-
CVE-1999-0994
•
published on January 18, 2000
Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords.
-
CVE-1999-0999
•
published on January 18, 2000
Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.
-
CVE-1999-0151
•
published on January 4, 2000
The SATAN session key may be disclosed if the user points the web browser to other sites, possibly allowing root access.
-
CVE-1999-0280
•
published on January 4, 2000
Remote command execution in Microsoft Internet Explorer using .lnk and .url files.
-
CVE-1999-0212
•
published on January 4, 2000
Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server.
-
CVE-1999-0318
•
published on January 4, 2000
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
-
CVE-1999-0322
•
published on January 4, 2000
The open() function in FreeBSD allows local attackers to write to arbitrary files.
-
CVE-1999-0343
•
published on January 4, 2000
A malicious Palace server can force a client to execute arbitrary programs.
-
CVE-1999-0428
•
published on January 4, 2000
OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls.
-
CVE-1999-0439
•
published on January 4, 2000
Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.
-
CVE-1999-0470
•
published on January 4, 2000
A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.
-
CVE-1999-0291
•
published on January 4, 2000
The WinGate proxy is installed without a password, which allows remote attackers to redirect connections without authentication.
-
CVE-1999-0304
•
published on January 4, 2000
mmap function in BSD allows local attackers in the kmem group to modify memory through devices.
-
CVE-1999-0408
•
published on January 4, 2000
Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server.
-
CVE-1999-0409
•
published on January 4, 2000
Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access.
-
CVE-1999-0297
•
published on January 4, 2000
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
-
CVE-1999-0421
•
published on January 4, 2000
During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password.
-
CVE-1999-0275
•
published on January 4, 2000
Denial of service in Windows NT DNS servers by flooding port 53 with too many characters.
-
CVE-1999-0290
•
published on January 4, 2000
The WinGate telnet proxy allows remote attackers to cause a denial of service via a large number of connections to localhost.
-
CVE-1999-0680
•
published on January 4, 2000
Windows NT Terminal Server performs extra work when a client opens a new connection but before it is authenticated, allowing for a denial of service.