Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1232 | 1 Sgi | 1 Irix | 2017-12-19 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program. | |||||
| CVE-1999-1231 | 1 Ssh | 1 Ssh2 | 2017-12-19 | 5.0 MEDIUM | N/A |
| ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote attackers to determine user account names on the server. | |||||
| CVE-1999-1229 | 1 Id Software | 1 Quake 2 Server | 2017-12-19 | 2.1 LOW | N/A |
| Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file. | |||||
| CVE-1999-1228 | 3 Diamond, Logicode, Us Robotics | 3 Supra, Quicktel, Us Robotics | 2017-12-19 | 7.5 HIGH | N/A |
| Various modems that do not implement a guard time, or are configured with a guard time of 0, can allow remote attackers to execute arbitrary modem commands such as ATH, ATH0, etc., via a "+++" sequence that appears in ICMP packets, the subject of an e-mail message, IRC commands, and others. | |||||
| CVE-1999-1227 | 1 Ethereal Group | 1 Ethereal | 2017-12-19 | 7.2 HIGH | N/A |
| Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file. | |||||
| CVE-1999-1050 | 1 Matt Wright | 1 Formhandler.cgi | 2017-12-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template. | |||||
| CVE-1999-1046 | 1 Ipswitch | 1 Imail | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181. | |||||
| CVE-1999-1029 | 1 Ssh | 1 Ssh2 | 2017-12-19 | 7.5 HIGH | N/A |
| SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs. | |||||
| CVE-1999-1022 | 1 Sgi | 1 Irix | 2017-12-19 | 6.2 MEDIUM | N/A |
| serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program. | |||||
| CVE-1999-1020 | 1 Novell | 1 Netware | 2017-12-19 | 7.5 HIGH | N/A |
| The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE. | |||||
| CVE-2002-0405 | 1 Transsoft | 1 Broker Ftp Server | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in Transsoft Broker FTP Server 5.0 evaluation allows remote attackers to cause a denial of service and possibly execute arbitrary code via a CWD command with a large number of . (dot) characters. | |||||
| CVE-1999-0970 | 1 Omnicron | 1 Omnihttpd | 2017-12-19 | 5.0 MEDIUM | N/A |
| The OmniHTTPD visadmin.exe program allows a remote attacker to conduct a denial of service via a malformed URL which causes a large number of temporary files to be created. | |||||
| CVE-2000-0836 | 1 Broadgun Software | 1 Camshot Webcam | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in CamShot WebCam Trial2.6 allows remote attackers to execute arbitrary commands via a long Authorization header. | |||||
| CVE-2000-0531 | 2 Caldera, Redhat | 3 Openlinux, Openlinux Eserver, Linux | 2017-12-19 | 2.1 LOW | N/A |
| Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets. | |||||
| CVE-2000-0543 | 1 Pgp | 1 Certificate Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000. | |||||
| CVE-1999-0919 | 1 Motorola | 1 Motorola Cablerouter | 2017-12-19 | 10.0 HIGH | N/A |
| A memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections. | |||||
| CVE-2000-0840 | 1 Davide Libenzi | 1 Xmail | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrary commands via a long USER command. | |||||
| CVE-2000-0696 | 1 Sun | 1 Solaris Answerbook2 | 2017-12-19 | 7.5 HIGH | N/A |
| The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script. | |||||
| CVE-2000-0772 | 1 Tumbleweed | 1 Messaging Management System | 2017-12-19 | 7.5 HIGH | N/A |
| The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account "sa" with no password. | |||||
| CVE-2000-0872 | 1 Nathan Purciful | 1 Phpphotoalbum | 2017-12-19 | 5.0 MEDIUM | N/A |
| explorer.php in PhotoAlbum 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-1999-1230 | 1 Id Software | 1 Quake 2 | 2017-12-19 | 5.0 MEDIUM | N/A |
| Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself. | |||||
| CVE-1999-1220 | 1 Great Circle Associates | 1 Majordomo | 2017-12-19 | 7.5 HIGH | N/A |
| Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header. | |||||
| CVE-1999-0805 | 1 Novell | 1 Netware | 2017-12-19 | 5.0 MEDIUM | N/A |
| Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests. | |||||
| CVE-2000-0812 | 1 Sun | 1 Java System Web Server | 2017-12-19 | 10.0 HIGH | N/A |
| The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag. | |||||
| CVE-2000-0826 | 1 Mobius | 1 Documentdirect For The Internet | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in ddicgi.exe program in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long GET request. | |||||
| CVE-2000-0827 | 1 Mobius | 1 Documentdirect For The Internet | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows remote attackers to cause a denial of service or execute arbitrary commands via a long username. | |||||
| CVE-2000-0828 | 1 Mobius | 1 Documentdirect For The Internet | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long User-Agent parameter. | |||||
| CVE-2000-0832 | 1 Oscar Nierstrasz | 1 Htgrep | 2017-12-19 | 5.0 MEDIUM | N/A |
| Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname in the hdr parameter. | |||||
| CVE-1999-1539 | 1 Qpc Software | 2 Qvt Net, Qvt Term Plus | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions 4.2d and 4.3 and QVT/Net 4.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long (1) user name or (2) password. | |||||
| CVE-1999-1533 | 1 Trend Micro | 1 Interscan Viruswall | 2017-12-19 | 7.5 HIGH | N/A |
| Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause a denial of service (hang) via a long password argument to the login.htm file in its HTTP service. | |||||
| CVE-1999-1546 | 1 Ibm | 1 Navio Nc Browser | 2017-12-19 | 5.0 MEDIUM | N/A |
| netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable. | |||||
| CVE-1999-1529 | 1 Trend Micro | 1 Interscan Viruswall | 2017-12-19 | 7.5 HIGH | N/A |
| A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code. | |||||
| CVE-1999-1525 | 1 Macromedia | 1 Shockwave Flash Plugin | 2017-12-19 | 5.1 MEDIUM | N/A |
| Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie. | |||||
| CVE-2001-1068 | 1 Qualcomm | 1 Qpopper | 2017-12-19 | 5.0 MEDIUM | N/A |
| qpopper 4.01 with PAM based authentication on Red Hat systems generates different error messages when an invalid username is provided instead of a valid name, which allows remote attackers to determine valid usernames on the system. | |||||
| CVE-1999-1523 | 1 Sambar | 1 Sambar Server | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request. | |||||
| CVE-1999-1521 | 1 Computalynx | 1 Cmail | 2017-12-19 | 10.0 HIGH | N/A |
| Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server. | |||||
| CVE-1999-1541 | 1 Cactus Software | 1 Shell-lock | 2017-12-19 | 7.2 HIGH | N/A |
| shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files before they are executed, via a symlink attack on a temporary file. | |||||
| CVE-1999-1519 | 1 Gene6 | 1 G6 Ftp Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password. | |||||
| CVE-1999-1518 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2017-12-19 | 5.0 MEDIUM | N/A |
| Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults. | |||||
| CVE-1999-1515 | 1 Tenfour | 1 Tfs Gateway | 2017-12-19 | 5.0 MEDIUM | N/A |
| A non-default configuration in TenFour TFS Gateway 4.0 allows an attacker to cause a denial of service via messages with incorrect sender and recipient addresses, which causes the gateway to continuously try to return the message every 10 seconds. | |||||
| CVE-1999-1514 | 1 Celtech Software | 1 Expressfs | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in Celtech ExpressFS FTP server 2.x allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long USER command. | |||||
| CVE-1999-1551 | 1 Ipswitch | 1 Imail | 2017-12-19 | 5.0 MEDIUM | N/A |
| Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL. | |||||
| CVE-1999-1553 | 1 Xcmail | 1 Xcmail | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line. | |||||
| CVE-1999-1540 | 1 Cactus Software | 1 Shell-lock | 2017-12-19 | 2.1 LOW | N/A |
| shell-lock in Cactus Software Shell Lock uses weak encryption (trivial encoding) which allows attackers to easily decrypt and obtain the source code. | |||||
| CVE-1999-1511 | 1 Artisoft | 1 Xtramail | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2) a long HELO command in the SMTP service, or (3) a long user name in the Control Service. | |||||
| CVE-1999-1510 | 1 Bisonware | 1 Bisonware Ftp Server | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands. | |||||
| CVE-1999-1555 | 1 Cheyenne | 1 Inoculan Anti-virus Server | 2017-12-19 | 7.2 HIGH | N/A |
| Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pack 2 creates an update directory with "EVERYONE FULL CONTROL" permissions, which allows local users to cause Inoculan's antivirus update feature to install a Trojan horse dll. | |||||
| CVE-2001-1263 | 1 Pragma Systems | 1 Interaccess | 2017-12-19 | 5.0 MEDIUM | N/A |
| telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers to cause a denial of service (crash) via a large number of characters to port 23, possibly due to a buffer overflow. | |||||
| CVE-1999-1559 | 1 Alcatel | 1 Omniswitch | 2017-12-19 | 5.0 MEDIUM | N/A |
| Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time. | |||||
| CVE-1999-1526 | 1 Macromedia | 1 Shockwave Flash Plugin | 2017-12-19 | 5.0 MEDIUM | N/A |
| Auto-update feature of Macromedia Shockwave 7 transmits a user's password and hard disk information back to Macromedia. | |||||