# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-1999-0002 |
119 |
|
Overflow |
1998-10-12 |
2009-01-26 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems. |
2 |
CVE-1999-0003 |
|
|
Exec Code Overflow |
1998-04-01 |
2018-10-30 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd). |
3 |
CVE-1999-0005 |
|
|
Exec Code Overflow |
1998-07-20 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Arbitrary command execution via IMAP buffer overflow in authenticate command. |
4 |
CVE-1999-0006 |
|
|
Overflow |
1998-07-14 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command. |
5 |
CVE-1999-0008 |
|
|
Overflow |
1998-06-08 |
2018-10-30 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in NIS+, in Sun's rpc.nisd program. |
6 |
CVE-1999-0009 |
|
|
Overflow |
1998-04-08 |
2018-10-30 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
7 |
CVE-1999-0011 |
|
|
DoS |
1998-04-08 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. |
8 |
CVE-1999-0018 |
|
|
Overflow |
1997-12-05 |
2018-10-30 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in statd allows root privileges. |
9 |
CVE-1999-0042 |
|
|
Overflow |
1997-04-07 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in University of Washington's implementation of IMAP and POP servers. |
10 |
CVE-1999-0043 |
|
|
Exec Code |
1996-12-04 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. |
11 |
CVE-1999-0046 |
|
|
Overflow |
1997-02-06 |
2018-10-30 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow of rlogin program using TERM environmental variable. |
12 |
CVE-1999-0047 |
|
|
Overflow |
1997-01-28 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. |
13 |
CVE-1999-0048 |
|
|
Exec Code |
1997-01-27 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges. |
14 |
CVE-1999-0067 |
|
|
Exec Code |
1996-03-20 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
phf CGI program allows remote command execution through shell metacharacters. |
15 |
CVE-1999-0073 |
|
|
Bypass |
1995-10-13 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access. |
16 |
CVE-1999-0080 |
|
|
|
1995-11-30 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command. |
17 |
CVE-1999-0082 |
|
|
|
1988-11-11 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
CWD ~root command in ftpd allows root access. |
18 |
CVE-1999-0088 |
|
|
Exec Code |
1998-10-26 |
2008-09-05 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
IRIX and AIX automountd services (autofsd) allow remote users to execute root commands. |
19 |
CVE-1999-0095 |
|
|
Exec Code |
1988-10-01 |
2019-06-11 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The debug command in Sendmail is enabled, allowing attackers to execute commands as root. |
20 |
CVE-1999-0097 |
|
|
Exec Code |
1997-10-29 |
2018-10-30 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). |
21 |
CVE-1999-0098 |
|
|
Overflow |
1998-04-01 |
2018-01-08 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities. |
22 |
CVE-1999-0099 |
|
|
Overflow +Priv |
1995-10-19 |
2018-10-30 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. |
23 |
CVE-1999-0100 |
|
|
|
1997-01-01 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Remote access in AIX innd 1.5.1, using control messages. |
24 |
CVE-1999-0101 |
|
|
Overflow |
1996-12-10 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names. |
25 |
CVE-1999-0113 |
|
|
|
1994-05-23 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Some implementations of rlogin allow root access if given a -froot parameter. |
26 |
CVE-1999-0119 |
|
|
|
1999-01-19 |
2008-09-05 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Windows NT 4.0 beta allows users to read and delete shares. |
27 |
CVE-1999-0124 |
|
|
|
1993-08-09 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files that can be accessed by the gopher daemon. |
28 |
CVE-1999-0165 |
|
|
|
1997-03-01 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
NFS cache poisoning. |
29 |
CVE-1999-0169 |
|
|
|
1997-07-01 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
NFS allows attackers to read and write any file on the system by specifying a false UID. |
30 |
CVE-1999-0182 |
|
|
Overflow |
1997-09-30 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password. |
31 |
CVE-1999-0186 |
|
|
Exec Code |
1998-10-01 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. |
32 |
CVE-1999-0192 |
|
|
Overflow |
1997-10-18 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. |
33 |
CVE-1999-0197 |
|
|
|
1999-01-01 |
2005-10-20 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
finger [email protected] on some systems may print information on some user accounts. |
34 |
CVE-1999-0198 |
|
|
|
1999-01-01 |
2005-10-20 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
finger [email protected] on some systems may print information on some user accounts. |
35 |
CVE-1999-0200 |
|
|
|
1999-01-01 |
2005-10-20 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password. |
36 |
CVE-1999-0203 |
|
|
+Priv |
1995-08-17 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program. |
37 |
CVE-1999-0204 |
|
|
Exec Code |
1997-01-01 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Sendmail 8.6.9 allows remote attackers to execute root commands, using ident. |
38 |
CVE-1999-0206 |
|
|
Overflow |
1996-10-01 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. |
39 |
CVE-1999-0208 |
|
|
Exec Code |
1995-12-12 |
2008-09-09 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
40 |
CVE-1999-0210 |
|
|
+Priv |
1997-11-26 |
2018-10-30 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. |
41 |
CVE-1999-0213 |
|
|
DoS |
1998-07-15 |
2018-10-30 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. |
42 |
CVE-1999-0214 |
|
|
DoS |
1992-07-21 |
2008-09-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Denial of service by sending forged ICMP unreachable packets. |
43 |
CVE-1999-0220 |
|
|
DoS |
1999-01-01 |
2005-10-20 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Attackers can do a denial of service of IRC by crashing the server. |
44 |
CVE-1999-0226 |
19 |
|
DoS |
1999-01-01 |
2017-05-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. |
45 |
CVE-1999-0232 |
|
|
Overflow |
1995-02-01 |
2017-05-03 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in NCSA WebServer (version 1.5c) gives remote access. |
46 |
CVE-1999-0233 |
|
|
Exec Code |
1996-02-25 |
2018-08-13 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files. |
47 |
CVE-1999-0235 |
|
|
Overflow |
1995-02-17 |
2008-09-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote access. |
48 |
CVE-1999-0236 |
|
|
|
1997-01-01 |
2008-09-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. |
49 |
CVE-1999-0238 |
|
|
|
1997-08-01 |
2008-09-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
php.cgi allows attackers to read any file on the system. |
50 |
CVE-1999-0241 |
|
|
Exec Code |
1995-11-01 |
2018-10-30 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |