Total
29308 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-1024 | 1 Lbl | 1 Tcpdump | 2024-11-20 | 7.5 HIGH | N/A |
ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a denial of service via a packet with a zero length header, which causes an infinite loop and core dump when tcpdump prints the packet. | |||||
CVE-1999-1023 | 1 Sun | 1 Sunos | 2024-11-20 | 4.6 MEDIUM | N/A |
useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired. | |||||
CVE-1999-1022 | 1 Sgi | 1 Irix | 2024-11-20 | 6.2 MEDIUM | N/A |
serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program. | |||||
CVE-1999-1021 | 1 Sun | 1 Sunos | 2024-11-20 | 7.2 HIGH | N/A |
NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade. | |||||
CVE-1999-1020 | 1 Novell | 1 Netware | 2024-11-20 | 7.5 HIGH | N/A |
The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE. | |||||
CVE-1999-1019 | 1 Cabletron | 1 Spectrum Enterprise Manager | 2024-11-20 | 7.2 HIGH | N/A |
SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable (processd) with a Trojan horse, facilitating a root or Administrator compromise. | |||||
CVE-1999-1018 | 1 Linux | 1 Linux Kernel | 2024-11-20 | 7.5 HIGH | N/A |
IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets. | |||||
CVE-1999-1017 | 1 Seattle Lab Software | 1 Emurl | 2024-11-20 | 7.5 HIGH | N/A |
Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message. | |||||
CVE-1999-1016 | 2 Microsoft, Qualcomm | 4 Frontpage, Internet Explorer, Outlook Express and 1 more | 2024-11-20 | 5.0 MEDIUM | N/A |
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell. | |||||
CVE-1999-1015 | 1 Apple | 1 Appleshare Mail Server | 2024-11-20 | 5.0 MEDIUM | N/A |
Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command. | |||||
CVE-1999-1014 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 4.6 MEDIUM | N/A |
Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. | |||||
CVE-1999-1013 | 1 Ibm | 1 Aix | 2024-11-20 | 7.2 HIGH | N/A |
named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group to overwrite system files to gain root access via the -f parameter and a malformed zone file. | |||||
CVE-1999-1012 | 1 Lotus | 1 Domino | 2024-11-20 | 5.0 MEDIUM | N/A |
SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string. | |||||
CVE-1999-1010 | 1 Openbsd | 1 Openssh | 2024-11-20 | 2.1 LOW | N/A |
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy. | |||||
CVE-1999-1009 | 1 Disney | 1 Go Express Search | 2024-11-20 | 2.6 LOW | N/A |
The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system. | |||||
CVE-1999-1008 | 2 Freebsd, Mandrakesoft | 2 Freebsd, Mandrake Linux | 2024-11-20 | 7.2 HIGH | N/A |
xsoldier program allows local users to gain root access via a long argument. | |||||
CVE-1999-1007 | 1 Vdonet | 1 Vdolive Player | 2024-11-20 | 7.6 HIGH | N/A |
Buffer overflow in VDO Live Player allows remote attackers to execute commands on the VDO client via a malformed .vdo file. | |||||
CVE-1999-1006 | 1 Novell | 1 Groupwise | 2024-11-20 | 5.0 MEDIUM | N/A |
Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter. | |||||
CVE-1999-1005 | 2 Netscape, Novell | 2 Enterprise Server, Groupwise | 2024-11-20 | 5.0 MEDIUM | N/A |
Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter. | |||||
CVE-1999-1004 | 1 Symantec | 1 Norton Antivirus | 2024-11-20 | 5.0 MEDIUM | N/A |
Buffer overflow in the POP server POProxy for the Norton Anti-Virus protection NAV2000 program via a large USER command. |