CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In February 1999 (CVSS score >= 6)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-1999-1247 1 +Priv 1999-02-24 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges.
2 CVE-2000-0367 +Priv 1999-02-18 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges.
3 CVE-1999-1482 +Priv 1999-02-19 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes.
4 CVE-1999-1405 Exec Code 1999-02-17 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a.
5 CVE-1999-1260 +Info 1999-02-15 2017-12-19
7.5
None Remote Low Not required Partial Partial Partial
mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive server information such as logged users, database names, and server version via the ServerStats query.
6 CVE-1999-1168 1999-02-20 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
install.iss installation script for Internet Security Scanner (ISS) for Linux, version 5.3, allows local users to change the permissions of arbitrary files via a symlink attack on a temporary file.
7 CVE-1999-1049 1999-02-21 2021-04-07
10.0
None Remote Low Not required Complete Complete Complete
ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password.
8 CVE-1999-0412 1999-02-19 2020-11-23
7.5
None Remote Low Not required Partial Partial Partial
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.
9 CVE-1999-0408 1999-02-25 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server.
10 CVE-1999-0407 1999-02-09 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.
11 CVE-1999-0406 Overflow 1999-02-19 2022-08-17
7.2
None Local Low Not required Complete Complete Complete
Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege.
12 CVE-1999-0405 Overflow 1999-02-18 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
A buffer overflow in lsof allows local users to obtain root privilege.
13 CVE-1999-0404 Exec Code Overflow 1999-02-14 2022-08-17
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution.
14 CVE-1999-0383 1999-02-02 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
ACC Tigris allows public access without a login.
15 CVE-1999-0381 Overflow 1999-02-26 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.
16 CVE-1999-0379 Exec Code 1999-02-22 2018-10-12
7.5
None Remote Low Not required Partial Partial Partial
Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting.
17 CVE-1999-0375 Exec Code Overflow 1999-02-16 2022-08-17
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands.
18 CVE-1999-0373 Exec Code Overflow 1999-02-01 2022-08-17
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root.
19 CVE-1999-0368 Overflow 1999-02-09 2022-08-17
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
20 CVE-1999-0366 287 1999-02-08 2018-10-12
7.5
None Remote Low Not required Partial Partial Partial
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value.
21 CVE-1999-0365 Exec Code 1999-02-04 2022-08-17
7.5
None Remote Low Not required Partial Partial Partial
The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry.
22 CVE-1999-0363 Overflow 1999-02-02 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise.
23 CVE-1999-0358 Overflow 1999-02-01 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Digital Unix 4.0 has a buffer overflow in the inc program of the mh package.
24 CVE-1999-0353 1999-02-10 2013-09-03
9.3
None Remote Medium Not required Complete Complete Complete
rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory.
25 CVE-1999-0351 DoS 1999-02-01 2018-05-03
6.4
None Remote Low Not required Partial None Partial
FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client.
26 CVE-1999-0350 1999-02-08 2022-08-17
6.2
None Local High Not required Complete Complete Complete
Race condition in the db_loader program in ClearCase gives local users root access by setting SUID bits.
27 CVE-1999-0291 1999-02-01 2022-08-17
7.5
None Remote Low Not required Partial Partial Partial
The WinGate proxy is installed without a password, which allows remote attackers to redirect connections without authentication.
Total number of vulnerabilities : 27   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.