The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges.
Max CVSS
10.0
EPSS Score
0.88%
Published
1999-07-19
Updated
2008-09-09
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).
Max CVSS
10.0
EPSS Score
0.70%
Published
1999-07-01
Updated
2018-10-30
Denial of service in Samba NETBIOS name service daemon (nmbd).
Max CVSS
10.0
EPSS Score
0.45%
Published
1999-07-21
Updated
2022-08-17

CVE-1999-1011

Public exploit
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.
Max CVSS
10.0
EPSS Score
68.33%
Published
1999-07-19
Updated
2018-10-15
Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.
Max CVSS
10.0
EPSS Score
0.23%
Published
1999-07-15
Updated
2016-10-18
Buffer overflow in AspUpload.dll in Persits Software AspUpload before 1.4.0.2 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument in the HTTP request.
Max CVSS
10.0
EPSS Score
1.58%
Published
1999-07-20
Updated
2017-10-10
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
Max CVSS
7.8
EPSS Score
0.35%
Published
1999-07-20
Updated
2018-10-12
A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.
Max CVSS
7.8
EPSS Score
0.22%
Published
1999-07-06
Updated
2018-10-12
Denial of service in various Windows systems via malformed, fragmented IGMP packets.
Max CVSS
7.8
EPSS Score
0.43%
Published
1999-07-03
Updated
2018-10-12
The Microsoft Jet database engine allows an attacker to modify text files via a database query, aka the "Text I-ISAM" vulnerability.
Max CVSS
7.6
EPSS Score
1.28%
Published
1999-07-28
Updated
2018-10-15
The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization.
Max CVSS
7.5
EPSS Score
0.77%
Published
1999-07-01
Updated
2008-09-09
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
Max CVSS
7.5
EPSS Score
6.50%
Published
1999-07-25
Updated
2018-05-03
Cisco 675 routers running CBOS allow remote attackers to establish telnet sessions if an exec or superuser password has not been set.
Max CVSS
7.5
EPSS Score
0.56%
Published
1999-07-01
Updated
2008-09-09
Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message.
Max CVSS
7.5
EPSS Score
3.43%
Published
1999-07-28
Updated
2016-10-18
IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets.
Max CVSS
7.5
EPSS Score
0.88%
Published
1999-07-27
Updated
2016-10-18
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.
Max CVSS
7.5
EPSS Score
0.29%
Published
1999-07-29
Updated
2008-09-05
HP CDE program includes the current directory in root's PATH variable.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-07-01
Updated
2008-09-09
GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-07-21
Updated
2016-10-18
Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-07-11
Updated
2008-09-05
Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-07-30
Updated
2017-12-19
BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-07-13
Updated
2016-10-18
.sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-07-30
Updated
2016-10-18
Vulnerability in a script in Texas A&M University (TAMU) Tiger allows local users to execute arbitrary commands as the Tiger user, usually root.
Max CVSS
7.2
EPSS Score
0.05%
Published
1999-07-20
Updated
2017-12-19
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.
Max CVSS
6.2
EPSS Score
0.04%
Published
1999-07-29
Updated
2018-10-12
Denial of service in Windows NT messenger service through a long username.
Max CVSS
5.0
EPSS Score
0.21%
Published
1999-07-23
Updated
2022-08-17
40 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!