Vulnerabilities (CVE)

CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-1377 1 Matt Wright 1 Download.cgi 2008-09-05 5.0 MEDIUM N/A
Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.
CVE-1999-1380 1 Symantec 1 Norton Utilities 2008-09-05 5.1 MEDIUM N/A
Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0.
CVE-1999-1396 1 Sun 1 Sunos 2008-09-05 7.2 HIGH N/A
Vulnerability in integer multiplication emulation code on SPARC architectures for SunOS 4.1 through 4.1.2 allows local users to gain root access or cause a denial of service (crash).
CVE-1999-1415 1 Digital 1 Ultrix 2008-09-05 4.6 MEDIUM N/A
Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges.
CVE-1999-1418 1 Mirabilis 1 Icq Web Front 2008-09-05 5.0 MEDIUM N/A
ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists ("404 Forbidden") versus when a file does not exist ("404 not found").
CVE-1999-1475 1 Proftpd Project 1 Proftpd 2008-09-05 4.6 MEDIUM N/A
ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
CVE-1999-1487 1 Ibm 1 Aix 2008-09-05 7.2 HIGH N/A
Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system.
CVE-1999-1488 1 Ibm 1 System Data Repository 2008-09-05 5.0 MEDIUM N/A
sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication.
CVE-1999-1489 1 Slackware 1 Slackware Linux 2008-09-05 7.2 HIGH N/A
Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument.
CVE-1999-1554 1 Sgi 1 Irix 2008-09-05 2.1 LOW N/A
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.
CVE-1999-1580 2 Sendmail, Sun 2 Sendmail, Sunos 2008-09-05 7.2 HIGH N/A
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.
CVE-1999-1584 1 Sun 2 Openwindows, Sunos 2008-09-05 10.0 HIGH N/A
Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586.
CVE-1999-1563 1 Nachuatec 2 D435, D445 2008-09-05 5.0 MEDIUM N/A
Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm.
CVE-1999-1480 1 Ibm 1 Aix 2008-09-05 1.2 LOW N/A
(1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack.
CVE-1999-1497 1 Ipswitch 1 Imail 2008-09-05 7.2 HIGH N/A
Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts.
CVE-1999-1438 1 Sun 1 Sunos 2008-09-05 7.2 HIGH N/A
Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local users to gain root privileges via certain command line arguments.
CVE-1999-1498 1 Slackware 1 Slackware Linux 2008-09-05 3.6 LOW N/A
Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.
CVE-1999-1424 1 Sun 1 Solstice Adminsuite 2008-09-05 6.2 MEDIUM N/A
Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries.
CVE-1999-1558 1 Digital 2 Digital Openvms, Digital Openvms Axp 2008-09-05 7.5 HIGH N/A
Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled.
CVE-1999-1401 1 Sgi 1 Irix 2008-09-05 4.6 MEDIUM N/A
Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 sets insecure permissions for certain user files (iconbook and searchbook).
CVE-1999-1561 1 Nullsoft 1 Shoutcast Server 2008-09-05 7.2 HIGH N/A
Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server.
CVE-1999-1390 1 Debian 1 Debian Linux 2008-09-05 7.2 HIGH N/A
suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line.
CVE-1999-1388 1 Sun 1 Sunos 2008-09-05 6.2 MEDIUM N/A
passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.
CVE-1999-1562 1 Gftp 1 Ftp Client 2008-09-05 4.6 MEDIUM N/A
gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file.
CVE-1999-1466 1 Cisco 1 Ios 2008-09-05 7.5 HIGH N/A
Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.
CVE-1999-1588 1 Sun 1 Solaris 2008-09-05 10.0 HIGH N/A
Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766.
CVE-1999-1590 1 Wwwcount 1 Wwwcount 2008-09-05 3.5 LOW N/A
Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021.
CVE-1999-1591 1 Microsoft 2 Internet Information Server, Visual Interdev 2008-09-05 7.5 HIGH N/A
Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0.
CVE-1999-1449 1 Sun 1 Sunos 2008-09-05 2.1 LOW N/A
SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device.
CVE-1999-1098 1 Bsd 1 Bsd 2008-09-05 5.0 MEDIUM N/A
Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing.
CVE-1999-1190 1 Admiral Systems 1 Emailclub 2008-09-05 10.0 HIGH N/A
Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message.
CVE-1999-1102 4 Apple, Bsd, Sgi and 1 more 4 A Ux, Bsd, Irix and 1 more 2008-09-05 2.1 LOW N/A
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
CVE-1999-1042 1 Cisco 1 Resource Manager 2008-09-05 1.2 LOW N/A
Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings.
CVE-1999-1172 1 Maximizer 1 Maximizer Enterprise 2008-09-05 5.0 MEDIUM N/A
By design, Maximizer Enterprise 4 calendar and address book program allows arbitrary users to modify the calendar of other users when the calendar is being shared.
CVE-1999-0847 1 Freechess.org 1 Fics Program 2008-09-05 5.0 MEDIUM N/A
Buffer overflow in free internet chess server (FICS) program, xboard.
CVE-1999-0992 1 Hp 1 Vvos 2008-09-05 10.0 HIGH N/A
HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP).
CVE-1999-1181 1 Sgi 1 Irix 2008-09-05 7.2 HIGH N/A
Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges.
CVE-1999-1078 1 Ipswitch 1 Ws Ftp Pro 2008-09-05 7.5 HIGH N/A
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.
CVE-1999-1070 1 Xylogics 1 Annex 2008-09-05 5.0 MEDIUM N/A
Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.
CVE-1999-0812 1 Samba 1 Samba 2008-09-05 7.6 HIGH N/A
Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations.
CVE-1999-1053 2 Apache, Matt Wright 2 Http Server, Matt Wright Guestbook 2008-09-05 7.5 HIGH N/A
guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".
CVE-1999-0810 1 Samba 1 Samba 2008-09-05 10.0 HIGH N/A
Denial of service in Samba NETBIOS name service daemon (nmbd).
CVE-1999-1115 1 Hp 1 Apollo Domain Os 2008-09-05 7.2 HIGH N/A
Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh).
CVE-1999-1166 1 Linux 1 Linux Kernel 2008-09-05 7.2 HIGH N/A
Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.
CVE-1999-0997 3 Millenux Gmbh, Redhat, University Of Washington 3 Anonftp, Linux, Wu-ftpd 2008-09-05 7.5 HIGH N/A
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
CVE-1999-1012 1 Lotus 1 Domino 2008-09-05 5.0 MEDIUM N/A
SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string.
CVE-1999-1198 1 Next 1 Next 2008-09-05 7.2 HIGH N/A
BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges.
CVE-1999-1051 1 Matt Wright 1 Formhandler.cgi 2008-09-05 5.0 MEDIUM N/A
Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter.
CVE-1999-1197 1 Sun 1 Sunos 2008-09-05 7.2 HIGH N/A
TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a user who tries to redirect console output and input, which could allow a local user to gain privileges.
CVE-1999-1162 1 Sco 2 Open Desktop, Unix 2008-09-05 6.4 MEDIUM N/A
Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers to cause a denial of service by preventing users from being able to log into the system.