National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 124,335 matching records.
Displaying matches 122981 through 123000.
Vuln ID Summary CVSS Severity
CVE-1999-0818

Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable.

Published: November 20, 1999; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-1999-0831

Denial of service in Linux syslogd via a large number of connections.

Published: November 19, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-0999

Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet.

Published: November 19, 1999; 12:00:00 AM -05:00
    V2: 4.3 MEDIUM
CVE-1999-1475

ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.

Published: November 19, 1999; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-1999-0987

Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name.

Published: November 18, 1999; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-2000-0352

Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.

Published: November 18, 1999; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-1999-0793

Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.

Published: November 17, 1999; 12:00:00 AM -05:00
    V2: 2.6 LOW
CVE-1999-1092

tin 1.40 creates the .tin directory with insecure permissions, which allows local users to read passwords from the .inputhistory file.

Published: November 17, 1999; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-1999-1519

Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password.

Published: November 17, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2000-0073

Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word.

Published: November 17, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-1051

Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter.

Published: November 16, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-1457

Buffer overflow in thttpd HTTP server before 2.04-31 allows remote attackers to execute arbitrary commands via a long date string, which is not properly handled by the tdate_parse function.

Published: November 16, 1999; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-1999-1508

Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a remote attacker to gain administrator access by directly calling undocumented URLs such as ncl_items.html and ncl_subjects.html.

Published: November 16, 1999; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-1999-1549

Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands.

Published: November 16, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-1190

Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allows remote attackers to execute arbitrary commands via a long "From" header in an e-mail message.

Published: November 15, 1999; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-1999-1110

Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client.

Published: November 14, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-1528

ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not automatically log a user out of the NDS tree when the user logs off the system, which allows other users of the same system access to the unprotected NDS session.

Published: November 14, 1999; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2000-0165

The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands.

Published: November 13, 1999; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-1999-1050

Directory traversal vulnerability in Matt Wright FormHandler.cgi script allows remote attackers to read arbitrary files via (1) a .. (dot dot) in the reply_message_attach attachment parameter, or (2) by specifying the filename as a template.

Published: November 12, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2000-0330

The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.

Published: November 12, 1999; 12:00:00 AM -05:00
    V2: 7.6 HIGH