Vulnerability Details

CVE-1999-0357 • published on September 29, 1999 Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets.

CVE-1999-0363 • published on September 29, 1999 SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise.

CVE-1999-0374 • published on September 29, 1999 Debian GNU/Linux cfengine package is susceptible to a symlink attack.

CVE-1999-0376 • published on September 29, 1999 Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.

CVE-1999-0383 • published on September 29, 1999 ACC Tigris allows public access without a login.

CVE-1999-0385 • published on September 29, 1999 The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.

CVE-1999-0402 • published on September 29, 1999 wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.

CVE-1999-0405 • published on September 29, 1999 A buffer overflow in lsof allows local users to obtain root privilege.

CVE-1999-0410 • published on September 29, 1999 The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access.

CVE-1999-0412 • published on September 29, 1999 In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension.

CVE-1999-0424 • published on September 29, 1999 talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.

CVE-1999-0433 • published on September 29, 1999 XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

CVE-1999-0441 • published on September 29, 1999 Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service.

CVE-1999-0442 • published on September 29, 1999 Solaris ff.core allows local users to modify files.

CVE-1999-0445 • published on September 29, 1999 In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.

CVE-1999-0468 • published on September 29, 1999 Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.

CVE-1999-0475 • published on September 29, 1999 A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.

CVE-1999-0514 • published on September 29, 1999 UDP messages to broadcast addresses are allowed, allowing for a Fraggle attack that can cause a denial of service by flooding the target.

CVE-1999-0566 • published on September 29, 1999 An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.

CVE-1999-0288 • published on September 29, 1999 The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.

Recent Vulnerabilities