Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-1366 | 1 David Harris | 1 Pegasus Mail | 2016-10-17 | 3.6 LOW | N/A |
| Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to easily decrypt the passwords and read e-mail. | |||||
| CVE-1999-1369 | 1 Realnetworks | 1 Realserver | 2016-10-17 | 4.6 MEDIUM | N/A |
| Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges. | |||||
| CVE-1999-1372 | 1 Triactive | 1 Remote Management | 2016-10-17 | 4.6 MEDIUM | N/A |
| Triactive Remote Manager with Basic authentication enabled stores the username and password in cleartext in registry keys, which could allow local users to gain privileges. | |||||
| CVE-1999-1373 | 1 Fore | 1 Powerhub Software | 2016-10-17 | 5.0 MEDIUM | N/A |
| FORE PowerHub before 5.0.1 allows remote attackers to cause a denial of service (hang) via a TCP SYN scan with TCP/IP OS fingerprinting, e.g. via nmap. | |||||
| CVE-1999-1374 | 1 Arpanet | 1 Perlshop | 2016-10-17 | 5.0 MEDIUM | N/A |
| perlshop.cgi shopping cart program stores sensitive customer information in directories and files that are under the web root, which allows remote attackers to obtain that information via an HTTP request. | |||||
| CVE-1999-1375 | 1 Microsoft | 1 Internet Information Server | 2016-10-17 | 5.0 MEDIUM | N/A |
| FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter. | |||||
| CVE-1999-1376 | 1 Microsoft | 1 Internet Information Server | 2016-10-17 | 10.0 HIGH | N/A |
| Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands. | |||||
| CVE-1999-1378 | 1 Dbmlparser.exe | 1 Dbmlparser.exe | 2016-10-17 | 5.0 MEDIUM | N/A |
| dbmlparser.exe CGI guestbook program does not perform a chroot operation properly, which allows remote attackers to read arbitrary files. | |||||
| CVE-1999-1379 | 1 Dnstools Software | 1 Dnstools | 2016-10-17 | 5.0 MEDIUM | N/A |
| DNS allows remote attackers to use DNS name servers as traffic amplifiers via a UDP DNS query with a spoofed source address, which produces more traffic to the victim than was sent by the attacker. | |||||
| CVE-1999-1382 | 1 Novell | 1 Netware | 2016-10-17 | 7.2 HIGH | N/A |
| NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program. | |||||
| CVE-1999-1381 | 1 Dbadmin | 1 Dbadmin | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in dbadmin CGI program 1.0.1 on Linux allows remote attackers to execute arbitrary commands. | |||||
| CVE-1999-1384 | 1 Sgi | 1 Irix | 2016-10-17 | 7.2 HIGH | N/A |
| Indigo Magic System Tour in the SGI system tour package (systour) for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program. | |||||
| CVE-1999-1385 | 1 Freebsd | 1 Freebsd | 2016-10-17 | 7.2 HIGH | N/A |
| Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local users to gain privileges via a long HOME environment variable. | |||||
| CVE-1999-1386 | 1 Larry Wall | 1 Perl | 2016-10-17 | 2.1 LOW | N/A |
| Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file. | |||||
| CVE-1999-1387 | 1 Microsoft | 1 Windows Nt | 2016-10-17 | 5.0 MEDIUM | N/A |
| Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25. | |||||
| CVE-1999-1389 | 1 3com | 1 Total Control Netserver Card | 2016-10-17 | 7.5 HIGH | N/A |
| US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 and 3.7.24 does not properly enforce access filters when the "set host prompt" setting is made for a port, which allows attackers to bypass restrictions by providing the hostname twice at the "host: " prompt. | |||||
| CVE-1999-1394 | 1 Bsd | 1 Bsd | 2016-10-17 | 2.1 LOW | N/A |
| BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device. | |||||
| CVE-1999-1203 | 1 Ascend | 1 Multilink Ppp For Isdn | 2016-10-17 | 5.0 MEDIUM | N/A |
| Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier. | |||||
| CVE-1999-1206 | 1 Systemsoft | 1 Systemwizard | 2016-10-17 | 7.5 HIGH | N/A |
| SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and possibly other platforms and operating systems, installs two ActiveX controls that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via a malicious web page that references (1) the Launch control, or (2) the RegObj control. | |||||
| CVE-1999-1293 | 1 Apache | 1 Http Server | 2016-10-17 | 10.0 HIGH | N/A |
| mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core. | |||||