Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0206 | 1 Eric Allman | 1 Sendmail | 2008-09-09 | 10.0 HIGH | N/A |
| MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. | |||||
| CVE-1999-0205 | 1 Eric Allman | 1 Sendmail | 2008-09-09 | 5.0 MEDIUM | N/A |
| Denial of service in Sendmail 8.6.11 and 8.6.12. | |||||
| CVE-1999-0204 | 1 Eric Allman | 1 Sendmail | 2008-09-09 | 10.0 HIGH | N/A |
| Sendmail 8.6.9 allows remote attackers to execute root commands, using ident. | |||||
| CVE-1999-0203 | 1 Eric Allman | 1 Sendmail | 2008-09-09 | 10.0 HIGH | N/A |
| In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program. | |||||
| CVE-1999-0201 | 1 Ftp | 1 Ftp | 2008-09-09 | 6.4 MEDIUM | N/A |
| A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user. | |||||
| CVE-1999-0522 | 2008-09-09 | 7.2 HIGH | N/A | ||
| The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate. | |||||
| CVE-1999-0131 | 8 Bsdi, Digital, Eric Allman and 5 more | 9 Bsd Os, Osf 1, Sendmail and 6 more | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. | |||||
| CVE-1999-0186 | 1 Sun | 1 Solaris | 2008-09-09 | 10.0 HIGH | N/A |
| In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. | |||||
| CVE-1999-0184 | 1 Isc | 1 Bind | 2008-09-09 | 6.4 MEDIUM | N/A |
| When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records. | |||||
| CVE-1999-0183 | 2 Linux, Tftp | 2 Linux Kernel, Tftp | 2008-09-09 | 6.4 MEDIUM | N/A |
| Linux implementations of TFTP would allow access to files outside the restricted directory. | |||||
| CVE-1999-0182 | 1 Samba | 1 Samba | 2008-09-09 | 10.0 HIGH | N/A |
| Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password. | |||||
| CVE-1999-0181 | 1 Rpc.walld | 1 Rpc.walld | 2008-09-09 | 6.8 MEDIUM | N/A |
| The wall daemon can be used for denial of service, social engineering attacks, or to execute remote commands. | |||||
| CVE-1999-0180 | 2008-09-09 | 7.5 HIGH | N/A | ||
| in.rshd allows users to login with a NULL username and execute commands. | |||||
| CVE-1999-0177 | 1 Oreilly | 1 Website | 2008-09-09 | 7.5 HIGH | N/A |
| The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs. | |||||
| CVE-1999-0176 | 1 Webgais Development Team | 1 Webgais | 2008-09-09 | 7.5 HIGH | N/A |
| The Webgais program allows a remote user to execute arbitrary commands. | |||||
| CVE-1999-0175 | 1 Novell | 1 Web Server | 2008-09-09 | 5.0 MEDIUM | N/A |
| The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server. | |||||
| CVE-1999-0174 | 1 Netscape | 1 Communicator | 2008-09-09 | 6.4 MEDIUM | N/A |
| The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-1999-0173 | 1 Matt Wright | 1 Formmail | 2008-09-09 | 5.0 MEDIUM | N/A |
| FormMail CGI program can be used by web servers other than the host server that the program resides on. | |||||
| CVE-1999-0172 | 1 Matt Wright | 1 Formmail | 2008-09-09 | 7.5 HIGH | N/A |
| FormMail CGI program allows remote execution of commands. | |||||
| CVE-1999-0171 | 1 Linux | 1 Linux Kernel | 2008-09-09 | 2.1 LOW | N/A |
| Denial of service in syslog by sending it a large number of superfluous messages. | |||||
| CVE-1999-0170 | 1 Digital | 1 Ultrix | 2008-09-09 | 7.5 HIGH | N/A |
| Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list. | |||||
| CVE-1999-0169 | 1 Sun | 1 Nfs | 2008-09-09 | 10.0 HIGH | N/A |
| NFS allows attackers to read and write any file on the system by specifying a false UID. | |||||
| CVE-1999-0168 | 1 Sun | 1 Sunos | 2008-09-09 | 7.5 HIGH | N/A |
| The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. | |||||
| CVE-1999-0167 | 1 Sun | 1 Sunos | 2008-09-09 | 4.6 MEDIUM | N/A |
| In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. | |||||
| CVE-1999-0166 | 1 Sun | 1 Nfs | 2008-09-09 | 5.0 MEDIUM | N/A |
| NFS allows users to use a "cd .." command to access other directories besides the exported file system. | |||||
| CVE-1999-0164 | 1 Sun | 1 Sunos | 2008-09-09 | 6.2 MEDIUM | N/A |
| A race condition in the Solaris ps command allows an attacker to overwrite critical files. | |||||
| CVE-1999-0163 | 1 Eric Allman | 1 Sendmail | 2008-09-09 | 7.2 HIGH | N/A |
| In older versions of Sendmail, an attacker could use a pipe character to execute root commands. | |||||
| CVE-1999-0162 | 1 Cisco | 1 Ios | 2008-09-09 | 5.0 MEDIUM | N/A |
| The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. | |||||
| CVE-1999-0066 | 1 John S. Roberts | 1 Anyform | 2008-09-09 | 7.5 HIGH | N/A |
| AnyForm CGI remote execution. | |||||
| CVE-1999-0161 | 1 Cisco | 1 Ios | 2008-09-09 | 7.5 HIGH | N/A |
| In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering. | |||||
| CVE-1999-0160 | 1 Cisco | 1 Ios | 2008-09-09 | 7.5 HIGH | N/A |
| Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. | |||||
| CVE-1999-0159 | 1 Cisco | 1 Ios | 2008-09-09 | 5.0 MEDIUM | N/A |
| Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases. | |||||
| CVE-1999-0156 | 1 Washington University | 1 Wu-ftpd | 2008-09-09 | 4.6 MEDIUM | N/A |
| wu-ftpd FTP daemon allows any user and password combination. | |||||
| CVE-1999-0064 | 1 Ibm | 1 Aix | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow in AIX lquerylv program gives root access to local users. | |||||
| CVE-1999-0155 | 1 Aladdin Enterprises | 1 Ghostscript | 2008-09-09 | 7.5 HIGH | N/A |
| The ghostscript command with the -dSAFER option allows remote attackers to execute commands. | |||||
| CVE-1999-0063 | 1 Cisco | 1 Ios | 2008-09-09 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. | |||||
| CVE-1999-0062 | 1 Openbsd | 1 Openbsd | 2008-09-09 | 7.2 HIGH | N/A |
| The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage. | |||||
| CVE-1999-0060 | 1 Lucent | 3 Ascend Max Router, Ascend Pipeline Router, Ascend Tnt Router | 2008-09-09 | 5.0 MEDIUM | N/A |
| Attackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool. | |||||
| CVE-1999-0058 | 1 Php | 1 Php | 2008-09-09 | 7.5 HIGH | N/A |
| Buffer overflow in PHP cgi program, php.cgi allows shell access. | |||||
| CVE-1999-0153 | 2 Microsoft, Sco | 4 Windows 2000, Windows 95, Windows Nt and 1 more | 2008-09-09 | 5.0 MEDIUM | N/A |
| Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. | |||||
| CVE-1999-0057 | 5 Eric Allman, Freebsd, Hp and 2 more | 7 Vacation, Freebsd, Hp-ux and 4 more | 2008-09-09 | 7.5 HIGH | N/A |
| Vacation program allows command execution by remote users through a sendmail command. | |||||
| CVE-1999-0061 | 4 Bsdi, Freebsd, Linux and 1 more | 4 Bsd Os, Freebsd, Linux Kernel and 1 more | 2008-09-09 | 5.1 MEDIUM | N/A |
| File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). | |||||
| CVE-1999-0152 | 1 Data General | 1 Dg Ux | 2008-09-09 | 7.5 HIGH | N/A |
| The DG/UX finger daemon allows remote command execution through shell metacharacters. | |||||
| CVE-1999-0151 | 1 Satan | 1 Satan | 2008-09-09 | 7.6 HIGH | N/A |
| The SATAN session key may be disclosed if the user points the web browser to other sites, possibly allowing root access. | |||||
| CVE-1999-0150 | 1 Gnu | 1 Fingerd | 2008-09-09 | 7.5 HIGH | N/A |
| The Perl fingerd program allows arbitrary command execution from remote users. | |||||
| CVE-1999-0050 | 1 Hp | 1 Hp-ux | 2008-09-09 | 7.2 HIGH | N/A |
| Buffer overflow in HP-UX newgrp program. | |||||
| CVE-1999-0148 | 1 Sgi | 1 Irix | 2008-09-09 | 7.5 HIGH | N/A |
| The handler CGI program in IRIX allows arbitrary command execution. | |||||
| CVE-1999-0147 | 1 University Of Arizona | 2 Glimpse Http, Webglimpse | 2008-09-09 | 7.5 HIGH | N/A |
| The aglimpse CGI program of the Glimpse package allows remote execution of arbitrary commands. | |||||
| CVE-1999-0049 | 1 Sgi | 1 Irix | 2008-09-09 | 7.2 HIGH | N/A |
| Csetup under IRIX allows arbitrary file creation or overwriting. | |||||
| CVE-1999-0142 | 2 Netscape, Sun | 2 Navigator, Java | 2008-09-09 | 7.5 HIGH | N/A |
| The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts. | |||||