Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1236 | 1 True North | 1 Internet Anywhere Mail Server | 2017-12-19 | 4.6 MEDIUM | N/A |
| Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf. | |||||
| CVE-1999-1238 | 1 Hp | 1 Hp-ux | 2017-12-19 | 4.6 MEDIUM | N/A |
| Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 and earlier allows local users to gain privileges. | |||||
| CVE-1999-1239 | 1 Hp | 1 Hp-ux | 2017-12-19 | 4.6 MEDIUM | N/A |
| HP-UX 9.x does not properly enable the Xauthority mechanism in certain conditions, which could allow local users to access the X display even when they have not explicitly been authorized to do so. | |||||
| CVE-1999-1240 | 1 Gracenote | 1 Cddbd | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message. | |||||
| CVE-1999-1242 | 1 Hp | 1 Hp-ux | 2017-12-19 | 4.6 MEDIUM | N/A |
| Vulnerability in subnetconfig in HP-UX 9.01 and 9.0 allows local users to gain privileges. | |||||
| CVE-1999-1244 | 1 Darren Reed | 1 Ipfilter | 2017-12-19 | 7.2 HIGH | N/A |
| IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file. | |||||
| CVE-1999-1245 | 1 Ucd-snmp | 1 Ucd-snmp | 2017-12-19 | 5.0 MEDIUM | N/A |
| vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote attackers to obtain sensitive information. | |||||
| CVE-1999-1247 | 1 Hp | 1 Hp-ux | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges. | |||||
| CVE-1999-1248 | 1 Hp | 1 Hp-ux | 2017-12-19 | 4.6 MEDIUM | N/A |
| Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges. | |||||
| CVE-1999-1250 | 1 Blue World Communications | 1 Lasso Cgi | 2017-12-19 | 5.0 MEDIUM | N/A |
| Vulnerability in CGI program in the Lasso application by Blue World, as used on WebSTAR and other servers, allows remote attackers to read arbitrary files. | |||||
| CVE-1999-1251 | 1 Hp | 1 Hp-ux | 2017-12-19 | 2.1 LOW | N/A |
| Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service. | |||||
| CVE-1999-1252 | 1 Sco | 1 Unixware | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges. | |||||
| CVE-1999-1253 | 1 Sco | 2 Internet Faststart, Openserver | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in a kernel error handling routine in SCO OpenServer 5.0.2 and earlier, and SCO Internet FastStart 1.0, allows local users to gain root privileges. | |||||
| CVE-1999-1254 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2017-12-19 | 5.0 MEDIUM | N/A |
| Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables. | |||||
| CVE-1999-1255 | 1 Ccs Network | 1 Hyperseek Search Engine | 2017-12-19 | 5.0 MEDIUM | N/A |
| Hyperseek allows remote attackers to modify the hyperseek configuration by directly calling the admin.cgi program with an edit_file action parameter. | |||||
| CVE-1999-1256 | 1 Oracle | 1 Database Assistant | 2017-12-19 | 4.6 MEDIUM | N/A |
| Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition stores the database master password in plaintext in the spoolmain.log file when a new database is created, which allows local users to obtain the password from that file. | |||||
| CVE-1999-1257 | 1 Xyplex | 1 Maxserver Xyplex Terminal Server | 2017-12-19 | 7.5 HIGH | N/A |
| Xyplex terminal server 6.0.1S1, and possibly other versions, allows remote attackers to bypass the password prompt by entering (1) a CTRL-Z character, or (2) a ? (question mark). | |||||
| CVE-1999-1260 | 1 Hughes | 1 Msql | 2017-12-19 | 7.5 HIGH | N/A |
| mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive server information such as logged users, database names, and server version via the ServerStats query. | |||||
| CVE-1999-1261 | 1 Metamail Corporation | 1 Metamail | 2017-12-19 | 5.0 MEDIUM | N/A |
| Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command. | |||||
| CVE-1999-1266 | 1 Metamail Corporation | 1 Metamail | 2017-12-19 | 5.0 MEDIUM | N/A |
| rsh daemon (rshd) generates different error messages when a valid username is provided versus an invalid name, which allows remote attackers to determine valid users on the system. | |||||
| CVE-1999-1267 | 1 Kde | 1 Kde | 2017-12-19 | 5.0 MEDIUM | N/A |
| KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server. | |||||
| CVE-1999-1268 | 1 Kde | 1 Kde | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in KDE konsole allows local users to hijack or observe sessions of other users by accessing certain devices. | |||||
| CVE-1999-1269 | 1 Kde | 1 Kde Beta 3 | 2017-12-19 | 2.1 LOW | N/A |
| Screen savers in KDE beta 3 allows local users to overwrite arbitrary files via a symlink attack on the .kss.pid file. | |||||
| CVE-1999-1270 | 1 Kde | 1 Kde | 2017-12-19 | 4.6 MEDIUM | N/A |
| KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps. | |||||
| CVE-1999-1271 | 1 Macromedia | 1 Dreamweaver | 2017-12-19 | 2.1 LOW | N/A |
| Macromedia Dreamweaver uses weak encryption to store FTP passwords, which could allow local users to easily decrypt the passwords of other users. | |||||
| CVE-1999-1272 | 1 Sgi | 1 Irix | 2017-12-19 | 7.2 HIGH | N/A |
| Buffer overflows in CDROM Confidence Test program (cdrom) allow local users to gain root privileges. | |||||
| CVE-1999-1273 | 1 National Science Foundation | 1 Squid Web Proxy | 2017-12-19 | 7.5 HIGH | N/A |
| Squid Internet Object Cache 1.1.20 allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences. | |||||
| CVE-1999-1274 | 1 Ipass | 1 Roamserver | 2017-12-19 | 6.4 MEDIUM | N/A |
| iPass RoamServer 3.1 creates temporary files with world-writable permissions. | |||||
| CVE-1999-1275 | 1 Ibm | 1 Lotus Cc Mail | 2017-12-19 | 4.6 MEDIUM | N/A |
| Lotus cc:Mail release 8 stores the postoffice password in plaintext in a hidden file which has insecure permissions, which allows local users to gain privileges. | |||||
| CVE-1999-1277 | 1 Backweb Technologies | 1 Backweb Client | 2017-12-19 | 4.6 MEDIUM | N/A |
| BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password. | |||||
| CVE-1999-1278 | 1 Nlog | 1 Nlog | 2017-12-19 | 7.5 HIGH | N/A |
| nlog CGI scripts do not properly filter shell metacharacters from the IP address argument, which could allow remote attackers to execute certain commands via (1) nlog-smb.pl or (2) rpc-nlog.pl. | |||||
| CVE-1999-1280 | 1 Hummingbird | 1 Exceed | 2017-12-19 | 7.5 HIGH | N/A |
| Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant for development and testing, which logs user names and passwords in cleartext in the test.log file. | |||||
| CVE-1999-1281 | 1 Winddance Networks Corporation | 1 Breeze Network Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Development version of Breeze Network Server allows remote attackers to cause the system to reboot by accessing the configbreeze CGI program. | |||||
| CVE-1999-1282 | 1 Realnetworks | 1 Realsystem G2 Server | 2017-12-19 | 4.6 MEDIUM | N/A |
| RealSystem G2 server stores the administrator password in cleartext in a world-readable configuration file, which allows local users to gain privileges. | |||||
| CVE-1999-1283 | 1 Opera Software | 1 Opera Web Browser | 2017-12-19 | 5.0 MEDIUM | N/A |
| Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag. | |||||
| CVE-1999-1285 | 1 Linux | 1 Linux Kernel | 2017-12-19 | 2.1 LOW | N/A |
| Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed. | |||||
| CVE-1999-1286 | 1 Sgi | 1 Irix | 2017-12-19 | 7.2 HIGH | N/A |
| addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file. | |||||
| CVE-1999-1287 | 1 Stephen Turner | 1 Analog | 2017-12-19 | 5.0 MEDIUM | N/A |
| Vulnerability in Analog 3.0 and earlier allows remote attackers to read arbitrary files via the forms interface. | |||||
| CVE-1999-1289 | 1 Mirabilis | 1 Icq | 2017-12-19 | 7.5 HIGH | N/A |
| ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network configuration. | |||||
| CVE-1999-1291 | 1 Microsoft | 2 Windows 95, Windows Nt | 2017-12-19 | 5.0 MEDIUM | N/A |
| TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target. | |||||
| CVE-1999-1292 | 1 Kolban | 1 Webcam32 | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in web administration feature of Kolban Webcam32 4.8.3 and earlier allows remote attackers to execute arbitrary commands via a long URL. | |||||
| CVE-1999-1295 | 1 Transarc | 1 Dce Distributed File System | 2017-12-19 | 4.6 MEDIUM | N/A |
| Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 does not properly initialize the grouplist for users who belong to a large number of groups, which could allow those users to gain access to resources that are protected by DFS. | |||||
| CVE-1999-1312 | 1 Dec | 2 Dec Openvms Axp, Dec Openvms Vax | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in DEC OpenVMS VAX 5.5-2 through 5.0, and OpenVMS AXP 1.0, allows local users to gain system privileges. | |||||
| CVE-1999-1313 | 1 Freebsd | 1 Freebsd | 2017-12-19 | 4.6 MEDIUM | N/A |
| Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands. | |||||
| CVE-1999-1355 | 1 Compaq | 2 Insight Management Agent, Management Agents For Servers | 2017-12-19 | 7.5 HIGH | N/A |
| BMC Patrol component, when installed with Compaq Insight Management Agent 4.23 and earlier, or Management Agents for Servers 4.40 and earlier, creates a PFCUser account with a default password and potentially dangerous privileges. | |||||
| CVE-1999-1458 | 1 Digital | 1 Unix | 2017-12-19 | 7.2 HIGH | N/A |
| Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument. | |||||
| CVE-1999-1459 | 1 Bmc | 1 Patrol Agent | 2017-12-19 | 7.2 HIGH | N/A |
| BMC PATROL Agent before 3.2.07 allows local users to gain root privileges via a symlink attack on a temporary file. | |||||
| CVE-1999-1463 | 1 Microsoft | 1 Windows Nt | 2017-12-19 | 5.0 MEDIUM | N/A |
| Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial of service (crash) by sending improperly fragmented IP packets without the first fragment, which the TCP/IP stack incorrectly reassembles into a valid session. | |||||
| CVE-1999-1464 | 1 Cisco | 1 Ios | 2017-12-19 | 7.5 HIGH | N/A |
| Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564. | |||||
| CVE-1999-1465 | 1 Cisco | 1 Ios | 2017-12-19 | 7.5 HIGH | N/A |
| Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862. | |||||