| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2000-0367 |
|
|
+Priv |
1999-02-18 |
2008-09-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges. |
|
2 |
CVE-1999-1495 |
|
|
|
1999-02-18 |
2017-12-19 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file. |
|
3 |
CVE-1999-1482 |
|
|
+Priv |
1999-02-19 |
2008-09-05 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes. |
|
4 |
CVE-1999-1453 |
|
|
|
1999-02-02 |
2021-07-22 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 4 allows remote attackers (malicious web site operators) to read the contents of the clipboard via the Internet WebBrowser ActiveX object. |
|
5 |
CVE-1999-1405 |
|
|
Exec Code |
1999-02-17 |
2016-10-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a. |
|
6 |
CVE-1999-1375 |
|
|
|
1999-02-11 |
2016-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter. |
|
7 |
CVE-1999-1372 |
|
|
+Priv |
1999-02-19 |
2016-10-18 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Triactive Remote Manager with Basic authentication enabled stores the username and password in cleartext in registry keys, which could allow local users to gain privileges. |
|
8 |
CVE-1999-1260 |
|
|
+Info |
1999-02-15 |
2017-12-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive server information such as logged users, database names, and server version via the ServerStats query. |
|
9 |
CVE-1999-1255 |
|
|
|
1999-02-19 |
2017-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Hyperseek allows remote attackers to modify the hyperseek configuration by directly calling the admin.cgi program with an edit_file action parameter. |
|
10 |
CVE-1999-1247 |
|
1
|
+Priv |
1999-02-24 |
2017-12-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges. |
|
11 |
CVE-1999-1203 |
|
|
DoS |
1999-02-12 |
2016-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier. |
|
12 |
CVE-1999-1201 |
|
|
DoS |
1999-02-06 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing. |
|
13 |
CVE-1999-1180 |
|
|
Exec Code |
1999-02-16 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat. |
|
14 |
CVE-1999-1171 |
|
|
+Priv |
1999-02-02 |
2019-08-13 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920. |
|
15 |
CVE-1999-1169 |
|
|
DoS |
1999-02-04 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
nobo 1.2 allows remote attackers to cause a denial of service (crash) via a series of large UDP packets. |
|
16 |
CVE-1999-1168 |
|
|
|
1999-02-20 |
2008-09-05 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file. |
|
17 |
CVE-1999-1101 |
|
|
+Priv |
1999-02-19 |
2008-09-09 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Kabsoftware Lydia utility uses weak encryption to store user passwords in the lydia.ini file, which allows local users to easily decrypt the passwords and gain privileges. |
|
18 |
CVE-1999-1060 |
|
|
DoS Exec Code Overflow |
1999-02-17 |
2016-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by connecting to port 31457 from a host with a long DNS hostname. |
|
19 |
CVE-1999-1049 |
|
|
|
1999-02-21 |
2021-04-07 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password. |
|
20 |
CVE-1999-0714 |
|
|
|
1999-02-15 |
2022-08-17 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Vulnerability in Compaq Tru64 UNIX edauth command. |
|
21 |
CVE-1999-0485 |
|
|
|
1999-02-19 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Remote attackers can cause a system crash through ipintr() in ipq in OpenBSD. |
|
22 |
CVE-1999-0484 |
|
|
Overflow |
1999-02-23 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Buffer overflow in OpenBSD ping. |
|
23 |
CVE-1999-0483 |
|
|
|
1999-02-25 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
OpenBSD crash using nlink value in FFS and EXT2FS filesystems. |
|
24 |
CVE-1999-0460 |
|
|
DoS Overflow |
1999-02-19 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service. |
|
25 |
CVE-1999-0459 |
|
|
DoS |
1999-02-01 |
2022-08-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Local users can perform a denial of service in Alpha Linux, using MILO to force a reboot. |
|
26 |
CVE-1999-0441 |
|
|
DoS Overflow |
1999-02-22 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service. |
|
27 |
CVE-1999-0412 |
|
|
|
1999-02-19 |
2020-11-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension. |
|
28 |
CVE-1999-0408 |
|
|
|
1999-02-25 |
2008-09-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. |
|
29 |
CVE-1999-0407 |
|
|
|
1999-02-09 |
2016-10-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. |
|
30 |
CVE-1999-0406 |
|
|
Overflow |
1999-02-19 |
2022-08-17 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege. |
|
31 |
CVE-1999-0405 |
|
|
Overflow |
1999-02-18 |
2008-09-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
A buffer overflow in lsof allows local users to obtain root privilege. |
|
32 |
CVE-1999-0404 |
|
|
Exec Code Overflow |
1999-02-14 |
2022-08-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution. |
|
33 |
CVE-1999-0403 |
|
|
DoS |
1999-02-01 |
2016-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A bug in Cyrix CPUs on Linux allows local users to perform a denial of service. |
|
34 |
CVE-1999-0396 |
|
|
DoS |
1999-02-17 |
2022-08-17 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. |
|
35 |
CVE-1999-0383 |
|
|
|
1999-02-02 |
2008-09-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
ACC Tigris allows public access without a login. |
|
36 |
CVE-1999-0381 |
|
|
Overflow |
1999-02-26 |
2008-09-09 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access. |
|
37 |
CVE-1999-0380 |
|
|
|
1999-02-25 |
2017-10-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user. |
|
38 |
CVE-1999-0379 |
|
|
Exec Code |
1999-02-22 |
2018-10-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting. |
|
39 |
CVE-1999-0378 |
|
|
|
1999-02-22 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
InterScan VirusWall for Solaris doesn't scan files for viruses when a single HTTP request includes two GET commands. |
|
40 |
CVE-1999-0377 |
|
|
DoS |
1999-02-22 |
2016-12-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Process table attack in Unix systems allows a remote attacker to perform a denial of service by filling a machine's process tables through multiple connections to network services. |
|
41 |
CVE-1999-0376 |
|
|
|
1999-02-20 |
2018-10-12 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs. |
|
42 |
CVE-1999-0375 |
|
|
Exec Code Overflow |
1999-02-16 |
2022-08-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands. |
|
43 |
CVE-1999-0374 |
|
|
|
1999-02-16 |
2022-08-17 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Debian GNU/Linux cfengine package is susceptible to a symlink attack. |
|
44 |
CVE-1999-0373 |
|
|
Exec Code Overflow |
1999-02-01 |
2022-08-17 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root. |
|
45 |
CVE-1999-0372 |
200 |
|
+Info |
1999-02-12 |
2018-10-12 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. |
|
46 |
CVE-1999-0370 |
|
|
|
1999-02-10 |
2018-10-30 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files. |
|
47 |
CVE-1999-0368 |
|
|
Overflow |
1999-02-09 |
2022-08-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. |
|
48 |
CVE-1999-0367 |
|
|
|
1999-02-09 |
2008-09-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
NetBSD netstat command allows local users to access kernel memory. |
|
49 |
CVE-1999-0366 |
287 |
|
|
1999-02-08 |
2018-10-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. |
|
50 |
CVE-1999-0365 |
|
|
Exec Code |
1999-02-04 |
2022-08-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry. |
