Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0306 | 1 Sco | 1 Openserver | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message. | |||||
| CVE-2000-0307 | 1 Sco | 3 Open Desktop, Openserver, Unixware | 2008-09-05 | 5.0 MEDIUM | N/A |
| Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024. | |||||
| CVE-1999-1591 | 1 Microsoft | 2 Internet Information Server, Visual Interdev | 2008-09-05 | 7.5 HIGH | N/A |
| Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0. | |||||
| CVE-1999-1392 | 1 Next | 2 Nex, Next | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in restore0.9 installation script in NeXT 1.0a and 1.0 allows local users to gain root privileges. | |||||
| CVE-1999-1488 | 1 Ibm | 1 System Data Repository | 2008-09-05 | 5.0 MEDIUM | N/A |
| sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication. | |||||
| CVE-1999-1438 | 1 Sun | 1 Sunos | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local users to gain root privileges via certain command line arguments. | |||||
| CVE-1999-1564 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 2.1 LOW | N/A |
| FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes. | |||||
| CVE-1999-1592 | 2 Sendmail, Sun | 2 Sendmail, Sunos | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129. | |||||
| CVE-1999-1487 | 1 Ibm | 1 Aix | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system. | |||||
| CVE-1999-1449 | 1 Sun | 1 Sunos | 2008-09-05 | 2.1 LOW | N/A |
| SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device. | |||||
| CVE-1999-1566 | 1 Intel | 1 Iparty | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters. | |||||
| CVE-1999-1315 | 1 Dec | 1 Dec Openvms | 2008-09-05 | 4.6 MEDIUM | N/A |
| Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP and VAX/VMS systems allow local users to gain privileges or cause a denial of service. | |||||
| CVE-1999-1380 | 1 Symantec | 1 Norton Utilities | 2008-09-05 | 5.1 MEDIUM | N/A |
| Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0. | |||||
| CVE-1999-1499 | 1 Isc | 1 Bind | 2008-09-05 | 2.1 LOW | N/A |
| named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. | |||||
| CVE-1999-1358 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2008-09-05 | 4.6 MEDIUM | N/A |
| When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only. | |||||
| CVE-1999-1466 | 1 Cisco | 1 Ios | 2008-09-05 | 7.5 HIGH | N/A |
| Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword. | |||||
| CVE-1999-1359 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 7.5 HIGH | N/A |
| When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies. | |||||
| CVE-1999-1360 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 2.1 LOW | N/A |
| Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle. | |||||
| CVE-1999-1390 | 1 Debian | 1 Debian Linux | 2008-09-05 | 7.2 HIGH | N/A |
| suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line. | |||||
| CVE-1999-1320 | 1 Novell | 1 Netware | 2008-09-05 | 4.6 MEDIUM | N/A |
| Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing. | |||||
| CVE-1999-1471 | 1 Bsd | 1 Bsd | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field. | |||||
| CVE-1999-1362 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 2.1 LOW | N/A |
| Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters. | |||||
| CVE-1999-1475 | 1 Proftpd Project | 1 Proftpd | 2008-09-05 | 4.6 MEDIUM | N/A |
| ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command. | |||||
| CVE-1999-1588 | 1 Sun | 1 Solaris | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766. | |||||
| CVE-1999-1321 | 1 Mit | 1 Kerberos | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing. | |||||
| CVE-1999-1483 | 1 Svgalib | 1 Svgalib | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable. | |||||
| CVE-1999-1391 | 1 Next | 1 Next | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers allows local users to gain privileges via a combination of the npd program and weak directory permissions. | |||||
| CVE-1999-1363 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 2.1 LOW | N/A |
| Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool. | |||||
| CVE-1999-1424 | 1 Sun | 1 Solstice Adminsuite | 2008-09-05 | 6.2 MEDIUM | N/A |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries. | |||||
| CVE-1999-1401 | 1 Sgi | 1 Irix | 2008-09-05 | 4.6 MEDIUM | N/A |
| Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 sets insecure permissions for certain user files (iconbook and searchbook). | |||||
| CVE-1999-1364 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 2.1 LOW | N/A |
| Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext. | |||||
| CVE-1999-1584 | 1 Sun | 2 Openwindows, Sunos | 2008-09-05 | 10.0 HIGH | N/A |
| Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586. | |||||
| CVE-1999-1590 | 1 Wwwcount | 1 Wwwcount | 2008-09-05 | 3.5 LOW | N/A |
| Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021. | |||||
| CVE-1999-1506 | 1 Sun | 1 Sunos | 2008-09-05 | 7.5 HIGH | N/A |
| Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin. | |||||
| CVE-1999-1558 | 1 Digital | 2 Digital Openvms, Digital Openvms Axp | 2008-09-05 | 7.5 HIGH | N/A |
| Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled. | |||||
| CVE-1999-1561 | 1 Nullsoft | 1 Shoutcast Server | 2008-09-05 | 7.2 HIGH | N/A |
| Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server. | |||||
| CVE-1999-1480 | 1 Ibm | 1 Aix | 2008-09-05 | 1.2 LOW | N/A |
| (1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack. | |||||
| CVE-1999-1426 | 1 Sun | 1 Solstice Adminsuite | 2008-09-05 | 6.2 MEDIUM | N/A |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links when updating an NIS database, which allows local users to overwrite arbitrary files. | |||||
| CVE-1999-1427 | 1 Sun | 1 Solstice Adminsuite | 2008-09-05 | 6.2 MEDIUM | N/A |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 create lock files insecurely, which allows local users to gain root privileges. | |||||
| CVE-1999-1498 | 1 Slackware | 1 Slackware Linux | 2008-09-05 | 3.6 LOW | N/A |
| Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file. | |||||
| CVE-1999-1504 | 1 Stalker | 1 Stalker Internet Mail Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Stalker Internet Mail Server 1.6 allows a remote attacker to cause a denial of service (crash) via a long HELO command. | |||||
| CVE-1999-1562 | 1 Gftp | 1 Ftp Client | 2008-09-05 | 4.6 MEDIUM | N/A |
| gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file. | |||||
| CVE-1999-1497 | 1 Ipswitch | 1 Imail | 2008-09-05 | 7.2 HIGH | N/A |
| Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts. | |||||
| CVE-1999-1482 | 1 Svgalib | 1 Zgv | 2008-09-05 | 7.2 HIGH | N/A |
| SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes. | |||||
| CVE-1999-1554 | 1 Sgi | 1 Irix | 2008-09-05 | 2.1 LOW | N/A |
| /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users. | |||||
| CVE-1999-1580 | 2 Sendmail, Sun | 2 Sendmail, Sunos | 2008-09-05 | 7.2 HIGH | N/A |
| SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option. | |||||
| CVE-1999-1415 | 1 Digital | 1 Ultrix | 2008-09-05 | 4.6 MEDIUM | N/A |
| Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges. | |||||
| CVE-1999-1388 | 1 Sun | 1 Sunos | 2008-09-05 | 6.2 MEDIUM | N/A |
| passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument. | |||||
| CVE-1999-1377 | 1 Matt Wright | 1 Download.cgi | 2008-09-05 | 5.0 MEDIUM | N/A |
| Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter. | |||||
| CVE-1999-1418 | 1 Mirabilis | 1 Icq Web Front | 2008-09-05 | 5.0 MEDIUM | N/A |
| ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists ("404 Forbidden") versus when a file does not exist ("404 not found"). | |||||