Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1563 | 1 Nachuatec | 2 D435, D445 | 2008-09-05 | 5.0 MEDIUM | N/A |
| Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm. | |||||
| CVE-1999-1300 | 1 Cray | 1 Unicos | 2008-09-05 | 3.6 LOW | N/A |
| Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users to read arbitrary files and modify system accounting configuration. | |||||
| CVE-1999-1301 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.5 HIGH | N/A |
| A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly other programs. | |||||
| CVE-1999-1503 | 1 Nfr | 1 Nfr | 2008-09-05 | 5.0 MEDIUM | N/A |
| Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field. | |||||
| CVE-1999-1396 | 1 Sun | 1 Sunos | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in integer multiplication emulation code on SPARC architectures for SunOS 4.1 through 4.1.2 allows local users to gain root access or cause a denial of service (crash). | |||||
| CVE-1999-1565 | 2 Debian, Earl Hood | 2 Debian Linux, Man2html | 2008-09-05 | 4.6 MEDIUM | N/A |
| Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-1999-1306 | 1 Cisco | 1 Ios | 2008-09-05 | 7.5 HIGH | N/A |
| Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. | |||||
| CVE-1999-1307 | 1 Novell | 1 Unixware | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges. | |||||
| CVE-1999-1489 | 1 Slackware | 1 Slackware Linux | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument. | |||||
| CVE-1999-1428 | 1 Sun | 1 Solstice Adminsuite | 2008-09-05 | 6.2 MEDIUM | N/A |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local users to gain privileges via the save option in the Database Manager, which is running with setgid bin privileges. | |||||
| CVE-1999-0847 | 1 Freechess.org | 1 Fics Program | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in free internet chess server (FICS) program, xboard. | |||||
| CVE-1999-1102 | 4 Apple, Bsd, Sgi and 1 more | 4 A Ux, Bsd, Irix and 1 more | 2008-09-05 | 2.1 LOW | N/A |
| lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. | |||||
| CVE-1999-0923 | 1 Allaire | 1 Coldfusion Server | 2008-09-05 | 7.5 HIGH | N/A |
| Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls. | |||||
| CVE-1999-1198 | 1 Next | 1 Next | 2008-09-05 | 7.2 HIGH | N/A |
| BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges. | |||||
| CVE-1999-1197 | 1 Sun | 1 Sunos | 2008-09-05 | 7.2 HIGH | N/A |
| TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a user who tries to redirect console output and input, which could allow a local user to gain privileges. | |||||
| CVE-1999-1196 | 1 Hummingbird | 1 Exceed | 2008-09-05 | 5.0 MEDIUM | N/A |
| Hummingbird Exceed X version 5 allows remote attackers to cause a denial of service via malformed data to port 6000. | |||||
| CVE-1999-1190 | 1 Admiral Systems | 1 Emailclub | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message. | |||||
| CVE-1999-1181 | 1 Sgi | 1 Irix | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges. | |||||
| CVE-1999-1179 | 1 Sysadmin Magazine | 1 Man.sh | 2008-09-05 | 7.5 HIGH | N/A |
| Vulnerability in man.sh CGI script, included in May 1998 issue of SysAdmin Magazine, allows remote attackers to execute arbitrary commands. | |||||
| CVE-1999-0810 | 1 Samba | 1 Samba | 2008-09-05 | 10.0 HIGH | N/A |
| Denial of service in Samba NETBIOS name service daemon (nmbd). | |||||
| CVE-1999-1172 | 1 Maximizer | 1 Maximizer Enterprise | 2008-09-05 | 5.0 MEDIUM | N/A |
| By design, Maximizer Enterprise 4 calendar and address book program allows arbitrary users to modify the calendar of other users when the calendar is being shared. | |||||
| CVE-1999-1168 | 1 Iss | 1 Internet Security Scanner | 2008-09-05 | 7.2 HIGH | N/A |
| install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file. | |||||
| CVE-1999-1167 | 1 Third Voice | 1 Third Voice Web | 2008-09-05 | 6.4 MEDIUM | N/A |
| Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation. | |||||
| CVE-1999-1162 | 1 Sco | 2 Open Desktop, Unix | 2008-09-05 | 6.4 MEDIUM | N/A |
| Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers to cause a denial of service by preventing users from being able to log into the system. | |||||
| CVE-1999-0812 | 1 Samba | 1 Samba | 2008-09-05 | 7.6 HIGH | N/A |
| Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations. | |||||
| CVE-1999-1012 | 1 Lotus | 1 Domino | 2008-09-05 | 5.0 MEDIUM | N/A |
| SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string. | |||||
| CVE-1999-1124 | 1 Allaire | 1 Coldfusion | 2008-09-05 | 7.5 HIGH | N/A |
| HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from the local host. | |||||
| CVE-1999-1115 | 1 Hp | 1 Apollo Domain Os | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh). | |||||
| CVE-1999-1105 | 1 Microsoft | 1 Windows 95 | 2008-09-05 | 5.0 MEDIUM | N/A |
| Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive. | |||||
| CVE-1999-1103 | 1 Digital | 1 Osf 1 | 2008-09-05 | 4.6 MEDIUM | N/A |
| dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter. | |||||
| CVE-1999-1166 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 7.2 HIGH | N/A |
| Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory. | |||||
| CVE-1999-1098 | 1 Bsd | 1 Bsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing. | |||||
| CVE-1999-1078 | 1 Ipswitch | 1 Ws Ftp Pro | 2008-09-05 | 7.5 HIGH | N/A |
| WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges. | |||||
| CVE-1999-0997 | 3 Millenux Gmbh, Redhat, University Of Washington | 3 Anonftp, Linux, Wu-ftpd | 2008-09-05 | 7.5 HIGH | N/A |
| wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress. | |||||
| CVE-1999-1070 | 1 Xylogics | 1 Annex | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter. | |||||
| CVE-1999-0817 | 1 University Of Kansas | 1 Lynx | 2008-09-05 | 10.0 HIGH | N/A |
| Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet. | |||||
| CVE-1999-1059 | 1 Att | 1 Svr4 | 2008-09-05 | 10.0 HIGH | N/A |
| Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands. | |||||
| CVE-1999-1057 | 1 Digital | 1 Vms | 2008-09-05 | 4.6 MEDIUM | N/A |
| VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command. | |||||
| CVE-1999-1053 | 2 Apache, Matt Wright | 2 Http Server, Matt Wright Guestbook | 2008-09-05 | 7.5 HIGH | N/A |
| guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->". | |||||
| CVE-1999-1051 | 1 Matt Wright | 1 Formhandler.cgi | 2008-09-05 | 5.0 MEDIUM | N/A |
| Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter. | |||||
| CVE-1999-0992 | 1 Hp | 1 Vvos | 2008-09-05 | 10.0 HIGH | N/A |
| HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP). | |||||
| CVE-1999-1042 | 1 Cisco | 1 Resource Manager | 2008-09-05 | 1.2 LOW | N/A |
| Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings. | |||||
| CVE-1999-0940 | 1 Mutt | 1 Mutt Mail Client | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages. | |||||
| CVE-1999-0894 | 1 Redhat | 1 Linux | 2008-09-05 | 10.0 HIGH | N/A |
| Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals. | |||||
| CVE-1999-0926 | 1 Apache | 1 Http Server | 2008-09-05 | 10.0 HIGH | N/A |
| Apache allows remote attackers to conduct a denial of service via a large number of MIME headers. | |||||
| CVE-1999-0477 | 1 Allaire | 1 Coldfusion Server | 2008-09-05 | 7.5 HIGH | N/A |
| The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly. | |||||
| CVE-1999-0730 | 1 Debian | 1 Debian Linux | 2008-09-05 | 10.0 HIGH | N/A |
| The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack. | |||||
| CVE-1999-0577 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 10.0 HIGH | N/A |
| A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. | |||||
| CVE-1999-0578 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 4.6 MEDIUM | N/A |
| A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. | |||||
| CVE-1999-0400 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 4.6 MEDIUM | N/A |
| Denial of service in Linux 2.2.0 running the ldd command on a core file. | |||||