| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-1999-0001 |
20 |
|
DoS |
1999-12-30 |
2010-12-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets. |
|
2 |
CVE-1999-0004 |
|
|
Overflow |
1997-12-16 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. |
|
3 |
CVE-1999-0007 |
327 |
|
|
1998-06-26 |
2020-04-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Information from SSL-encrypted sessions via PKCS #1. |
|
4 |
CVE-1999-0010 |
|
|
DoS |
1998-04-08 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. |
|
5 |
CVE-1999-0012 |
|
|
Bypass |
1998-02-06 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. |
|
6 |
CVE-1999-0015 |
|
|
DoS |
1997-12-16 |
2018-05-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Teardrop IP denial of service. |
|
7 |
CVE-1999-0016 |
|
|
DoS |
1997-12-01 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Land IP denial of service. |
|
8 |
CVE-1999-0019 |
|
|
|
1996-04-24 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Delete or create a file via rpc.statd, due to invalid information. |
|
9 |
CVE-1999-0024 |
|
|
|
1997-08-13 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
DNS cache poisoning via BIND, by predictable query IDs. |
|
10 |
CVE-1999-0035 |
|
|
|
1997-05-29 |
2022-08-17 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Race condition in signal handling routine in ftpd, allowing read/write arbitrary files. |
|
11 |
CVE-1999-0052 |
|
|
DoS |
1998-11-04 |
2018-05-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. |
|
12 |
CVE-1999-0053 |
|
|
DoS |
1998-10-13 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
TCP RST denial of service in FreeBSD. |
|
13 |
CVE-1999-0054 |
|
|
DoS |
1998-06-10 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Sun's ftpd daemon can be subjected to a denial of service. |
|
14 |
CVE-1999-0060 |
|
|
DoS |
1998-03-16 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Attackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool. |
|
15 |
CVE-1999-0061 |
|
|
|
1997-10-02 |
2022-08-17 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). |
|
16 |
CVE-1999-0063 |
|
|
|
1999-01-11 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. |
|
17 |
CVE-1999-0070 |
|
|
|
1996-04-01 |
2020-10-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
test-cgi program allows an attacker to list files on the server. |
|
18 |
CVE-1999-0075 |
|
|
|
1996-10-16 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password. |
|
19 |
CVE-1999-0076 |
|
|
Overflow |
1997-07-01 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in wu-ftp from PASV command causes a core dump. |
|
20 |
CVE-1999-0077 |
|
|
|
1995-01-01 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Predictable TCP sequence numbers allow spoofing. |
|
21 |
CVE-1999-0079 |
|
|
DoS |
1997-09-12 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports. |
|
22 |
CVE-1999-0081 |
|
|
|
1997-01-11 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
wu-ftp allows files to be overwritten via the rnfr command. |
|
23 |
CVE-1999-0083 |
|
|
|
1997-06-11 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
getcwd() file descriptor leak in FTP. |
|
24 |
CVE-1999-0086 |
|
|
|
1998-01-08 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
AIX routed allows remote users to modify sensitive files. |
|
25 |
CVE-1999-0087 |
|
|
DoS |
1998-02-01 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. |
|
26 |
CVE-1999-0096 |
|
|
|
1996-12-10 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Sendmail decode alias can be used to overwrite sensitive files. |
|
27 |
CVE-1999-0103 |
|
|
|
1996-02-08 |
2018-08-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm. |
|
28 |
CVE-1999-0104 |
|
|
DoS |
1997-12-16 |
2018-08-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
|
29 |
CVE-1999-0107 |
|
|
DoS Overflow |
1997-12-30 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters. |
|
30 |
CVE-1999-0111 |
|
|
|
1997-07-01 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
RIP v1 is susceptible to spoofing. |
|
31 |
CVE-1999-0116 |
|
|
DoS |
1996-09-19 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood. |
|
32 |
CVE-1999-0128 |
|
|
DoS |
1996-12-18 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
|
33 |
CVE-1999-0140 |
|
|
DoS |
1999-06-30 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in RAS/PPTP on NT systems. |
|
34 |
CVE-1999-0153 |
|
|
DoS |
1997-07-01 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. |
|
35 |
CVE-1999-0154 |
|
|
|
1999-12-31 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL. |
|
36 |
CVE-1999-0157 |
|
|
DoS |
1998-08-18 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service. |
|
37 |
CVE-1999-0158 |
|
|
|
1998-08-31 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM server and retrieve any file whose name and location is known. |
|
38 |
CVE-1999-0159 |
|
|
|
1998-08-12 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases. |
|
39 |
CVE-1999-0162 |
|
|
Bypass |
1998-09-01 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. |
|
40 |
CVE-1999-0166 |
|
|
|
1997-01-01 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
NFS allows users to use a "cd .." command to access other directories besides the exported file system. |
|
41 |
CVE-1999-0173 |
|
|
|
1997-01-01 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
FormMail CGI program can be used by web servers other than the host server that the program resides on. |
|
42 |
CVE-1999-0175 |
|
|
|
1996-07-01 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server. |
|
43 |
CVE-1999-0179 |
17 |
|
Exec Code |
1997-01-01 |
2018-08-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share. |
|
44 |
CVE-1999-0193 |
|
|
DoS |
1997-12-01 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in Ascend and 3com routers, which can be rebooted by sending a zero length TCP option. |
|
45 |
CVE-1999-0194 |
|
|
DoS |
1999-05-01 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in in.comsat allows attackers to generate messages. |
|
46 |
CVE-1999-0195 |
|
|
DoS |
1997-07-01 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. |
|
47 |
CVE-1999-0196 |
|
|
Exec Code |
1997-07-08 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
websendmail in Webgais 1.0 allows a remote user to access arbitrary files and execute arbitrary code via the receiver parameter ($VAR_receiver variable). |
|
48 |
CVE-1999-0205 |
|
|
DoS |
1999-01-01 |
2022-08-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in Sendmail 8.6.11 and 8.6.12. |
|
49 |
CVE-1999-0209 |
|
|
|
1990-08-14 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The SunView (SunTools) selection_svc facility allows remote users to read files. |
|
50 |
CVE-1999-0211 |
|
|
|
1994-02-14 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone. |
