Vulnerabilities (CVE)

CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-1321 1 Mit 1 Kerberos 2008-09-05 7.5 HIGH N/A
Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing.
CVE-1999-1301 1 Freebsd 1 Freebsd 2008-09-05 7.5 HIGH N/A
A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly other programs.
CVE-1999-1300 1 Cray 1 Unicos 2008-09-05 3.6 LOW N/A
Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users to read arbitrary files and modify system accounting configuration.
CVE-1999-1591 1 Microsoft 2 Internet Information Server, Visual Interdev 2008-09-05 7.5 HIGH N/A
Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0.
CVE-1999-1590 1 Wwwcount 1 Wwwcount 2008-09-05 3.5 LOW N/A
Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerability than CVE-1999-0021.
CVE-1999-1588 1 Sun 1 Solaris 2008-09-05 10.0 HIGH N/A
Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766.
CVE-1999-1359 1 Microsoft 1 Windows Nt 2008-09-05 7.5 HIGH N/A
When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies.
CVE-1999-1358 1 Microsoft 2 Windows 2000, Windows Nt 2008-09-05 4.6 MEDIUM N/A
When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only.
CVE-1999-1390 1 Debian 1 Debian Linux 2008-09-05 7.2 HIGH N/A
suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line.
CVE-1999-1364 1 Microsoft 1 Windows Nt 2008-09-05 2.1 LOW N/A
Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.
CVE-1999-1377 1 Matt Wright 1 Download.cgi 2008-09-05 5.0 MEDIUM N/A
Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.
CVE-1999-1391 1 Next 1 Next 2008-09-05 7.2 HIGH N/A
Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers allows local users to gain privileges via a combination of the npd program and weak directory permissions.
CVE-1999-1392 1 Next 2 Nex, Next 2008-09-05 7.2 HIGH N/A
Vulnerability in restore0.9 installation script in NeXT 1.0a and 1.0 allows local users to gain root privileges.
CVE-1999-1426 1 Sun 1 Solstice Adminsuite 2008-09-05 6.2 MEDIUM N/A
Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links when updating an NIS database, which allows local users to overwrite arbitrary files.
CVE-1999-1427 1 Sun 1 Solstice Adminsuite 2008-09-05 6.2 MEDIUM N/A
Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 create lock files insecurely, which allows local users to gain root privileges.
CVE-1999-1428 1 Sun 1 Solstice Adminsuite 2008-09-05 6.2 MEDIUM N/A
Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local users to gain privileges via the save option in the Database Manager, which is running with setgid bin privileges.
CVE-1999-1306 1 Cisco 1 Ios 2008-09-05 7.5 HIGH N/A
Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.
CVE-1999-1475 1 Proftpd Project 1 Proftpd 2008-09-05 4.6 MEDIUM N/A
ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
CVE-1999-1388 1 Sun 1 Sunos 2008-09-05 6.2 MEDIUM N/A
passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.
CVE-1999-1363 1 Microsoft 1 Windows Nt 2008-09-05 2.1 LOW N/A
Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool.
CVE-1999-1487 1 Ibm 1 Aix 2008-09-05 7.2 HIGH N/A
Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system.
CVE-1999-1488 1 Ibm 1 System Data Repository 2008-09-05 5.0 MEDIUM N/A
sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication.
CVE-1999-1362 1 Microsoft 1 Windows Nt 2008-09-05 2.1 LOW N/A
Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.
CVE-1999-1360 1 Microsoft 1 Windows Nt 2008-09-05 2.1 LOW N/A
Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle.
CVE-1999-1380 1 Symantec 1 Norton Utilities 2008-09-05 5.1 MEDIUM N/A
Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0.
CVE-1999-1592 2 Sendmail, Sun 2 Sendmail, Sunos 2008-09-05 7.5 HIGH N/A
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.
CVE-1999-1489 1 Slackware 1 Slackware Linux 2008-09-05 7.2 HIGH N/A
Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument.
CVE-1999-1565 2 Debian, Earl Hood 2 Debian Linux, Man2html 2008-09-05 4.6 MEDIUM N/A
Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
CVE-1999-1566 1 Intel 1 Iparty 2008-09-05 5.0 MEDIUM N/A
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
CVE-1999-1102 4 Apple, Bsd, Sgi and 1 more 4 A Ux, Bsd, Irix and 1 more 2008-09-05 2.1 LOW N/A
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times.
CVE-1999-1190 1 Admiral Systems 1 Emailclub 2008-09-05 10.0 HIGH N/A
Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message.
CVE-1999-1181 1 Sgi 1 Irix 2008-09-05 7.2 HIGH N/A
Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges.
CVE-1999-1179 1 Sysadmin Magazine 1 Man.sh 2008-09-05 7.5 HIGH N/A
Vulnerability in man.sh CGI script, included in May 1998 issue of SysAdmin Magazine, allows remote attackers to execute arbitrary commands.
CVE-1999-1162 1 Sco 2 Open Desktop, Unix 2008-09-05 6.4 MEDIUM N/A
Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers to cause a denial of service by preventing users from being able to log into the system.
CVE-1999-1115 1 Hp 1 Apollo Domain Os 2008-09-05 7.2 HIGH N/A
Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh).
CVE-1999-1105 1 Microsoft 1 Windows 95 2008-09-05 5.0 MEDIUM N/A
Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive.
CVE-1999-1166 1 Linux 1 Linux Kernel 2008-09-05 7.2 HIGH N/A
Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.
CVE-1999-1103 1 Digital 1 Osf 1 2008-09-05 4.6 MEDIUM N/A
dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter.
CVE-1999-1078 1 Ipswitch 1 Ws Ftp Pro 2008-09-05 7.5 HIGH N/A
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.
CVE-1999-0817 1 University Of Kansas 1 Lynx 2008-09-05 10.0 HIGH N/A
Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.
CVE-1999-1070 1 Xylogics 1 Annex 2008-09-05 5.0 MEDIUM N/A
Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.
CVE-1999-1057 1 Digital 1 Vms 2008-09-05 4.6 MEDIUM N/A
VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command.
CVE-1999-1098 1 Bsd 1 Bsd 2008-09-05 5.0 MEDIUM N/A
Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing.
CVE-1999-1168 1 Iss 1 Internet Security Scanner 2008-09-05 7.2 HIGH N/A
install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file.
CVE-1999-1167 1 Third Voice 1 Third Voice Web 2008-09-05 6.4 MEDIUM N/A
Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript into an annotation.
CVE-1999-0812 1 Samba 1 Samba 2008-09-05 7.6 HIGH N/A
Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations.
CVE-1999-1059 1 Att 1 Svr4 2008-09-05 10.0 HIGH N/A
Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands.
CVE-1999-0894 1 Redhat 1 Linux 2008-09-05 10.0 HIGH N/A
Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.
CVE-1999-0926 1 Apache 1 Http Server 2008-09-05 10.0 HIGH N/A
Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
CVE-1999-1198 1 Next 1 Next 2008-09-05 7.2 HIGH N/A
BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges.