Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0365 | 1 Redhat | 1 Linux | 2016-10-18 | 4.6 MEDIUM | N/A |
| Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices. | |||||
| CVE-2000-0139 | 1 True North | 1 Internet Anywhere Mail Server | 2016-10-18 | 2.1 LOW | N/A |
| Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed RETR command. | |||||
| CVE-2000-0422 | 1 Netwin | 1 Dmail | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands via a long utoken parameter. | |||||
| CVE-2000-0272 | 1 Realnetworks | 1 Realserver | 2016-10-18 | 7.8 HIGH | N/A |
| RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070. | |||||
| CVE-2000-0087 | 1 Netscape | 2 Communicator, Navigator | 2016-10-18 | 5.0 MEDIUM | N/A |
| Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext. | |||||
| CVE-2000-0003 | 1 Sco | 1 Unixware | 2016-10-18 | 10.0 HIGH | N/A |
| Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable. | |||||
| CVE-2000-0080 | 1 Ibm | 1 Aix | 2016-10-18 | 2.1 LOW | N/A |
| AIX techlibss allows local users to overwrite files via a symlink attack. | |||||
| CVE-2000-0068 | 1 Intel | 1 Inbusiness Email Station | 2016-10-18 | 7.5 HIGH | N/A |
| daynad program in Intel InBusiness E-mail Station does not require authentication, which allows remote attackers to modify its configuration, delete files, or read mail. | |||||
| CVE-2000-0364 | 1 Redhat | 1 Linux | 2016-10-18 | 4.6 MEDIUM | N/A |
| screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys. | |||||
| CVE-2000-0099 | 1 Sco | 1 Unixware | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument. | |||||
| CVE-2000-0119 | 2 Mcafee, Symantec | 2 Virusscan, Norton Antivirus | 2016-10-18 | 7.2 HIGH | N/A |
| The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection. | |||||
| CVE-2000-0026 | 2 Sco, Windowmaker | 2 Unixware, Wmmon | 2016-10-18 | 10.0 HIGH | N/A |
| Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string. | |||||
| CVE-2000-0037 | 1 Great Circle Associates | 1 Majordomo | 2016-10-18 | 4.6 MEDIUM | N/A |
| Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file. | |||||
| CVE-2000-0239 | 1 Atrium Software | 3 Mercur Imap4 Server, Mercur Mailserver, Mercur Pop3 Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in the MERCUR WebView WebMail server allows remote attackers to cause a denial of service via a long mail_user parameter in the GET request. | |||||
| CVE-1999-1570 | 1 Caldera | 1 Openserver | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter. | |||||
| CVE-2000-0341 | 1 Atrium Software | 1 Cassandra Nntp Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a denial of service via a long login name. | |||||
| CVE-1999-1513 | 1 3com | 1 Superstack Ii Hub | 2016-10-18 | 7.5 HIGH | N/A |
| Management information base (MIB) for a 3Com SuperStack II hub running software version 2.10 contains an object identifier (.1.3.6.1.4.1.43.10.4.2) that is accessible by a read-only community string, but lists the entire table of community strings, which could allow attackers to conduct unauthorized activities. | |||||
| CVE-1999-1532 | 1 Netscape | 1 Messaging Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands. | |||||
| CVE-1999-1516 | 1 Tenfour | 1 Tfs Gateway Smtp | 2016-10-18 | 7.5 HIGH | N/A |
| A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes in a MAIL FROM string. | |||||
| CVE-1999-1549 | 1 University Of Kansas | 1 Lynx | 2016-10-18 | 5.0 MEDIUM | N/A |
| Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands. | |||||
| CVE-1999-1517 | 1 Freebsd | 1 Freebsd | 2016-10-18 | 7.2 HIGH | N/A |
| runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user to overwrite or read arbitrary files by providing the target files to runtar. | |||||
| CVE-1999-1530 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2016-10-18 | 3.6 LOW | N/A |
| cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system. | |||||
| CVE-1999-1509 | 1 Etype | 1 Eserv | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL. | |||||
| CVE-1999-1508 | 1 Tek | 5 Phaser Network Printer 740, Phaser Network Printer 750, Phaser Network Printer 750dp and 2 more | 2016-10-18 | 10.0 HIGH | N/A |
| Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a remote attacker to gain administrator access by directly calling undocumented URLs such as ncl_items.html and ncl_subjects.html. | |||||
| CVE-1999-1505 | 1 Id Software | 1 Quakeworld | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet. | |||||
| CVE-1999-1534 | 1 Knox Software | 1 Arkeia | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable. | |||||
| CVE-1999-1502 | 1 Id Software | 1 Quake | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console command. | |||||
| CVE-1999-1501 | 1 Sgi | 1 Irix | 2016-10-18 | 4.6 MEDIUM | N/A |
| (1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. | |||||
| CVE-1999-1545 | 1 Joes Own Editor | 1 Joe | 2016-10-18 | 2.1 LOW | N/A |
| Joe's Own Editor (joe) 2.8 sets the world-readable permission on its crash-save file, DEADJOE, which could allow local users to read files that were being edited by other users. | |||||
| CVE-1999-1544 | 1 Microsoft | 1 Internet Information Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command. | |||||
| CVE-1999-1500 | 1 True North | 1 Internet Anywhere Mail Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to cause a denial of service (crash) via (1) LIST, (2) TOP, or (3) UIDL commands using letters as arguments. | |||||
| CVE-1999-1531 | 1 Ibm | 1 Homepageprint | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag. | |||||
| CVE-1999-1536 | 1 Acushop | 1 Salesbuilder | 2016-10-18 | 7.2 HIGH | N/A |
| .sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file. | |||||
| CVE-1999-1524 | 1 Flowpoint | 1 Flowpoint Dsl Router | 2016-10-18 | 5.0 MEDIUM | N/A |
| FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port. | |||||
| CVE-1999-1522 | 1 Roxen | 1 Roxen Web Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier, possibly related to recursive parsing and referer tags in RXML. | |||||
| CVE-1999-1538 | 1 Microsoft | 1 Internet Information Server | 2016-10-18 | 2.1 LOW | N/A |
| When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password. | |||||
| CVE-1999-1527 | 1 Sun | 2 Forte, Netbeans Developer | 2016-10-18 | 7.5 HIGH | N/A |
| Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in its configuration, which allows arbitrary remote attackers to access the server. | |||||
| CVE-1999-1528 | 1 Prosoft Engineering | 1 Netware Client | 2016-10-18 | 4.6 MEDIUM | N/A |
| ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not automatically log a user out of the NDS tree when the user logs off the system, which allows other users of the same system access to the unprotected NDS session. | |||||
| CVE-1999-1407 | 1 Redhat | 1 Linux | 2016-10-18 | 2.1 LOW | N/A |
| ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file. | |||||
| CVE-1999-1408 | 2 Hp, Ibm | 2 Hp-ux, Aix | 2016-10-18 | 2.1 LOW | N/A |
| Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost. | |||||
| CVE-1999-1409 | 2 Netbsd, Sgi | 2 Netbsd, Irix | 2016-10-18 | 2.1 LOW | N/A |
| The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail. | |||||
| CVE-1999-1414 | 1 Ibm | 1 Netfinity Remote Control | 2016-10-18 | 7.2 HIGH | N/A |
| IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges. | |||||
| CVE-1999-1399 | 1 Sgi | 1 Irix | 2016-10-18 | 7.2 HIGH | N/A |
| spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed. | |||||
| CVE-1999-1443 | 1 Micah Software | 1 Full Armor | 2016-10-18 | 4.6 MEDIUM | N/A |
| Micah Software Full Armor Network Configurator and Zero Administration allow local users with physical access to bypass the desktop protection by (1) using <CTRL><ALT><DEL> and kill the process using the task manager, (2) booting the system from a separate disk, or (3) interrupting certain processes that execute while the system is booting. | |||||
| CVE-1999-1398 | 1 Sgi | 1 Irix | 2016-10-18 | 6.2 MEDIUM | N/A |
| Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack. | |||||
| CVE-1999-1397 | 1 Microsoft | 1 Index Server | 2016-10-18 | 7.5 HIGH | N/A |
| Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed. | |||||
| CVE-1999-1411 | 1 Debian | 1 Debian Linux | 2016-10-18 | 7.5 HIGH | N/A |
| The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp. | |||||
| CVE-1999-1420 | 1 N-base | 5 Nh2012, Nh2012r, Nh2015 and 2 more | 2016-10-18 | 10.0 HIGH | N/A |
| NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door password that cannot be disabled, which allows remote attackers to modify the switch's configuration. | |||||
| CVE-1999-1421 | 1 N-base | 2 Nh208, Nh215 | 2016-10-18 | 6.4 MEDIUM | N/A |
| NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, which have default names. | |||||
| CVE-1999-1422 | 1 Slackware | 1 Slackware Linux | 2016-10-18 | 7.2 HIGH | N/A |
| The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users. | |||||