| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-1999-0001 | ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of servic... | | |
| CVE-1999-0002 | Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.... | E S | |
| CVE-1999-0003 | Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).... | | |
| CVE-1999-0004 | MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.... | | |
| CVE-1999-0005 | Arbitrary command execution via IMAP buffer overflow in authenticate command.... | | |
| CVE-1999-0006 | Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root ... | | |
| CVE-1999-0007 | Information from SSL-encrypted sessions via PKCS #1.... | S | |
| CVE-1999-0008 | Buffer overflow in NIS+, in Sun's rpc.nisd program.... | | |
| CVE-1999-0009 | Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.... | | |
| CVE-1999-0010 | Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.... | | |
| CVE-1999-0011 | Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer... | | |
| CVE-1999-0012 | Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for fi... | | |
| CVE-1999-0013 | Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remo... | | |
| CVE-1999-0014 | Unauthorized privileged access or denial of service via dtappgather program in CDE.... | | |
| CVE-1999-0015 | Teardrop IP denial of service.... | | |
| CVE-1999-0016 | Land IP denial of service.... | | |
| CVE-1999-0017 | FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP clien... | | |
| CVE-1999-0018 | Buffer overflow in statd allows root privileges.... | E S | |
| CVE-1999-0019 | Delete or create a file via rpc.statd, due to invalid information.... | | |
| CVE-1999-0020 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candida... | R | |
| CVE-1999-0021 | Arbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program.... | | |
| CVE-1999-0022 | Local user gains root privileges via buffer overflow in rdist, via expstr() function.... | | |
| CVE-1999-0023 | Local user gains root privileges via buffer overflow in rdist, via lookup() function.... | | |
| CVE-1999-0024 | DNS cache poisoning via BIND, by predictable query IDs.... | | |
| CVE-1999-0025 | root privileges via buffer overflow in df command on SGI IRIX systems.... | | |
| CVE-1999-0026 | root privileges via buffer overflow in pset command on SGI IRIX systems.... | | |
| CVE-1999-0027 | root privileges via buffer overflow in eject command on SGI IRIX systems.... | | |
| CVE-1999-0028 | root privileges via buffer overflow in login/scheme command on SGI IRIX systems.... | | |
| CVE-1999-0029 | root privileges via buffer overflow in ordist command on SGI IRIX systems.... | | |
| CVE-1999-0030 | root privileges via buffer overflow in xlock command on SGI IRIX systems.... | | |
| CVE-1999-0031 | JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers ... | | |
| CVE-1999-0032 | Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute ... | | |
| CVE-1999-0033 | Command execution in Sun systems via buffer overflow in the at program.... | | |
| CVE-1999-0034 | Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.... | | |
| CVE-1999-0035 | Race condition in signal handling routine in ftpd, allowing read/write arbitrary files.... | | |
| CVE-1999-0036 | IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.... | | |
| CVE-1999-0037 | Arbitrary command execution via metamail package using message headers, when user processes attacker... | | |
| CVE-1999-0038 | Buffer overflow in xlock program allows local users to execute commands as root.... | | |
| CVE-1999-0039 | webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands ... | | |
| CVE-1999-0040 | Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root... | | |
| CVE-1999-0041 | Buffer overflow in NLS (Natural Language Service).... | | |
| CVE-1999-0042 | Buffer overflow in University of Washington's implementation of IMAP and POP servers.... | | |
| CVE-1999-0043 | Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" contro... | | |
| CVE-1999-0044 | fsdump command in IRIX allows local users to obtain root access by modifying sensitive files.... | | |
| CVE-1999-0045 | List of arbitrary files on Web host via nph-test-cgi script.... | | |
| CVE-1999-0046 | Buffer overflow of rlogin program using TERM environmental variable.... | | |
| CVE-1999-0047 | MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.... | | |
| CVE-1999-0048 | Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privi... | | |
| CVE-1999-0049 | Csetup under IRIX allows arbitrary file creation or overwriting.... | | |
| CVE-1999-0050 | Buffer overflow in HP-UX newgrp program.... | | |
| CVE-1999-0051 | Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0,... | | |
| CVE-1999-0052 | IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.... | | |
| CVE-1999-0053 | TCP RST denial of service in FreeBSD.... | | |
| CVE-1999-0054 | Sun's ftpd daemon can be subjected to a denial of service.... | | |
| CVE-1999-0055 | Buffer overflows in Sun libnsl allow root access.... | | |
| CVE-1999-0056 | Buffer overflow in Sun's ping program can give root access to local users.... | | |
| CVE-1999-0057 | Vacation program allows command execution by remote users through a sendmail command.... | | |
| CVE-1999-0058 | Buffer overflow in PHP cgi program, php.cgi allows shell access.... | | |
| CVE-1999-0059 | IRIX fam service allows an attacker to obtain a list of all files on the server.... | | |
| CVE-1999-0060 | Attackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet t... | | |
| CVE-1999-0061 | File creation and deletion, and remote execution, in the BSD line printer daemon (lpd).... | | |
| CVE-1999-0062 | The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakag... | | |
| CVE-1999-0063 | Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port.... | | |
| CVE-1999-0064 | Buffer overflow in AIX lquerylv program gives root access to local users.... | | |
| CVE-1999-0065 | Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute comm... | | |
| CVE-1999-0066 | AnyForm CGI remote execution.... | | |
| CVE-1999-0067 | phf CGI program allows remote command execution through shell metacharacters.... | | |
| CVE-1999-0068 | CGI PHP mylog script allows an attacker to read any file on the target server.... | | |
| CVE-1999-0069 | Solaris ufsrestore buffer overflow.... | | |
| CVE-1999-0070 | test-cgi program allows an attacker to list files on the server.... | | |
| CVE-1999-0071 | Apache httpd cookie buffer overflow for versions 1.1.1 and earlier.... | | |
| CVE-1999-0072 | Buffer overflow in AIX xdat gives root access to local users.... | | |
| CVE-1999-0073 | Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing a... | | |
| CVE-1999-0074 | Listening TCP ports are sequentially allocated, allowing spoofing attacks.... | | |
| CVE-1999-0075 | PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username... | | |
| CVE-1999-0076 | Buffer overflow in wu-ftp from PASV command causes a core dump.... | | |
| CVE-1999-0077 | Predictable TCP sequence numbers allow spoofing.... | | |
| CVE-1999-0078 | pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands... | | |
| CVE-1999-0079 | Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the... | | |
| CVE-1999-0080 | Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dan... | | |
| CVE-1999-0081 | wu-ftp allows files to be overwritten via the rnfr command.... | | |
| CVE-1999-0082 | CWD ~root command in ftpd allows root access.... | | |
| CVE-1999-0083 | getcwd() file descriptor leak in FTP.... | | |
| CVE-1999-0084 | Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device a... | | |
| CVE-1999-0085 | Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbit... | | |
| CVE-1999-0086 | AIX routed allows remote users to modify sensitive files.... | | |
| CVE-1999-0087 | Denial of service in AIX telnet can freeze a system and prevent users from accessing the server.... | | |
| CVE-1999-0088 | IRIX and AIX automountd services (autofsd) allow remote users to execute root commands.... | | |
| CVE-1999-0089 | Buffer overflow in AIX libDtSvc library can allow local users to gain root access.... | | |
| CVE-1999-0090 | Buffer overflow in AIX rcp command allows local users to obtain root access.... | | |
| CVE-1999-0091 | Buffer overflow in AIX writesrv command allows local users to obtain root access.... | | |
| CVE-1999-0092 | Various vulnerabilities in the AIX portmir command allows local users to obtain root access.... | | |
| CVE-1999-0093 | AIX nslookup command allows local users to obtain root access by not dropping privileges correctly.... | | |
| CVE-1999-0094 | AIX piodmgrsu command allows local users to gain additional group privileges.... | | |
| CVE-1999-0095 | The debug command in Sendmail is enabled, allowing attackers to execute commands as root.... | | |
| CVE-1999-0096 | Sendmail decode alias can be used to overwrite sensitive files.... | | |
| CVE-1999-0097 | The AIX FTP client can be forced to execute commands from a malicious server through shell metachara... | | |
| CVE-1999-0098 | Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities.... | | |
| CVE-1999-0099 | Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.... | | |
| CVE-1999-0100 | Remote access in AIX innd 1.5.1, using control messages.... | | |
| CVE-1999-0101 | Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt D... | | |
| CVE-1999-0102 | Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line.... | | |
| CVE-1999-0103 | Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, ... | | |
| CVE-1999-0104 | A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.... | | |
| CVE-1999-0105 | finger allows recursive searches by using a long string of @ symbols.... | | |
| CVE-1999-0106 | Finger redirection allows finger bombs.... | | |
| CVE-1999-0107 | Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service wi... | | |
| CVE-1999-0108 | The printers program in IRIX has a buffer overflow that gives root access to local users.... | | |
| CVE-1999-0109 | Buffer overflow in ffbconfig in Solaris 2.5.1.... | | |
| CVE-1999-0110 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0315. Reason: This candida... | R | |
| CVE-1999-0111 | RIP v1 is susceptible to spoofing.... | | |
| CVE-1999-0112 | Buffer overflow in AIX dtterm program for the CDE.... | | |
| CVE-1999-0113 | Some implementations of rlogin allow root access if given a -froot parameter.... | | |
| CVE-1999-0114 | Local users can execute commands as other users, and read other users' files, through the filter com... | | |
| CVE-1999-0115 | AIX bugfiler program allows local users to gain root access.... | | |
| CVE-1999-0116 | Denial of service when an attacker sends many SYN packets to create multiple connections without eve... | | |
| CVE-1999-0117 | AIX passwd allows local users to gain root access.... | | |
| CVE-1999-0118 | AIX infod allows local users to gain root access through an X display.... | | |
| CVE-1999-0119 | Windows NT 4.0 beta allows users to read and delete shares.... | | |
| CVE-1999-0120 | Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than r... | | |
| CVE-1999-0121 | Buffer overflow in dtaction command gives root access.... | | |
| CVE-1999-0122 | Buffer overflow in AIX lchangelv gives root access.... | | |
| CVE-1999-0123 | Race condition in Linux mailx command allows local users to read user files.... | | |
| CVE-1999-0124 | Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files... | | |
| CVE-1999-0125 | Buffer overflow in SGI IRIX mailx program.... | | |
| CVE-1999-0126 | SGI IRIX buffer overflow in xterm and Xaw allows root access.... | | |
| CVE-1999-0127 | swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or ove... | | |
| CVE-1999-0128 | Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.... | | |
| CVE-1999-0129 | Sendmail allows local users to write to a file and gain group permissions via a .forward or :include... | | |
| CVE-1999-0130 | Local users can start Sendmail in daemon mode and gain root privileges.... | | |
| CVE-1999-0131 | Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root a... | | |
| CVE-1999-0132 | Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root acce... | | |
| CVE-1999-0133 | fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain ... | | |
| CVE-1999-0134 | vold in Solaris 2.x allows local users to gain root access.... | | |
| CVE-1999-0135 | admintool in Solaris allows a local user to write to arbitrary files and gain root access.... | | |
| CVE-1999-0136 | Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and ... | | |
| CVE-1999-0137 | The dip program on many Linux systems allows local users to gain root access via a buffer overflow.... | | |
| CVE-1999-0138 | The suidperl and sperl program do not give up root privileges when changing UIDs back to the origina... | | |
| CVE-1999-0139 | Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access.... | | |
| CVE-1999-0140 | Denial of service in RAS/PPTP on NT systems.... | | |
| CVE-1999-0141 | Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the app... | | |
| CVE-1999-0142 | The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1... | | |
| CVE-1999-0143 | Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys... | | |
| CVE-1999-0144 | Denial of service in Qmail by specifying a large number of recipients with the RCPT command.... | | |
| CVE-1999-0145 | Sendmail WIZ command enabled, allowing root access.... | | |
| CVE-1999-0146 | The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary c... | | |
| CVE-1999-0147 | The aglimpse CGI program of the Glimpse package allows remote execution of arbitrary commands.... | | |
| CVE-1999-0148 | The handler CGI program in IRIX allows arbitrary command execution.... | | |
| CVE-1999-0149 | The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (... | | |
| CVE-1999-0150 | The Perl fingerd program allows arbitrary command execution from remote users.... | | |
| CVE-1999-0151 | The SATAN session key may be disclosed if the user points the web browser to other sites, possibly a... | | |
| CVE-1999-0152 | The DG/UX finger daemon allows remote command execution through shell metacharacters.... | | |
| CVE-1999-0153 | Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.... | | |
| CVE-1999-0154 | IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot)... | | |
| CVE-1999-0155 | The ghostscript command with the -dSAFER option allows remote attackers to execute commands.... | | |
| CVE-1999-0156 | wu-ftpd FTP daemon allows any user and password combination.... | | |
| CVE-1999-0157 | Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service.... | | |
| CVE-1999-0158 | Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM s... | S | |
| CVE-1999-0159 | Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (su... | | |
| CVE-1999-0160 | Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unau... | | |
| CVE-1999-0161 | In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could by... | | |
| CVE-1999-0162 | The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering.... | | |
| CVE-1999-0163 | In older versions of Sendmail, an attacker could use a pipe character to execute root commands.... | | |
| CVE-1999-0164 | A race condition in the Solaris ps command allows an attacker to overwrite critical files.... | | |
| CVE-1999-0165 | NFS cache poisoning.... | | |
| CVE-1999-0166 | NFS allows users to use a "cd .." command to access other directories besides the exported file syst... | | |
| CVE-1999-0167 | In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system.... | | |
| CVE-1999-0168 | The portmapper may act as a proxy and redirect service requests from an attacker, making the request... | | |
| CVE-1999-0169 | NFS allows attackers to read and write any file on the system by specifying a false UID.... | | |
| CVE-1999-0170 | Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access l... | | |
| CVE-1999-0171 | Denial of service in syslog by sending it a large number of superfluous messages.... | | |
| CVE-1999-0172 | FormMail CGI program allows remote execution of commands.... | | |
| CVE-1999-0173 | FormMail CGI program can be used by web servers other than the host server that the program resides ... | | |
| CVE-1999-0174 | The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attac... | | |
| CVE-1999-0175 | The convert.bas program in the Novell web server allows a remote attackers to read any file on the s... | | |
| CVE-1999-0176 | The Webgais program allows a remote user to execute arbitrary commands.... | | |
| CVE-1999-0177 | The uploader program in the WebSite web server allows a remote attacker to execute arbitrary program... | | |
| CVE-1999-0178 | Buffer overflow in the win-c-sample program (win-c-sample.exe) in the WebSite web server 1.1e allows... | | |
| CVE-1999-0179 | Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share.... | | |
| CVE-1999-0180 | in.rshd allows users to login with a NULL username and execute commands.... | | |
| CVE-1999-0181 | The wall daemon can be used for denial of service, social engineering attacks, or to execute remote ... | | |
| CVE-1999-0182 | Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a lon... | | |
| CVE-1999-0183 | Linux implementations of TFTP would allow access to files outside the restricted directory.... | | |
| CVE-1999-0184 | When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowi... | | |
| CVE-1999-0185 | In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server ... | | |
| CVE-1999-0186 | In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute ... | | |
| CVE-1999-0187 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0022. Reason: This candida... | R | |
| CVE-1999-0188 | The passwd command in Solaris can be subjected to a denial of service.... | | |
| CVE-1999-0189 | Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard po... | | |
| CVE-1999-0190 | Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access.... | | |
| CVE-1999-0191 | IIS newdsn.exe CGI script allows remote users to overwrite files.... | | |
| CVE-1999-0192 | Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the... | | |
| CVE-1999-0193 | Denial of service in Ascend and 3com routers, which can be rebooted by sending a zero length TCP opt... | | |
| CVE-1999-0194 | Denial of service in in.comsat allows attackers to generate messages.... | | |
| CVE-1999-0195 | Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof... | | |
| CVE-1999-0196 | websendmail in Webgais 1.0 allows a remote user to access arbitrary files and execute arbitrary code... | | |
| CVE-1999-0197 | finger 0@host on some systems may print information on some user accounts.... | | |
| CVE-1999-0198 | finger .@host on some systems may print information on some user accounts.... | | |
| CVE-1999-0199 | manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecifi... | E S | |
| CVE-1999-0200 | Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to... | | |
| CVE-1999-0201 | A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user.... | | |
| CVE-1999-0202 | The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands.... | | |
| CVE-1999-0203 | In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" addre... | | |
| CVE-1999-0204 | Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.... | | |
| CVE-1999-0205 | Denial of service in Sendmail 8.6.11 and 8.6.12.... | | |
| CVE-1999-0206 | MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.... | | |
| CVE-1999-0207 | Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" comman... | | |
| CVE-1999-0208 | rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.... | | |
| CVE-1999-0209 | The SunView (SunTools) selection_svc facility allows remote users to read files.... | | |
| CVE-1999-0210 | Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters... | S | |
| CVE-1999-0211 | Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mount... | | |
| CVE-1999-0212 | Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are... | S | |
| CVE-1999-0213 | libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind.... | | |
| CVE-1999-0214 | Denial of service by sending forged ICMP unreachable packets.... | | |
| CVE-1999-0215 | Routed allows attackers to append data to files.... | | |
| CVE-1999-0216 | Denial of service of inetd on Linux through SYN and RST packets.... | | |
| CVE-1999-0217 | Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems.... | | |
| CVE-1999-0218 | Livingston portmaster machines could be rebooted via a series of commands.... | | |
| CVE-1999-0219 | Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (cr... | | |
| CVE-1999-0220 | Attackers can do a denial of service of IRC by crashing the server.... | | |
| CVE-1999-0221 | Denial of service of Ascend routers through port 150 (remote administration).... | | |
| CVE-1999-0222 | Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL.... | | |
| CVE-1999-0223 | Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.... | | |
| CVE-1999-0224 | Denial of service in Windows NT messenger service through a long username.... | | |
| CVE-1999-0225 | Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon reques... | S | |
| CVE-1999-0226 | Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service.... | | |
| CVE-1999-0227 | Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.... | | |
| CVE-1999-0228 | Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT.... | | |
| CVE-1999-0229 | Denial of service in Windows NT IIS server using ..\..... | | |
| CVE-1999-0230 | Buffer overflow in Cisco 7xx routers through the telnet service.... | | |
| CVE-1999-0231 | Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, c... | | |
| CVE-1999-0232 | Buffer overflow in NCSA WebServer (version 1.5c) gives remote access.... | | |
| CVE-1999-0233 | IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.... | | |
| CVE-1999-0234 | Bash treats any character with a value of 255 as a command separator.... | | |
| CVE-1999-0235 | Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote access.... | | |
| CVE-1999-0236 | ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.... | | |
| CVE-1999-0237 | Remote execution of arbitrary commands through Guestbook CGI program.... | | |
| CVE-1999-0238 | php.cgi allows attackers to read any file on the system.... | | |
| CVE-1999-0239 | Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an upper... | | |
| CVE-1999-0240 | Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their i... | | |
| CVE-1999-0241 | Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm... | | |
| CVE-1999-0242 | Remote attackers can access mail files via POP3 in some Linux systems that are using shadow password... | | |
| CVE-1999-0243 | Linux cfingerd could be exploited to gain root access.... | | |
| CVE-1999-0244 | Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root.... | | |
| CVE-1999-0245 | Some configurations of NIS+ in Linux allowed attackers to log in as the user "+".... | | |
| CVE-1999-0246 | HP Remote Watch allows a remote user to gain root access.... | | |
| CVE-1999-0247 | Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary c... | | |
| CVE-1999-0248 | A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal an... | | |
| CVE-1999-0249 | Windows NT RSHSVC program allows remote users to execute arbitrary commands.... | | |
| CVE-1999-0250 | Denial of service in Qmail through long SMTP commands.... | | |
| CVE-1999-0251 | Denial of service in talk program allows remote attackers to disrupt a user's display.... | | |
| CVE-1999-0252 | Buffer overflow in listserv allows arbitrary command execution.... | | |
| CVE-1999-0253 | IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP progra... | | |
| CVE-1999-0254 | A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtai... | | |
| CVE-1999-0255 | Buffer overflow in ircd allows arbitrary command execution.... | | |
| CVE-1999-0256 | Buffer overflow in War FTP allows remote execution of commands.... | | |
| CVE-1999-0257 | Nestea variation of teardrop IP fragmentation denial of service.... | | |
| CVE-1999-0258 | Bonk variation of teardrop IP fragmentation denial of service.... | | |
| CVE-1999-0259 | cfingerd lists all users on a system via search.**@target.... | | |
| CVE-1999-0260 | The jj CGI program allows command execution via shell metacharacters.... | | |
| CVE-1999-0261 | Netmanager Chameleon SMTPd has several buffer overflows that cause a crash.... | | |
| CVE-1999-0262 | Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shel... | | |
| CVE-1999-0263 | Solaris SUNWadmap can be exploited to obtain root access.... | | |
| CVE-1999-0264 | htmlscript CGI program allows remote read access to files.... | | |
| CVE-1999-0265 | ICMP redirect messages may crash or lock up a host.... | | |
| CVE-1999-0266 | The info2www CGI script allows remote file access or remote command execution.... | | |
| CVE-1999-0267 | Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution.... | | |
| CVE-1999-0268 | MetaInfo MetaWeb web server allows users to upload, execute, and read scripts.... | | |
| CVE-1999-0269 | Netscape Enterprise servers may list files through the PageServices query.... | | |
| CVE-1999-0270 | Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") fo... | | |
| CVE-1999-0271 | Progressive Networks Real Video server (pnserver) can be crashed remotely.... | | |
| CVE-1999-0272 | Denial of service in Slmail v2.5 through the POP3 port.... | | |
| CVE-1999-0273 | Denial of service through Solaris 2.5.1 telnet by sending ^D characters.... | | |
| CVE-1999-0274 | Denial of service in Windows NT DNS servers through malicious packet which contains a response to a ... | | |
| CVE-1999-0275 | Denial of service in Windows NT DNS servers by flooding port 53 with too many characters.... | | |
| CVE-1999-0276 | mSQL v2.0.1 and below allows remote execution through a buffer overflow.... | | |
| CVE-1999-0277 | The WorkMan program can be used to overwrite any file to get root access.... | | |
| CVE-1999-0278 | In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL.... | | |
| CVE-1999-0279 | Excite for Web Servers (EWS) allows remote command execution via shell metacharacters.... | | |
| CVE-1999-0280 | Remote command execution in Microsoft Internet Explorer using .lnk and .url files.... | | |
| CVE-1999-0281 | Denial of service in IIS using long URLs.... | | |
| CVE-1999-0282 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1584, CVE-1999-1586. Reaso... | R | |
| CVE-1999-0283 | The Java Web Server would allow remote users to obtain the source code for CGI programs.... | | |
| CVE-1999-0284 | Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer over... | | |
| CVE-1999-0285 | Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a ... | | |
| CVE-1999-0286 | In some NT web servers, appending a space at the end of a URL may allow attackers to read source cod... | | |
| CVE-1999-0287 | Vulnerability in the Wguest CGI program.... | | |
| CVE-1999-0288 | The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of ... | | |
| CVE-1999-0289 | The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to... | | |
| CVE-1999-0290 | The WinGate telnet proxy allows remote attackers to cause a denial of service via a large number of ... | | |
| CVE-1999-0291 | The WinGate proxy is installed without a password, which allows remote attackers to redirect connect... | | |
| CVE-1999-0292 | Denial of service through Winpopup using large user names.... | | |
| CVE-1999-0293 | AAA authentication on Cisco systems allows attackers to execute commands without authorization.... | | |
| CVE-1999-0294 | All records in a WINS database can be deleted through SNMP for a denial of service.... | | |
| CVE-1999-0295 | Solaris sysdef command allows local users to read kernel memory, potentially leading to root privile... | | |
| CVE-1999-0296 | Solaris volrmmount program allows attackers to read any file.... | | |
| CVE-1999-0297 | Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via... | | |
| CVE-1999-0298 | ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remo... | | |
| CVE-1999-0299 | Buffer overflow in FreeBSD lpd through long DNS hostnames.... | | |
| CVE-1999-0300 | nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers.... | | |
| CVE-1999-0301 | Buffer overflow in SunOS/Solaris ps command.... | | |
| CVE-1999-0302 | SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server.... | | |
| CVE-1999-0303 | Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.... | | |
| CVE-1999-0304 | mmap function in BSD allows local attackers in the kmem group to modify memory through devices.... | | |
| CVE-1999-0305 | The system configuration control (sysctl) facility in BSD based operating systems OpenBSD 2.2 and ea... | | |
| CVE-1999-0306 | buffer overflow in HP xlock program.... | | |
| CVE-1999-0307 | Buffer overflow in HP-UX cstm program allows local users to gain root privileges.... | | |
| CVE-1999-0308 | HP-UX gwind program allows users to modify arbitrary files.... | | |
| CVE-1999-0309 | HP-UX vgdisplay program gives root access to local users.... | | |
| CVE-1999-0310 | SSH 1.2.25 on HP-UX allows access to new user accounts.... | | |
| CVE-1999-0311 | fpkg2swpk in HP-UX allows local users to gain root access.... | | |
| CVE-1999-0312 | HP ypbind allows attackers with root privileges to modify NIS data.... | | |
| CVE-1999-0313 | disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using re... | | |
| CVE-1999-0314 | ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative... | | |
| CVE-1999-0315 | Buffer overflow in Solaris fdformat command gives root access to local users.... | | |
| CVE-1999-0316 | Buffer overflow in Linux splitvt command gives root access to local users.... | | |
| CVE-1999-0317 | Buffer overflow in Linux su command gives root access to local users.... | | |
| CVE-1999-0318 | Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.... | | |
| CVE-1999-0319 | Buffer overflow in xmcd 2.1 allows local users to gain access through a user resource setting.... | | |
| CVE-1999-0320 | SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files.... | | |
| CVE-1999-0321 | Buffer overflow in Solaris kcms_configure command allows local users to gain root access.... | | |
| CVE-1999-0322 | The open() function in FreeBSD allows local attackers to write to arbitrary files.... | | |
| CVE-1999-0323 | FreeBSD mmap function allows users to modify append-only or immutable files.... | | |
| CVE-1999-0324 | ppl program in HP-UX allows local users to create root files through symlinks.... | | |
| CVE-1999-0325 | vhe_u_mnt program in HP-UX allows local users to create root files through symlinks.... | | |
| CVE-1999-0326 | Vulnerability in HP-UX mediainit program.... | | |
| CVE-1999-0327 | SGI syserr program allows local users to corrupt files.... | | |
| CVE-1999-0328 | SGI permissions program allows local users to gain root privileges.... | | |
| CVE-1999-0329 | SGI mediad program allows local users to gain root access.... | | |
| CVE-1999-0330 | Linux bdash game has a buffer overflow that allows local users to gain root access.... | | |
| CVE-1999-0331 | Buffer overflow in Internet Explorer 4.0(1).... | | |
| CVE-1999-0332 | Buffer overflow in NetMeeting allows denial of service and remote command execution.... | | |
| CVE-1999-0333 | HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can g... | | |
| CVE-1999-0334 | In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to o... | | |
| CVE-1999-0335 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate... | R | |
| CVE-1999-0336 | Buffer overflow in mstm in HP-UX allows local users to gain root access.... | | |
| CVE-1999-0337 | AIX batch queue (bsh) allows local and remote users to gain additional privileges when network print... | | |
| CVE-1999-0338 | AIX Licensed Program Product performance tools allow local users to gain root access.... | | |
| CVE-1999-0339 | Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, ... | | |
| CVE-1999-0340 | Buffer overflow in Linux Slackware crond program allows local users to gain root access.... | | |
| CVE-1999-0341 | Buffer overflow in the Linux mail program "deliver" allows local users to gain root access.... | | |
| CVE-1999-0342 | Linux PAM modules allow local users to gain root access using temporary files.... | | |
| CVE-1999-0343 | A malicious Palace server can force a client to execute arbitrary programs.... | | |
| CVE-1999-0344 | NT users can gain debug-level access on a system process using the Sechole exploit.... | | |
| CVE-1999-0345 | Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.... | | |
| CVE-1999-0346 | CGI PHP mlog script allows an attacker to read any file on the target server.... | | |
| CVE-1999-0347 | Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" c... | | |
| CVE-1999-0348 | IIS ASP caching problem releases sensitive information when two virtual servers share the same physi... | | |
| CVE-1999-0349 | A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of... | | |
| CVE-1999-0350 | Race condition in the db_loader program in ClearCase gives local users root access by setting SUID b... | | |
| CVE-1999-0351 | FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by ... | | |
| CVE-1999-0352 | ControlIT 4.5 and earlier (aka Remotely Possible) has weak password encryption.... | | |
| CVE-1999-0353 | rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool dire... | | |
| CVE-1999-0354 | Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the... | | |
| CVE-1999-0355 | Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a d... | | |
| CVE-1999-0356 | ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book.... | | |
| CVE-1999-0357 | Windows 98 and other operating systems allows remote attackers to cause a denial of service via craf... | | |
| CVE-1999-0358 | Digital Unix 4.0 has a buffer overflow in the inc program of the mh package.... | | |
| CVE-1999-0359 | ptylogin in Unix systems allows users to perform a denial of service by locking out modems, dial out... | | |
| CVE-1999-0360 | MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web si... | | |
| CVE-1999-0361 | NetWare version of LaserFiche stores usernames and passwords unencrypted, and allows administrative ... | | |
| CVE-1999-0362 | WS_FTP server remote denial of service through cwd command.... | | |
| CVE-1999-0363 | SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise.... | | |
| CVE-1999-0364 | Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to dat... | | |
| CVE-1999-0365 | The metamail package allows remote command execution using shell metacharacters that are not quoted ... | | |
| CVE-1999-0366 | In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank pa... | | |
| CVE-1999-0367 | NetBSD netstat command allows local users to access kernel memory.... | | |
| CVE-1999-0368 | Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto... | | |
| CVE-1999-0369 | The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root acc... | | |
| CVE-1999-0370 | In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary fi... | | |
| CVE-1999-0371 | Lynx allows a local user to overwrite sensitive files through /tmp symlinks.... | | |
| CVE-1999-0372 | The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini... | | |
| CVE-1999-0373 | Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows loca... | | |
| CVE-1999-0374 | Debian GNU/Linux cfengine package is susceptible to a symlink attack.... | | |
| CVE-1999-0375 | Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to e... | | |
| CVE-1999-0376 | Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to refe... | | |
| CVE-1999-0377 | Process table attack in Unix systems allows a remote attacker to perform a denial of service by fill... | | |
| CVE-1999-0378 | InterScan VirusWall for Solaris doesn't scan files for viruses when a single HTTP request includes t... | | |
| CVE-1999-0379 | Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via ce... | | |
| CVE-1999-0380 | SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Adm... | | |
| CVE-1999-0381 | super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local us... | | |
| CVE-1999-0382 | The screen saver in Windows NT does not verify that its security context has been changed properly, ... | | |
| CVE-1999-0383 | ACC Tigris allows public access without a login.... | | |
| CVE-1999-0384 | The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read ... | | |
| CVE-1999-0385 | The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduc... | S | |
| CVE-1999-0386 | Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a rem... | | |
| CVE-1999-0387 | A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to ... | | |
| CVE-1999-0388 | DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local user... | | |
| CVE-1999-0389 | Buffer overflow in the bootp server in the Debian Linux netstd package.... | | |
| CVE-1999-0390 | Buffer overflow in Dosemu Slang library in Linux.... | | |
| CVE-1999-0391 | The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowi... | | |
| CVE-1999-0392 | Buffer overflow in Thomas Boutell's cgic library version up to 1.05.... | | |
| CVE-1999-0393 | Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with ... | | |
| CVE-1999-0394 | DPEC Online Courseware allows an attacker to change another user's password without knowing the orig... | | |
| CVE-1999-0395 | A race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server.... | | |
| CVE-1999-0396 | A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attacke... | | |
| CVE-1999-0397 | The demo version of the Quakenbush NT Password Appraiser sends passwords across the network in plain... | | |
| CVE-1999-0398 | In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accou... | | |
| CVE-1999-0399 | The DCC server command in the Mirc 5.5 client doesn't filter characters from file names properly, al... | | |
| CVE-1999-0400 | Denial of service in Linux 2.2.0 running the ldd command on a core file.... | | |
| CVE-1999-0401 | A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.... | | |
| CVE-1999-0402 | wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.... | | |
| CVE-1999-0403 | A bug in Cyrix CPUs on Linux allows local users to perform a denial of service.... | | |
| CVE-1999-0404 | Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution.... | | |
| CVE-1999-0405 | A buffer overflow in lsof allows local users to obtain root privilege.... | | |
| CVE-1999-0406 | Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain roo... | | |
| CVE-1999-0407 | By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as prox... | | |
| CVE-1999-0408 | Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are wo... | | |
| CVE-1999-0409 | Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access.... | | |
| CVE-1999-0410 | The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain roo... | | |
| CVE-1999-0411 | Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, ... | | |
| CVE-1999-0412 | In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as ... | | |
| CVE-1999-0413 | A buffer overflow in the SGI X server allows local users to gain root access through the X server fo... | | |
| CVE-1999-0414 | In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the app... | | |
| CVE-1999-0415 | The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remo... | | |
| CVE-1999-0416 | Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TC... | | |
| CVE-1999-0417 | 64 bit Solaris 7 procfs allows local users to perform a denial of service.... | | |
| CVE-1999-0418 | Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses ... | | |
| CVE-1999-0419 | When the Microsoft SMTP service attempts to send a message to a server and receives a 4xx error code... | | |
| CVE-1999-0420 | umapfs allows local users to gain root privileges by changing their uid through a malicious mount_um... | | |
| CVE-1999-0421 | During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root acce... | E S | |
| CVE-1999-0422 | In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that h... | | |
| CVE-1999-0423 | Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges.... | | |
| CVE-1999-0424 | talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Nets... | | |
| CVE-1999-0425 | talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Nets... | | |
| CVE-1999-0426 | The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.... | | |
| CVE-1999-0427 | Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long f... | | |
| CVE-1999-0428 | OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.... | | |
| CVE-1999-0429 | The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the ... | | |
| CVE-1999-0430 | Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to per... | | |
| CVE-1999-0431 | Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a den... | | |
| CVE-1999-0432 | ftp on HP-UX 11.00 allows local users to gain privileges.... | | |
| CVE-1999-0433 | XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in re... | | |
| CVE-1999-0434 | XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restr... | S | |
| CVE-1999-0435 | MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM.... | | |
| CVE-1999-0436 | Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges.... | | |
| CVE-1999-0437 | Remote attackers can perform a denial of service in WebRamp systems by sending a malicious string to... | | |
| CVE-1999-0438 | Remote attackers can perform a denial of service in WebRamp systems by sending a malicious UDP packe... | | |
| CVE-1999-0439 | Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands... | | |
| CVE-1999-0440 | The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through m... | | |
| CVE-1999-0441 | Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the ... | | |
| CVE-1999-0442 | Solaris ff.core allows local users to modify files.... | | |
| CVE-1999-0443 | Patrol management software allows a remote attacker to conduct a replay attack to steal the administ... | | |
| CVE-1999-0444 | Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, fo... | | |
| CVE-1999-0445 | In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by in... | | |
| CVE-1999-0446 | Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unus... | | |
| CVE-1999-0447 | Local users can gain privileges using the debug utility in the MPE/iX operating system.... | | |
| CVE-1999-0448 | IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote atta... | | |
| CVE-1999-0449 | The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption... | | |
| CVE-1999-0450 | In IIS, an attacker could determine a real path using a request for a non-existent URL that would be... | | |
| CVE-1999-0451 | Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non... | | |
| CVE-1999-0452 | A service or application has a backdoor password that was placed there by the developer.... | | |
| CVE-1999-0453 | An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco... | | |
| CVE-1999-0454 | A remote attacker can sometimes identify the operating system of a host based on how it reacts to so... | | |
| CVE-1999-0455 | The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete ... | | |
| CVE-1999-0457 | Linux ftpwatch program allows local users to gain root privileges.... | | |
| CVE-1999-0458 | L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password inform... | | |
| CVE-1999-0459 | Local users can perform a denial of service in Alpha Linux, using MILO to force a reboot.... | | |
| CVE-1999-0460 | Buffer overflow in Linux autofs module through long directory names allows local users to perform a ... | | |
| CVE-1999-0461 | Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to in... | | |
| CVE-1999-0462 | suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users ... | S | |
| CVE-1999-0463 | Remote attackers can perform a denial of service using IRIX fcagent.... | | |
| CVE-1999-0464 | Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames.... | | |
| CVE-1999-0465 | Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter.... | | |
| CVE-1999-0466 | The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or wr... | | |
| CVE-1999-0467 | The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrar... | | |
| CVE-1999-0468 | Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system usi... | | |
| CVE-1999-0469 | Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web s... | | |
| CVE-1999-0470 | A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily d... | | |
| CVE-1999-0471 | The remote proxy server in Winroute allows a remote attacker to reconfigure the proxy without authen... | | |
| CVE-1999-0472 | The SNMP default community name "public" is not properly removed in NetApps C630 Netcache, even if t... | | |
| CVE-1999-0473 | The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's workin... | | |
| CVE-1999-0474 | The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's ... | | |
| CVE-1999-0475 | A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary fil... | | |
| CVE-1999-0476 | A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decr... | | |
| CVE-1999-0477 | The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload fil... | S | |
| CVE-1999-0478 | Denial of service in HP-UX sendmail 8.8.6 related to accepting connections.... | | |
| CVE-1999-0479 | Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems.... | | |
| CVE-1999-0480 | Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack.... | | |
| CVE-1999-0481 | Denial of service in "poll" in OpenBSD.... | | |
| CVE-1999-0482 | OpenBSD kernel crash through TSS handling, as caused by the crashme program.... | | |
| CVE-1999-0483 | OpenBSD crash using nlink value in FFS and EXT2FS filesystems.... | | |
| CVE-1999-0484 | Buffer overflow in OpenBSD ping.... | | |
| CVE-1999-0485 | Remote attackers can cause a system crash through ipintr() in ipq in OpenBSD.... | | |
| CVE-1999-0486 | Denial of service in AOL Instant Messenger when a remote attacker sends a malicious hyperlink to the... | | |
| CVE-1999-0487 | The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files.... | | |
| CVE-1999-0488 | Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different se... | | |
| CVE-1999-0489 | MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file uplo... | | |
| CVE-1999-0490 | MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user... | | |
| CVE-1999-0491 | The prompt parsing in bash allows a local user to execute commands as another user by creating a dir... | S | |
| CVE-1999-0492 | The ffingerd 1.19 allows remote attackers to identify users on the target system based on its respon... | | |
| CVE-1999-0493 | rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON ... | S | |
| CVE-1999-0494 | Denial of service in WinGate proxy through a buffer overflow in POP3.... | | |
| CVE-1999-0495 | A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares.... | | |
| CVE-1999-0496 | A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regard... | | |
| CVE-1999-0497 | Anonymous FTP is enabled.... | | |
| CVE-1999-0498 | TFTP is not running in a restricted directory, allowing a remote attacker to access sensitive inform... | | |
| CVE-1999-0499 | NETBIOS share information may be published through SNMP registry keys in NT.... | | |
| CVE-1999-0501 | A Unix account has a guessable password.... | | |
| CVE-1999-0502 | A Unix account has a default, null, blank, or missing password.... | | |
| CVE-1999-0503 | A Windows NT local user or administrator account has a guessable password.... | | |
| CVE-1999-0504 | A Windows NT local user or administrator account has a default, null, blank, or missing password.... | | |
| CVE-1999-0505 | A Windows NT domain user or administrator account has a guessable password.... | | |
| CVE-1999-0506 | A Windows NT domain user or administrator account has a default, null, blank, or missing password.... | | |
| CVE-1999-0507 | An account on a router, firewall, or other network device has a guessable password.... | | |
| CVE-1999-0508 | An account on a router, firewall, or other network device has a default, null, blank, or missing pas... | | |
| CVE-1999-0509 | Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, whi... | | |
| CVE-1999-0510 | A router or firewall allows source routed packets from arbitrary hosts.... | | |
| CVE-1999-0511 | IP forwarding is enabled on a machine which is not a router or firewall.... | | |
| CVE-1999-0512 | A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers.... | | |
| CVE-1999-0513 | ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denia... | | |
| CVE-1999-0514 | UDP messages to broadcast addresses are allowed, allowing for a Fraggle attack that can cause a deni... | | |
| CVE-1999-0515 | An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign i... | | |
| CVE-1999-0516 | An SNMP community name is guessable.... | | |
| CVE-1999-0517 | An SNMP community name is the default (e.g. public), null, or missing.... | | |
| CVE-1999-0518 | A NETBIOS/SMB share password is guessable.... | | |
| CVE-1999-0519 | A NETBIOS/SMB share password is the default, null, or missing.... | | |
| CVE-1999-0520 | A system-critical NETBIOS/SMB share has inappropriate access control.... | | |
| CVE-1999-0521 | An NIS domain name is easily guessable.... | | |
| CVE-1999-0522 | The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate.... | | |
| CVE-1999-0523 | ICMP echo (ping) is allowed from arbitrary hosts.... | | |
| CVE-1999-0524 | ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.... | | |
| CVE-1999-0525 | IP traceroute is allowed from arbitrary hosts.... | | |
| CVE-1999-0526 | An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to co... | | |
| CVE-1999-0527 | The permissions for system-critical data in an anonymous FTP account are inappropriate. For example... | | |
| CVE-1999-0528 | A router or firewall forwards external packets that claim to come from inside the network that the r... | | |
| CVE-1999-0529 | A router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.... | | |
| CVE-1999-0530 | A system is operating in "promiscuous" mode which allows it to perform packet sniffing.... | | |
| CVE-1999-0531 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0532 | A DNS server allows zone transfers.... | | |
| CVE-1999-0533 | A DNS server allows inverse queries.... | | |
| CVE-1999-0534 | A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backu... | | |
| CVE-1999-0535 | A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for pa... | | |
| CVE-1999-0537 | A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of... | | |
| CVE-1999-0539 | A trust relationship exists between two Unix hosts.... | | |
| CVE-1999-0541 | A password for accessing a WWW URL is guessable.... | | |
| CVE-1999-0546 | The Windows NT guest account is enabled.... | | |
| CVE-1999-0547 | An SSH server allows authentication through the .rhosts file.... | | |
| CVE-1999-0548 | A superfluous NFS server is running, but it is not importing or exporting any file systems.... | | |
| CVE-1999-0549 | Windows NT automatically logs in an administrator upon rebooting.... | | |
| CVE-1999-0550 | A router's routing tables can be obtained from arbitrary hosts.... | | |
| CVE-1999-0551 | HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requ... | | |
| CVE-1999-0554 | NFS exports system-critical data to the world, e.g. / or a password file.... | | |
| CVE-1999-0555 | A Unix account with a name other than "root" has UID 0, i.e. root privileges.... | | |
| CVE-1999-0556 | Two or more Unix accounts have the same UID.... | | |
| CVE-1999-0559 | A system-critical Unix file or directory has inappropriate permissions.... | | |
| CVE-1999-0560 | A system-critical Windows NT file or directory has inappropriate permissions.... | | |
| CVE-1999-0561 | IIS has the #exec function enabled for Server Side Include (SSI) files.... | | |
| CVE-1999-0562 | The registry in Windows NT can be accessed remotely by users who are not administrators.... | | |
| CVE-1999-0564 | An attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a ... | | |
| CVE-1999-0565 | A Sendmail alias allows input to be piped to a program.... | | |
| CVE-1999-0566 | An attacker can write to syslog files from any location, causing a denial of service by filling up t... | | |
| CVE-1999-0568 | rpc.admind in Solaris is not running in a secure mode.... | | |
| CVE-1999-0569 | A URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory... | | |
| CVE-1999-0570 | Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.... | | |
| CVE-1999-0571 | A router's configuration service or management interface (such as a web server or telnet) is configu... | | |
| CVE-1999-0572 | .reg files are associated with the Windows NT registry editor (regedit), making the registry suscept... | | |
| CVE-1999-0575 | A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and... | | |
| CVE-1999-0576 | A Windows NT system's file audit policy does not log an event success or failure for security-critic... | | |
| CVE-1999-0577 | A Windows NT system's file audit policy does not log an event success or failure for non-critical fi... | | |
| CVE-1999-0578 | A Windows NT system's registry audit policy does not log an event success or failure for security-cr... | | |
| CVE-1999-0579 | A Windows NT system's registry audit policy does not log an event success or failure for non-critica... | | |
| CVE-1999-0580 | The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, system-critical permissions.... | | |
| CVE-1999-0581 | The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions.... | | |
| CVE-1999-0582 | A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout ... | | |
| CVE-1999-0583 | There is a one-way or two-way trust relationship between Windows NT domains.... | | |
| CVE-1999-0584 | A Windows NT file system is not NTFS.... | | |
| CVE-1999-0585 | A Windows NT administrator account has the default name of Administrator.... | | |
| CVE-1999-0586 | A network service is running on a nonstandard port.... | | |
| CVE-1999-0587 | A WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access... | | |
| CVE-1999-0588 | A filter in a router or firewall allows unusual fragmented packets.... | | |
| CVE-1999-0589 | A system-critical Windows NT registry key has inappropriate permissions.... | | |
| CVE-1999-0590 | A system does not present an appropriate legal message or warning to a user who is accessing it.... | | |
| CVE-1999-0591 | An event log in Windows NT has inappropriate access permissions.... | | |
| CVE-1999-0592 | The Logon box of a Windows NT system displays the name of the last user who logged in.... | | |
| CVE-1999-0593 | The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with ... | | |
| CVE-1999-0594 | A Windows NT system does not restrict access to removable media drives such as a floppy disk drive o... | | |
| CVE-1999-0595 | A Windows NT system does not clear the system page file during shutdown, which might allow sensitive... | | |
| CVE-1999-0596 | A Windows NT log file has an inappropriate maximum size or retention period.... | | |
| CVE-1999-0597 | A Windows NT account policy does not forcibly disconnect remote users from the server when their log... | | |
| CVE-1999-0598 | A network intrusion detection system (IDS) does not properly handle packets that are sent out of ord... | | |
| CVE-1999-0599 | A network intrusion detection system (IDS) does not properly handle packets with improper sequence n... | | |
| CVE-1999-0600 | A network intrusion detection system (IDS) does not verify the checksum on a packet.... | | |
| CVE-1999-0601 | A network intrusion detection system (IDS) does not properly handle data within TCP handshake packet... | | |
| CVE-1999-0602 | A network intrusion detection system (IDS) does not properly reassemble fragmented packets.... | | |
| CVE-1999-0603 | In Windows NT, an inappropriate user is a member of a group, e.g. Administrator, Backup Operators, D... | | |
| CVE-1999-0604 | An incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could discl... | | |
| CVE-1999-0605 | An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private i... | | |
| CVE-1999-0606 | An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could disclo... | | |
| CVE-1999-0607 | quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insuf... | | |
| CVE-1999-0608 | An incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private... | | |
| CVE-1999-0609 | An incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private informa... | | |
| CVE-1999-0610 | An incorrect configuration of the Webcart CGI program could disclose private information.... | | |
| CVE-1999-0611 | A system-critical Windows NT registry key has an inappropriate value.... | | |
| CVE-1999-0612 | A version of finger is running that exposes valid user information to any entity on the network.... | | |
| CVE-1999-0613 | The rpc.sprayd service is running.... | | |
| CVE-1999-0614 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0615 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0616 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0617 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0618 | The rexec service is running.... | | |
| CVE-1999-0619 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0620 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0621 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0622 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0623 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0624 | The rstat/rstatd service is running.... | | |
| CVE-1999-0625 | The rpc.rquotad service is running.... | | |
| CVE-1999-0626 | A version of rusers is running that exposes valid user information to any entity on the network.... | | |
| CVE-1999-0627 | The rexd service is running, which uses weak authentication that can allow an attacker to execute co... | | |
| CVE-1999-0628 | The rwho/rwhod service is running, which exposes machine status and user information.... | | |
| CVE-1999-0629 | The ident/identd service is running.... | | |
| CVE-1999-0630 | The NT Alerter and Messenger services are running.... | | |
| CVE-1999-0631 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0632 | The RPC portmapper service is running.... | | |
| CVE-1999-0633 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0634 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0635 | The echo service is running.... | | |
| CVE-1999-0636 | The discard service is running.... | | |
| CVE-1999-0637 | The systat service is running.... | | |
| CVE-1999-0638 | The daytime service is running.... | | |
| CVE-1999-0639 | The chargen service is running.... | | |
| CVE-1999-0640 | The Gopher service is running.... | | |
| CVE-1999-0641 | The UUCP service is running.... | | |
| CVE-1999-0642 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0643 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0644 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0645 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0646 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0647 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0648 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0649 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0650 | The netstat service is running, which provides sensitive information to remote attackers.... | | |
| CVE-1999-0651 | The rsh/rlogin service is running.... | | |
| CVE-1999-0652 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0653 | A component service related to NIS+ is running.... | | |
| CVE-1999-0654 | The OS/2 or POSIX subsystem in NT is enabled.... | | |
| CVE-1999-0655 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not... | R | |
| CVE-1999-0656 | The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifyi... | | |
| CVE-1999-0657 | WinGate is being used.... | | |
| CVE-1999-0658 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0659 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is sol... | R | |
| CVE-1999-0660 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not... | R | |
| CVE-1999-0661 | A system is running a version of software that was replaced with a Trojan Horse at one of its distri... | | |
| CVE-1999-0662 | A system-critical program or library does not have the appropriate patch, hotfix, or service pack in... | | |
| CVE-1999-0663 | A system-critical program, library, or file has a checksum or other integrity measurement that indic... | | |
| CVE-1999-0664 | An application-critical Windows NT registry key has inappropriate permissions.... | | |
| CVE-1999-0665 | An application-critical Windows NT registry key has an inappropriate value.... | | |
| CVE-1999-0667 | The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address... | | |
| CVE-1999-0668 | The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which... | | |
| CVE-1999-0669 | The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a r... | | |
| CVE-1999-0670 | Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands... | | |
| CVE-1999-0671 | Buffer overflow in ToxSoft NextFTP client through CWD command.... | | |
| CVE-1999-0672 | Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics.... | | |
| CVE-1999-0673 | Buffer overflow in ALMail32 POP3 client via From: or To: headers.... | | |
| CVE-1999-0674 | The BSD profil system call allows a local user to modify the internal data space of a program via pr... | E S | |
| CVE-1999-0675 | Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through... | | |
| CVE-1999-0676 | sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.... | | |
| CVE-1999-0677 | The WebRamp web administration utility has a default password.... | | |
| CVE-1999-0678 | A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows ... | | |
| CVE-1999-0679 | Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows remote attackers to execute com... | | |
| CVE-1999-0680 | Windows NT Terminal Server performs extra work when a client opens a new connection but before it is... | E S | |
| CVE-1999-0681 | Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly... | E | |
| CVE-1999-0682 | Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP a... | S | |
| CVE-1999-0683 | Denial of service in Gauntlet Firewall via a malformed ICMP packet.... | E S | |
| CVE-1999-0684 | Denial of service in Sendmail 8.8.6 in HPUX.... | | |
| CVE-1999-0685 | Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.... | | |
| CVE-1999-0686 | Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.... | | |
| CVE-1999-0687 | The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execut... | | |
| CVE-1999-0688 | Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x.... | | |
| CVE-1999-0689 | The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.... | | |
| CVE-1999-0690 | HP CDE program includes the current directory in root's PATH variable.... | | |
| CVE-1999-0691 | Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root... | | |
| CVE-1999-0692 | The default configuration of the Array Services daemon (arrayd) disables authentication, allowing re... | | |
| CVE-1999-0693 | Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to ... | | |
| CVE-1999-0694 | Denial of service in AIX ptrace system call allows local users to crash the system.... | S | |
| CVE-1999-0695 | The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. (do... | | |
| CVE-1999-0696 | Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).... | | |
| CVE-1999-0697 | SCO Doctor allows local users to gain root privileges through a Tools option.... | | |
| CVE-1999-0698 | Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux.... | | |
| CVE-1999-0699 | The Bluestone Sapphire web server allows session hijacking via easily guessable session IDs.... | | |
| CVE-1999-0700 | Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.i... | | |
| CVE-1999-0701 | After an unattended installation of Windows NT 4.0, an installation file could include sensitive inf... | | |
| CVE-1999-0702 | Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Exp... | | |
| CVE-1999-0703 | OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character... | | |
| CVE-1999-0704 | Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils... | | |
| CVE-1999-0705 | Buffer overflow in INN inews program.... | | |
| CVE-1999-0706 | Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH envir... | | |
| CVE-1999-0707 | The default FTP configuration in HP Visualize Conference allows conference users to send a file to o... | | |
| CVE-1999-0708 | Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field.... | | |
| CVE-1999-0710 | The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a ... | | |
| CVE-1999-0711 | The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl ... | | |
| CVE-1999-0712 | A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to... | | |
| CVE-1999-0713 | The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.... | | |
| CVE-1999-0714 | Vulnerability in Compaq Tru64 UNIX edauth command.... | | |
| CVE-1999-0715 | Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or caus... | | |
| CVE-1999-0716 | Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.... | | |
| CVE-1999-0717 | A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.... | | |
| CVE-1999-0718 | IBM GINA, when used for OS/2 domain authentication of Windows NT users, allows local users to gain a... | E S | |
| CVE-1999-0719 | The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code.... | | |
| CVE-1999-0720 | The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other... | | |
| CVE-1999-0721 | Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.... | | |
| CVE-1999-0722 | The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software p... | | |
| CVE-1999-0723 | The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when ... | | |
| CVE-1999-0724 | Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function.... | | |
| CVE-1999-0725 | When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker... | | |
| CVE-1999-0726 | An attacker can conduct a denial of service in Windows NT by executing a program with a malformed fi... | | |
| CVE-1999-0727 | A kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.... | | |
| CVE-1999-0728 | A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control the... | | |
| CVE-1999-0729 | Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to conduct a denial of service throug... | E | |
| CVE-1999-0730 | The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink... | | |
| CVE-1999-0731 | The KDE klock program allows local users to unlock a session using malformed input.... | | |
| CVE-1999-0732 | The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files... | | |
| CVE-1999-0733 | Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable.... | | |
| CVE-1999-0734 | A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the... | | |
| CVE-1999-0735 | KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories.... | E S | |
| CVE-1999-0736 | The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.... | | |
| CVE-1999-0737 | The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.... | | |
| CVE-1999-0738 | The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.... | | |
| CVE-1999-0739 | The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.... | | |
| CVE-1999-0740 | Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed... | | |
| CVE-1999-0741 | QMS CrownNet Unix Utilities for 2060 allows root to log on without a password.... | | |
| CVE-1999-0742 | The Debian mailman package uses weak authentication, which allows attackers to gain privileges.... | | |
| CVE-1999-0743 | Trn allows local users to overwrite other users' files via symlinks.... | | |
| CVE-1999-0744 | Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain p... | | |
| CVE-1999-0745 | Buffer overflow in Source Code Browser Program Database Name Server Daemon (pdnsd) for the IBM AIX C... | | |
| CVE-1999-0746 | A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a re... | | |
| CVE-1999-0747 | Denial of service in BSDi Symmetric Multiprocessing (SMP) when an fstat call is made when the system... | | |
| CVE-1999-0748 | Buffer overflows in Red Hat net-tools package.... | | |
| CVE-1999-0749 | Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argum... | | |
| CVE-1999-0750 | Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execut... | | |
| CVE-1999-0751 | Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.... | | |
| CVE-1999-0752 | Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.... | | |
| CVE-1999-0753 | The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories... | | |
| CVE-1999-0754 | The INN inndstart program allows local users to gain privileges by specifying an alternate configura... | S | |
| CVE-1999-0755 | Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save ... | | |
| CVE-1999-0756 | ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion s... | | |
| CVE-1999-0757 | The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers... | | |
| CVE-1999-0758 | Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to ... | | |
| CVE-1999-0759 | Buffer overflow in FuseMAIL POP service via long USER and PASS commands.... | | |
| CVE-1999-0760 | Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator al... | S | |
| CVE-1999-0761 | Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the ... | | |
| CVE-1999-0762 | When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to ... | | |
| CVE-1999-0763 | NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another conn... | | |
| CVE-1999-0764 | NetBSD allows ARP packets to overwrite static ARP entries.... | | |
| CVE-1999-0765 | SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor.... | | |
| CVE-1999-0766 | The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outs... | | |
| CVE-1999-0767 | Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.... | | |
| CVE-1999-0768 | Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.... | | |
| CVE-1999-0769 | Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO... | | |
| CVE-1999-0770 | Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allo... | E S | |
| CVE-1999-0771 | The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker... | | |
| CVE-1999-0772 | Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent t... | | |
| CVE-1999-0773 | Buffer overflow in Solaris lpset program allows local users to gain root access.... | | |
| CVE-1999-0774 | Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names.... | | |
| CVE-1999-0775 | Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due ... | | |
| CVE-1999-0776 | Alibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack.... | E | |
| CVE-1999-0777 | IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have... | | |
| CVE-1999-0778 | Buffer overflow in Xi Graphics Accelerated-X server allows local users to gain root access via a lon... | | |
| CVE-1999-0779 | Denial of service in HP-UX SharedX recserv program.... | | |
| CVE-1999-0780 | KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.... | | |
| CVE-1999-0781 | KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to... | | |
| CVE-1999-0782 | KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmenta... | | |
| CVE-1999-0783 | FreeBSD allows local users to conduct a denial of service by creating a hard link from a device spec... | | |
| CVE-1999-0784 | Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, ak... | E | |
| CVE-1999-0785 | The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in ... | | |
| CVE-1999-0786 | The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE envir... | | |
| CVE-1999-0787 | The SSH authentication agent follows symlinks via a UNIX domain socket.... | | |
| CVE-1999-0788 | Arkiea nlservd allows remote attackers to conduct a denial of service.... | | |
| CVE-1999-0789 | Buffer overflow in AIX ftpd in the libc library.... | | |
| CVE-1999-0790 | A remote attacker can read information from a Netscape user's cache via JavaScript.... | | |
| CVE-1999-0791 | Hybrid Network cable modems do not include an authentication mechanism for administration, allowing ... | | |
| CVE-1999-0792 | ROUTERmate has a default SNMP community name which allows remote attackers to modify its configurati... | | |
| CVE-1999-0793 | Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.... | | |
| CVE-1999-0794 | Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file.... | | |
| CVE-1999-0795 | The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication... | | |
| CVE-1999-0796 | FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing attacks.... | | |
| CVE-1999-0797 | NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, ... | | |
| CVE-1999-0798 | Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.... | | |
| CVE-1999-0799 | Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location.... | | |
| CVE-1999-0800 | The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to ... | E S | |
| CVE-1999-0801 | BMC Patrol allows remote attackers to gain access to an agent by spoofing frames.... | | |
| CVE-1999-0802 | Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed F... | | |
| CVE-1999-0803 | The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a sym... | | |
| CVE-1999-0804 | Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes,... | | |
| CVE-1999-0805 | Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers ... | | |
| CVE-1999-0806 | Buffer overflow in Solaris dtprintinfo program.... | | |
| CVE-1999-0807 | The Netscape Directory Server installation procedure leaves sensitive information in a file that is ... | | |
| CVE-1999-0808 | Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacke... | S | |
| CVE-1999-0809 | Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if t... | | |
| CVE-1999-0810 | Denial of service in Samba NETBIOS name service daemon (nmbd).... | | |
| CVE-1999-0811 | Buffer overflow in Samba smbd program via a malformed message command.... | | |
| CVE-1999-0812 | Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations.... | | |
| CVE-1999-0813 | Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program o... | | |
| CVE-1999-0814 | Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.... | | |
| CVE-1999-0815 | Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial o... | S | |
| CVE-1999-0816 | The Motorola CableRouter allows any remote user to connect to and configure the router on port 1024.... | E | |
| CVE-1999-0817 | Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when cal... | | |
| CVE-1999-0818 | Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable.... | | |
| CVE-1999-0819 | NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it.... | | |
| CVE-1999-0820 | FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and... | | |
| CVE-1999-0821 | FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulato... | | |
| CVE-1999-0822 | Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.... | | |
| CVE-1999-0823 | Buffer overflow in FreeBSD xmindpath allows local users to gain privileges via -f argument.... | | |
| CVE-1999-0824 | A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the u... | | |
| CVE-1999-0825 | The default permissions for UnixWare /var/mail allow local users to read and modify other users' mai... | | |
| CVE-1999-0826 | Buffer overflow in FreeBSD angband allows local users to gain privileges.... | | |
| CVE-1999-0827 | By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across differe... | | |
| CVE-1999-0828 | UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary file... | | |
| CVE-1999-0829 | HP Secure Web Console uses weak encryption.... | | |
| CVE-1999-0830 | Buffer overflow in SCO UnixWare Xsco command via a long argument.... | | |
| CVE-1999-0831 | Denial of service in Linux syslogd via a large number of connections.... | | |
| CVE-1999-0832 | Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.... | | |
| CVE-1999-0833 | Buffer overflow in BIND 8.2 via NXT records.... | | |
| CVE-1999-0834 | Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library.... | | |
| CVE-1999-0835 | Denial of service in BIND named via malformed SIG records.... | | |
| CVE-1999-0836 | UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.... | | |
| CVE-1999-0837 | Denial of service in BIND by improperly closing TCP sessions via so_linger.... | | |
| CVE-1999-0838 | Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE co... | | |
| CVE-1999-0839 | Windows NT Task Scheduler installed with Internet Explorer 5 allows a user to gain privileges by mod... | | |
| CVE-1999-0840 | Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long... | | |
| CVE-1999-0841 | Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-T... | | |
| CVE-1999-0842 | Symantec Mail-Gear 1.0 web interface server allows remote users to read arbitrary files via a .. (do... | | |
| CVE-1999-0843 | Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet por... | | |
| CVE-1999-0844 | Denial of service in MDaemon WorldClient and WebConfig services via a long URL.... | | |
| CVE-1999-0845 | Buffer overflow in SCO su program allows local users to gain root access via a long username.... | | |
| CVE-1999-0846 | Denial of service in MDaemon 2.7 via a large number of connection attempts.... | | |
| CVE-1999-0847 | Buffer overflow in free internet chess server (FICS) program, xboard.... | | |
| CVE-1999-0848 | Denial of service in BIND named via consuming more than "fdmax" file descriptors.... | | |
| CVE-1999-0849 | Denial of service in BIND named via maxdname.... | | |
| CVE-1999-0850 | The default permissions for Endymion MailMan allow local users to read email or modify files.... | | |
| CVE-1999-0851 | Denial of service in BIND named via naptr.... | | |
| CVE-1999-0852 | IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data... | | |
| CVE-1999-0853 | Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers ... | | |
| CVE-1999-0854 | Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to vie... | | |
| CVE-1999-0855 | Buffer overflow in FreeBSD gdc program.... | | |
| CVE-1999-0856 | login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an... | | |
| CVE-1999-0857 | FreeBSD gdc program allows local users to modify files via a symlink attack.... | | |
| CVE-1999-0858 | Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a mal... | | |
| CVE-1999-0859 | Solaris arp allows local users to read files via the -f parameter, which lists lines in the file tha... | | |
| CVE-1999-0860 | Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable a... | | |
| CVE-1999-0861 | Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.... | | |
| CVE-1999-0862 | Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privile... | | |
| CVE-1999-0863 | Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argume... | | |
| CVE-1999-0864 | UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./co... | | |
| CVE-1999-0865 | Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port.... | | |
| CVE-1999-0866 | Buffer overflow in UnixWare xauto program allows local users to gain root privilege.... | | |
| CVE-1999-0867 | Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.... | | |
| CVE-1999-0868 | ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it f... | | |
| CVE-1999-0869 | Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of a... | | |
| CVE-1999-0870 | Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into t... | | |
| CVE-1999-0871 | Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, ... | | |
| CVE-1999-0872 | Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment v... | | |
| CVE-1999-0873 | Buffer overflow in Skyfull mail server via MAIL FROM command.... | | |
| CVE-1999-0874 | Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed requ... | | |
| CVE-1999-0875 | DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify the... | | |
| CVE-1999-0876 | Buffer overflow in Internet Explorer 4.0 via EMBED tag.... | | |
| CVE-1999-0877 | Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFR... | | |
| CVE-1999-0878 | Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges v... | | |
| CVE-1999-0879 | Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges v... | | |
| CVE-1999-0880 | Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.... | | |
| CVE-1999-0881 | Falcon web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.... | | |
| CVE-1999-0882 | Falcon web server allows remote attackers to determine the absolute path of the web root via long fi... | | |
| CVE-1999-0883 | Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an op... | | |
| CVE-1999-0884 | The Zeus web server administrative interface uses weak encryption for its passwords.... | | |
| CVE-1999-0885 | Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed U... | | |
| CVE-1999-0886 | The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT... | | |
| CVE-1999-0887 | FTGate web interface server allows remote attackers to read files via a .. (dot dot) attack.... | | |
| CVE-1999-0888 | dbsnmp in Oracle Intelligent Agent allows local users to gain privileges by setting the ORACLE_HOME ... | | |
| CVE-1999-0889 | Cisco 675 routers running CBOS allow remote attackers to establish telnet sessions if an exec or sup... | | |
| CVE-1999-0890 | iHTML Merchant allows remote attackers to obtain sensitive information or execute commands via a cod... | S | |
| CVE-1999-0891 | The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a... | | |
| CVE-1999-0892 | Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less th... | | |
| CVE-1999-0893 | userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.... | | |
| CVE-1999-0894 | Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other termin... | | |
| CVE-1999-0895 | Firewall-1 does not properly restrict access to LDAP attributes.... | | |
| CVE-1999-0896 | Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute... | | |
| CVE-1999-0897 | iChat ROOMS Webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.... | | |
| CVE-1999-0898 | Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause ... | | |
| CVE-1999-0899 | The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropri... | | |
| CVE-1999-0900 | Buffer overflow in rpc.yppasswdd allows a local user to gain privileges via MD5 hash generation.... | | |
| CVE-1999-0901 | ypserv allows a local user to modify the GECOS and login shells of other users.... | | |
| CVE-1999-0902 | ypserv allows local administrators to modify password tables.... | | |
| CVE-1999-0903 | genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports gre... | | |
| CVE-1999-0904 | Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username... | | |
| CVE-1999-0905 | Denial of service in Axent Raptor firewall via malformed zero-length IP options.... | | |
| CVE-1999-0906 | Buffer overflow in sccw allows local users to gain root access via the HOME environmental variable.... | | |
| CVE-1999-0907 | sccw allows local users to read arbitrary files.... | | |
| CVE-1999-0908 | Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to... | | |
| CVE-1999-0909 | Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a ma... | | |
| CVE-1999-0910 | Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, w... | | |
| CVE-1999-0911 | Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a ... | | |
| CVE-1999-0912 | FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large num... | | |
| CVE-1999-0913 | dfire.cgi script in Dragon-Fire IDS allows remote users to execute commands via shell metacharacters... | | |
| CVE-1999-0914 | Buffer overflow in the FTP client in the Debian GNU/Linux netstd package.... | | |
| CVE-1999-0915 | URL Live! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.... | | |
| CVE-1999-0916 | WebTrends software stores account names and passwords in a file which does not have restricted acces... | | |
| CVE-1999-0917 | The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary fi... | | |
| CVE-1999-0918 | Denial of service in various Windows systems via malformed, fragmented IGMP packets.... | | |
| CVE-1999-0919 | A memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a... | E | |
| CVE-1999-0920 | Buffer overflow in the pop-2d POP daemon in the IMAP package allows remote attackers to gain privile... | | |
| CVE-1999-0921 | BMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service.... | | |
| CVE-1999-0922 | An example application in ColdFusion Server 4.0 allows remote attackers to view source code via the ... | S | |
| CVE-1999-0923 | Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct... | S | |
| CVE-1999-0924 | The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service.... | S | |
| CVE-1999-0925 | UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers.... | | |
| CVE-1999-0926 | Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.... | E | |
| CVE-1999-0927 | NTMail allows remote attackers to read arbitrary files via a .. (dot dot) attack.... | | |
| CVE-1999-0928 | Buffer overflow in SmartDesk WebSuite allows remote attackers to cause a denial of service via a lon... | | |
| CVE-1999-0929 | Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a deni... | | |
| CVE-1999-0930 | wwwboard allows a remote attacker to delete message board articles via a malformed argument.... | | |
| CVE-1999-0931 | Buffer overflow in Mediahouse Statistics Server allows remote attackers to execute commands.... | | |
| CVE-1999-0932 | Mediahouse Statistics Server allows remote attackers to read the administrator password, which is st... | | |
| CVE-1999-0933 | TeamTrack web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.... | | |
| CVE-1999-0934 | classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters.... | | |
| CVE-1999-0935 | classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden... | | |
| CVE-1999-0936 | BNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters.... | | |
| CVE-1999-0937 | BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable.... | | |
| CVE-1999-0938 | MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session In... | | |
| CVE-1999-0939 | Denial of service in Debian IRC Epic/epic4 client via a long string.... | | |
| CVE-1999-0940 | Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME m... | | |
| CVE-1999-0941 | Mutt mail client allows a remote attacker to execute commands via shell metacharacters.... | | |
| CVE-1999-0942 | UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environmenta... | | |
| CVE-1999-0943 | Buffer overflow in OpenLink 3.2 allows remote attackers to gain privileges via a long GET request to... | | |
| CVE-1999-0944 | IBM WebSphere ikeyman tool uses weak encryption to store a password for a key database that is used ... | | |
| CVE-1999-0945 | Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote atta... | S | |
| CVE-1999-0946 | Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag.... | | |
| CVE-1999-0947 | AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow r... | | |
| CVE-1999-0948 | Buffer overflow in uum program for Canna input system allows local users to gain root privileges.... | | |
| CVE-1999-0949 | Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.... | | |
| CVE-1999-0950 | Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD ... | | |
| CVE-1999-0951 | Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote attackers to execute commands.... | | |
| CVE-1999-0952 | Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.... | | |
| CVE-1999-0953 | WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessibl... | | |
| CVE-1999-0954 | WWWBoard has a default username and default password.... | | |
| CVE-1999-0955 | Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXE... | | |
| CVE-1999-0956 | The NeXT NetInfo _writers property allows local users to gain root privileges or conduct a denial of... | | |
| CVE-1999-0957 | MajorCool mj_key_cache program allows local users to modify files via a symlink attack.... | | |
| CVE-1999-0958 | sudo 1.5.x allows local users to execute arbitrary commands via a .. (dot dot) attack.... | | |
| CVE-1999-0959 | IRIX startmidi program allows local users to modify arbitrary files via a symlink attack.... | | |
| CVE-1999-0960 | IRIX cdplayer allows local users to create directories in arbitrary locations via a command line opt... | | |
| CVE-1999-0961 | HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creatio... | | |
| CVE-1999-0962 | Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line... | | |
| CVE-1999-0963 | FreeBSD mount_union command allows local users to gain root privileges via a symlink attack.... | | |
| CVE-1999-0964 | Buffer overflow in FreeBSD setlocale in the libc module allows attackers to execute arbitrary code v... | | |
| CVE-1999-0965 | Race condition in xterm allows local users to modify arbitrary files via the logging option.... | | |
| CVE-1999-0966 | Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv... | | |
| CVE-1999-0967 | Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer... | | |
| CVE-1999-0968 | Buffer overflow in BNC IRC proxy allows remote attackers to gain privileges.... | | |
| CVE-1999-0969 | The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malf... | | |
| CVE-1999-0970 | The OmniHTTPD visadmin.exe program allows a remote attacker to conduct a denial of service via a mal... | | |
| CVE-1999-0971 | Buffer overflow in Exim allows local users to gain root privileges via a long :include: option in a ... | | |
| CVE-1999-0972 | Buffer overflow in Xshipwars xsw program.... | | |
| CVE-1999-0973 | Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long ... | | |
| CVE-1999-0974 | Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA reques... | | |
| CVE-1999-0975 | The Windows help system can allow a local user to execute commands as another user by editing a tabl... | | |
| CVE-1999-0976 | Sendmail allows local users to reinitialize the aliases database via the newaliases command, then ca... | | |
| CVE-1999-0977 | Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PR... | | |
| CVE-1999-0978 | htdig allows remote attackers to execute commands via filenames with shell metacharacters.... | | |
| CVE-1999-0979 | The SCO UnixWare privileged process system allows local users to gain root privileges by using a deb... | | |
| CVE-1999-0980 | Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a ... | | |
| CVE-1999-0981 | Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window... | | |
| CVE-1999-0982 | The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in... | | |
| CVE-1999-0983 | Whois Internic Lookup program whois.cgi allows remote attackers to execute commands via shell metach... | | |
| CVE-1999-0984 | Matt's Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters ... | | |
| CVE-1999-0985 | CC Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in t... | | |
| CVE-1999-0986 | The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large pa... | | |
| CVE-1999-0987 | Windows NT does not properly download a system policy if the domain user logs into the domain with a... | | |
| CVE-1999-0988 | UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.... | | |
| CVE-1999-0989 | Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to exec... | | |
| CVE-1999-0990 | Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid us... | | |
| CVE-1999-0991 | Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a ... | | |
| CVE-1999-0992 | HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restriction... | | |
| CVE-1999-0993 | Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the... | | |
| CVE-1999-0994 | Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowin... | | |
| CVE-1999-0995 | Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via m... | | |
| CVE-1999-0996 | Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via ... | | |
| CVE-1999-0997 | wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name ... | | |
| CVE-1999-0998 | Cisco Cache Engine allows an attacker to replace content in the cache.... | | |
| CVE-1999-0999 | Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS p... | |