Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1266 | 1 Metamail Corporation | 1 Metamail | 2017-12-19 | 5.0 MEDIUM | N/A |
| rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system. | |||||
| CVE-2000-0841 | 1 Davide Libenzi | 1 Xmail | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrary commands via a long APOP command. | |||||
| CVE-1999-1151 | 1 Compaq Microcom | 1 Microcom 6000 Access Integrator | 2017-12-19 | 5.0 MEDIUM | N/A |
| Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the integrator without providing a username or password. | |||||
| CVE-1999-1252 | 1 Sco | 1 Unixware | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges. | |||||
| CVE-1999-1126 | 1 Cisco | 1 Resource Manager | 2017-12-19 | 2.1 LOW | N/A |
| Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_". | |||||
| CVE-1999-1251 | 1 Hp | 1 Hp-ux | 2017-12-19 | 2.1 LOW | N/A |
| Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service. | |||||
| CVE-1999-1250 | 1 Blue World Communications | 1 Lasso Cgi | 2017-12-19 | 5.0 MEDIUM | N/A |
| Vulnerability in CGI program in the Lasso application by Blue World, as used on WebSTAR and other servers, allows remote attackers to read arbitrary files. | |||||
| CVE-1999-1248 | 1 Hp | 1 Hp-ux | 2017-12-19 | 4.6 MEDIUM | N/A |
| Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges. | |||||
| CVE-1999-1247 | 1 Hp | 1 Hp-ux | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges. | |||||
| CVE-1999-1245 | 1 Ucd-snmp | 1 Ucd-snmp | 2017-12-19 | 5.0 MEDIUM | N/A |
| vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote attackers to obtain sensitive information. | |||||
| CVE-1999-1244 | 1 Darren Reed | 1 Ipfilter | 2017-12-19 | 7.2 HIGH | N/A |
| IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file. | |||||
| CVE-1999-1242 | 1 Hp | 1 Hp-ux | 2017-12-19 | 4.6 MEDIUM | N/A |
| Vulnerability in subnetconfig in HP-UX 9.01 and 9.0 allows local users to gain privileges. | |||||
| CVE-1999-1236 | 1 True North | 1 Internet Anywhere Mail Server | 2017-12-19 | 4.6 MEDIUM | N/A |
| Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf. | |||||
| CVE-1999-1234 | 1 Microsoft | 1 Windows Nt | 2017-12-19 | 5.0 MEDIUM | N/A |
| LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo. | |||||
| CVE-1999-1150 | 1 Livingston Portmaster | 1 Portmaster | 2017-12-19 | 7.5 HIGH | N/A |
| Livingston Portmaster routers running ComOS use the same initial sequence number (ISN) for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions. | |||||
| CVE-1999-1232 | 1 Sgi | 1 Irix | 2017-12-19 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program. | |||||
| CVE-1999-1231 | 1 Ssh | 1 Ssh2 | 2017-12-19 | 5.0 MEDIUM | N/A |
| ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote attackers to determine user account names on the server. | |||||
| CVE-1999-1229 | 1 Id Software | 1 Quake 2 Server | 2017-12-19 | 2.1 LOW | N/A |
| Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file. | |||||
| CVE-1999-1228 | 3 Diamond, Logicode, Us Robotics | 3 Supra, Quicktel, Us Robotics | 2017-12-19 | 7.5 HIGH | N/A |
| Various modems that do not implement a guard time, or are configured with a guard time of 0, can allow remote attackers to execute arbitrary modem commands such as ATH, ATH0, etc., via a "+++" sequence that appears in ICMP packets, the subject of an e-mail message, IRC commands, and others. | |||||
| CVE-1999-1069 | 1 Icat | 1 Electronic Commerce Suite | 2017-12-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in carbo.dll in iCat Carbo Server 3.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the icatcommand parameter. | |||||
| CVE-1999-1096 | 1 Kde | 1 Kde | 2017-12-19 | 7.2 HIGH | N/A |
| Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable. | |||||
| CVE-1999-1063 | 1 Cdomain | 1 Cdomainfree | 2017-12-19 | 10.0 HIGH | N/A |
| CDomain whois_raw.cgi whois CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the fqdn parameter. | |||||
| CVE-1999-1062 | 1 Hp | 1 Jetdirect | 2017-12-19 | 7.5 HIGH | N/A |
| HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100. | |||||
| CVE-1999-1061 | 1 Hp | 1 Jetdirect | 2017-12-19 | 7.5 HIGH | N/A |
| HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging. | |||||
| CVE-1999-1058 | 1 Arcane Software | 1 Vermillion Ftp Daemon | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD commands. | |||||
| CVE-1999-1050 | 1 Matt Wright | 1 Formhandler.cgi | 2017-12-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template. | |||||
| CVE-1999-1046 | 1 Ipswitch | 1 Imail | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181. | |||||
| CVE-1999-1029 | 1 Ssh | 1 Ssh2 | 2017-12-19 | 7.5 HIGH | N/A |
| SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs. | |||||
| CVE-1999-1022 | 1 Sgi | 1 Irix | 2017-12-19 | 6.2 MEDIUM | N/A |
| serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program. | |||||
| CVE-1999-1020 | 1 Novell | 1 Netware | 2017-12-19 | 7.5 HIGH | N/A |
| The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE. | |||||
| CVE-2002-0405 | 1 Transsoft | 1 Broker Ftp Server | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in Transsoft Broker FTP Server 5.0 evaluation allows remote attackers to cause a denial of service and possibly execute arbitrary code via a CWD command with a large number of . (dot) characters. | |||||
| CVE-2000-0531 | 2 Caldera, Redhat | 3 Openlinux, Openlinux Eserver, Linux | 2017-12-19 | 2.1 LOW | N/A |
| Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets. | |||||
| CVE-1999-0970 | 1 Omnicron | 1 Omnihttpd | 2017-12-19 | 5.0 MEDIUM | N/A |
| The OmniHTTPD visadmin.exe program allows a remote attacker to conduct a denial of service via a malformed URL which causes a large number of temporary files to be created. | |||||
| CVE-2000-0836 | 1 Broadgun Software | 1 Camshot Webcam | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in CamShot WebCam Trial2.6 allows remote attackers to execute arbitrary commands via a long Authorization header. | |||||
| CVE-2000-0543 | 1 Pgp | 1 Certificate Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000. | |||||
| CVE-1999-0919 | 1 Motorola | 1 Motorola Cablerouter | 2017-12-19 | 10.0 HIGH | N/A |
| A memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections. | |||||
| CVE-2000-0840 | 1 Davide Libenzi | 1 Xmail | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrary commands via a long USER command. | |||||
| CVE-2000-0696 | 1 Sun | 1 Solaris Answerbook2 | 2017-12-19 | 7.5 HIGH | N/A |
| The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script. | |||||
| CVE-2000-0772 | 1 Tumbleweed | 1 Messaging Management System | 2017-12-19 | 7.5 HIGH | N/A |
| The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account "sa" with no password. | |||||
| CVE-2000-0872 | 1 Nathan Purciful | 1 Phpphotoalbum | 2017-12-19 | 5.0 MEDIUM | N/A |
| explorer.php in PhotoAlbum 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-1999-1230 | 1 Id Software | 1 Quake 2 | 2017-12-19 | 5.0 MEDIUM | N/A |
| Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself. | |||||
| CVE-1999-1220 | 1 Great Circle Associates | 1 Majordomo | 2017-12-19 | 7.5 HIGH | N/A |
| Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header. | |||||
| CVE-1999-0805 | 1 Novell | 1 Netware | 2017-12-19 | 5.0 MEDIUM | N/A |
| Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests. | |||||
| CVE-2000-0812 | 1 Sun | 1 Java System Web Server | 2017-12-19 | 10.0 HIGH | N/A |
| The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag. | |||||
| CVE-2000-0826 | 1 Mobius | 1 Documentdirect For The Internet | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in ddicgi.exe program in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long GET request. | |||||
| CVE-2000-0827 | 1 Mobius | 1 Documentdirect For The Internet | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows remote attackers to cause a denial of service or execute arbitrary commands via a long username. | |||||
| CVE-2000-0828 | 1 Mobius | 1 Documentdirect For The Internet | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long User-Agent parameter. | |||||
| CVE-2000-0832 | 1 Oscar Nierstrasz | 1 Htgrep | 2017-12-19 | 5.0 MEDIUM | N/A |
| Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname in the hdr parameter. | |||||
| CVE-1999-1546 | 1 Ibm | 1 Navio Nc Browser | 2017-12-19 | 5.0 MEDIUM | N/A |
| netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable. | |||||
| CVE-1999-1539 | 1 Qpc Software | 2 Qvt Net, Qvt Term Plus | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions 4.2d and 4.3 and QVT/Net 4.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long (1) user name or (2) password. | |||||