Vulnerability Details

CVE-1999-0258 • published on February 4, 2000 Bonk variation of teardrop IP fragmentation denial of service.

CVE-1999-0283 • published on February 4, 2000 The Java Web Server would allow remote users to obtain the source code for CGI programs.

CVE-1999-0287 • published on February 4, 2000 Vulnerability in the Wguest CGI program.

CVE-1999-0364 • published on February 4, 2000 Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data.

CVE-1999-0370 • published on February 4, 2000 In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.

CVE-1999-0381 • published on February 4, 2000 super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.

CVE-1999-0394 • published on February 4, 2000 DPEC Online Courseware allows an attacker to change another user's password without knowing the original password.

CVE-1999-0398 • published on February 4, 2000 In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.

CVE-1999-0431 • published on February 4, 2000 Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service.

CVE-1999-0443 • published on February 4, 2000 Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password.

CVE-1999-0444 • published on February 4, 2000 Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.

CVE-1999-0452 • published on February 4, 2000 A service or application has a backdoor password that was placed there by the developer.

CVE-1999-0454 • published on February 4, 2000 A remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso.

CVE-1999-0476 • published on February 4, 2000 A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user.

CVE-1999-0477 • published on February 4, 2000 The Expression Evaluator in the ColdFusion Application Server allows a remote attacker to upload files to the server via openfile.cfm, which does not restrict access to the server properly.

CVE-1999-0489 • published on February 4, 2000 MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013.

CVE-1999-0490 • published on February 4, 2000 MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag.

CVE-1999-0506 • published on February 4, 2000 A Windows NT domain user or administrator account has a default, null, blank, or missing password.

CVE-1999-0507 • published on February 4, 2000 An account on a router, firewall, or other network device has a guessable password.

CVE-1999-0510 • published on February 4, 2000 A router or firewall allows source routed packets from arbitrary hosts.

Recent Vulnerabilities