-
CVE-1999-0682
•
published on January 4, 2000
Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying features are enabled.
-
CVE-1999-0686
•
published on January 4, 2000
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
-
CVE-1999-0687
•
published on January 4, 2000
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
-
CVE-1999-0692
•
published on January 4, 2000
The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges.
-
CVE-1999-0701
•
published on January 4, 2000
After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.
-
CVE-1999-0702
•
published on January 4, 2000
Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Export Favorites feature, aka the "ImportExportFavorites" vulnerability.
-
CVE-1999-0714
•
published on January 4, 2000
Vulnerability in Compaq Tru64 UNIX edauth command.
-
CVE-1999-0725
•
published on January 4, 2000
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page".
-
CVE-1999-0730
•
published on January 4, 2000
The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack.
-
CVE-1999-0732
•
published on January 4, 2000
The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.
-
CVE-1999-0751
•
published on January 4, 2000
Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.
-
CVE-1999-0772
•
published on January 4, 2000
Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301.
-
CVE-1999-0774
•
published on January 4, 2000
Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names.
-
CVE-1999-0793
•
published on January 4, 2000
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.
-
CVE-1999-0802
•
published on January 4, 2000
Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon.
-
CVE-1999-0807
•
published on January 4, 2000
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.
-
CVE-1999-0817
•
published on January 4, 2000
Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.
-
CVE-1999-0839
•
published on January 4, 2000
Windows NT Task Scheduler installed with Internet Explorer 5 allows a user to gain privileges by modifying the job after it has been scheduled.
-
CVE-1999-0849
•
published on January 4, 2000
Denial of service in BIND named via maxdname.
-
CVE-1999-0851
•
published on January 4, 2000
Denial of service in BIND named via naptr.