National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 25,885 matching records.
Displaying matches 25801 through 25820.
Vuln ID Summary CVSS Severity
CVE-1999-1339

Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command.

Published: December 31, 1999; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-1999-1358

When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only.

Published: December 31, 1999; 12:00:00 AM -05:00
V2: 4.6 MEDIUM
CVE-1999-1359

When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies.

Published: December 31, 1999; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-1999-1360

Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle.

Published: December 31, 1999; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-1999-1362

Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters.

Published: December 31, 1999; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-1999-1363

Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool.

Published: December 31, 1999; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-1999-1364

Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext.

Published: December 31, 1999; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-1999-1379

DNS allows remote attackers to use DNS name servers as traffic amplifiers via a UDP DNS query with a spoofed source address, which produces more traffic to the victim than was sent by the attacker.

Published: December 31, 1999; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-1999-1382

NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program.

Published: December 31, 1999; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-1999-1386

Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.

Published: December 31, 1999; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-1999-1473

When a Web site redirects the browser to another site, Internet Explorer 3.02 and 4.0 automatically resends authentication information to the second site, aka the "Page Redirect Issue."

Published: December 31, 1999; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-1999-1488

sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication.

Published: December 31, 1999; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-2000-0027

IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack.

Published: December 27, 1999; 12:00:00 AM -05:00
V2: 6.2 MEDIUM
CVE-2000-0060

Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers to cause a denial of service via a long user name.

Published: December 27, 1999; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-1999-1109

Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated.

Published: December 22, 1999; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-1999-1163

Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation.

Published: November 24, 1999; 12:00:00 AM -05:00
V2: 7.5 HIGH
CVE-2000-0073

Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word.

Published: November 17, 1999; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-1999-1530

cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system.

Published: November 08, 1999; 12:00:00 AM -05:00
V2: 3.6 LOW
CVE-1999-1550

bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter.

Published: November 08, 1999; 12:00:00 AM -05:00
V2: 5.0 MEDIUM
CVE-1999-1571

Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.

Published: November 04, 1999; 12:00:00 AM -05:00
V2: 7.2 HIGH