Full List

Search

Recent Vulnerabilities

• CVE-1999-1285 • published on September 12, 2001 Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.
• CVE-1999-1292 • published on September 12, 2001 Buffer overflow in web administration feature of Kolban Webcam32 4.8.3 and earlier allows remote attackers to execute arbitrary commands via a long URL.
• CVE-1999-1296 • published on September 12, 2001 Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via the KRB_CONF environmental variable.
• CVE-1999-1302 • published on September 12, 2001 Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allows local users to gain root access.
• CVE-1999-1307 • published on September 12, 2001 Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges.
• CVE-1999-1314 • published on September 12, 2001 Vulnerability in union file system in FreeBSD 2.2 and earlier, and possibly other operating systems, allows local users to cause a denial of service (system reload) via a series of certain mount_union commands.
• CVE-1999-1323 • published on September 12, 2001 Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE.
• CVE-1999-1304 • published on September 12, 2001 Vulnerability in login in SCO UNIX 4.2 and earlier allows local users to gain root access.
• CVE-1999-1306 • published on September 12, 2001 Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.
• CVE-1999-1308 • published on September 12, 2001 Certain programs in HP-UX 10.20 do not properly handle large user IDs (UID) or group IDs (GID) over 60000, which could allow local users to gain privileges.
• CVE-1999-1311 • published on September 12, 2001 Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows local users to bypass authentication and gain privileges.
• CVE-1999-1312 • published on September 12, 2001 Vulnerability in DEC OpenVMS VAX 5.5-2 through 5.0, and OpenVMS AXP 1.0, allows local users to gain system privileges.
• CVE-1999-1338 • published on September 12, 2001 Delegate proxy 5.9.3 and earlier creates files and directories in the DGROOT with world-writable permissions.
• CVE-1999-1277 • published on September 12, 2001 BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password.
• CVE-1999-1281 • published on September 12, 2001 Development version of Breeze Network Server allows remote attackers to cause the system to reboot by accessing the configbreeze CGI program.
• CVE-1999-1280 • published on September 12, 2001 Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant for development and testing, which logs user names and passwords in cleartext in the test.log file.
• CVE-1999-1278 • published on September 12, 2001 nlog CGI scripts do not properly filter shell metacharacters from the IP address argument, which could allow remote attackers to execute certain commands via (1) nlog-smb.pl or (2) rpc-nlog.pl.
• CVE-1999-1286 • published on September 12, 2001 addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file.
• CVE-1999-1289 • published on September 12, 2001 ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network configuration.
• CVE-1999-1293 • published on September 12, 2001 mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause a denial of service via malformed FTP commands, which causes Apache to dump core.