Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-1999-1524 |
FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port. Published: August 07, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0682 |
Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying features are enabled. Published: August 06, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0727 |
A kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted. Published: August 06, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-0719 |
The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. Published: August 05, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-0913 |
dfire.cgi script in Dragon-Fire IDS allows remote users to execute commands via shell metacharacters. Published: August 05, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-1999-0671 |
Buffer overflow in ToxSoft NextFTP client through CWD command. Published: August 03, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-1999-0677 |
The WebRamp web administration utility has a default password. Published: August 03, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0703 |
OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character and block devices. Published: August 03, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 3.6 LOW |
CVE-1999-0672 |
Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics. Published: August 01, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-1999-1337 |
FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges. Published: August 01, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-1999-0683 |
Denial of service in Gauntlet Firewall via a malformed ICMP packet. Published: July 30, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-1130 |
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file. Published: July 30, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-1227 |
Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file. Published: July 30, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-1536 |
.sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file. Published: July 30, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-1999-0700 |
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file. Published: July 29, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 6.2 MEDIUM |
CVE-1999-0770 |
Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems. Published: July 29, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-1999-1078 |
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges. Published: July 29, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-1017 |
Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message. Published: July 28, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2000-0323 |
The Microsoft Jet database engine allows an attacker to modify text files via a database query, aka the "Text I-ISAM" vulnerability. Published: July 28, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.6 HIGH |
CVE-1999-1018 |
IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets. Published: July 27, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |