Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1215 | 1 Novell | 1 Netware | 2017-10-10 | 4.6 MEDIUM | N/A |
| LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges. | |||||
| CVE-1999-1217 | 1 Microsoft | 1 Windows Nt | 2017-10-10 | 4.6 MEDIUM | N/A |
| The PATH in Windows NT includes the current working directory (.), which could allow local users to gain privileges by placing Trojan horse programs with the same name as commonly used system programs into certain directories. | |||||
| CVE-1999-1222 | 1 Microsoft | 1 Windows Nt | 2017-10-10 | 5.0 MEDIUM | N/A |
| Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cause a denial of service (crash) by returning 0.0.0.0 as the IP address for a DNS host name lookup. | |||||
| CVE-1999-1223 | 1 Microsoft | 1 Internet Information Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| IIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which the URL contains a large number of / (forward slash) characters. | |||||
| CVE-1999-1226 | 1 Netscape | 1 Communicator | 2017-10-10 | 2.6 LOW | N/A |
| Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key. | |||||
| CVE-1999-1243 | 1 Sgi | 1 Irix | 2017-10-10 | 4.6 MEDIUM | N/A |
| SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local users to modify permissions for arbitrary files and gain privileges. | |||||
| CVE-1999-1246 | 1 Microsoft | 1 Site Server | 2017-10-10 | 7.5 HIGH | N/A |
| Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges. | |||||
| CVE-1999-1249 | 1 Hp | 1 Hp-ux | 2017-10-10 | 4.6 MEDIUM | N/A |
| movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges. | |||||
| CVE-1999-1258 | 1 Sun | 1 Sunos | 2017-10-10 | 5.0 MEDIUM | N/A |
| rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent remote access to the daemon, which allows remote attackers to obtain sensitive system information. | |||||
| CVE-1999-1259 | 1 Microsoft | 1 Office | 2017-10-10 | 2.1 LOW | N/A |
| Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information. | |||||
| CVE-1999-1262 | 1 Netscape | 1 Communicator | 2017-10-10 | 5.1 MEDIUM | N/A |
| Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities. | |||||
| CVE-1999-1263 | 1 Metamail Corporation | 1 Metamail | 2017-10-10 | 2.6 LOW | N/A |
| Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file. | |||||
| CVE-1999-1276 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2017-10-10 | 7.2 HIGH | N/A |
| fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device. | |||||
| CVE-1999-1279 | 1 Microsoft | 1 Sna Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| An interaction between the AS/400 shared folders feature and Microsoft SNA Server 3.0 and earlier allows users to view each other's folders when the users share the same Local APPC LU. | |||||
| CVE-1999-1284 | 1 Puppets Place | 1 Nukenabber | 2017-10-10 | 5.0 MEDIUM | N/A |
| NukeNabber allows remote attackers to cause a denial of service by connecting to the NukeNabber port (1080) without sending any data, which causes the CPU usage to rise to 100% from the report.exe program that is executed upon the connection. | |||||
| CVE-1999-1288 | 4 Caldera, Redhat, Samba and 1 more | 4 Openlinux, Linux, Samba and 1 more | 2017-10-10 | 4.6 MEDIUM | N/A |
| Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program. | |||||
| CVE-1999-1290 | 1 Chris Matthee | 1 Nftp | 2017-10-10 | 5.1 MEDIUM | N/A |
| Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string. | |||||
| CVE-1999-1294 | 1 Microsoft | 1 Windows Nt | 2017-10-10 | 2.1 LOW | N/A |
| Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore permissions, which are inherited by programs such as File Manager that are started from the Shortcut Bar, which could allow local users to read folders for which they do not have permission. | |||||
| CVE-1999-1309 | 1 Sendmail | 1 Sendmail | 2017-10-10 | 7.2 HIGH | N/A |
| Sendmail before 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option. | |||||
| CVE-1999-1316 | 1 Microsoft | 1 Windows Nt | 2017-10-10 | 7.5 HIGH | N/A |
| Passfilt.dll in Windows NT SP2 allows users to create a password that contains the user's name, which could make it easier for an attacker to guess. | |||||
| CVE-1999-1317 | 1 Microsoft | 1 Windows Nt | 2017-10-10 | 4.6 MEDIUM | N/A |
| Windows NT 4.0 SP4 and earlier allows local users to gain privileges by modifying the symbolic link table in the \?? object folder using a different case letter (upper or lower) to point to a different device. | |||||
| CVE-1999-1324 | 1 Dec | 1 Dec Openvms Vax | 2017-10-10 | 7.5 HIGH | N/A |
| VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or MOTIF do not properly disable access to user accounts that exceed the break-in limit threshold for failed login attempts, which makes it easier for attackers to conduct brute force password guessing. | |||||
| CVE-1999-1325 | 1 Vax Vms | 1 Sas System | 2017-10-10 | 7.2 HIGH | N/A |
| SAS System 5.18 on VAX/VMS is installed with insecure permissions for its directories and startup file, which allows local users to gain privileges. | |||||
| CVE-1999-1326 | 1 Washington University | 1 Wu-ftpd | 2017-10-10 | 5.0 MEDIUM | N/A |
| wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR (abort file transfer) command is executed during a file transfer, which causes a signal to be handled incorrectly and allows local and possibly remote attackers to read arbitrary files. | |||||
| CVE-1999-1335 | 1 Redhat | 1 Linux | 2017-10-10 | 6.4 MEDIUM | N/A |
| snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information. | |||||
| CVE-1999-1452 | 1 Microsoft | 1 Windows Nt | 2017-10-10 | 2.1 LOW | N/A |
| GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. | |||||
| CVE-1999-1455 | 1 Microsoft | 1 Windows Nt | 2017-10-10 | 7.5 HIGH | N/A |
| RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host. | |||||
| CVE-1999-1456 | 1 Thttpd | 1 Thttpd Http Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename. | |||||
| CVE-1999-1476 | 1 Intel | 2 Pentium, Pentuim | 2017-10-10 | 2.1 LOW | N/A |
| A bug in Intel Pentium processor (MMX and Overdrive) allows local users to cause a denial of service (hang) in Intel-based operating systems such as Windows NT and Windows 95, via an invalid instruction, aka the "Invalid Operand with Locked CMPXCHG8B Instruction" problem. | |||||
| CVE-1999-1478 | 1 Microsoft | 1 Internet Information Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| The Sun HotSpot Performance Engine VM allows a remote attacker to cause a denial of service on any server running HotSpot via a URL that includes the [ character. | |||||
| CVE-1999-1481 | 1 National Science Foundation | 1 Squid Web Proxy | 2017-10-10 | 5.0 MEDIUM | N/A |
| Squid 2.2.STABLE5 and below, when using external authentication, allows attackers to bypass access controls via a newline in the user/password pair. | |||||
| CVE-1999-1486 | 1 Ibm | 1 Aix | 2017-10-10 | 1.2 LOW | N/A |
| sadc in IBM AIX 4.1 through 4.3, when called from programs such as timex that are setgid adm, allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-1999-1494 | 1 Sgi | 1 Irix | 2017-10-10 | 2.1 LOW | N/A |
| colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument. | |||||
| CVE-2000-0878 | 1 Ranson Johnson | 1 Mailto Cgi Script | 2017-10-10 | 7.5 HIGH | N/A |
| The mailto CGI script allows remote attacker to execute arbitrary commands via shell metacharacters in the emailadd form field. | |||||
| CVE-2000-0883 | 1 Mandrakesoft | 1 Mandrake Linux | 2017-10-10 | 5.0 MEDIUM | N/A |
| The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory. | |||||
| CVE-2000-0892 | 2 Caldera, U Win | 2 Openlinux, U Win | 2017-10-10 | 2.6 LOW | N/A |
| Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL. | |||||
| CVE-2000-0894 | 1 Watchguard | 1 Soho Firewall | 2017-10-10 | 10.0 HIGH | N/A |
| HTTP server on the WatchGuard SOHO firewall does not properly restrict access to administrative functions such as password resets or rebooting, which allows attackers to cause a denial of service or conduct unauthorized activities. | |||||
| CVE-2000-0895 | 1 Watchguard | 1 Soho Firewall | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long GET request. | |||||
| CVE-2000-0896 | 1 Watchguard | 1 Soho Firewall | 2017-10-10 | 5.0 MEDIUM | N/A |
| WatchGuard SOHO firewall allows remote attackers to cause a denial of service via a flood of fragmented IP packets, which causes the firewall to drop connections and stop forwarding packets. | |||||
| CVE-2000-0897 | 1 Max Feoktistov | 1 Small Http Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| Small HTTP Server 2.03 and earlier allows remote attackers to cause a denial of service by repeatedly requesting a URL that references a directory that does not contain an index.html file, which consumes memory that is not released after the request is completed. | |||||
| CVE-1999-1507 | 1 Sun | 1 Sunos | 2017-10-10 | 7.2 HIGH | N/A |
| Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash. | |||||
| CVE-1999-1512 | 1 Amavis | 1 Virus Scanner | 2017-10-10 | 10.0 HIGH | N/A |
| The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attackers to execute arbitrary commands as root via an infected mail message with shell metacharacters in the reply-to field. | |||||
| CVE-1999-1520 | 1 Microsoft | 1 Site Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| A configuration problem in the Ad Server Sample directory (AdSamples) in Microsoft Site Server 3.0 allows an attacker to obtain the SITE.CSC file, which exposes sensitive SQL database information. | |||||
| CVE-1999-1535 | 1 Persits | 1 Aspupload | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in AspUpload.dll in Persits Software AspUpload before 1.4.0.2 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument in the HTTP request. | |||||
| CVE-1999-1537 | 1 Microsoft | 1 Internet Information Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the files over SSL. | |||||
| CVE-1999-1542 | 1 Redhat | 1 Linux | 2017-10-10 | 10.0 HIGH | N/A |
| RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command. | |||||
| CVE-1999-1556 | 1 Microsoft | 1 Sql Server | 2017-10-10 | 7.2 HIGH | N/A |
| Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value. | |||||
| CVE-1999-1568 | 1 Ncftpd | 1 Ncftpd Ftp Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command. | |||||
| CVE-2000-0006 | 2 Linux, Paul Kranenburg | 2 Linux Kernel, Strace | 2017-10-10 | 2.6 LOW | N/A |
| strace allows local users to read arbitrary files via memory mapped file names. | |||||
| CVE-2000-0180 | 1 Generation Terrorists Designs And Concepts | 1 Sojourn | 2017-10-10 | 5.0 MEDIUM | N/A |
| Sojourn search engine allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||