dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which allows a local user to modify the ownership of arbitrary files.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-02
Updated
2008-09-10
The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-14
Updated
2008-09-10
ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program.
Max CVSS
5.0
EPSS Score
0.27%
Published
1999-12-03
Updated
2008-09-10
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.
Max CVSS
7.5
EPSS Score
1.06%
Published
1999-12-03
Updated
2008-09-10
Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed RETR command.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-03
Updated
2016-10-18
The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection.
Max CVSS
7.2
EPSS Score
0.05%
Published
1999-12-22
Updated
2016-10-18
The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program.
Max CVSS
7.2
EPSS Score
0.05%
Published
1999-12-29
Updated
2018-10-12
nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-30
Updated
2016-10-18
daynad program in Intel InBusiness E-mail Station does not require authentication, which allows remote attackers to modify its configuration, delete files, or read mail.
Max CVSS
7.5
EPSS Score
0.73%
Published
1999-12-14
Updated
2016-10-18
Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers to cause a denial of service via a long user name.
Max CVSS
5.0
EPSS Score
1.32%
Published
1999-12-27
Updated
2016-10-18
Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request.
Max CVSS
7.5
EPSS Score
4.16%
Published
1999-12-30
Updated
2008-09-10
Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command.
Max CVSS
10.0
EPSS Score
0.46%
Published
1999-12-29
Updated
2008-09-10
Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack.
Max CVSS
5.0
EPSS Score
3.84%
Published
1999-12-28
Updated
2021-09-22
glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.
Max CVSS
10.0
EPSS Score
1.50%
Published
1999-12-23
Updated
2022-08-17
AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program.
Max CVSS
5.0
EPSS Score
1.97%
Published
1999-12-29
Updated
2008-09-10
glFtpD includes a default glftpd user account with a default password and a UID of 0.
Max CVSS
7.5
EPSS Score
1.42%
Published
1999-12-23
Updated
2022-08-17
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-12-28
Updated
2016-10-18
Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability.
Max CVSS
5.0
EPSS Score
0.46%
Published
1999-12-22
Updated
2018-10-12
resend command in Majordomo allows local users to gain privileges via shell metacharacters.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-12-28
Updated
2016-10-18
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."
Max CVSS
5.0
EPSS Score
0.87%
Published
1999-12-22
Updated
2022-08-17
InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments.
Max CVSS
5.0
EPSS Score
2.22%
Published
1999-12-27
Updated
2008-09-10
Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.
Max CVSS
10.0
EPSS Score
0.50%
Published
1999-12-22
Updated
2018-10-30
Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.
Max CVSS
5.0
EPSS Score
4.96%
Published
1999-12-22
Updated
2018-10-30
UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack.
Max CVSS
4.6
EPSS Score
0.05%
Published
1999-12-27
Updated
2016-10-18
Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function.
Max CVSS
2.6
EPSS Score
1.48%
Published
1999-12-23
Updated
2022-08-17
201 vulnerabilities found
1 2 3 4 5 6 7 8 9
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!