|
258851
|
5.0 |
MEDIUM
|
mirabilis
|
icq_web_front
|
ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists ("4…
|
NVD-CWE-Other
|
CVE-1999-1418
|
2008-09-6 05:19 |
1999-05-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258852
|
6.2 |
MEDIUM
|
sun
|
solstice_adminsuite
|
Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table e…
|
NVD-CWE-Other
|
CVE-1999-1424
|
2008-09-6 05:19 |
1997-11-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258853
|
6.2 |
MEDIUM
|
sun
|
solstice_adminsuite
|
Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links when updating an NIS database, which allows local users to overwrite arbitrary files.
|
NVD-CWE-Other
|
CVE-1999-1426
|
2008-09-6 05:19 |
1997-11-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258854
|
6.2 |
MEDIUM
|
sun
|
solstice_adminsuite
|
Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 create lock files insecurely, which allows local users to gain root privileges.
|
NVD-CWE-Other
|
CVE-1999-1427
|
2008-09-6 05:19 |
1997-11-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258855
|
6.2 |
MEDIUM
|
sun
|
solstice_adminsuite
|
Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local users to gain privileges via the save option in the Database Manager, which is running with setgid bin privileges.
|
NVD-CWE-Other
|
CVE-1999-1428
|
2008-09-6 05:19 |
1997-11-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258856
|
7.2 |
HIGH
|
sun
|
sunos
|
Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local users to gain root privileges via certain command line arguments.
|
NVD-CWE-Other
|
CVE-1999-1438
|
2008-09-6 05:19 |
1991-02-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258857
|
2.1 |
LOW
|
sun
|
sunos
|
SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device.
|
NVD-CWE-Other
|
CVE-1999-1449
|
2008-09-6 05:19 |
1997-05-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258858
|
7.5 |
HIGH
|
cisco
|
ios
|
Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enab…
|
NVD-CWE-Other
|
CVE-1999-1466
|
2008-09-6 05:19 |
1992-12-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258859
|
7.2 |
HIGH
|
bsd
|
bsd
|
Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field.
|
NVD-CWE-Other
|
CVE-1999-1471
|
2008-09-6 05:19 |
1989-01-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258860
|
4.6 |
MEDIUM
|
proftpd_project
|
proftpd
|
ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last com…
|
NVD-CWE-Other
|
CVE-1999-1475
|
2008-09-6 05:19 |
1999-11-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258861
|
1.2 |
LOW
|
ibm
|
aix
|
(1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack.
|
NVD-CWE-Other
|
CVE-1999-1480
|
2008-09-6 05:19 |
1998-06-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258862
|
4.6 |
MEDIUM
|
svgalib
|
svgalib
|
Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
|
NVD-CWE-Other
|
CVE-1999-1483
|
2008-09-6 05:19 |
1997-06-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258863
|
7.2 |
HIGH
|
ibm
|
aix
|
Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system.
|
NVD-CWE-Other
|
CVE-1999-1487
|
2008-09-6 05:19 |
1998-01-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258864
|
5.0 |
MEDIUM
|
ibm
|
system_data_repository
|
sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication.
|
NVD-CWE-Other
|
CVE-1999-1488
|
2008-09-6 05:19 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258865
|
7.2 |
HIGH
|
slackware
|
slackware_linux
|
Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument.
|
NVD-CWE-Other
|
CVE-1999-1489
|
2008-09-6 05:19 |
1997-03-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258866
|
7.2 |
HIGH
|
ipswitch
|
imail
|
Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts.
|
NVD-CWE-Other
|
CVE-1999-1497
|
2008-09-6 05:19 |
1999-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258867
|
3.6 |
LOW
|
slackware
|
slackware_linux
|
Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.
|
NVD-CWE-Other
|
CVE-1999-1498
|
2008-09-6 05:19 |
1998-04-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258868
|
2.1 |
LOW
|
isc
|
bind
|
named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used.
|
NVD-CWE-Other
|
CVE-1999-1499
|
2008-09-6 05:19 |
1998-04-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258869
|
5.0 |
MEDIUM
|
nfr
|
nfr
|
Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field.
|
NVD-CWE-Other
|
CVE-1999-1503
|
2008-09-6 05:19 |
1998-04-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258870
|
5.0 |
MEDIUM
|
stalker
|
stalker_internet_mail_server
|
Stalker Internet Mail Server 1.6 allows a remote attacker to cause a denial of service (crash) via a long HELO command.
|
NVD-CWE-Other
|
CVE-1999-1504
|
2008-09-6 05:19 |
1998-04-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258871
|
7.5 |
HIGH
|
sun
|
sunos
|
Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.
|
NVD-CWE-Other
|
CVE-1999-1506
|
2008-09-6 05:19 |
1990-01-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258872
|
2.1 |
LOW
|
sgi
|
irix
|
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.
|
NVD-CWE-Other
|
CVE-1999-1554
|
2008-09-6 05:19 |
1990-10-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258873
|
7.5 |
HIGH
|
digital
|
digital_openvms
digital_openvms_axp
|
Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled.
|
NVD-CWE-Other
|
CVE-1999-1558
|
2008-09-6 05:19 |
1998-07-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258874
|
7.2 |
HIGH
|
nullsoft
|
shoutcast_server
|
Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server.
|
NVD-CWE-Other
|
CVE-1999-1561
|
2008-09-6 05:19 |
1999-08-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258875
|
4.6 |
MEDIUM
|
gftp
|
ftp_client
|
gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file.
|
NVD-CWE-Other
|
CVE-1999-1562
|
2008-09-6 05:19 |
1999-09-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258876
|
5.0 |
MEDIUM
|
nachuatec
|
d435
d445
|
Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm.
|
NVD-CWE-Other
|
CVE-1999-1563
|
2008-09-6 05:19 |
2000-10-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258877
|
2.1 |
LOW
|
freebsd
|
freebsd
|
FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes.
|
NVD-CWE-Other
|
CVE-1999-1564
|
2008-09-6 05:19 |
1999-09-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258878
|
4.6 |
MEDIUM
|
earl_hood
debian
|
man2html
debian_linux
|
Man2html 2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
|
NVD-CWE-Other
|
CVE-1999-1565
|
2008-09-6 05:19 |
1999-08-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258879
|
5.0 |
MEDIUM
|
intel
|
iparty
|
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
|
NVD-CWE-Other
|
CVE-1999-1566
|
2008-09-6 05:19 |
1999-05-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258880
|
7.2 |
HIGH
|
sendmail
sun
|
sendmail
sunos
|
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passin…
|
NVD-CWE-Other
|
CVE-1999-1580
|
2008-09-6 05:19 |
1995-08-23 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258881
|
10.0 |
HIGH
|
sun
|
openwindows
sunos
|
Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root pr…
|
NVD-CWE-Other
|
CVE-1999-1584
|
2008-09-6 05:19 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258882
|
10.0 |
HIGH
|
sun
|
solaris
|
Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka Sys…
|
NVD-CWE-Other
|
CVE-1999-1588
|
2008-09-6 05:19 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258883
|
3.5 |
LOW
|
wwwcount
|
wwwcount
|
Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote attackers to read arbitrary GIF files via ".." sequences in the image parameter, a different vulnerabili…
|
NVD-CWE-Other
|
CVE-1999-1590
|
2008-09-6 05:19 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258884
|
7.5 |
HIGH
|
microsoft
|
internet_information_server
visual_interdev
|
Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote atta…
|
NVD-CWE-Other
|
CVE-1999-1591
|
2008-09-6 05:19 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258885
|
7.5 |
HIGH
|
sendmail
|
sendmail
|
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.
|
NVD-CWE-Other
|
CVE-1999-1592
|
2008-09-6 05:19 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258886
|
7.5 |
HIGH
|
allaire
|
coldfusion_server
|
Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls.
|
NVD-CWE-Other
|
CVE-1999-0923
|
2008-09-6 05:18 |
2001-03-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258887
|
10.0 |
HIGH
|
apache
|
http_server
|
Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
|
NVD-CWE-Other
|
CVE-1999-0926
|
2008-09-6 05:18 |
1999-09-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258888
|
10.0 |
HIGH
|
hp
|
vvos
|
HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP).
|
NVD-CWE-Other
|
CVE-1999-0992
|
2008-09-6 05:18 |
2000-01-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258889
|
7.5 |
HIGH
|
millenux_gmbh
university_of_washington
redhat
|
anonftp
wu-ftpd
linux
|
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
|
NVD-CWE-Other
|
CVE-1999-0997
|
2008-09-6 05:18 |
1999-12-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258890
|
5.0 |
MEDIUM
|
lotus
|
domino
|
SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string.
|
NVD-CWE-Other
|
CVE-1999-1012
|
2008-09-6 05:18 |
1999-05-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258891
|
1.2 |
LOW
|
cisco
|
resource_manager
|
Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community st…
|
NVD-CWE-Other
|
CVE-1999-1042
|
2008-09-6 05:18 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258892
|
5.0 |
MEDIUM
|
matt_wright
|
formhandler.cgi
|
Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to…
|
NVD-CWE-Other
|
CVE-1999-1051
|
2008-09-6 05:18 |
1999-11-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258893
|
7.5 |
HIGH
|
apache
matt_wright
|
http_server
matt_wright_guestbook
|
guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1…
|
NVD-CWE-Other
|
CVE-1999-1053
|
2008-09-6 05:18 |
1999-09-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258894
|
4.6 |
MEDIUM
|
digital
|
vms
|
VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command.
|
NVD-CWE-Other
|
CVE-1999-1057
|
2008-09-6 05:18 |
1990-10-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258895
|
10.0 |
HIGH
|
att
|
svr4
|
Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands.
|
NVD-CWE-Other
|
CVE-1999-1059
|
2008-09-6 05:18 |
1992-02-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258896
|
5.0 |
MEDIUM
|
xylogics
|
annex
|
Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.
|
NVD-CWE-Other
|
CVE-1999-1070
|
2008-09-6 05:18 |
1998-07-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258897
|
7.5 |
HIGH
|
ipswitch
|
ws_ftp_pro
|
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.
|
NVD-CWE-Other
|
CVE-1999-1078
|
2008-09-6 05:18 |
1999-07-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258898
|
5.0 |
MEDIUM
|
bsd
|
bsd
|
Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing.
|
NVD-CWE-Other
|
CVE-1999-1098
|
2008-09-6 05:18 |
1995-03-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258899
|
2.1 |
LOW
|
sgi
apple
bsd
sun
|
irix
a_ux
bsd
sunos
|
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000…
|
NVD-CWE-Other
|
CVE-1999-1102
|
2008-09-6 05:18 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258900
|
4.6 |
MEDIUM
|
digital
|
osf_1
|
dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter.
|
NVD-CWE-Other
|
CVE-1999-1103
|
2008-09-6 05:18 |
1996-04-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
