-
CVE-1999-0168
•
published on September 29, 1999
The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions.
-
CVE-1999-0180
•
published on September 29, 1999
in.rshd allows users to login with a NULL username and execute commands.
-
CVE-1999-0181
•
published on September 29, 1999
The wall daemon can be used for denial of service, social engineering attacks, or to execute remote commands.
-
CVE-1999-0190
•
published on September 29, 1999
Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access.
-
CVE-1999-0192
•
published on September 29, 1999
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
-
CVE-1999-0196
•
published on September 29, 1999
websendmail in Webgais 1.0 allows a remote user to access arbitrary files and execute arbitrary code via the receiver parameter ($VAR_receiver variable).
-
CVE-1999-0201
•
published on September 29, 1999
A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user.
-
CVE-1999-0206
•
published on September 29, 1999
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
-
CVE-1999-0215
•
published on September 29, 1999
Routed allows attackers to append data to files.
-
CVE-1999-0221
•
published on September 29, 1999
Denial of service of Ascend routers through port 150 (remote administration).
-
CVE-1999-0227
•
published on September 29, 1999
Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allows a denial of service.
-
CVE-1999-0236
•
published on September 29, 1999
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
-
CVE-1999-0251
•
published on September 29, 1999
Denial of service in talk program allows remote attackers to disrupt a user's display.
-
CVE-1999-0269
•
published on September 29, 1999
Netscape Enterprise servers may list files through the PageServices query.
-
CVE-1999-0276
•
published on September 29, 1999
mSQL v2.0.1 and below allows remote execution through a buffer overflow.
-
CVE-1999-0279
•
published on September 29, 1999
Excite for Web Servers (EWS) allows remote command execution via shell metacharacters.
-
CVE-1999-0003
•
published on September 29, 1999
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
-
CVE-1999-0007
•
published on September 29, 1999
Information from SSL-encrypted sessions via PKCS #1.
-
CVE-1999-0012
•
published on September 29, 1999
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
-
CVE-1999-0026
•
published on September 29, 1999
root privileges via buffer overflow in pset command on SGI IRIX systems.