files, directories, and IPC message queues with insecure permissions (world-readable and world-writable), which could allow local users to disrupt operations and possibly gain privileges by modifying or deleting files.
2001-09-12
2003-05-08
CVE-1999-1403
http://www.securityfocus.com/bid/382
BID:382
http://www.securityfocus.com/archive/1/10771
BUGTRAQ:19981002 Several potential security problems in IBM/Tivoli OPC Tracker Age nt
CVE-1999-1404
IBM/Tivoli OPC Tracker Agent version 2 release 1 allows remote attackers to cause a denial of service (resource exhaustion) via malformed data to the localtracker client port (5011), which prevents the connection from being closed properly.
2001-09-12
2003-05-08
CVE-1999-1404
http://www.securityfocus.com/bid/382
BID:382
http://www.securityfocus.com/archive/1/10771
BUGTRAQ:19981002 Several potential security problems in IBM/Tivoli OPC Tracker Age nt
CVE-1999-1405
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a.
2001-09-12
2016-10-17
CVE-1999-1405
http://www.securityfocus.com/bid/375
BID:375
http://marc.info/?l=bugtraq&m=91936783009385&w=2
BUGTRAQ:19990217 snap utility for AIX.
http://marc.info/?l=bugtraq&m=91954824614013&w=2
BUGTRAQ:19990220 Re: snap utility for AIX.
CVE-1999-1406
dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel.
2001-09-12
2016-10-17
CVE-1999-1406
http://www.securityfocus.com/bid/372
BID:372
http://marc.info/?l=bugtraq&m=90221104526185&w=2
BUGTRAQ:19980729 Crash a redhat 5.1 linux box
http://marc.info/?l=bugtraq&m=90221104526192&w=2
BUGTRAQ:19980730 FD's 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux box)
CVE-1999-1407
ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file.
2002-03-09
2002-02-20
CVE-1999-1407
http://www.securityfocus.com/bid/368
BID:368
http://marc.info/?l=bugtraq&m=88950856416985&w=2
BUGTRAQ:19980309 *sigh* another RH5 /tmp problem
http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts
CONFIRM:http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts
http://www.iss.net/security_center/static/7294.php
XF:initscripts-ifdhcpdone-dhcplog-symlink(7294)
CVE-1999-1408
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost.
2001-09-12
2016-10-17
CVE-1999-1408
http://www.securityfocus.com/bid/352
BID:352
http://marc.info/?l=bugtraq&m=87602167420641&w=2
BUGTRAQ:19970305 Bug in connect() for aix 4.1.4 ?
CVE-1999-1409
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.
2002-03-09
2002-02-17
CVE-1999-1409
http://www.securityfocus.com/bid/331
BID:331
http://www.shmoo.com/mail/bugtraq/jul98/msg00064.html
BUGTRAQ:19980703 more about 'at'
http://marc.info/?l=bugtraq&m=90233906612929&w=2
BUGTRAQ:19980805 irix-6.2 "at -f" vulnerability
ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA1998-004.txt.asc
NETBSD:NetBSD-SA1998-004
http://www.iss.net/security_center/static/7577.php
XF:at-f-read-files(7577)
CVE-1999-1410
addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file.
2001-09-12
2016-10-17
CVE-1999-1410
http://www.securityfocus.com/bid/330
BID:330
http://marc.info/?l=bugtraq&m=87602167420927&w=2
BUGTRAQ:19970509 Re: Irix: misc
ftp://patches.sgi.com/support/free/security/advisories/19961203-02-PX
MISC:ftp://patches.sgi.com/support/free/security/advisories/19961203-02-PX
CVE-1999-1411
The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp.
2002-03-09
2002-02-17
CVE-1999-1411
http://www.securityfocus.com/bid/316
BID:316
http://marc.info/?l=bugtraq&m=91228908407679&w=2
BUGTRAQ:19981128 Debian: Security flaw in FSP
http://marc.info/?l=bugtraq&m=91244712808780&w=2
BUGTRAQ:19981130 Debian: Security flaw in FSP
http://marc.info/?l=bugtraq&m=91936850009861&w=2
BUGTRAQ:19990217 Debian GNU/Linux 2.0r5 released (fwd)
http://lists.debian.org/debian-security-announce/debian-security-announce-1998/msg00033.html
DEBIAN:19981126 new version of fsp fixes security flaw
http://www.iss.net/security_center/static/7574.php
XF:fsp-anon-ftp-access(7574)
CVE-1999-1412
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
2001-09-12
2002-03-22
CVE-1999-1412
http://www.securityfocus.com/bid/306
BID:306
http://www.securityfocus.com/archive/1/14215
BUGTRAQ:19990603 MacOS X system panic with CGI
CVE-1999-1413
Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg.
2001-09-12
2016-10-17
CVE-1999-1413
http://www.securityfocus.com/bid/296
BID:296
http://marc.info/?l=bugtraq&m=87602167419549&w=2
BUGTRAQ:19960803 Exploiting Zolaris 2.4 ?? :)
CVE-1999-1414
IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges.
2002-03-09
2002-03-01
CVE-1999-1414
http://www.securityfocus.com/bid/284
BID:284
http://marc.info/?l=ntbugtraq&m=92765856706547&w=2
NTBUGTRAQ:19990525 Security Leak with IBM Netfinity Remote Control Software
http://marc.info/?l=ntbugtraq&m=92902484317769&w=2
NTBUGTRAQ:19990609 IBM's response to "Security Leak with IBM Netfinity Remote Control Software
CVE-1999-1415
Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges.
2001-09-12
2002-02-20
CVE-1999-1415
http://www.securityfocus.com/bid/27
BID:27
http://www.cert.org/advisories/CA-91.13.Ultrix.mail.vulnerability
CERT:CA-91.13
CVE-1999-1416
AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service (resource exhaustion) via an HTTP POST request with a large content-length.
2001-09-12
2003-05-08
CVE-1999-1416
http://www.securityfocus.com/bid/253
BID:253
http://www.securityfocus.com/archive/1/10383
BUGTRAQ:19980823 Solaris ab2 web server is junk
CVE-1999-1417
Format string vulnerability in AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via encoded % characters in an HTTP request, which is improperly logged.
2001-09-12
2002-02-11
CVE-1999-1417
http://www.securityfocus.com/bid/253
BID:253
http://www.securityfocus.com/archive/1/10383
BUGTRAQ:19980823 Solaris ab2 web server is junk
CVE-1999-1418
ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists ("404 Forbidden") versus when a file does not exist ("404 not found").
2001-09-12
2002-03-22
CVE-1999-1418
http://www.securityfocus.com/bid/246
BID:246
http://www.securityfocus.com/archive/1/13508
BUGTRAQ:19990501 Update: security hole in the ICQ-Webserver
CVE-1999-1419
Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges.
2002-03-09
2002-02-17
CVE-1999-1419
http://www.securityfocus.com/bid/219
BID:219
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/148
SUN:00148
http://www.iss.net/security_center/static/7535.php
XF:sun-nisplus-bo(7535)
CVE-1999-1420
NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door password that cannot be disabled, which allows remote attackers to modify the switch's configuration.
2001-09-12
2016-10-17
CVE-1999-1420
http://www.securityfocus.com/bid/212
BID:212
http://marc.info/?l=bugtraq&m=90221104526016&w=2
BUGTRAQ:19980720 N-Base Vulnerability Advisory
http://marc.info/?l=bugtraq&m=90221104526065&w=2
BUGTRAQ:19980722 N-Base Vulnerability Advisory Followup
CVE-1999-1421
NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, which have default names.
2001-09-12
2016-10-17
CVE-1999-1421
http://www.securityfocus.com/bid/212
BID:212
http://marc.info/?l=bugtraq&m=90221104526016&w=2
BUGTRAQ:19980720 N-Base Vulnerability Advisory
http://marc.info/?l=bugtraq&m=90221104526065&w=2
BUGTRAQ:19980722 N-Base Vulnerability Advisory Followup
CVE-1999-1422
The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users.
2001-09-12
2016-10-17
CVE-1999-1422
http://www.securityfocus.com/bid/211
BID:211
http://marc.info/?l=bugtraq&m=91540043023167&w=2
BUGTRAQ:19990102 PATH variable in zip-slackware 2.0.35
CVE-1999-1423
ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i.
2002-03-09
2002-02-17
CVE-1999-1423
http://www.securityfocus.com/bid/209
BID:209
http://marc.info/?l=bugtraq&m=87602558319160&w=2
BUGTRAQ:19970626 Solaris Ping bug (DoS)
http://marc.info/?l=bugtraq&m=87602558319171&w=2
BUGTRAQ:19970627 SUMMARY: Solaris Ping bug (DoS)
http://marc.info/?l=bugtraq&m=87602558319181&w=2
BUGTRAQ:19970627 Solaris Ping bug(inetsvc)
http://marc.info/?l=bugtraq&m=87602558319180&w=2
BUGTRAQ:19971005 Solaris Ping Bug and other [bc] oddities
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/146
SUN:00146
http://www.iss.net/security_center/static/7492.php
XF:ping-multicast-loopback-dos(7492)
CVE-1999-1424
Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries.
2001-09-12
2002-02-11
CVE-1999-1424
http://www.securityfocus.com/bid/208
BID:208
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/145
SUN:00145
CVE-1999-1425
Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which could allow local users to gain privileges by modifying /etc/passwd.
2001-09-12
2002-02-11
CVE-1999-1425
http://www.securityfocus.com/bid/208
BID:208
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/145
SUN:00145
CVE-1999-1426
Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links when updating an NIS database, which allows local users to overwrite arbitrary files.
2001-09-12
2002-02-11
CVE-1999-1426
http://www.securityfocus.com/bid/208
BID:208
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/145
SUN:00145
CVE-1999-1427
Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 create lock files insecurely, which allows local users to gain root privileges.
2001-09-12
2002-02-11
CVE-1999-1427
http://www.securityfocus.com/bid/208
BID:208
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/145
SUN:00145
CVE-1999-1428
Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local users to gain privileges via the save option in the Database Manager, which is running with setgid bin privileges.
2001-09-12
2002-02-11
CVE-1999-1428
http://www.securityfocus.com/bid/208
BID:208
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/145
SUN:00145
CVE-1999-1429
DIT TransferPro installs devices with world-readable and world-writable permissions, which could allow local users to damage disks through the ff device driver.
2001-09-12
2016-10-17
CVE-1999-1429
http://www.securityfocus.com/bid/204
BID:204
http://marc.info/?l=bugtraq&m=88419633507543&w=2
BUGTRAQ:19980105 Security flaw in either DIT TransferPro or Solaris
CVE-1999-1430
PIM software for Royal daVinci does not properly password-protext access to data stored in the .mdb (Microsoft Access) file, which allows local users to read the data without a password by directly accessing the files with a different application, such as Access.
2001-09-12
2016-10-17
CVE-1999-1430
http://www.securityfocus.com/bid/185
BID:185
http://marc.info/?l=bugtraq&m=91540043723185&w=2
BUGTRAQ:19990102 security problem with Royal daVinci
CVE-1999-1431
ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe.
2001-09-12
2016-10-17
CVE-1999-1431
http://www.securityfocus.com/bid/181
BID:181
http://marc.info/?l=ntbugtraq&m=91576100022688&w=2
NTBUGTRAQ:19990107 WinNT, ZAK and Office 97
http://marc.info/?l=ntbugtraq&m=91606260910008&w=2
NTBUGTRAQ:19990109 WinNT, ZAK and Office 97
CVE-1999-1432
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges.
2002-03-09
2002-02-17
CVE-1999-1432
http://www.securityfocus.com/bid/160
BID:160
http://marc.info/?l=bugtraq&m=90221104525997&w=2
BUGTRAQ:19980716 Security risk with powermanagemnet on Solaris 2.6
SUNBUG:4024179
CVE-1999-1433
HP JetAdmin D.01.09 on Solaris allows local users to change the permissions of arbitrary files via a symlink attack on the /tmp/jetadmin.log file.
2002-03-09
2002-03-01
CVE-1999-1433
http://www.securityfocus.com/bid/157
BID:157
http://marc.info/?l=bugtraq&m=90221104525988&w=2
BUGTRAQ:19980715 JetAdmin software
http://marc.info/?l=bugtraq&m=90221104526067&w=2
BUGTRAQ:19980722 Re: JetAdmin software
CVE-1999-1434
login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server.
2001-09-12
2016-10-17
CVE-1999-1434
http://www.securityfocus.com/bid/155
BID:155
http://marc.info/?l=bugtraq&m=90221104525951&w=2
BUGTRAQ:19980713 Slackware Shadow Insecurity
CVE-1999-1435
Buffer overflow in libsocks5 library of Socks 5 (socks5) 1.0r5 allows local users to gain privileges via long environmental variables.
2001-09-12
2016-10-17
CVE-1999-1435
http://www.securityfocus.com/bid/154
BID:154
http://marc.info/?l=bugtraq&m=90221104525933&w=2
BUGTRAQ:19980710 socks5 1.0r5 buffer overflow..
CVE-1999-1436
Ray Chan WWW Authorization Gateway 0.1 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "user" parameter.
2001-09-12
2016-10-17
CVE-1999-1436
http://www.securityfocus.com/bid/152
BID:152
http://marc.info/?l=bugtraq&m=90221104525905&w=2
BUGTRAQ:19980708 WWW Authorization Gateway
CVE-1999-1437
ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml.
2002-03-09
2002-03-01
CVE-1999-1437
http://www.securityfocus.com/bid/151
BID:151
http://marc.info/?l=bugtraq&m=90221104525890&w=2
BUGTRAQ:19980707 ePerl: bad handling of ISINDEX queries
http://marc.info/?l=bugtraq&m=90221104525927&w=2
BUGTRAQ:19980710 ePerl Security Update Available
CVE-1999-1438
Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local users to gain root privileges via certain command line arguments.
2001-09-12
2014-11-22
CVE-1999-1438
http://www.securityfocus.com/bid/15
BID:15
http://www.cert.org/advisories/CA-91.01a.SunOS.mail.vulnerability
CERT:CA-1991-01
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/105
SUN:00105
CVE-1999-1439
gcc 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary .i, .s, or .o files.
2001-09-12
2016-10-17
CVE-1999-1439
http://www.securityfocus.com/bid/146
BID:146
http://marc.info/?l=bugtraq&m=88419592307388&w=2
BUGTRAQ:19980102 Symlink bug with GCC 2.7.2
http://marc.info/?l=bugtraq&m=88524071002939&w=2
BUGTRAQ:19980108 GCC Exploit
http://marc.info/?l=bugtraq&m=88492937727193&w=2
BUGTRAQ:19980115 GCC 2.7.? /tmp files
CVE-1999-1440
Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is safe to open from the client.
2001-09-12
2016-10-17
CVE-1999-1440
http://www.securityfocus.com/bid/132
BID:132
http://marc.info/?l=bugtraq&m=91522424302962&w=2
BUGTRAQ:19990101 Win32 ICQ 98a flaw
CVE-1999-1441
Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it.
2001-09-12
2016-10-17
CVE-1999-1441
http://www.securityfocus.com/bid/111
BID:111
http://marc.info/?l=bugtraq&m=90221103126047&w=2
BUGTRAQ:19980630 Serious Linux 2.0.34 security problem
CVE-1999-1442
Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments.
2001-09-12
2003-05-08
CVE-1999-1442
http://www.securityfocus.com/bid/105
BID:105
http://uwsg.iu.edu/hypermail/linux/kernel/9805.3/0855.html
MISC:http://uwsg.iu.edu/hypermail/linux/kernel/9805.3/0855.html
http://www.cs.helsinki.fi/linux/linux-kernel/Year-1998/1998-25/0816.html
MISC:http://www.cs.helsinki.fi/linux/linux-kernel/Year-1998/1998-25/0816.html
CVE-1999-1443
Micah Software Full Armor Network Configurator and Zero Administration allow local users with physical access to bypass the desktop protection by (1) using <CTRL><ALT><DEL> and kill the process using the task manager, (2) booting the system from a separate disk, or (3) interrupting certain processes that execute while the system is booting.
2001-09-12
2016-10-17
CVE-1999-1443
http://www.securityfocus.com/bid/103
BID:103
http://marc.info/?l=bugtraq&m=90221103125889&w=2
BUGTRAQ:19980602 Full Armor.... Fool Proof etc... bugs
http://marc.info/?l=bugtraq&m=90221103125869&w=2
BUGTRAQ:19980609 Full Armor
CVE-1999-1444
genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent of 1, which results in transactions that are sent in cleartext.
2001-09-12
2002-03-22
CVE-1999-1444
http://catless.ncl.ac.uk/Risks/20.41.html#subj4
MISC:http://catless.ncl.ac.uk/Risks/20.41.html#subj4
CVE-1999-1445
Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
2001-09-12
2016-10-17
CVE-1999-1445
http://marc.info/?l=bugtraq&m=88637951600184&w=2
BUGTRAQ:19980202 imapd/ipop3d coredump in slackware 3.4
CVE-1999-1446
Internet Explorer 3 records a history of all URL's that are visited by a user in DAT files located in the Temporary Internet Files and History folders, which are not cleared when the user selects the "Clear History" option, and are not visible when the user browses the folders because of tailored displays.
2001-09-12
2016-10-17
CVE-1999-1446
http://marc.info/?l=ntbugtraq&m=87602837719654&w=2
NTBUGTRAQ:19970805 Re: Strange behavior regarding directory
http://marc.info/?l=ntbugtraq&m=87602837719655&w=2
NTBUGTRAQ:19970806 Re: Strange behavior regarding directory
CVE-1999-1447
Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag.
2001-09-12
2016-10-17
CVE-1999-1447
http://marc.info/?l=bugtraq&m=90221104526169&w=2
BUGTRAQ:19980728 Object tag crashes Internet Explorer 4.0
http://marc.info/?l=bugtraq&m=90221104526188&w=2
BUGTRAQ:19980730 Re: Object tag crashes Internet Explorer 4.0
CVE-1999-1448
Eudora and Eudora Light before 3.05 allows remote attackers to cause a crash and corrupt the user's mailbox via an e-mail message with certain dates, such as (1) dates before 1970, which cause a Divide By Zero error, or (2) dates that are 100 years after the current date, which causes a segmentation fault.
2001-09-12
2016-10-17
CVE-1999-1448
http://marc.info/?l=bugtraq&m=90221104526168&w=2
BUGTRAQ:19980729 Eudora exploit (was Microsoft Security Bulletin (MS98-008))
CVE-1999-1449
SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device.
2001-09-12
2005-11-02
CVE-1999-1449
http://oamk.fi/~jukkao/bugtraq/before-971202/0498.html
BUGTRAQ:19970519 /dev/tcx0 crashes SunOS 4.1.4 on Sparc 20's
http://www.insecure.org/sploits/sunos.dev.tcx0.write.wierd.shit.to.device.bug.html
MISC:http://www.insecure.org/sploits/sunos.dev.tcx0.write.wierd.shit.to.device.bug.html
CVE-1999-1450
Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.
2001-09-12
2003-05-08
CVE-1999-1450
ftp://ftp.sco.com/SSE/security_bulletins/SB-99.03b
SCO:SB-99.03b
ftp://ftp.sco.com/SSE/security_bulletins/SB-99.06b
SCO:SB-99.06b
ftp://ftp.sco.COM/SSE/sse020.ltr
SCO:SSE020
SCO:SSE023
CVE-1999-1451
The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote attackers to read arbitrary files.
2001-09-12
2018-10-12
CVE-1999-1451
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-013
MS:MS99-013
http://support.microsoft.com/support/kb/articles/q231/3/68.asp
MSKB:Q231368
https://exchange.xforce.ibmcloud.com/vulnerabilities/3271
XF:iis-samples-winmsdp(3271)
CVE-1999-1452
GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt.
2002-03-09
2002-03-01
CVE-1999-1452
http://www.securityfocus.com/bid/198
BID:198
http://marc.info/?l=bugtraq&m=91788829326419&w=2
BUGTRAQ:19990129 ole objects in a "secured" environment?
http://support.microsoft.com/support/kb/articles/q214/8/02.asp
MSKB:Q214802
http://marc.info/?l=ntbugtraq&m=91764169410814&w=2
NTBUGTRAQ:19990129 ole objects in a "secured" environment?
http://marc.info/?l=ntbugtraq&m=91822011021558&w=2
NTBUGTRAQ:19990205 Alert: MS releases GINA-fix for SP3, SP4, and TS
https://exchange.xforce.ibmcloud.com/vulnerabilities/1975
XF:nt-gina-clipboard(1975)
CVE-1999-1453
Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object.
2001-09-12
2016-10-17
CVE-1999-1453
http://www.securityfocus.com/bid/215
BID:215
http://marc.info/?l=ntbugtraq&m=91979439932341&w=2
NTBUGTRAQ:19990222 New IE4 vulnerability : the clipboard again.
CVE-1999-1454
Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC (Escape) key.
2001-09-12
2016-10-17
CVE-1999-1454
http://marc.info/?l=bugtraq&m=93915027622690&w=2
BUGTRAQ:19991004 Weakness In "The Matrix" Screensaver For Windows
CVE-1999-1455
RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host.
2002-03-09
2002-02-20
CVE-1999-1455
http://support.microsoft.com/support/kb/articles/q158/3/20.asp
MSKB:Q158320
https://exchange.xforce.ibmcloud.com/vulnerabilities/7422
XF:nt-rshsvc-ale-bypass(7422)
CVE-1999-1456
thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename.
2002-03-09
2002-03-01
CVE-1999-1456
http://www.securityfocus.com/archive/1/10368
BUGTRAQ:19980819 thttpd 2.04 released (fwd)
http://www.acme.com/software/thttpd/thttpd.html#releasenotes
CONFIRM:http://www.acme.com/software/thttpd/thttpd.html#releasenotes
https://exchange.xforce.ibmcloud.com/vulnerabilities/1809
XF:thttpd-file-read(1809)
CVE-1999-1457
Buffer overflow in thttpd HTTP server before 2.04-31 allows remote attackers to execute arbitrary commands via a long date string, which is not properly handled by the tdate_parse function.
2001-09-12
2003-05-08
CVE-1999-1457
http://www.novell.com/linux/security/advisories/suse_security_announce_30.html
SUSE:19991116 thttpd
CVE-1999-1458
Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument.
2001-09-12
2017-12-18
CVE-1999-1458
http://www.securityfocus.com/archive/1/12121
BUGTRAQ:19990125 Digital Unix 4.0 exploitable buffer overflows
http://ftp1.support.compaq.com/public/dunix/v4.0d/ssrt0583u.README
SCO:SSRT0583U
https://exchange.xforce.ibmcloud.com/vulnerabilities/3138
XF:du-at(3138)
CVE-1999-1459
BMC PATROL Agent before 3.2.07 allows local users to gain root privileges via a symlink attack on a temporary file.
2001-09-12
2017-12-18
CVE-1999-1459
http://www.securityfocus.com/bid/534
BID:534
http://xforce.iss.net/alerts/advise10.php
ISS:19981102 BMC PATROL File Creation Vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/1388
XF:bmc-patrol-file-create(1388)
CVE-1999-1460
BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program.
2001-09-12
2016-10-17
CVE-1999-1460
http://www.securityfocus.com/bid/525
BID:525
http://marc.info/?l=bugtraq&m=93198293132463&w=2
BUGTRAQ:19990713 Root Perms Gained with Patrol SNMP Agent 3.2 (all others?)
http://marc.info/?l=bugtraq&m=93372579004129&w=2
BUGTRAQ:19990801 Re: Root Perms Gained with Patrol SNMP Agent 3.2 (all others?)
CVE-1999-1461
inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program.
2001-09-12
2016-10-17
CVE-1999-1461
http://www.securityfocus.com/bid/381
BID:381
http://marc.info/?l=bugtraq&m=87602167420921&w=2
BUGTRAQ:19970507 Irix: misc
ftp://patches.sgi.com/support/free/security/advisories/20001101-01-I
SGI:20001101-01-I
CVE-1999-1462
Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote attackers to read portions of arbitrary files.
2001-09-12
2017-12-18
CVE-1999-1462
http://www.securityfocus.com/bid/142
BID:142
http://www.securityfocus.com/archive/1/13440
BUGTRAQ:19990426 FW: Security Notice: Big Brother 1.09b/c
http://bb4.com/README.CHANGES
CONFIRM:http://bb4.com/README.CHANGES
https://exchange.xforce.ibmcloud.com/vulnerabilities/3755
XF:http-cgi-bigbrother-bbhist(3755)
CVE-1999-1463
Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial of service (crash) by sending improperly fragmented IP packets without the first fragment, which the TCP/IP stack incorrectly reassembles into a valid session.
2001-09-12
2017-12-18
CVE-1999-1463
http://www.securityfocus.com/archive/1/7219
BUGTRAQ:19970710 A New Fragmentation Attack
https://exchange.xforce.ibmcloud.com/vulnerabilities/528
XF:nt-frag(528)
CVE-1999-1464
Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564.
2001-09-12
2017-12-18
CVE-1999-1464
http://ciac.llnl.gov/ciac/bulletins/j-016.shtml
CIAC:J-016
http://www.cisco.com/warp/public/770/iosdfsacl-pub.shtml
CISCO:19981105 Cisco IOS DFS Access List Leakage
https://exchange.xforce.ibmcloud.com/vulnerabilities/1401
XF:cisco-acl-leakage(1401)
CVE-1999-1465
Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862.
2001-09-12
2017-12-18
CVE-1999-1465
http://ciac.llnl.gov/ciac/bulletins/j-016.shtml
CIAC:J-016
http://www.cisco.com/warp/public/770/iosdfsacl-pub.shtml
CISCO:19981105 Cisco IOS DFS Access List Leakage
https://exchange.xforce.ibmcloud.com/vulnerabilities/1401
XF:cisco-acl-leakage(1401)
CVE-1999-1466
Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.
2001-09-12
2003-05-08
CVE-1999-1466
http://www.securityfocus.com/bid/53
BID:53
http://www.cert.org/advisories/CA-1992-20.html
CERT:CA-1992-20
CVE-1999-1467
Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user.
2001-09-12
2017-12-18
CVE-1999-1467
http://www.securityfocus.com/bid/5
BID:5
http://www.cert.org/advisories/CA-1989-07.html
CERT:CA-1989-07
https://exchange.xforce.ibmcloud.com/vulnerabilities/3165
XF:sun-rcp(3165)
CVE-1999-1468
rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable.
2003-04-02
2002-02-20
CVE-1999-1468
http://www.securityfocus.com/bid/31
BID:31
http://www.cert.org/advisories/CA-91.20.rdist.vulnerability
CERT:CA-91.20
http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-01.html
MISC:http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-01.html
http://www.osvdb.org/8106
OSVDB:8106
http://www.iss.net/security_center/static/7160.php
XF:rdist-popen-gain-privileges(7160)
CVE-1999-1469
Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header.
2001-09-12
2016-10-17
CVE-1999-1469
http://marc.info/?l=bugtraq&m=93871926821410&w=2
BUGTRAQ:19990930 mini-sql Buffer Overflow
CVE-1999-1470
Eastman Work Management 3.21 stores passwords in cleartext in the COMMON and LOCATOR registry keys, which could allow local users to gain privileges.
2001-09-12
2017-12-18
CVE-1999-1470
http://www.securityfocus.com/bid/485
BID:485
http://marc.info/?l=ntbugtraq&m=93034788412494&w=2
NTBUGTRAQ:19990624 Eastman Software Work Management 3.21
https://exchange.xforce.ibmcloud.com/vulnerabilities/2303
XF:eastman-cleartext-passwords(2303)
CVE-1999-1471
Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field.
2001-09-12
2002-02-20
CVE-1999-1471
http://www.securityfocus.com/bid/4
BID:4
http://www.cert.org/advisories/CA-1989-01.html
CERT:CA-1989-01
http://www.iss.net/security_center/static/7152.php
XF:bsd-passwd-bo(7152)
CVE-1999-1472
Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue.
2002-03-09
2002-03-01
CVE-1999-1472
http://marc.info/?l=bugtraq&m=87710897923098&w=2
BUGTRAQ:19971017 Security Hole in Explorer 4.0
http://www.microsoft.com/Windows/ie/security/freiburg.asp
CONFIRM:http://www.microsoft.com/Windows/ie/security/freiburg.asp
http://www.insecure.org/sploits/Internet_explorer_4.0.hack.html
MISC:http://www.insecure.org/sploits/Internet_explorer_4.0.hack.html
http://support.microsoft.com/support/kb/articles/q176/6/97.asp
MSKB:Q176697
http://support.microsoft.com/support/kb/articles/q176/7/94.asp
MSKB:Q176794
http://www.osvdb.org/7819
OSVDB:7819
https://exchange.xforce.ibmcloud.com/vulnerabilities/587
XF:http-ie-spy(587)
CVE-1999-1473
When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue."
2002-03-09
2002-02-20
CVE-1999-1473
http://support.microsoft.com/support/kb/articles/q176/6/97.asp
MSKB:Q176697
http://www.osvdb.org/7818
OSVDB:7818
http://www.iss.net/security_center/static/7426.php
XF:ie-page-redirect(7426)
CVE-1999-1474
PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when the document is opened in browsers such as Internet Explorer.
2001-09-12
2017-12-18
CVE-1999-1474
http://www.microsoft.com/windows/ie/security/powerpoint.asp
CONFIRM:http://www.microsoft.com/windows/ie/security/powerpoint.asp
https://exchange.xforce.ibmcloud.com/vulnerabilities/179
XF:nt-ppt-patch(179)
CVE-1999-1475
ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
2001-09-12
2002-03-09
CVE-1999-1475
http://www.securityfocus.com/bid/812
BID:812
http://www.securityfocus.com/archive/1/35483
BUGTRAQ:19991119 ProFTPd - mod_sqlpw.c
CVE-1999-1476
A bug in Intel Pentium processor (MMX and Overdrive) allows local users to cause a denial of service (hang) in Intel-based operating systems such as Windows NT and Windows 95, via an invalid instruction, aka the "Invalid Operand with Locked CMPXCHG8B Instruction" problem.
2002-03-09
2002-03-01
CVE-1999-1476
http://support.microsoft.com/support/kb/articles/q163/8/52.asp
MSKB:Q163852
https://exchange.xforce.ibmcloud.com/vulnerabilities/704
XF:pentium-crash(704)
CVE-1999-1477
Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack.
2001-09-12
2017-12-18
CVE-1999-1477
http://www.securityfocus.com/bid/663
BID:663
http://www.securityfocus.com/archive/1/28717
BUGTRAQ:19990923 Linux GNOME exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/3349
XF:gnome-espeaker-local-bo(3349)
CVE-1999-1478
The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character.
2002-03-09
2002-03-01
CVE-1999-1478
http://www.securityfocus.com/bid/522
BID:522
http://marc.info/?l=ntbugtraq&m=93138827429589&w=2
NTBUGTRAQ:19990706 Bug in SUN's Hotspot VM
http://marc.info/?l=ntbugtraq&m=93240220324183&w=2
NTBUGTRAQ:19990716 FW: (Review ID: 85125) Hotspot crashes bringing down webserver
https://exchange.xforce.ibmcloud.com/vulnerabilities/2348
XF:sun-hotspot-vm(2348)
CVE-1999-1479
The textcounter.pl by Matt Wright allows remote attackers to execute arbitrary commands via shell metacharacters.
2001-09-12
2017-12-18
CVE-1999-1479
http://www.securityfocus.com/bid/2265
BID:2265
http://www.securityfocus.com/archive/1/9609
BUGTRAQ:19980624 textcounter.pl SECURITY HOLE
https://exchange.xforce.ibmcloud.com/vulnerabilities/2052
XF:http-cgi-textcounter(2052)
CVE-1999-1480
(1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack.
2001-09-12
2003-05-08
CVE-1999-1480
http://www.securityfocus.com/bid/429
BID:429
CVE-1999-1481
Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair.
2002-03-09
2002-03-01
CVE-1999-1481
http://www.securityfocus.com/bid/741
BID:741
http://www.securityfocus.com/archive/1/33295
BUGTRAQ:19991025 [squid] exploit for external authentication problem
http://www.securityfocus.com/archive/1/33295
BUGTRAQ:19991103 [squid]exploit for external authentication problem
http://www.squid-cache.org/Versions/v2/2.2/bugs/
CONFIRM:http://www.squid-cache.org/Versions/v2/2.2/bugs/
https://exchange.xforce.ibmcloud.com/vulnerabilities/3433
XF:squid-proxy-auth-access(3433)
CVE-1999-1482
SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes.
2001-09-12
2003-05-08
CVE-1999-1482
http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-02-15&msg=Pine.LNX.3.96.990219175605.9622A-100000@ferret.lmh.ox.ac.uk
BUGTRAQ:19990219 Security hole: "zgv"
CVE-1999-1483
Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
2001-09-12
2005-11-02
CVE-1999-1483
http://www.securityfocus.com/archive/1/7041
BUGTRAQ:19970619 svgalib/zgv
CVE-1999-1484
Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured.
2001-09-12
2017-12-18
CVE-1999-1484
http://www.securityfocus.com/bid/668
BID:668
http://www.securityfocus.com/archive/1/28719
BUGTRAQ:19990924 Several ActiveX Buffer Overruns
https://exchange.xforce.ibmcloud.com/vulnerabilities/3310
XF:msn-setup-bbs-activex-bo(3310)
CVE-1999-1485
nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting the nsd virtual file system.
2001-09-12
2017-12-18
CVE-1999-1485
http://www.securityfocus.com/bid/412
BID:412
http://marc.info/?l=bugtraq&m=92818552106912&w=2
BUGTRAQ:19990531 IRIX 6.5 nsd virtual filesystem vulnerability
http://www.osvdb.org/8564
OSVDB:8564
https://exchange.xforce.ibmcloud.com/vulnerabilities/2247
XF:sgi-nsd-create(2247)
https://exchange.xforce.ibmcloud.com/vulnerabilities/2246
XF:sgi-nsd-view(2246)
CVE-1999-1486
sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack.
2004-09-01
2004-07-22
CVE-1999-1486
http://www-1.ibm.com/support/search.wss?rs=0&q=IX75554&apar=only
AIXAPAR:IX75554
http://www-1.ibm.com/support/search.wss?rs=0&q=IX76330&apar=only
AIXAPAR:IX76330
http://www-1.ibm.com/support/search.wss?rs=0&q=IX76853&apar=only
AIXAPAR:IX76853
http://www.securityfocus.com/bid/408
BID:408
http://techsupport.services.ibm.com/aix/fixes/v4/os/bos.acct.4.3.1.0.info
CONFIRM:http://techsupport.services.ibm.com/aix/fixes/v4/os/bos.acct.4.3.1.0.info
https://exchange.xforce.ibmcloud.com/vulnerabilities/7675
XF:aix-sadc-timex(7675)
CVE-1999-1487
Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system.
2001-09-12
2002-02-20
CVE-1999-1487
http://www-1.ibm.com/servlet/support/manager?rt=0&rs=0&org=apars&doc=41D8B61D1E1C4FAB852567C9002C546C
AIXAPAR:IX74599
http://www.securityfocus.com/bid/405
BID:405
http://www.iss.net/security_center/static/7477.php
XF:aix-digest(7477)
CVE-1999-1488
sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication.
2002-03-09
2002-02-20
CVE-1999-1488
http://www.securityfocus.com/bid/371
BID:371
http://ciac.llnl.gov/ciac/bulletins/i-079a.shtml
CIAC:I-079A
http://www.iss.net/security_center/static/7217.php
XF:ibm-sdr-read-files(7217)
CVE-1999-1489
Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument.
2001-09-12
2005-11-02
CVE-1999-1489
http://www.securityfocus.com/bid/364
BID:364
http://www.securityfocus.com/archive/1/6384
BUGTRAQ:19970304 Linux SuperProbe exploit
CVE-1999-1490
xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable.
2003-04-02
2003-03-17
CVE-1999-1490
http://www.securityfocus.com/bid/362
BID:362
http://marc.info/?l=bugtraq&m=90221101926021&w=2
BUGTRAQ:19980528 ALERT: Tiresome security hole in "xosview", RedHat5.1?
http://marc.info/?l=bugtraq&m=90221101926034&w=2
BUGTRAQ:19980529 Re: Tiresome security hole in "xosview" (xosexp.c)
http://www.iss.net/security_center/static/8787.php
XF:linux-xosview-bo(8787)
CVE-1999-1491
abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program.
2001-09-12
2016-10-17
CVE-1999-1491
http://www.securityfocus.com/bid/354
BID:354
http://marc.info/?l=bugtraq&m=87602167418994&w=2
BUGTRAQ:19960202 abuse Red Hat 2.1 security hole
CVE-1999-1492
Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows local attacker to create arbitrary root owned files, leading to root privileges.
2001-09-12
2017-12-18
CVE-1999-1492
http://www.securityfocus.com/bid/348
BID:348
ftp://patches.sgi.com/support/free/security/advisories/19980502-01-P3030
SGI:19980502-01-P3030
https://exchange.xforce.ibmcloud.com/vulnerabilities/2104
XF:sgi-diskalign(2104)
https://exchange.xforce.ibmcloud.com/vulnerabilities/2103
XF:sgi-diskperf(2103)
CVE-1999-1493
Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through SR10.3 allows remote attackers to gain root privileges via insecure system calls, (1) pad_$dm_cmd and (2) pad_$def_pfk().
2001-09-12
2017-12-18
CVE-1999-1493
http://www.securityfocus.com/bid/34
BID:34
http://www.cert.org/advisories/CA-1991-23.html
CERT:CA-1991-23
https://exchange.xforce.ibmcloud.com/vulnerabilities/7158
XF:apollo-crp-root-access(7158)
CVE-1999-1494
colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.
2002-03-09
2002-03-01
CVE-1999-1494
http://www.securityfocus.com/bid/336
BID:336
http://www.securityfocus.com/archive/1/675
BUGTRAQ:19940809 Re: IRIX 5.2 Security Advisory
http://www.tryc.on.ca/archives/bugtraq/1995_1/0614.html
BUGTRAQ:19950307 sigh. another Irix 5.2 hole.
ftp://patches.sgi.com/support/free/security/advisories/19950209-01-P
SGI:19950209-00-P
https://exchange.xforce.ibmcloud.com/vulnerabilities/2112
XF:sgi-colorview(2112)
CVE-1999-1495
xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file.
2001-09-12
2017-12-18
CVE-1999-1495
http://www.securityfocus.com/bid/325
BID:325
http://www.securityfocus.com/archive/1/12580
BUGTRAQ:19990218 xtvscreen and suse 6
https://exchange.xforce.ibmcloud.com/vulnerabilities/1792
XF:xtvscreen-overwrite(1792)
CVE-1999-1496
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.
2001-09-12
2017-12-18
CVE-1999-1496
http://www.securityfocus.com/bid/321
BID:321
http://www.securityfocus.com/archive/1/14665
BUGTRAQ:19990608 unneeded information in sudo
https://exchange.xforce.ibmcloud.com/vulnerabilities/2277
XF:sudo-file-exists(2277)
CVE-1999-1497
Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts.
2001-09-12
2001-11-28
CVE-1999-1497
http://www.securityfocus.com/bid/880
BID:880
http://www.securityfocus.com/archive/1/39329
BUGTRAQ:19991221 [w00giving '99 #11] IMail's password encryption scheme
CVE-1999-1498
Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.
2001-09-12
2003-05-08
CVE-1999-1498
http://www.securityfocus.com/bid/82
BID:82
BUGTRAQ:19980406 insecure tmp file creation
CVE-1999-1499
named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used.
2001-09-12
2003-05-08
CVE-1999-1499
http://www.securityfocus.com/bid/80
BID:80
http://www.securityfocus.com/archive/1/8966
BUGTRAQ:19980410 BIND 4.9.7 named follows symlinks, clobbers anything
CVE-1999-1500
Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to cause a denial of service (crash) via (1) LIST, (2) TOP, or (3) UIDL commands using letters as arguments.
2001-09-12
2016-10-17
CVE-1999-1500
http://www.securityfocus.com/bid/733
BID:733
http://marc.info/?l=ntbugtraq&m=93880357530599&w=2
NTBUGTRAQ:19991001 Vulnerabilities in the Internet Anywhere Mail Server
CVE-1999-1501
(1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands.
2001-09-12
2016-10-17
CVE-1999-1501
http://www.securityfocus.com/bid/70
BID:70
http://www.securityfocus.com/bid/71
BID:71
http://marc.info/?l=bugtraq&m=89217373930054&w=2
BUGTRAQ:19980408 SGI O2 ipx security issue
CVE-1999-1502
Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console command.
2001-09-12
2016-10-17
CVE-1999-1502
http://www.securityfocus.com/bid/68
BID:68
http://www.securityfocus.com/bid/69
BID:69
http://marc.info/?l=bugtraq&m=89205623028934&w=2
BUGTRAQ:19980408 QuakeI client: serious holes.
CVE-1999-1503
Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field.
2001-09-12
2003-05-08
CVE-1999-1503
http://www.securityfocus.com/bid/63
BID:63
CVE-1999-1504
Stalker Internet Mail Server 1.6 allows a remote attacker to cause a denial of service (crash) via a long HELO command.
2001-09-12
2003-05-08
CVE-1999-1504
http://www.securityfocus.com/bid/62
BID:62
http://www.securityfocus.com/archive/1/8951
BUGTRAQ:19980408 Re: AppleShare IP Mail Server
CVE-1999-1505
Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet.
2001-09-12
2016-10-17
CVE-1999-1505
http://www.securityfocus.com/bid/60
BID:60
http://marc.info/?l=bugtraq&m=89200537415923&w=2
BUGTRAQ:19980407 QW vulnerability
CVE-1999-1506
Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.
2001-09-12
2002-02-11
CVE-1999-1506
http://www.securityfocus.com/bid/6
BID:6
http://www.cert.org/advisories/CA-90.01.sun.sendmail.vulnerability
CERT:CA-1990-01
CVE-1999-1507
Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash.
2002-03-09
2002-02-17
CVE-1999-1507
http://www.securityfocus.com/bid/59
BID:59
http://www.cert.org/advisories/CA-1993-03.html
CERT:CA-1993-03
https://exchange.xforce.ibmcloud.com/vulnerabilities/521
XF:sun-dir(521)
CVE-1999-1508
Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a remote attacker to gain administrator access by directly calling undocumented URLs such as ncl_items.html and ncl_subjects.html.
2001-09-12
2016-10-17
CVE-1999-1508
http://www.securityfocus.com/bid/806
BID:806
http://marc.info/?l=bugtraq&m=94286041430870&w=2
BUGTRAQ:19991116 [Fwd: Printer Vulnerability: Tektronix PhaserLink Webserver gives Administrator Password]
CVE-1999-1509
Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL.
2001-09-12
2016-10-17
CVE-1999-1509
http://www.securityfocus.com/bid/773
BID:773
http://marc.info/?l=bugtraq&m=94183041514522&w=2
BUGTRAQ:19991104 Eserv 2.50 Web interface Server Directory Traversal Vulnerability
http://marc.info/?l=ntbugtraq&m=94177470915423&w=2
NTBUGTRAQ:19991104 Eserv 2.50 Web interface Server Directory Traversal Vulnerability
XF:eserv-fileread
CVE-1999-1510
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.
2001-09-12
2017-12-18
CVE-1999-1510
http://marc.info/?l=ntbugtraq&m=92697301706956&w=2
NTBUGTRAQ:19990517 Vulnerabilities in BisonWare FTP Server 3.5
https://exchange.xforce.ibmcloud.com/vulnerabilities/3234
XF:bisonware-command-bo(3234)
CVE-1999-1511
Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2) a long HELO command in the SMTP service, or (3) a long user name in the Control Service.
2001-09-12
2017-12-18
CVE-1999-1511
http://www.securityfocus.com/bid/791
BID:791
http://marc.info/?l=bugtraq&m=94226003804744&w=2
BUGTRAQ:19991110 Multiples Remotes DoS Attacks in Artisoft XtraMail v1.11 Vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/3488
XF:xtramail-pass-dos(3488)
CVE-1999-1512
The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attackers to execute arbitrary commands as root via an infected mail message with shell metacharacters in the reply-to field.
2002-03-09
2002-03-01
CVE-1999-1512
http://www.securityfocus.com/bid/527
BID:527
http://marc.info/?l=bugtraq&m=93219846414732&w=2
BUGTRAQ:19990716 AMaViS virus scanner for Linux - root exploit
http://www.amavis.org/ChangeLog.txt
CONFIRM:http://www.amavis.org/ChangeLog.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/2349
XF:amavis-command-execute(2349)
CVE-1999-1513
Management information base (MIB) for a 3Com SuperStack II hub running software version 2.10 contains an object identifier (.1.3.6.1.4.1.43.10.4.2) that is accessible by a read-only community string, but lists the entire table of community strings, which could allow attackers to conduct unauthorized activities.
2001-09-12
2016-10-17
CVE-1999-1513
http://marc.info/?l=bugtraq&m=93616983223090&w=2
BUGTRAQ:19990830 One more 3Com SNMP vulnerability
CVE-1999-1514
Buffer overflow in Celtech ExpressFS FTP server 2.x allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long USER command.
2001-09-12
2017-12-18
CVE-1999-1514
http://www.securityfocus.com/bid/749
BID:749
http://marc.info/?l=bugtraq&m=94121377716133&w=2
BUGTRAQ:19990729 ExpressFS 2.x FTPServer remotely exploitable buffer overflow vulnerability
http://marc.info/?l=ntbugtraq&m=94130292519646&w=2
NTBUGTRAQ:19990729 ExpressFS 2.x FTPServer remotely exploitable buffer overflow vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/3401
XF:expressfs-command-bo(3401)
CVE-1999-1515
A non-default configuration in TenFour TFS Gateway 4.0 allows an attacker to cause a denial of service via messages with incorrect sender and recipient addresses, which causes the gateway to continuously try to return the message every 10 seconds.
2001-09-12
2017-12-18
CVE-1999-1515
http://www.securityfocus.com/bid/613
BID:613
https://exchange.xforce.ibmcloud.com/vulnerabilities/3290
XF:tfs-gateway-dos(3290)
CVE-1999-1516
A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes in a MAIL FROM string.
2001-09-12
2016-10-17
CVE-1999-1516
http://marc.info/?l=bugtraq&m=93677241318492&w=2
BUGTRAQ:19990902 [SECURITY] TenFour TFS SMTP 3.2 Buffer Overflow
CVE-1999-1517
runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user to overwrite or read arbitrary files by providing the target files to runtar.
2001-09-12
2016-10-17
CVE-1999-1517
http://www.securityfocus.com/bid/750
BID:750
http://marc.info/?l=bugtraq&m=94148942818975&w=2
BUGTRAQ:19991101 Amanda multiple vendor local root compromises
CVE-1999-1518
Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.
2001-09-12
2017-12-18
CVE-1999-1518
http://www.securityfocus.com/bid/526
BID:526
http://marc.info/?l=bugtraq&m=93207728118694&w=2
BUGTRAQ:19990715 Shared memory DoS's
https://exchange.xforce.ibmcloud.com/vulnerabilities/2351
XF:bsd-shared-memory-dos(2351)
CVE-1999-1519
Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password.
2001-09-12
2017-12-18
CVE-1999-1519
http://www.securityfocus.com/bid/805
BID:805
http://marc.info/?l=bugtraq&m=94286244700573&w=2
BUGTRAQ:19991117 Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/3513
XF:g6ftp-username-dos(3513)
CVE-1999-1520
A configuration problem in the Ad Server Sample directory (AdSamples) in Microsoft Site Server 3.0 allows an attacker to obtain the SITE.CSC file, which exposes sensitive SQL database information.
2004-09-01
2004-07-22
CVE-1999-1520
http://www.securityfocus.com/bid/256
BID:256
http://marc.info/?l=bugtraq&m=92647407227303&w=2
BUGTRAQ:19990511 [ALERT] Site Server 3.0 May Expose SQL IDs and PSWs
https://exchange.xforce.ibmcloud.com/vulnerabilities/2270
XF:siteserver-site-csc(2270)
CVE-1999-1521
Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server.
2001-09-12
2017-12-18
CVE-1999-1521
http://www.securityfocus.com/bid/633
BID:633
http://marc.info/?l=bugtraq&m=94121824921783&w=2
BUGTRAQ:19990729 Vulnerability in CMail SMTP Server Version 2.4: Remotely exploitable buffer
http://marc.info/?l=bugtraq&m=93720402717560&w=2
BUGTRAQ:19990912 Many kind of POP3/SMTP server softwares for Windows have buffer overflow bug
https://exchange.xforce.ibmcloud.com/vulnerabilities/2240
XF:cmail-command-bo(2240)
CVE-1999-1522
Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier, possibly related to recursive parsing and referer tags in RXML.
2001-09-12
2016-10-17
CVE-1999-1522
http://marc.info/?l=bugtraq&m=93942579008408&w=2
BUGTRAQ:19991007 Roxen security alert
CVE-1999-1523
Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request.
2001-09-12
2017-12-18
CVE-1999-1523
http://marc.info/?l=bugtraq&m=93901161727373&w=2
BUGTRAQ:19991004
http://marc.info/?l=bugtraq&m=93941351229256&w=2
BUGTRAQ:19991006 Re: Sample DOS against the Sambar HTTP-Server
https://exchange.xforce.ibmcloud.com/vulnerabilities/1672
XF:sambar-logging-bo(1672)
CVE-1999-1524
FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port.
2001-09-12
2016-10-17
CVE-1999-1524
http://marc.info/?l=bugtraq&m=93424680430460&w=2
BUGTRAQ:19990807 Re: FlowPoint DSL router vulnerability
CVE-1999-1525
Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie.
2001-09-12
2017-12-18
CVE-1999-1525
http://marc.info/?l=bugtraq&m=87602167420670&w=2
BUGTRAQ:19970314 Shockwave Security Alert
https://exchange.xforce.ibmcloud.com/vulnerabilities/460
XF:http-ns-shockwave(460)
https://exchange.xforce.ibmcloud.com/vulnerabilities/1586
XF:shockwave-file-read-vuln(1586)
https://exchange.xforce.ibmcloud.com/vulnerabilities/1585
XF:shockwave-internal-access(1585)
CVE-1999-1526
Auto-update feature of Macromedia Shockwave 7 transmits a user's password and hard disk information back to Macromedia.
2001-09-12
2017-12-18
CVE-1999-1526
http://www.securityfocus.com/archive/1/12842
BUGTRAQ:19990311 [Fwd: Shockwave 7 Security Hole]
https://exchange.xforce.ibmcloud.com/vulnerabilities/1931
XF:shockwave-updater(1931)
CVE-1999-1527
Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in its configuration, which allows arbitrary remote attackers to access the server.
2001-09-12
2016-10-17
CVE-1999-1527
http://www.securityfocus.com/bid/816
BID:816
http://marc.info/?l=bugtraq&m=94338883114254&w=2
BUGTRAQ:19991123 NetBeans/ Forte' Java IDE HTTP vulnerability
CVE-1999-1528
ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not automatically log a user out of the NDS tree when the user logs off the system, which allows other users of the same system access to the unprotected NDS session.
2001-09-12
2016-10-17
CVE-1999-1528
http://www.securityfocus.com/bid/794
BID:794
http://marc.info/?l=bugtraq&m=94261444428430&w=2
BUGTRAQ:19991114 MacOS 9 and the MacOS Netware Client
CVE-1999-1529
A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code.
2001-09-12
2017-12-18
CVE-1999-1529
http://www.securityfocus.com/bid/787
BID:787
http://marc.info/?l=bugtraq&m=94201512111092&w=2
BUGTRAQ:19991107 Interscan VirusWall NT 3.23/3.3 buffer overflow
http://marc.info/?l=bugtraq&m=94204166130782&w=2
BUGTRAQ:19991108 Patch for VirusWall 3.23.
http://marc.info/?l=bugtraq&m=94210427406568&w=2
BUGTRAQ:19991108 Re: Interscan VirusWall NT 3.23/3.3 buffer overflow.
http://www.securityfocus.com/archive/1/55551
BUGTRAQ:20000417 New DOS on Interscan NT/3.32
http://marc.info/?l=ntbugtraq&m=94199707625818&w=2
NTBUGTRAQ:19991107 Interscan VirusWall NT 3.23/3.3 buffer overflow.
http://marc.info/?l=ntbugtraq&m=94208143007829&w=2
NTBUGTRAQ:19991108 Patch for VirusWall 3.23.
https://exchange.xforce.ibmcloud.com/vulnerabilities/3465
XF:viruswall-helo-bo(3465)
CVE-1999-1530
cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system.
2002-03-09
2002-02-17
CVE-1999-1530
http://www.securityfocus.com/bid/777
BID:777
http://marc.info/?l=bugtraq&m=94209954200450&w=2
BUGTRAQ:19991108 Security flaw in Cobalt RaQ2 cgiwrap
http://marc.info/?l=bugtraq&m=94225629200045&w=2
BUGTRAQ:19991109 [Cobalt] Security Advisory - cgiwrap
http://www.osvdb.org/35
OSVDB:35
http://www.iss.net/security_center/static/7764.php
XF:cobalt-cgiwrap-incorrect-permissions(7764)
CVE-1999-1531
Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.
2002-03-09
2002-02-17
CVE-1999-1531
http://www.securityfocus.com/bid/763
BID:763
http://marc.info/?l=bugtraq&m=94157187815629&w=2
BUGTRAQ:19991102 Some holes for Win/UNIX softwares
http://www.iss.net/security_center/static/7767.php
XF:ibm-homepageprint-bo(7767)
CVE-1999-1532
Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands.
2001-09-12
2016-10-17
CVE-1999-1532
http://www.securityfocus.com/bid/748
BID:748
http://marc.info/?l=bugtraq&m=94117465014255&w=2
BUGTRAQ:19991029 message:Netscape Messaging Server RCPT TO vul.
CVE-1999-1533
Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause a denial of service (hang) via a long password argument to the login.htm file in its HTTP service.
2001-09-12
2017-12-18
CVE-1999-1533
http://www.securityfocus.com/bid/665
BID:665
http://marc.info/?l=bugtraq&m=93846522511387&w=2
BUGTRAQ:19990926 DoS Exploit in Eicon Diehl LAN ISDN Modem
https://exchange.xforce.ibmcloud.com/vulnerabilities/3317
XF:diva-lan-isdn-dos(3317)
CVE-1999-1534
Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable.
2001-09-12
2016-10-17
CVE-1999-1534
http://www.securityfocus.com/bid/661
BID:661
http://marc.info/?l=bugtraq&m=93837184228248&w=2
BUGTRAQ:19990923 Multiple vendor Knox Arkiea local root/remote DoS
CVE-1999-1535
Buffer overflow in AspUpload.dll in Persits Software AspUpload before 1.4.0.2 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument in the HTTP request.
2002-03-09
2002-03-01
CVE-1999-1535
http://www.securityfocus.com/bid/592
BID:592
http://marc.info/?l=ntbugtraq&m=93256878011447&w=2
NTBUGTRAQ:19990720 Buffer overflow in AspUpload 1.4
http://marc.info/?l=ntbugtraq&m=93501427820328&w=2
NTBUGTRAQ:19990818 AspUpload Buffer Overflow Fixed
https://exchange.xforce.ibmcloud.com/vulnerabilities/3291
XF:http-aspupload-bo(3291)
CVE-1999-1536
.sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file.
2001-09-12
2016-10-17
CVE-1999-1536
http://www.securityfocus.com/bid/560
BID:560
http://marc.info/?l=bugtraq&m=93347785827287&w=2
BUGTRAQ:19990730 World writable root owned script in SalesBuilder (RedHat 6.0)
http://www.osvdb.org/13557
OSVDB:13557
CVE-1999-1537
IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the files over SSL.
2004-09-01
2002-03-22
CVE-1999-1537
http://www.securityfocus.com/bid/521
BID:521
http://marc.info/?l=ntbugtraq&m=93138827329577&w=2
NTBUGTRAQ:19990707 SSL and IIS.
https://exchange.xforce.ibmcloud.com/vulnerabilities/2352
XF:ssl-iis-dos(2352)
CVE-1999-1538
When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password.
2001-09-12
2016-10-17
CVE-1999-1538
http://www.securityfocus.com/bid/189
BID:189
http://marc.info/?l=bugtraq&m=91638375309890&w=2
BUGTRAQ:19990114 MS IIS 4.0 Security Advisory
http://marc.info/?l=ntbugtraq&m=91632724913080&w=2
NTBUGTRAQ:19990114 MS IIS 4.0 Security Advisory
CVE-1999-1539
Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions 4.2d and 4.3 and QVT/Net 4.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long (1) user name or (2) password.
2001-09-12
2017-12-18
CVE-1999-1539
http://www.securityfocus.com/bid/796
BID:796
http://marc.info/?l=bugtraq&m=94225924803704&w=2
BUGTRAQ:19991110 Remote DoS Attack in QVT/Term 'Plus' 4.2d FTP Server Vulnerability
http://marc.info/?l=ntbugtraq&m=94223972910670&w=2
NTBUGTRAQ:19991110 Remote DoS Attack in QVT/Term 'Plus' 4.2d FTP Server Vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/3491
XF:qvtterm-login-dos(3491)
CVE-1999-1540
shell-lock in Cactus Software Shell Lock uses weak encryption (trivial encoding) which allows attackers to easily decrypt and obtain the source code.
2001-09-12
2017-12-18
CVE-1999-1540
http://marc.info/?l=bugtraq&m=93916168802365&w=2
BUGTRAQ:19991005 Cactus Software's shell-lock
http://www.atstake.com/research/advisories/1999/shell-lock.txt
L0PHT:19991004
https://exchange.xforce.ibmcloud.com/vulnerabilities/3356
XF:cactus-shell-lock-retrieve-shell-code(3356)
CVE-1999-1541
shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files before they are executed, via a symlink attack on a temporary file.
2001-09-12
2017-12-18
CVE-1999-1541
http://marc.info/?l=bugtraq&m=93916168802365&w=2
BUGTRAQ:19991005 Cactus Software's shell-lock
http://www.atstake.com/research/advisories/1999/shell-lock.txt
L0PHT:19991004
https://exchange.xforce.ibmcloud.com/vulnerabilities/3358
XF:cactus-shell-lock-root-privs(3358)
CVE-1999-1542
RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.
2002-03-09
2001-11-28
CVE-1999-1542
http://marc.info/?l=bugtraq&m=93915641729415&w=2
BUGTRAQ:19991004 RH6.0 local/remote command execution
http://marc.info/?l=bugtraq&m=93923853105687&w=2
BUGTRAQ:19991006 Fwd: [Re: RH6.0 local/remote command execution]
https://exchange.xforce.ibmcloud.com/vulnerabilities/3353
XF:linux-rh-rpmmail(3353)
CVE-1999-1543
MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File.
2001-09-12
2016-10-17
CVE-1999-1543
http://www.securityfocus.com/bid/519
BID:519
http://marc.info/?l=bugtraq&m=93188174906513&w=2
BUGTRAQ:19990710 MacOS system encryption algorithm
http://marc.info/?l=bugtraq&m=93736667813924&w=2
BUGTRAQ:19990914 MacOS system encryption algorithm 3
CVE-1999-1544
Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command.
2001-09-12
2016-10-17
CVE-1999-1544
http://marc.info/?l=bugtraq&m=91722115016183&w=2
BUGTRAQ:19990124 Advisory: IIS FTP Exploit/DoS Attack
CVE-1999-1545
Joe's Own Editor (joe) 2.8 sets the world-readable permission on its crash-save file, DEADJOE, which could allow local users to read files that were being edited by other users.
2001-09-12
2016-10-17
CVE-1999-1545
http://marc.info/?l=bugtraq&m=93216103027827&w=2
BUGTRAQ:19990714
http://marc.info/?l=bugtraq&m=93226771401036&w=2
BUGTRAQ:19990717 joe 2.8 makes world-readable DEADJOE
CVE-1999-1546
netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable.
2001-09-12
2017-12-18
CVE-1999-1546
http://www.securityfocus.com/archive/1/12217
BUGTRAQ:19990129 TROJAN: netstation.navio-comm.rte 1.1.0.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/1724
XF:navionc-config-script(1724)
CVE-1999-1547
Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent.
2001-09-12
2016-10-17
CVE-1999-1547
http://www.securityfocus.com/bid/841
BID:841
http://marc.info/?l=bugtraq&m=94359982417686&w=2
BUGTRAQ:19991125 Oracle Web Listener
http://marc.info/?l=ntbugtraq&m=94390053530890&w=2
NTBUGTRAQ:19991125 Oracle Web Listener
CVE-1999-1548
Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle 200 ARP requests per second allowing a denial of service attack to succeed with a flood of ARP requests exceeding that limit.
2001-09-12
2017-02-15
CVE-1999-1548
http://www.securityfocus.com/bid/821
BID:821
http://razor.bindview.com/publish/advisories/adv_Cabletron.html
BINDVIEW:19991124 Cabletron SmartSwitch Router 8000 Firmware v2.x
CVE-1999-1549
Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands.
2001-09-12
2016-10-17
CVE-1999-1549
http://www.securityfocus.com/bid/804
BID:804
http://marc.info/?l=bugtraq&m=94286509804526&w=2
BUGTRAQ:19991116 lynx 2.8.x - 'special URLs' anti-spoofing protection is weak
CVE-1999-1550
bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter.
2002-03-09
2002-02-17
CVE-1999-1550
http://www.securityfocus.com/bid/778
BID:778
http://marc.info/?l=bugtraq&m=94217006208374&w=2
BUGTRAQ:19991108 BigIP - bigconf.cgi holes
http://marc.info/?l=bugtraq&m=94225879703021&w=2
BUGTRAQ:19991109
http://marc.info/?l=bugtraq&m=94217879020184&w=2
BUGTRAQ:19991109 Re: BigIP - bigconf.cgi holes
http://www.iss.net/security_center/static/7771.php
XF:bigip-bigconf-view-files(7771)
CVE-1999-1551
Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL.
2001-09-12
2017-12-18
CVE-1999-1551
http://www.securityfocus.com/bid/505
BID:505
http://marc.info/?l=bugtraq&m=92038879607336&w=2
BUGTRAQ:19990302 Multiple IMail Vulnerabilites
https://exchange.xforce.ibmcloud.com/vulnerabilities/1898
XF:imail-websvc-overflow(1898)
CVE-1999-1552
dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges.
2001-09-12
2003-03-18
CVE-1999-1552
http://www.securityfocus.com/bid/358
BID:358
http://lists.insecure.org/lists/bugtraq/1994/Jul/0038.html
BUGTRAQ:19940720 xnews and XDM
CVE-1999-1553
Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line.
2001-09-12
2017-12-18
CVE-1999-1553
http://www.securityfocus.com/bid/311
BID:311
http://www.securityfocus.com/archive/1/12730
BUGTRAQ:19990301 [0z0n3] XCmail remotely exploitable vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/1859
XF:xcmail-reply-overflow(1859)
CVE-1999-1554
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.
2001-09-12
2002-02-20
CVE-1999-1554
http://www.securityfocus.com/bid/13
BID:13
http://www.cert.org/advisories/CA-1990-08.html
CERT:CA-1990-08
http://www.iss.net/security_center/static/3164.php
XF:sgi-irix-reset(3164)
CVE-1999-1555
Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pack 2 creates an update directory with "EVERYONE FULL CONTROL" permissions, which allows local users to cause Inoculan's antivirus update feature to install a Trojan horse dll.
2001-09-12
2017-12-18
CVE-1999-1555
http://www.securityfocus.com/bid/106
BID:106
http://www.securityfocus.com/archive/1/9515
BUGTRAQ:19980611 Cheyenne Inoculan vulnerability on NT
https://exchange.xforce.ibmcloud.com/vulnerabilities/1536
XF:inoculan-bad-permissions(1536)
CVE-1999-1556
Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value.
2004-09-01
2004-07-22
CVE-1999-1556
http://www.securityfocus.com/bid/109
BID:109
http://marc.info/?l=ntbugtraq&m=90222453431645&w=2
NTBUGTRAQ:19980629 MS SQL Server 6.5 stores password in unprotected registry keys
https://exchange.xforce.ibmcloud.com/vulnerabilities/7354
XF:mssql-sqlexecutivecmdexec-password(7354)
CVE-1999-1557
Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password.
2001-09-12
2017-12-18
CVE-1999-1557
http://marc.info/?l=bugtraq&m=92038879607336&w=2
BUGTRAQ:19990301 Multiple IMail Vulnerabilites
https://exchange.xforce.ibmcloud.com/vulnerabilities/1895
XF:imail-imap-overflow(1895)
CVE-1999-1558
Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled.
2001-09-12
2002-02-20
CVE-1999-1558
http://www.securityfocus.com/bid/161
BID:161
CERT:VB-98.07
http://ciac.llnl.gov/ciac/bulletins/i-071a.shtml
CIAC:I-071A
http://www.iss.net/security_center/static/7151.php
XF:openvms-loginout-unauth-access(7151)
CVE-1999-1559
Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time.
2001-09-12
2017-12-18
CVE-1999-1559
http://marc.info/?l=bugtraq&m=92299263017061&w=2
BUGTRAQ:19990331 Xylan OmniSwitch "features"
https://exchange.xforce.ibmcloud.com/vulnerabilities/2064
XF:xylan-omniswitch-login(2064)
CVE-1999-1560
Vulnerability in a script in Texas A&M University (TAMU) Tiger allows local users to execute arbitrary commands as the Tiger user, usually root.
2001-09-12
2017-12-18
CVE-1999-1560
http://marc.info/?l=bugtraq&m=93252050203589&w=2
BUGTRAQ:19990720 tiger vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/2369
XF:tiger-script-execute(2369)
CVE-1999-1561
Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server.
2001-09-12
2002-03-22
CVE-1999-1561
http://www.securityfocus.com/archive/1/24852
BUGTRAQ:19990820 Winamp SHOUTcast server: Gain Administrator Password
CVE-1999-1562
gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file.
2001-09-12
2005-03-08
CVE-1999-1562
http://www.securityfocus.com/bid/3446
BID:3446
http://www.securityfocus.com/archive/1/26915
BUGTRAQ:19990905 gftp
http://www.debian.org/security/2001/dsa-084
DEBIAN:DSA-084
CVE-1999-1563
Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm.
2001-09-12
2001-11-28
CVE-1999-1563
http://www.securityfocus.com/archive/1/30849
BUGTRAQ:19991014 NEUROCOM: Nashuatec printer, 3 vulnerabilities found
http://www.securityfocus.com/archive/1/35075
BUGTRAQ:19991116 NEUROCOM: Nashuatec D445/435 vulnerabilities updated
CVE-1999-1564
FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes.
2001-09-12
2002-03-09
CVE-1999-1564
http://www.securityfocus.com/archive/1/26166
BUGTRAQ:19990902 [ Kernel panic with FreeBSD-3.2-19990830-STABLE ]
CVE-1999-1565
Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
2002-03-09
2002-03-01
CVE-1999-1565
http://www.securityfocus.com/archive/1/24784
BUGTRAQ:19990820 [SECURITY] New versions of man2html fixes postinst glitch
http://www.osvdb.org/6291
OSVDB:6291
CVE-1999-1566
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
2001-09-12
2002-03-22
CVE-1999-1566
http://www.securityfocus.com/archive/1/13600
BUGTRAQ:19990508 iParty Daemon Vulnerability w/ Exploit Code (worse than thought?)
CVE-1999-1567
Seapine Software TestTrack server allows a remote attacker to cause a denial of service (high CPU) via (1) TestTrackWeb.exe and (2) ttcgi.exe by connecting to port 99 and disconnecting without sending any data.
2001-09-12
2017-12-18
CVE-1999-1567
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9903&L=NTBUGTRAQ&P=R1215
NTBUGTRAQ:19990308 Password and DOS Vulnerability with Testrack (bug tracking software)
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9906&L=NTBUGTRAQ&P=R1680
NTBUGTRAQ:19990616 Password and DOS Vulnerability with Testrack (bug tracking software)
https://exchange.xforce.ibmcloud.com/vulnerabilities/1948
XF:testtrack-dos(1948)
CVE-1999-1568
Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command.
2004-09-01
2003-03-21
CVE-1999-1568
http://www.securityfocus.com/archive/1/12699
BUGTRAQ:19990223 Comments on NcFTPd "theoretical root compromise"
http://marc.info/?l=bugtraq&m=91981352617720&w=2
BUGTRAQ:19990223 NcFTPd remote buffer overflow
https://exchange.xforce.ibmcloud.com/vulnerabilities/1833
XF:ncftpd-port-bo(1833)
CVE-1999-1569
Quake 1 and NetQuake servers allow remote attackers to cause a denial of service (resource exhaustion or forced disconnection) via a flood of spoofed UDP connection packets, which exceeds the server's player limit.
2002-08-31
2017-12-18
CVE-1999-1569
http://www.securityfocus.com/bid/3051
BID:3051
http://marc.info/?l=bugtraq&m=90221101925989&w=2
BUGTRAQ:19980502 NetQuake Protocol problem resulting in smurf like effect.
http://marc.info/?l=bugtraq&m=91012172524181&w=2
BUGTRAQ:19981101 Quake problem?
http://www.securityfocus.com/archive/1/197268
BUGTRAQ:20010716 Quake client and server denial-of-service
https://exchange.xforce.ibmcloud.com/vulnerabilities/6871
XF:quake-spoofed-client-dos(6871)
CVE-1999-1570
Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.
2002-08-31
2016-10-17
CVE-1999-1570
http://www.securityfocus.com/bid/4089
BID:4089
http://online.securityfocus.com/archive/1/27074
BUGTRAQ:19990909 19 SCO 5.0.5+Skunware98 buffer overflows
ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.17/CSSA-2002-SCO.17.txt
CALDERA:CSSA-2002-SCO.17
http://marc.info/?l=vuln-dev&m=102098949103708&w=2
VULN-DEV:20020509 Sar -o exploitation process info.
http://www.iss.net/security_center/static/8989.php
XF:openserver-sar-bo(8989)
CVE-1999-1571
Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.
2002-10-15
2016-10-17
CVE-1999-1571
http://www.securityfocus.com/bid/643
BID:643
http://online.securityfocus.com/archive/1/27074
BUGTRAQ:19990909 19 SCO 5.0.5+Skunware98 buffer overflows
http://marc.info/?l=bugtraq&m=93762097815861&w=2
BUGTRAQ:19990917 Re: recent SCO 5.0.x vulnerabilities
http://marc.info/?l=bugtraq&m=94053017801639&w=2
BUGTRAQ:19991020 Re: recent SCO 5.0.x vulnerabilities
http://marc.info/?l=bugtraq&m=94183363719024&w=2
BUGTRAQ:19991105 SCO Security Bulletin 99.17
ftp://stage.caldera.com/pub/security/sse/sse037c/sse037c.ltr
CONFIRM:ftp://stage.caldera.com/pub/security/sse/sse037c/sse037c.ltr
http://online.securityfocus.com/advisories/1843
MISC:http://online.securityfocus.com/advisories/1843
ftp://stage.caldera.com/pub/security/sse/security_bulletins/SB-99.17c
SCO:SB-99.17c
http://marc.info/?l=vuln-dev&m=102098949103708&w=2
VULN-DEV:20020509 Sar -o exploitation process info.
http://www.iss.net/security_center/static/8989.php
XF:openserver-sar-bo(8989)
CVE-1999-1572
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.
2005-01-29
2017-10-18
CVE-1999-1572
http://marc.info/?l=bugtraq&m=110763404701519&w=2
BUGTRAQ:20050204 [USN-75-1] cpio vulnerability
http://support.avaya.com/elmodocs2/security/ASA-2005-212.pdf
CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2005-212.pdf
http://www.debian.org/security/2005/dsa-664
DEBIAN:DSA-664
http://www.mandriva.com/security/advisories?name=MDKSA-2005:032
MANDRAKE:MDKSA-2005:032
http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/1391
MISC:http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/1391
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10888
OVAL:oval:org.mitre.oval:def:10888
http://www.redhat.com/support/errata/RHSA-2005-073.html
REDHAT:RHSA-2005:073
http://www.redhat.com/support/errata/RHSA-2005-080.html
REDHAT:RHSA-2005:080
http://www.redhat.com/support/errata/RHSA-2005-806.html
REDHAT:RHSA-2005:806
http://secunia.com/advisories/14357
SECUNIA:14357
http://secunia.com/advisories/17063
SECUNIA:17063
http://secunia.com/advisories/17532
SECUNIA:17532
http://www.trustix.org/errata/2005/0003/
TRUSTIX:2005-0003
https://exchange.xforce.ibmcloud.com/vulnerabilities/19167
XF:cpio-o-archive-insecure-permissions(19167)
CVE-1999-1573
Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files.
2005-04-21
2017-10-18
CVE-1999-1573
http://www.auscert.org.au/render.html?it=490
AUSCERT:ESB-98.186
http://www.kb.cert.org/vuls/id/13217
CERT-VN:VU#13217
http://www.ciac.org/ciac/bulletins/j-022.shtml
CIAC:J-022
http://www.securityfocus.com/advisories/1471
HP:HPSBUX9812-090
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5550
OVAL:oval:org.mitre.oval:def:5550
https://exchange.xforce.ibmcloud.com/vulnerabilities/7860
XF:hp-rcmnds-gain-privileges(7860)
CVE-1999-1574
Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings."
2005-04-21
2017-07-10
CVE-1999-1574
http://www-1.ibm.com/support/search.wss?rs=0&q=IX79909&apar=only
AIXAPAR:IX79909
http://www.kb.cert.org/vuls/id/182777
CERT-VN:VU#182777
https://exchange.xforce.ibmcloud.com/vulnerabilities/7867
XF:aix-nslookup-lex-bo(7867)
CVE-1999-1575
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
2005-04-21
2018-10-12
CVE-1999-1575
http://www.securityfocus.com/archive/1/28719
BUGTRAQ:19990924 Several ActiveX Buffer Overruns
http://www.kb.cert.org/vuls/id/23412
CERT-VN:VU#23412
http://www.kb.cert.org/vuls/id/24839
CERT-VN:VU#24839
http://www.kb.cert.org/vuls/id/26924
CERT-VN:VU#26924
http://www.kb.cert.org/vuls/id/41408
CERT-VN:VU#41408
http://www.kb.cert.org/vuls/id/9162
CERT-VN:VU#9162
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-037
MS:MS99-037
https://exchange.xforce.ibmcloud.com/vulnerabilities/7097
XF:wang-kodak-activex-control(7097)
CVE-1999-1576
Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader 4.0 allows remote attackers to execute arbitrary code via the pdf.setview method.
2005-04-21
2017-07-10
CVE-1999-1576
http://www.securityfocus.com/bid/666
BID:666
http://www.securityfocus.com/archive/1/28719
BUGTRAQ:19990924 Several ActiveX Buffer Overruns
http://www.kb.cert.org/vuls/id/25919
CERT-VN:VU#25919
https://exchange.xforce.ibmcloud.com/vulnerabilities/3318
XF:adobe-acrobat-pdf-bo(3318)
CVE-1999-1577
Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method.
2005-04-21
2017-07-10
CVE-1999-1577
http://www.securityfocus.com/bid/669
BID:669
http://www.securityfocus.com/archive/1/28719
BUGTRAQ:19990924 Several ActiveX Buffer Overruns
http://www.kb.cert.org/vuls/id/29795
CERT-VN:VU#29795
https://exchange.xforce.ibmcloud.com/vulnerabilities/3314
XF:ie-hhopen-bo(3314)
CVE-1999-1578
Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, InvokeRegWizard) 3.0.0.0 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands.
2005-04-21
2017-07-10
CVE-1999-1578
http://www.securityfocus.com/bid/671
BID:671
http://www.securityfocus.com/archive/1/28719
BUGTRAQ:19990924 Several ActiveX Buffer Overruns
http://www.kb.cert.org/vuls/id/37556
CERT-VN:VU#37556
https://exchange.xforce.ibmcloud.com/vulnerabilities/3311
XF:ie-registration-wiz-bo(3311)
CVE-1999-1579
The Cenroll ActiveX control (xenroll.dll) for Terminal Server Editions of Windows NT 4.0 and Windows NT Server 4.0 before SP6 allows remote attackers to cause a denial of service (resource consumption) by creating a large number of arbitrary files on the target machine.
2005-04-21
2017-07-10
CVE-1999-1579
http://www.securityfocus.com/bid/6827
BID:6827
http://www.kb.cert.org/vuls/id/3062
CERT-VN:VU#3062
http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;242366
MSKB:Q242366
https://exchange.xforce.ibmcloud.com/vulnerabilities/7107
XF:winnt-xenroll-dos(7107)
CVE-1999-1580
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.
2005-04-21
2021-06-15
CVE-1999-1580
http://www.auscert.org.au/render.html?it=1853&cid=1978
AUSCERT:AA-95.09
http://www.securityfocus.com/bid/7829
BID:7829
http://www.cert.org/advisories/CA-95.11.sun.sendmail-oR.vul
CERT:CA-1995-11
http://www.kb.cert.org/vuls/id/3278
CERT-VN:VU#3278
http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-21.html
MISC:http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-21.html
CVE-1999-1581
Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Service Pack 4 allows remote attackers to cause a denial of service (memory consumption) via a large number of SNMP packets with Object Identifiers (OIDs) that cannot be decoded.
2005-04-21
2017-07-10
CVE-1999-1581
http://www.kb.cert.org/vuls/id/4923
CERT-VN:VU#4923
http://support.microsoft.com/kb/q178381/
MSKB:Q178381
https://exchange.xforce.ibmcloud.com/vulnerabilities/8231
XF:winnt-snmp-oid-memory-leak(8231)
CVE-1999-1582
By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality.
2005-04-21
2017-07-10
CVE-1999-1582
http://www.kb.cert.org/vuls/id/6733
CERT-VN:VU#6733
http://www.cisco.com/warp/public/707/pixest-pub.shtml
CISCO:19980715 PIX Firewall "established" Command
https://exchange.xforce.ibmcloud.com/vulnerabilities/8052
XF:cisco-pix-established-bypass(8052)
CVE-1999-1583
Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument.
2005-04-21
2017-07-10
CVE-1999-1583
http://www-1.ibm.com/support/search.wss?rs=0&q=IY02120&apar=only
AIXAPAR:IY02120
http://www.kb.cert.org/vuls/id/872443
CERT-VN:VU#872443
https://exchange.xforce.ibmcloud.com/vulnerabilities/8031
XF:aix-nslookup-hostname-bo(8031)
CVE-1999-1584
Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586.
2005-08-30
2005-11-02
CVE-1999-1584
http://www.cert.org/advisories/CA-1993-18.html
CERT:CA-93.18
http://sunsolve.sun.com/search/document.do?assetkey=1-22-00124-1
SUN:00124
CVE-1999-1585
The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges.
2005-08-30
CVE-1999-1585
http://sunsolve.sun.com/search/document.do?assetkey=1-22-00124-1
SUN:00124
CVE-1999-1586
loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584.
2005-08-30
2017-07-10
CVE-1999-1586
http://www.cert.org/advisories/CA-1995-12.html
CERT:CA-95.12
http://www.ciac.org/ciac/bulletins/g-02.shtml
CIAC:G-02
https://exchange.xforce.ibmcloud.com/vulnerabilities/498
XF:sun-loadmodule(498)
CVE-1999-1587
/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option.
2006-03-28
2017-10-18
CVE-1999-1587
http://www.securityfocus.com/bid/19662
BID:19662
http://www.sunmanagers.org/archives/1996/1383.html
MISC:http://www.sunmanagers.org/archives/1996/1383.html
http://www.osvdb.org/24200
OSVDB:24200
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1470
OVAL:oval:org.mitre.oval:def:1470
http://securitytracker.com/id?1015833
SECTRACK:1015833
http://secunia.com/advisories/19426
SECUNIA:19426
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102215-1
SUNALERT:102215
http://www.vupen.com/english/advisories/2006/1123
VUPEN:ADV-2006-1123
https://exchange.xforce.ibmcloud.com/vulnerabilities/25460
XF:solaris-ps-information-disclosure(25460)
CVE-1999-1588
Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766.
2006-04-21
CVE-1999-1588
http://www.securityfocus.com/bid/2319
BID:2319
http://lsd-pl.net/files/get?SOLARIS/solx86_nlps_server
MISC:http://lsd-pl.net/files/get?SOLARIS/solx86_nlps_server
http://security-protocols.com/sploits/unsorted_exploits/nlps_server.c
MISC:http://security-protocols.com/sploits/unsorted_exploits/nlps_server.c
http://www.securityfocus.com/data/vulnerabilities/exploits/nlps_server.c
MISC:http://www.securityfocus.com/data/vulnerabilities/exploits/nlps_server.c
CVE-1999-1589
Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.
2006-06-15
CVE-1999-1589
AIXAPAR:IX26997
http://www.securityfocus.com/bid/357
BID:357
http://www.cert.org/advisories/CA-1992-10.html
CERT:CA-1992-10
CVE-1999-1590
Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021.
2006-12-03
CVE-1999-1590
http://seclists.org/bugtraq/1997/Oct/0058.html
BUGTRAQ:19971010 Security flaw in Count.cgi (wwwcount)
CVE-1999-1591
Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0.
2007-07-05
CVE-1999-1591
http://www.securityfocus.com/bid/190
BID:190
http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00276.html
NTBUGTRAQ:19990118 IIS4.0 and Visual Interdev
http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00277.html
NTBUGTRAQ:19990119 Re: IIS4.0 and Visual Interdev
CVE-1999-1592
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.
2007-07-12
CVE-1999-1592
http://www.securityfocus.com/bid/243
BID:243
http://sunsolve.sun.com/search/document.do?assetkey=1-22-00159-1
SUN:00159
CVE-1999-1593
Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. NOTE: this problem may be limited when Windows 95/98 clients are used, or if the primary domain controller becomes unavailable.
2009-01-14
CVE-1999-1593
http://www.securityfocus.com/bid/2221
BID:2221
http://seclists.org/bugtraq/2001/Jan/0264.html
BUGTRAQ:20010117 Invalid WINS entries
http://seclists.org/bugtraq/2001/Jan/0269.html
BUGTRAQ:20010117 Re: Invalid WINS entries
http://seclists.org/bugtraq/2001/Jan/0274.html
BUGTRAQ:20010117 Re: Invalid WINS entries
http://seclists.org/bugtraq/2001/Jan/0276.html
BUGTRAQ:20010117 Re: Invalid WINS entries
http://seclists.org/bugtraq/2001/Jan/0271.html
BUGTRAQ:20010118 Re: Invalid WINS entries
http://seclists.org/bugtraq/2001/Jan/0289.html
BUGTRAQ:20010118 Re: Invalid WINS entries
http://seclists.org/bugtraq/2001/Jan/0298.html
BUGTRAQ:20010119 Re: Invalid WINS entries
https://www2.sans.org/reading_room/whitepapers/win2k/185.php
MISC:https://www2.sans.org/reading_room/whitepapers/win2k/185.php
http://archives.neohapsis.com/archives/ntbugtraq/1998-1999/msg00371.html
NTBUGTRAQ:19990302 NT Domain DoS and Security Exploit with SAMBA Server
CVE-1999-1594
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
2020-11-05
2020-11-05
CVE-1999-1594
CVE-1999-1595
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
2020-11-05
2020-11-05
CVE-1999-1595
CVE-1999-1596
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
2020-11-05
2020-11-05
CVE-1999-1596
CVE-1999-1597
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
2020-11-05
2020-11-05
CVE-1999-1597
CVE-1999-1598
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
2020-11-05
2020-11-05
CVE-1999-1598