Full List

Search

Recent Vulnerabilities

• CVE-1999-1202 • published on September 12, 2001 StarTech (1) POP3 proxy server and (2) telnet server allows remote attackers to cause a denial of service via a long USER command.
• CVE-1999-1165 • published on September 12, 2001 GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files.
• CVE-1999-1166 • published on September 12, 2001 Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.
• CVE-1999-1170 • published on September 12, 2001 IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
• CVE-1999-1178 • published on September 12, 2001 Sambar Server 4.1 beta allows remote attackers to obtain sensitive information about the server via an HTTP request for the dumpenv.pl script.
• CVE-1999-1185 • published on September 12, 2001 Buffer overflow in SCO mscreen allows local users to gain root privileges via a long terminal entry (TERM) in the .mscreenrc file.
• CVE-1999-1187 • published on September 12, 2001 Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail.
• CVE-1999-1190 • published on September 12, 2001 Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message.
• CVE-1999-1195 • published on September 12, 2001 NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly.
• CVE-1999-1196 • published on September 12, 2001 Hummingbird Exceed X version 5 allows remote attackers to cause a denial of service via malformed data to port 6000.
• CVE-1999-1200 • published on September 12, 2001 Vintra SMTP MailServer allows remote attackers to cause a denial of service via a malformed "EXPN *@" command.
• CVE-1999-1206 • published on September 12, 2001 SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and possibly other platforms and operating systems, installs two ActiveX controls that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via a malicious web page that references (1) the Launch control, or (2) the RegObj control.
• CVE-1999-1151 • published on September 12, 2001 Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the integrator without providing a username or password.
• CVE-1999-1173 • published on September 12, 2001 Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, which allows local users to (1) modify Word Perfect behavior by modifying files in the working directory, or (2) modify files of other users via a symlink attack.
• CVE-1999-1176 • published on September 12, 2001 Buffer overflow in cidentd ident daemon allows local users to gain root privileges via a long line in the .authlie script.
• CVE-1999-1180 • published on September 12, 2001 O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an argument to (1) args.cmd or (2) args.bat.
• CVE-1999-1182 • published on September 12, 2001 Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
• CVE-1999-1183 • published on September 12, 2001 System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type.
• CVE-1999-1207 • published on September 12, 2001 Buffer overflow in web-admin tool in NetXRay 2.6 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request.
• CVE-1999-1210 • published on September 12, 2001 xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access.