Full List

Search

Recent Vulnerabilities

• CVE-1999-1205 • published on March 9, 2002 nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information.
• CVE-1999-1163 • published on March 9, 2002 Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation.
• CVE-1999-1177 • published on March 9, 2002 Directory traversal vulnerability in nph-publish before 1.2 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the pathname for an upload operation.
• CVE-1999-1181 • published on March 9, 2002 Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges.
• CVE-1999-1192 • published on March 9, 2002 Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
• CVE-1999-1194 • published on March 9, 2002 chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which allows local users to gain privileges.
• CVE-1999-1198 • published on March 9, 2002 BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges.
• CVE-1999-1208 • published on March 9, 2002 Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument.
• CVE-1999-1209 • published on March 9, 2002 Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Open Server 3.0 allows local users to gain root privileges.
• CVE-1999-1147 • published on March 9, 2002 Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows remote attackers to execute arbitrary commands via a long string to the Agent port (1827), which is handled by smaxagent.exe.
• CVE-1999-1157 • published on March 9, 2002 Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are bound to the same network interface.
• CVE-1999-1197 • published on March 9, 2002 TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a user who tries to redirect console output and input, which could allow a local user to gain privileges.
• CVE-1999-1203 • published on March 9, 2002 Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote attackers to cause a denial of service via a spoofed endpoint identifier.
• CVE-1999-1204 • published on March 9, 2002 Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default "ANY" address and result in access to more systems than intended by the administrator.
• CVE-1999-1246 • published on March 9, 2002 Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.
• CVE-1999-1249 • published on March 9, 2002 movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges.
• CVE-1999-1258 • published on March 9, 2002 rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent remote access to the daemon, which allows remote attackers to obtain sensitive system information.
• CVE-1999-1263 • published on March 9, 2002 Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file.
• CVE-1999-1215 • published on March 9, 2002 LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges.
• CVE-1999-1226 • published on March 9, 2002 Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.