-
CVE-1999-0349
•
published on September 29, 1999
A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.
-
CVE-1999-0353
•
published on September 29, 1999
rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory.
-
CVE-1999-0355
•
published on September 29, 1999
Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service.
-
CVE-1999-0362
•
published on September 29, 1999
WS_FTP server remote denial of service through cwd command.
-
CVE-1999-0384
•
published on September 29, 1999
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.
-
CVE-1999-0391
•
published on September 29, 1999
The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user.
-
CVE-1999-0405
•
published on September 29, 1999
A buffer overflow in lsof allows local users to obtain root privilege.
-
CVE-1999-0410
•
published on September 29, 1999
The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access.
-
CVE-1999-0424
•
published on September 29, 1999
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
-
CVE-1999-0430
•
published on September 29, 1999
Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload.
-
CVE-1999-0437
•
published on September 29, 1999
Remote attackers can perform a denial of service in WebRamp systems by sending a malicious string to the HTTP port.
-
CVE-1999-0447
•
published on September 29, 1999
Local users can gain privileges using the debug utility in the MPE/iX operating system.
-
CVE-1999-0448
•
published on September 29, 1999
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request.
-
CVE-1999-0449
•
published on September 29, 1999
The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts.
-
CVE-1999-0002
•
published on September 29, 1999
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.
-
CVE-1999-0006
•
published on September 29, 1999
Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.
-
CVE-1999-0013
•
published on September 29, 1999
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.
-
CVE-1999-0014
•
published on September 29, 1999
Unauthorized privileged access or denial of service via dtappgather program in CDE.
-
CVE-1999-0018
•
published on September 29, 1999
Buffer overflow in statd allows root privileges.
-
CVE-1999-0027
•
published on September 29, 1999
root privileges via buffer overflow in eject command on SGI IRIX systems.