Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1216 | 1 Cisco | 1 Router | 2017-12-19 | 7.5 HIGH | N/A |
| Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command. | |||||
| CVE-1999-1218 | 1 Commodore | 1 Amiga Unix | 2017-12-19 | 2.1 LOW | N/A |
| Vulnerability in finger in Commodore Amiga UNIX 2.1p2a and earlier allows local users to read arbitrary files. | |||||
| CVE-1999-1220 | 1 Great Circle Associates | 1 Majordomo | 2017-12-19 | 7.5 HIGH | N/A |
| Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header. | |||||
| CVE-1999-1221 | 1 Digital | 1 Unix | 2017-12-19 | 2.1 LOW | N/A |
| dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file. | |||||
| CVE-1999-1224 | 1 University Of Washington | 1 Imapd | 2017-12-19 | 3.6 LOW | N/A |
| IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information. | |||||
| CVE-1999-1225 | 5 Digital, Linux, Netbsd and 2 more | 5 Ultrix, Linux Kernel, Netbsd and 2 more | 2017-12-19 | 5.0 MEDIUM | N/A |
| rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not. | |||||
| CVE-1999-1227 | 1 Ethereal Group | 1 Ethereal | 2017-12-19 | 7.2 HIGH | N/A |
| Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file. | |||||
| CVE-1999-1228 | 3 Diamond, Logicode, Us Robotics | 3 Supra, Quicktel, Us Robotics | 2017-12-19 | 7.5 HIGH | N/A |
| Various modems that do not implement a guard time, or are configured with a guard time of 0, can allow remote attackers to execute arbitrary modem commands such as ATH, ATH0, etc., via a "+++" sequence that appears in ICMP packets, the subject of an e-mail message, IRC commands, and others. | |||||
| CVE-1999-1229 | 1 Id Software | 1 Quake 2 Server | 2017-12-19 | 2.1 LOW | N/A |
| Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file. | |||||
| CVE-1999-1230 | 1 Id Software | 1 Quake 2 | 2017-12-19 | 5.0 MEDIUM | N/A |
| Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself. | |||||
| CVE-1999-1231 | 1 Ssh | 1 Ssh2 | 2017-12-19 | 5.0 MEDIUM | N/A |
| ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote attackers to determine user account names on the server. | |||||
| CVE-1999-1232 | 1 Sgi | 1 Irix | 2017-12-19 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program. | |||||
| CVE-1999-1234 | 1 Microsoft | 1 Windows Nt | 2017-12-19 | 5.0 MEDIUM | N/A |
| LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo. | |||||
| CVE-1999-1236 | 1 True North | 1 Internet Anywhere Mail Server | 2017-12-19 | 4.6 MEDIUM | N/A |
| Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf. | |||||
| CVE-1999-1238 | 1 Hp | 1 Hp-ux | 2017-12-19 | 4.6 MEDIUM | N/A |
| Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 and earlier allows local users to gain privileges. | |||||
| CVE-1999-1239 | 1 Hp | 1 Hp-ux | 2017-12-19 | 4.6 MEDIUM | N/A |
| HP-UX 9.x does not properly enable the Xauthority mechanism in certain conditions, which could allow local users to access the X display even when they have not explicitly been authorized to do so. | |||||
| CVE-1999-1240 | 1 Gracenote | 1 Cddbd | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message. | |||||
| CVE-1999-1242 | 1 Hp | 1 Hp-ux | 2017-12-19 | 4.6 MEDIUM | N/A |
| Vulnerability in subnetconfig in HP-UX 9.01 and 9.0 allows local users to gain privileges. | |||||
| CVE-1999-1244 | 1 Darren Reed | 1 Ipfilter | 2017-12-19 | 7.2 HIGH | N/A |
| IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file. | |||||
| CVE-1999-1245 | 1 Ucd-snmp | 1 Ucd-snmp | 2017-12-19 | 5.0 MEDIUM | N/A |
| vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote attackers to obtain sensitive information. | |||||
| CVE-1999-1247 | 1 Hp | 1 Hp-ux | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges. | |||||
| CVE-1999-1248 | 1 Hp | 1 Hp-ux | 2017-12-19 | 4.6 MEDIUM | N/A |
| Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges. | |||||
| CVE-1999-1250 | 1 Blue World Communications | 1 Lasso Cgi | 2017-12-19 | 5.0 MEDIUM | N/A |
| Vulnerability in CGI program in the Lasso application by Blue World, as used on WebSTAR and other servers, allows remote attackers to read arbitrary files. | |||||
| CVE-1999-1251 | 1 Hp | 1 Hp-ux | 2017-12-19 | 2.1 LOW | N/A |
| Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service. | |||||
| CVE-1999-1252 | 1 Sco | 1 Unixware | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges. | |||||
| CVE-1999-1253 | 1 Sco | 2 Internet Faststart, Openserver | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in a kernel error handling routine in SCO OpenServer 5.0.2 and earlier, and SCO Internet FastStart 1.0, allows local users to gain root privileges. | |||||
| CVE-1999-1254 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2017-12-19 | 5.0 MEDIUM | N/A |
| Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables. | |||||
| CVE-1999-1255 | 1 Ccs Network | 1 Hyperseek Search Engine | 2017-12-19 | 5.0 MEDIUM | N/A |
| Hyperseek allows remote attackers to modify the hyperseek configuration by directly calling the admin.cgi program with an edit_file action parameter. | |||||
| CVE-1999-1256 | 1 Oracle | 1 Database Assistant | 2017-12-19 | 4.6 MEDIUM | N/A |
| Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition stores the database master password in plaintext in the spoolmain.log file when a new database is created, which allows local users to obtain the password from that file. | |||||
| CVE-1999-1257 | 1 Xyplex | 1 Maxserver Xyplex Terminal Server | 2017-12-19 | 7.5 HIGH | N/A |
| Xyplex terminal server 6.0.1S1, and possibly other versions, allows remote attackers to bypass the password prompt by entering (1) a CTRL-Z character, or (2) a ? (question mark). | |||||
| CVE-1999-1260 | 1 Hughes | 1 Msql | 2017-12-19 | 7.5 HIGH | N/A |
| mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive server information such as logged users, database names, and server version via the ServerStats query. | |||||
| CVE-1999-1261 | 1 Metamail Corporation | 1 Metamail | 2017-12-19 | 5.0 MEDIUM | N/A |
| Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command. | |||||
| CVE-1999-1266 | 1 Metamail Corporation | 1 Metamail | 2017-12-19 | 5.0 MEDIUM | N/A |
| rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system. | |||||
| CVE-1999-1267 | 1 Kde | 1 Kde | 2017-12-19 | 5.0 MEDIUM | N/A |
| KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server. | |||||
| CVE-1999-1268 | 1 Kde | 1 Kde | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices. | |||||
| CVE-1999-1269 | 1 Kde | 1 Kde Beta 3 | 2017-12-19 | 2.1 LOW | N/A |
| Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file. | |||||
| CVE-1999-1270 | 1 Kde | 1 Kde | 2017-12-19 | 4.6 MEDIUM | N/A |
| KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps. | |||||
| CVE-1999-1271 | 1 Macromedia | 1 Dreamweaver | 2017-12-19 | 2.1 LOW | N/A |
| Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users. | |||||
| CVE-1999-1272 | 1 Sgi | 1 Irix | 2017-12-19 | 7.2 HIGH | N/A |
| Buffer overflows in CDROM Confidence Test program (cdrom) allow local users to gain root privileges. | |||||
| CVE-1999-1273 | 1 National Science Foundation | 1 Squid Web Proxy | 2017-12-19 | 7.5 HIGH | N/A |
| Squid Internet Object Cache 1.1.20 allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences. | |||||
| CVE-1999-1274 | 1 Ipass | 1 Roamserver | 2017-12-19 | 6.4 MEDIUM | N/A |
| iPass RoamServer 3.1 creates temporary files with world-writable permissions. | |||||
| CVE-1999-1275 | 1 Ibm | 1 Lotus Cc Mail | 2017-12-19 | 4.6 MEDIUM | N/A |
| Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges. | |||||
| CVE-1999-1277 | 1 Backweb Technologies | 1 Backweb Client | 2017-12-19 | 4.6 MEDIUM | N/A |
| BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password. | |||||
| CVE-1999-1278 | 1 Nlog | 1 Nlog | 2017-12-19 | 7.5 HIGH | N/A |
| nlog CGI scripts do not properly filter shell metacharacters from the IP address argument, which could allow remote attackers to execute certain commands via (1) nlog-smb.pl or (2) rpc-nlog.pl. | |||||
| CVE-1999-1280 | 1 Hummingbird | 1 Exceed | 2017-12-19 | 7.5 HIGH | N/A |
| Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant for development and testing, which logs user names and passwords in cleartext in the test.log file. | |||||
| CVE-1999-1281 | 1 Winddance Networks Corporation | 1 Breeze Network Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Development version of Breeze Network Server allows remote attackers to cause the system to reboot by accessing the configbreeze CGI program. | |||||
| CVE-1999-1282 | 1 Realnetworks | 1 Realsystem G2 Server | 2017-12-19 | 4.6 MEDIUM | N/A |
| RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. | |||||
| CVE-1999-1283 | 1 Opera Software | 1 Opera Web Browser | 2017-12-19 | 5.0 MEDIUM | N/A |
| Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag. | |||||
| CVE-1999-1285 | 1 Linux | 1 Linux Kernel | 2017-12-19 | 2.1 LOW | N/A |
| Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed. | |||||
| CVE-1999-1286 | 1 Sgi | 1 Irix | 2017-12-19 | 7.2 HIGH | N/A |
| addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file. | |||||