U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Search Type: Search All
  • CPE Name Search: false
There are 241,456 matching records.
Displaying matches 240,661 through 240,680.
Vuln ID Summary CVSS Severity
CVE-2000-0054

search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack.

Published: January 03, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-0402

wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.

Published: January 02, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-1170

IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.

Published: January 02, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 4.6 MEDIUM
CVE-1999-1422

The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users.

Published: January 02, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2000-0005

HP-UX aserver program allows local users to gain privileges via a symlink attack.

Published: January 02, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-1999-0197

finger 0@host on some systems may print information on some user accounts.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0198

finger .@host on some systems may print information on some user accounts.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0200

Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0205

Denial of service in Sendmail 8.6.11 and 8.6.12.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-0220

Attackers can do a denial of service of IRC by crashing the server.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0226

Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0231

Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-1999-0240

Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 7.5 HIGH
CVE-1999-0243

Linux cfingerd could be exploited to gain root access.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0248

A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0255

Buffer overflow in ircd allows arbitrary command execution.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0268

MetaInfo MetaWeb web server allows users to upload, execute, and read scripts.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0276

mSQL v2.0.1 and below allows remote execution through a buffer overflow.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 7.5 HIGH
CVE-1999-0283

The Java Web Server would allow remote users to obtain the source code for CGI programs.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-1999-0285

Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.

Published: January 01, 1999; 12:00:00 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 10.0 HIGH