Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges.
Max CVSS
4.6
EPSS Score
0.08%
Published
1999-04-14
Updated
2016-10-18
Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-04-09
Updated
2016-10-18
vacm ucd-snmp SNMP server, version 3.52, does not properly disable access to the public community string, which could allow remote attackers to obtain sensitive information.
Max CVSS
5.0
EPSS Score
0.95%
Published
1999-04-06
Updated
2017-12-19
IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file.
Max CVSS
7.2
EPSS Score
0.05%
Published
1999-04-15
Updated
2017-12-19
Hummingbird Exceed X version 5 allows remote attackers to cause a denial of service via malformed data to port 6000.
Max CVSS
5.0
EPSS Score
0.28%
Published
1999-04-07
Updated
2008-09-05
BMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service.
Max CVSS
5.0
EPSS Score
1.18%
Published
1999-04-01
Updated
2008-09-09
BMC Patrol allows remote attackers to gain access to an agent by spoofing frames.
Max CVSS
10.0
EPSS Score
0.88%
Published
1999-04-09
Updated
2008-09-09
A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-04-27
Updated
2022-08-17
The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-04-29
Updated
2016-10-18
Denial of service in Sendmail 8.8.6 in HPUX.
Max CVSS
5.0
EPSS Score
1.82%
Published
1999-04-19
Updated
2022-08-17
An incorrect configuration of the Webcart CGI program could disclose private information.
Max CVSS
5.0
EPSS Score
0.15%
Published
1999-04-01
Updated
2016-10-18
An incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information.
Max CVSS
5.0
EPSS Score
0.30%
Published
1999-04-01
Updated
2016-10-18
An incorrect configuration of the PDG Shopping Cart CGI program "shopper.cgi" could disclose private information.
Max CVSS
5.0
EPSS Score
0.22%
Published
1999-04-01
Updated
2017-10-10
quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insufficient access control, which allows remote attackers to obtain the cleartext administrator password and gain privileges.
Max CVSS
5.0
EPSS Score
0.47%
Published
1999-04-20
Updated
2016-10-18
An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could disclose private information.
Max CVSS
5.0
EPSS Score
0.17%
Published
1999-04-01
Updated
2016-10-18
An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private information.
Max CVSS
5.0
EPSS Score
0.17%
Published
1999-04-01
Updated
2016-10-18
An incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information.
Max CVSS
5.0
EPSS Score
0.15%
Published
1999-04-20
Updated
2016-10-18
The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses.
Max CVSS
10.0
EPSS Score
3.64%
Published
1999-04-23
Updated
2022-08-17
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-04-20
Updated
2014-12-31
MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag.
Max CVSS
7.5
EPSS Score
0.99%
Published
1999-04-21
Updated
2021-07-22
Internet Explorer 4.0 and 5.0 allows a remote attacker to execute security scripts in a different security context using malicious URLs, a variant of the "cross frame" vulnerability.
Max CVSS
7.5
EPSS Score
1.17%
Published
1999-04-21
Updated
2021-07-22
Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack.
Max CVSS
2.1
EPSS Score
0.06%
Published
1999-04-01
Updated
2022-08-17
A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail.
Max CVSS
1.2
EPSS Score
0.04%
Published
1999-04-05
Updated
2022-08-17
The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory.
Max CVSS
5.0
EPSS Score
0.47%
Published
1999-04-05
Updated
2022-08-17
The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred.
Max CVSS
2.1
EPSS Score
0.06%
Published
1999-04-07
Updated
2008-09-09
39 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!