|
272901
|
7.5 |
HIGH
|
microsoft
|
internet_information_server
visual_interdev
|
Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote atta…
|
NVD-CWE-Other
|
CVE-1999-1591
|
2008-09-6 05:19 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272902
|
7.5 |
HIGH
|
sendmail
|
sendmail
|
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.
|
NVD-CWE-Other
|
CVE-1999-1592
|
2008-09-6 05:19 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272903
|
7.5 |
HIGH
|
allaire
|
coldfusion_server
|
Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls.
|
NVD-CWE-Other
|
CVE-1999-0923
|
2008-09-6 05:18 |
2001-03-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272904
|
10.0 |
HIGH
|
apache
|
http_server
|
Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
|
NVD-CWE-Other
|
CVE-1999-0926
|
2008-09-6 05:18 |
1999-09-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272905
|
10.0 |
HIGH
|
hp
|
vvos
|
HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP).
|
NVD-CWE-Other
|
CVE-1999-0992
|
2008-09-6 05:18 |
2000-01-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272906
|
7.5 |
HIGH
|
millenux_gmbh
university_of_washington
redhat
|
anonftp
wu-ftpd
linux
|
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
|
NVD-CWE-Other
|
CVE-1999-0997
|
2008-09-6 05:18 |
1999-12-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272907
|
5.0 |
MEDIUM
|
lotus
|
domino
|
SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string.
|
NVD-CWE-Other
|
CVE-1999-1012
|
2008-09-6 05:18 |
1999-05-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272908
|
1.2 |
LOW
|
cisco
|
resource_manager
|
Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community st…
|
NVD-CWE-Other
|
CVE-1999-1042
|
2008-09-6 05:18 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272909
|
5.0 |
MEDIUM
|
matt_wright
|
formhandler.cgi
|
Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to…
|
NVD-CWE-Other
|
CVE-1999-1051
|
2008-09-6 05:18 |
1999-11-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272910
|
7.5 |
HIGH
|
apache
matt_wright
|
http_server
matt_wright_guestbook
|
guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1…
|
NVD-CWE-Other
|
CVE-1999-1053
|
2008-09-6 05:18 |
1999-09-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272911
|
4.6 |
MEDIUM
|
digital
|
vms
|
VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command.
|
NVD-CWE-Other
|
CVE-1999-1057
|
2008-09-6 05:18 |
1990-10-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272912
|
10.0 |
HIGH
|
att
|
svr4
|
Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands.
|
NVD-CWE-Other
|
CVE-1999-1059
|
2008-09-6 05:18 |
1992-02-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272913
|
5.0 |
MEDIUM
|
xylogics
|
annex
|
Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.
|
NVD-CWE-Other
|
CVE-1999-1070
|
2008-09-6 05:18 |
1998-07-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272914
|
7.5 |
HIGH
|
ipswitch
|
ws_ftp_pro
|
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.
|
NVD-CWE-Other
|
CVE-1999-1078
|
2008-09-6 05:18 |
1999-07-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272915
|
5.0 |
MEDIUM
|
bsd
|
bsd
|
Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing.
|
NVD-CWE-Other
|
CVE-1999-1098
|
2008-09-6 05:18 |
1995-03-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272916
|
2.1 |
LOW
|
sgi
apple
bsd
sun
|
irix
a_ux
bsd
sunos
|
lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000…
|
NVD-CWE-Other
|
CVE-1999-1102
|
2008-09-6 05:18 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272917
|
4.6 |
MEDIUM
|
digital
|
osf_1
|
dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter.
|
NVD-CWE-Other
|
CVE-1999-1103
|
2008-09-6 05:18 |
1996-04-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272918
|
5.0 |
MEDIUM
|
microsoft
|
windows_95
|
Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary f…
|
NVD-CWE-Other
|
CVE-1999-1105
|
2008-09-6 05:18 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272919
|
7.2 |
HIGH
|
hp
|
apollo_domain_os
|
Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh).
|
NVD-CWE-Other
|
CVE-1999-1115
|
2008-09-6 05:18 |
1990-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272920
|
7.5 |
HIGH
|
allaire
|
coldfusion
|
HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which reques…
|
NVD-CWE-Other
|
CVE-1999-1124
|
2008-09-6 05:18 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272921
|
6.4 |
MEDIUM
|
sco
|
open_desktop
unix
|
Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers to cause a denial of service by preventing users from being able to log into the system.
|
NVD-CWE-Other
|
CVE-1999-1162
|
2008-09-6 05:18 |
1993-05-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272922
|
7.2 |
HIGH
|
linux
|
linux_kernel
|
Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.
|
NVD-CWE-Other
|
CVE-1999-1166
|
2008-09-6 05:18 |
1999-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272923
|
7.2 |
HIGH
|
iss
|
internet_security_scanner
|
install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file.
|
NVD-CWE-Other
|
CVE-1999-1168
|
2008-09-6 05:18 |
1999-02-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272924
|
5.0 |
MEDIUM
|
maximizer
|
maximizer_enterprise
|
By design, Maximizer Enterprise 4 calendar and address book program allows arbitrary users to modify the calendar of other users when the calendar is being shared.
|
NVD-CWE-Other
|
CVE-1999-1172
|
2008-09-6 05:18 |
1999-01-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272925
|
7.5 |
HIGH
|
sysadmin_magazine
|
man.sh
|
Vulnerability in man.sh CGI script, included in May 1998 issue of SysAdmin Magazine, allows remote attackers to execute arbitrary commands.
|
NVD-CWE-Other
|
CVE-1999-1179
|
2008-09-6 05:18 |
1998-05-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272926
|
7.2 |
HIGH
|
sgi
|
irix
|
Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges.
|
NVD-CWE-Other
|
CVE-1999-1181
|
2008-09-6 05:18 |
1998-09-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272927
|
10.0 |
HIGH
|
admiral_systems
|
emailclub
|
Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message.
|
NVD-CWE-Other
|
CVE-1999-1190
|
2008-09-6 05:18 |
1999-11-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272928
|
5.0 |
MEDIUM
|
hummingbird
|
exceed
|
Hummingbird Exceed X version 5 allows remote attackers to cause a denial of service via malformed data to port 6000.
|
NVD-CWE-Other
|
CVE-1999-1196
|
2008-09-6 05:18 |
1999-04-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272929
|
5.0 |
MEDIUM
|
hummingbird
|
exceed
|
Upgrade to a non-vulnerable version of Exceed (Hummingbird Exceed 6.0.1 Hummingbird Exceed 6.0.2 Hummingbird Exceed 6.1)
|
NVD-CWE-Other
|
CVE-1999-1196
|
2008-09-6 05:18 |
1999-04-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272930
|
7.2 |
HIGH
|
sun
|
sunos
|
TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a user who tries to redirect console output and input, which could allow a local user to gain privileges.
|
NVD-CWE-Other
|
CVE-1999-1197
|
2008-09-6 05:18 |
1990-12-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272931
|
7.2 |
HIGH
|
next
|
next
|
BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges.
|
NVD-CWE-Other
|
CVE-1999-1198
|
2008-09-6 05:18 |
1990-10-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272932
|
4.6 |
MEDIUM
|
linux
|
linux_kernel
|
Denial of service in Linux 2.2.0 running the ldd command on a core file.
|
NVD-CWE-Other
|
CVE-1999-0400
|
2008-09-6 05:17 |
1999-01-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272933
|
2.1 |
LOW
|
linux
|
linux_kernel
|
Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port.
|
NVD-CWE-Other
|
CVE-1999-0451
|
2008-09-6 05:17 |
1999-01-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272934
|
2.1 |
LOW
|
linux
|
linux_kernel
|
Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service.
|
NVD-CWE-Other
|
CVE-1999-0460
|
2008-09-6 05:17 |
1999-02-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272935
|
7.5 |
HIGH
|
allaire
|
coldfusion_server
|
The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly.
|
NVD-CWE-Other
|
CVE-1999-0477
|
2008-09-6 05:17 |
1999-12-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272936
|
7.5 |
HIGH
|
netscape
|
enterprise_server
fasttrack_server
|
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
|
NVD-CWE-Other
|
CVE-1999-0744
|
2008-09-6 05:17 |
2000-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272937
|
5.0 |
MEDIUM
|
oracle
|
database_server
|
Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP.
|
NVD-CWE-Other
|
CVE-1999-0784
|
2008-09-6 05:17 |
2001-03-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272938
|
5.0 |
MEDIUM
|
freebsd
|
freebsd
|
TCP RST denial of service in FreeBSD.
|
NVD-CWE-Other
|
CVE-1999-0053
|
2008-09-6 05:16 |
1998-10-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272939
|
10.0 |
HIGH
|
ssh
|
ssh
|
A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.
|
NVD-CWE-Other
|
CVE-1999-0248
|
2008-09-6 05:16 |
1999-01-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272940
|
9.3 |
HIGH
|
freebsd
|
freebsd
|
Buffer overflow in FreeBSD lpd through long DNS hostnames.
|
NVD-CWE-Other
|
CVE-1999-0299
|
2008-09-6 05:16 |
1997-03-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272941
|
4.3 |
MEDIUM
|
d-ic
|
shop_v50
shop_v52
|
Cross-site scripting (XSS) vulnerability in DIC shop_v50 3.0 and earlier and shop_v52 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2008-3935
|
2008-09-6 00:08 |
2008-09-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272942
|
4.3 |
MEDIUM
|
opendb
|
opendb
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Media Collectors Database (OpenDb) 1.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) user_id parameter in an …
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2008-3937
|
2008-09-6 00:08 |
2008-09-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272943
|
5.8 |
MEDIUM
|
opendb
|
opendb
|
Cross-site request forgery (CSRF) vulnerability in user_admin.php in Open Media Collectors Database (OpenDb) 1.0.6 allows remote attackers to change arbitrary passwords via an update_password action.
|
CWE-352
同一生成元ポリシー違反
|
CVE-2008-3938
|
2008-09-6 00:08 |
2008-09-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272944
|
5.0 |
MEDIUM
|
avtech
|
pager_enterprise
|
Directory traversal vulnerability in the web interface in AVTECH PageR Enterprise before 5.0.7 allows remote attackers to read arbitrary files via directory traversal sequences in the URI.
|
CWE-22
パス・トラバーサル
|
CVE-2008-3939
|
2008-09-6 00:08 |
2008-09-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272945
|
4.3 |
MEDIUM
|
manageengine
|
servicedesk_plus
|
Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus 7.0.0 Build 7011 for Windows allows remote attackers to inject arbitrary web script or HTML via the sear…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2008-1299
|
2008-09-5 13:00 |
2008-03-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272946
|
7.5 |
HIGH
|
oocomments
|
oocomments
|
Multiple PHP remote file inclusion vulnerabilities in ooComments 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the PathToComment parameter for (1) classes/class_admin.php and …
|
CWE-94
コード・インジェクション
|
CVE-2008-1511
|
2008-09-5 13:00 |
2008-03-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272947
|
7.1 |
HIGH
|
avici
hitachi
|
router
gr2000
gr3000
gr4000
|
Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue …
|
NVD-CWE-noinfo
CWE-20
不適切な入力確認
|
CVE-2008-2169
|
2008-09-5 13:00 |
2008-05-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272948
|
7.1 |
HIGH
|
century_software
|
router
|
Unspecified vulnerability in Century routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issu…
|
CWE-20
不適切な入力確認
|
CVE-2008-2170
|
2008-09-5 13:00 |
2008-05-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272949
|
7.1 |
HIGH
|
yamaha
|
router
|
Unspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue…
|
CWE-20
不適切な入力確認
|
CVE-2008-2173
|
2008-09-5 13:00 |
2008-05-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272950
|
4.3 |
MEDIUM
|
runesoft
|
cerberus_cms
|
Cross-site scripting (XSS) vulnerability in Runesoft Cerberus CMS before 3_1.4_0.9 allows remote attackers to inject arbitrary web script or HTML via a cerberus_user cookie.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2008-3397
|
2008-09-5 13:00 |
2008-08-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
