-
CVE-1999-0956
•
published on January 4, 2000
The NeXT NetInfo _writers property allows local users to gain root privileges or conduct a denial of service.
-
CVE-1999-0960
•
published on January 4, 2000
IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option.
-
CVE-1999-0963
•
published on January 4, 2000
FreeBSD mount_union command allows local users to gain root privileges via a symlink attack.
-
CVE-1999-0965
•
published on January 4, 2000
Race condition in xterm allows local users to modify arbitrary files via the logging option.
-
CVE-1999-0975
•
published on January 4, 2000
The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed.
-
CVE-1999-0981
•
published on January 4, 2000
Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect."
-
CVE-1999-0986
•
published on January 4, 2000
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
-
CVE-1999-0744
•
published on January 4, 2000
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
-
CVE-1999-0749
•
published on January 4, 2000
Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.
-
CVE-1999-0763
•
published on January 4, 2000
NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.
-
CVE-1999-0764
•
published on January 4, 2000
NetBSD allows ARP packets to overwrite static ARP entries.
-
CVE-1999-0766
•
published on January 4, 2000
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.
-
CVE-1999-0769
•
published on January 4, 2000
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
-
CVE-1999-0810
•
published on January 4, 2000
Denial of service in Samba NETBIOS name service daemon (nmbd).
-
CVE-1999-0812
•
published on January 4, 2000
Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations.
-
CVE-1999-0833
•
published on January 4, 2000
Buffer overflow in BIND 8.2 via NXT records.
-
CVE-1999-0837
•
published on January 4, 2000
Denial of service in BIND by improperly closing TCP sessions via so_linger.
-
CVE-1999-0848
•
published on January 4, 2000
Denial of service in BIND named via consuming more than "fdmax" file descriptors.
-
CVE-1999-0858
•
published on January 4, 2000
Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server.
-
CVE-1999-0868
•
published on January 4, 2000
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.