Full List

Search

Recent Vulnerabilities

• CVE-1999-1237 • published on September 12, 2001 Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
• CVE-1999-1238 • published on September 12, 2001 Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 and earlier allows local users to gain privileges.
• CVE-1999-1239 • published on September 12, 2001 HP-UX 9.x does not properly enable the Xauthority mechanism in certain conditions, which could allow local users to access the X display even when they have not explicitly been authorized to do so.
• CVE-1999-1252 • published on September 12, 2001 Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 allows local users to access arbitrary files and gain root privileges.
• CVE-1999-1255 • published on September 12, 2001 Hyperseek allows remote attackers to modify the hyperseek configuration by directly calling the admin.cgi program with an edit_file action parameter.
• CVE-1999-1270 • published on September 12, 2001 KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.
• CVE-1999-1274 • published on September 12, 2001 iPass RoamServer 3.1 creates temporary files with world-writable permissions.
• CVE-1999-1213 • published on September 12, 2001 Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service.
• CVE-1999-1219 • published on September 12, 2001 Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command.
• CVE-1999-1218 • published on September 12, 2001 Vulnerability in finger in Commodore Amiga UNIX 2.1p2a and earlier allows local users to read arbitrary files.
• CVE-1999-1227 • published on September 12, 2001 Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file.
• CVE-1999-1232 • published on September 12, 2001 Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program.
• CVE-1999-1234 • published on September 12, 2001 LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo.
• CVE-1999-1235 • published on September 12, 2001 Internet Explorer 5.0 records the username and password for FTP servers in the URL history, which could allow (1) local users to read the information from another user's index.dat, or (2) people who are physically observing ("shoulder surfing") another user to read the information from the status bar when the user moves the mouse over a link.
• CVE-1999-1240 • published on September 12, 2001 Buffer overflow in cddbd CD database server allows remote attackers to execute arbitrary commands via a long log message.
• CVE-1999-1245 • published on September 12, 2001 vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote attackers to obtain sensitive information.
• CVE-1999-1247 • published on September 12, 2001 Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges.
• CVE-1999-1248 • published on September 12, 2001 Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through 9.0 allows local users to gain privileges.
• CVE-1999-1254 • published on September 12, 2001 Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.
• CVE-1999-1257 • published on September 12, 2001 Xyplex terminal server 6.0.1S1, and possibly other versions, allows remote attackers to bypass the password prompt by entering (1) a CTRL-Z character, or (2) a ? (question mark).