268481
|
- |
|
acushop
|
salesbuilder
|
.sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file.
|
NVD-CWE-Other
|
CVE-1999-1536
|
2016-10-18 11:05 |
1999-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268482
|
- |
|
microsoft
|
internet_information_server
|
When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensiti…
|
NVD-CWE-Other
|
CVE-1999-1538
|
2016-10-18 11:05 |
1999-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268483
|
- |
|
microsoft
|
internet_information_server
|
Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command.
|
NVD-CWE-Other
|
CVE-1999-1544
|
2016-10-18 11:05 |
1999-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268484
|
- |
|
joes_own_editor
|
joe
|
Joe's Own Editor (joe) 2.8 sets the world-readable permission on its crash-save file, DEADJOE, which could allow local users to read files that were being edited by other users.
|
NVD-CWE-Other
|
CVE-1999-1545
|
2016-10-18 11:05 |
1999-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268485
|
- |
|
oracle
|
web_listener
|
Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent.
|
CWE-20
Improper Input Validation
|
CVE-1999-1547
|
2016-10-18 11:05 |
1999-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268486
|
- |
|
microsoft
|
index_server
|
Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physic…
|
NVD-CWE-Other
|
CVE-1999-1397
|
2016-10-18 11:04 |
1999-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268487
|
- |
|
sgi
|
irix
|
Vulnerability in xfsdump in SGI IRIX may allow local users to obtain root privileges via the bck.log log file, possibly via a symlink attack.
|
NVD-CWE-Other
|
CVE-1999-1398
|
2016-10-18 11:04 |
1997-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268488
|
- |
|
sgi
|
irix
|
spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed.
|
NVD-CWE-Other
|
CVE-1999-1399
|
2016-10-18 11:04 |
1997-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268489
|
- |
|
the_economist
|
the_economist_1999_screen_saver
|
The Economist screen saver 1999 with the "Password Protected" option enabled allows users with physical access to the machine to bypass the screen saver and read files by running Internet Explorer wh…
|
NVD-CWE-Other
|
CVE-1999-1400
|
2016-10-18 11:04 |
1999-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268490
|
- |
|
ibm
|
aix
|
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users …
|
NVD-CWE-Other
|
CVE-1999-1405
|
2016-10-18 11:04 |
1999-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|