Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1176 | 2 Aaron Ledbetter, Jidentd | 2 Cidentd, Jidentd | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in cidentd ident daemon allows local users to gain root privileges via a long line in the .authlie script. | |||||
| CVE-1999-1075 | 1 Ibm | 1 Aix | 2016-10-18 | 5.0 MEDIUM | N/A |
| inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd. | |||||
| CVE-1999-1086 | 1 Novell | 1 Netware | 2016-10-18 | 10.0 HIGH | N/A |
| Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls. | |||||
| CVE-1999-1095 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2016-10-18 | 7.2 HIGH | N/A |
| sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort. | |||||
| CVE-1999-1066 | 1 Sgi | 1 Quake 1 Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smurf" style attack on another host, by spoofing the connection request. | |||||
| CVE-1999-1054 | 1 Globetrotter | 1 Flexlm | 2016-10-18 | 5.0 MEDIUM | N/A |
| The default configuration of FLEXlm license manager 6.0d, and possibly other versions, allows remote attackers to shut down the server via the lmdown command. | |||||
| CVE-1999-1036 | 1 Cops | 1 Cops | 2016-10-18 | 7.2 HIGH | N/A |
| COPS 1.04 allows local users to overwrite or create arbitrary files via a symlink attack on temporary files in (1) res_diff, (2) ca.src, and (3) mail.chk. | |||||
| CVE-1999-1005 | 2 Netscape, Novell | 2 Enterprise Server, Groupwise | 2016-10-18 | 5.0 MEDIUM | N/A |
| Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter. | |||||
| CVE-1999-1073 | 1 Excite | 1 Ews | 2016-10-18 | 7.2 HIGH | N/A |
| Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack. | |||||
| CVE-1999-1006 | 1 Novell | 1 Groupwise | 2016-10-18 | 5.0 MEDIUM | N/A |
| Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter. | |||||
| CVE-1999-1065 | 1 Palm Pilot | 1 Hotsync Manager | 2016-10-18 | 7.5 HIGH | N/A |
| Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 14238 while the manager is in network mode. | |||||
| CVE-1999-1072 | 1 Excite | 1 Ews | 2016-10-18 | 7.2 HIGH | N/A |
| Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi. | |||||
| CVE-1999-1047 | 1 Bsdi | 1 Gauntlet | 2016-10-18 | 7.5 HIGH | N/A |
| When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular order, Gauntlet allows remote attackers to bypass firewall access restrictions, and does not log the activities. | |||||
| CVE-1999-0961 | 1 Hp | 1 Hp-ux | 2016-10-18 | 6.2 MEDIUM | N/A |
| HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation. | |||||
| CVE-1999-1041 | 1 Sco | 2 Openserver, Unix | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 allows a local user to gain root access via (1) a long TERM environmental variable and (2) a long entry in the .mscreenrc file. | |||||
| CVE-1999-1038 | 1 Tamu | 1 Tiger | 2016-10-18 | 7.2 HIGH | N/A |
| Tiger 2.2.3 allows local users to overwrite arbitrary files via a symlink attack on various temporary files in Tiger's default working directory, as defined by the WORKDIR variable. | |||||
| CVE-1999-1010 | 1 Openbsd | 1 Openssh | 2016-10-18 | 2.1 LOW | N/A |
| An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy. | |||||
| CVE-1999-1060 | 1 Tetrix | 1 Tetrinet | 2016-10-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by connecting to port 31457 from a host with a long DNS hostname. | |||||
| CVE-1999-1017 | 1 Seattle Lab Software | 1 Emurl | 2016-10-18 | 7.5 HIGH | N/A |
| Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message. | |||||
| CVE-1999-1002 | 1 Netscape | 1 Communicator | 2016-10-18 | 5.0 MEDIUM | N/A |
| Netscape Navigator uses weak encryption for storing a user's Netscape mail password. | |||||