The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.33%
Published
1999-10-08
Updated
2008-09-10
Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory.
Max CVSS
6.2
EPSS Score
0.05%
Published
1999-10-22
Updated
2008-09-10
Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-10-22
Updated
2008-09-10
Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts.
Max CVSS
4.6
EPSS Score
0.05%
Published
1999-10-13
Updated
2008-09-10
Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability.
Max CVSS
7.6
EPSS Score
0.30%
Published
1999-10-21
Updated
2018-10-12
Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message.
Max CVSS
5.0
EPSS Score
3.71%
Published
1999-10-01
Updated
2022-08-17
Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username.
Max CVSS
5.0
EPSS Score
0.71%
Published
1999-10-01
Updated
2008-09-10
Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method.
Max CVSS
5.1
EPSS Score
0.50%
Published
1999-10-31
Updated
2021-07-22
RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.
Max CVSS
10.0
EPSS Score
0.99%
Published
1999-10-04
Updated
2017-10-10
shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files before they are executed, via a symlink attack on a temporary file.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-10-04
Updated
2017-12-19
shell-lock in Cactus Software Shell Lock uses weak encryption (trivial encoding) which allows attackers to easily decrypt and obtain the source code.
Max CVSS
2.1
EPSS Score
0.05%
Published
1999-10-04
Updated
2017-12-19
Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands.
Max CVSS
5.0
EPSS Score
1.24%
Published
1999-10-29
Updated
2016-10-18
Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request.
Max CVSS
7.5
EPSS Score
0.35%
Published
1999-10-04
Updated
2017-12-19
Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier, possibly related to recursive parsing and referer tags in RXML.
Max CVSS
5.0
EPSS Score
0.56%
Published
1999-10-07
Updated
2016-10-18
Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to cause a denial of service (crash) via (1) LIST, (2) TOP, or (3) UIDL commands using letters as arguments.
Max CVSS
5.0
EPSS Score
0.28%
Published
1999-10-01
Updated
2016-10-18
Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC (Escape) key.
Max CVSS
4.6
EPSS Score
0.12%
Published
1999-10-04
Updated
2016-10-18
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
Max CVSS
7.5
EPSS Score
0.73%
Published
1999-10-05
Updated
2016-10-18
NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote attackers to cause a denial of service (resource exhaustion) via certain packets, possibly with the Urgent (URG) flag set, to port 111.
Max CVSS
5.0
EPSS Score
0.27%
Published
1999-10-06
Updated
2016-10-18
Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-10-07
Updated
2016-10-18
PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file.
Max CVSS
7.5
EPSS Score
1.06%
Published
1999-10-07
Updated
2016-10-18
Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being transferred.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-10-05
Updated
2016-10-18
Auto_FTP.pl script in Auto_FTP 0.2 stores usernames and passwords in plaintext in the auto_ftp.conf configuration file.
Max CVSS
7.5
EPSS Score
1.50%
Published
1999-10-05
Updated
2016-10-18
HTTP server for Xerox DocuColor 4 LP allows remote attackers to cause a denial of service (hang) via a long URL that contains a large number of . characters.
Max CVSS
5.0
EPSS Score
0.27%
Published
1999-10-13
Updated
2016-10-18
ICQ ActiveList Server allows remote attackers to cause a denial of service (crash) via malformed packets to the server's UDP port.
Max CVSS
5.0
EPSS Score
0.27%
Published
1999-10-17
Updated
2016-10-18
Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, allows local unprivileged users to forge IP packets via the TIOCSETD option on tty devices.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-10-22
Updated
2018-09-11
57 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!