U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
There are 260,614 matching records.
Displaying matches 260,021 through 260,040.
Vuln ID Summary CVSS Severity
CVE-1999-1283

Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag.

Published: August 14, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0159

Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases.

Published: August 12, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-1199

Apache WWW server 1.3.1 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via a large number of MIME headers with the same name, aka the "sioux" vulnerability.

Published: August 07, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0262

Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string.

Published: August 04, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-1999-0062

The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage.

Published: August 03, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0269

Netscape Enterprise servers may list files through the PageServices query.

Published: August 01, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0288

The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets.

Published: August 01, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0333

HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack.

Published: August 01, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-1999-0339

Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.

Published: August 01, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0344

NT users can gain debug-level access on a system process using the Sechole exploit.

Published: August 01, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0516

An SNMP community name is guessable.

Published: August 01, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-1999-1136

Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems.

Published: July 30, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-1999-1406

dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel.

Published: July 29, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 2.1 LOW
CVE-1999-1448

Eudora and Eudora Light before 3.05 allows remote attackers to cause a crash and corrupt the user's mailbox via an e-mail message with certain dates, such as (1) dates before 1970, which cause a Divide By Zero error, or (2) dates that are 100 years after the current date, which causes a segmentation fault.

Published: July 29, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0941

Mutt mail client allows a remote attacker to execute commands via shell metacharacters.

Published: July 28, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-1999-1447

Internet Explorer 4.0 allows remote attackers to cause a denial of service (crash) via HTML code that contains a long CLASSID parameter in an OBJECT tag.

Published: July 28, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-1070

Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.

Published: July 25, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0005

Arbitrary command execution via IMAP buffer overflow in authenticate command.

Published: July 20, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-1200

Vintra SMTP MailServer allows remote attackers to cause a denial of service via a malformed "EXPN *@" command.

Published: July 20, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-1420

NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door password that cannot be disabled, which allows remote attackers to modify the switch's configuration.

Published: July 20, 1998; 12:00:00 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH