-
CVE-1999-0487
•
published on September 29, 1999
The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files.
-
CVE-1999-0612
•
published on September 29, 1999
A version of finger is running that exposes valid user information to any entity on the network.
-
CVE-1999-0513
•
published on September 29, 1999
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
-
CVE-1999-0526
•
published on September 29, 1999
An X server's access control is disabled (e.g. through an "xhost +" command) and allows anyone to connect to the server.
-
CVE-1999-0551
•
published on September 29, 1999
HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests.
-
CVE-1999-0566
•
published on September 29, 1999
An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities.
-
CVE-1999-0627
•
published on September 29, 1999
The rexd service is running, which uses weak authentication that can allow an attacker to execute commands.
-
CVE-1999-0628
•
published on September 29, 1999
The rwho/rwhod service is running, which exposes machine status and user information.
-
CVE-1999-0514
•
published on September 29, 1999
UDP messages to broadcast addresses are allowed, allowing for a Fraggle attack that can cause a denial of service by flooding the target.
-
CVE-1999-0626
•
published on September 29, 1999
A version of rusers is running that exposes valid user information to any entity on the network.
-
CVE-1999-0005
•
published on September 29, 1999
Arbitrary command execution via IMAP buffer overflow in authenticate command.
-
CVE-1999-0014
•
published on September 29, 1999
Unauthorized privileged access or denial of service via dtappgather program in CDE.
-
CVE-1999-0024
•
published on September 29, 1999
DNS cache poisoning via BIND, by predictable query IDs.
-
CVE-1999-0027
•
published on September 29, 1999
root privileges via buffer overflow in eject command on SGI IRIX systems.
-
CVE-1999-0029
•
published on September 29, 1999
root privileges via buffer overflow in ordist command on SGI IRIX systems.
-
CVE-1999-0035
•
published on September 29, 1999
Race condition in signal handling routine in ftpd, allowing read/write arbitrary files.
-
CVE-1999-0042
•
published on September 29, 1999
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
-
CVE-1999-0043
•
published on September 29, 1999
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
-
CVE-1999-0055
•
published on September 29, 1999
Buffer overflows in Sun libnsl allow root access.
-
CVE-1999-0056
•
published on September 29, 1999
Buffer overflow in Sun's ping program can give root access to local users.