CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-1999-0002 119 Overflow 1998-10-12 2009-01-26
10.0
 Admin Remote Low Not required Complete Complete Complete
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.
2 CVE-1999-0003 Exec Code Overflow 1998-04-01 2018-10-30
10.0
 Admin Remote Low Not required Complete Complete Complete
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
3 CVE-1999-0005 Exec Code Overflow 1998-07-20 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Arbitrary command execution via IMAP buffer overflow in authenticate command.
4 CVE-1999-0006 Overflow 1998-07-14 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.
5 CVE-1999-0008 Overflow 1998-06-08 2018-10-30
10.0
 Admin Remote Low Not required Complete Complete Complete
Buffer overflow in NIS+, in Sun's rpc.nisd program.
6 CVE-1999-0009 Overflow 1998-04-08 2018-10-30
10.0
 Admin Remote Low Not required Complete Complete Complete
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
7 CVE-1999-0011 DoS 1998-04-08 2018-10-30
10.0
 None Remote Low Not required Complete Complete Complete
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
8 CVE-1999-0018 Overflow 1997-12-05 2018-10-30
10.0
 Admin Remote Low Not required Complete Complete Complete
Buffer overflow in statd allows root privileges.
9 CVE-1999-0042 Overflow 1997-04-07 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
10 CVE-1999-0043 Exec Code 1996-12-04 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
11 CVE-1999-0046 Overflow 1997-02-06 2018-10-30
10.0
 Admin Remote Low Not required Complete Complete Complete
Buffer overflow of rlogin program using TERM environmental variable.
12 CVE-1999-0047 Overflow 1997-01-28 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
13 CVE-1999-0048 Exec Code 1997-01-27 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.
14 CVE-1999-0067 Exec Code 1996-03-20 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
phf CGI program allows remote command execution through shell metacharacters.
15 CVE-1999-0073 Bypass 1995-10-13 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.
16 CVE-1999-0080 1995-11-30 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via the "site exec" command.
17 CVE-1999-0082 1988-11-11 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
CWD ~root command in ftpd allows root access.
18 CVE-1999-0088 Exec Code 1998-10-26 2008-09-05
10.0
 Admin Remote Low Not required Complete Complete Complete
IRIX and AIX automountd services (autofsd) allow remote users to execute root commands.
19 CVE-1999-0095 Exec Code 1988-10-01 2019-06-11
10.0
 Admin Remote Low Not required Complete Complete Complete
The debug command in Sendmail is enabled, allowing attackers to execute commands as root.
20 CVE-1999-0097 Exec Code 1997-10-29 2018-10-30
10.0
 Admin Remote Low Not required Complete Complete Complete
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
21 CVE-1999-0098 Overflow 1998-04-01 2018-01-08
10.0
 Admin Remote Low Not required Complete Complete Complete
Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities.
22 CVE-1999-0099 Overflow +Priv 1995-10-19 2018-10-30
10.0
 Admin Remote Low Not required Complete Complete Complete
Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.
23 CVE-1999-0100 1997-01-01 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Remote access in AIX innd 1.5.1, using control messages.
24 CVE-1999-0101 Overflow 1996-12-10 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names.
25 CVE-1999-0113 1994-05-23 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Some implementations of rlogin allow root access if given a -froot parameter.
26 CVE-1999-0119 1999-01-19 2008-09-05
10.0
 None Remote Low Not required Complete Complete Complete
Windows NT 4.0 beta allows users to read and delete shares.
27 CVE-1999-0124 1993-08-09 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files that can be accessed by the gopher daemon.
28 CVE-1999-0165 1997-03-01 2018-10-30
10.0
 None Remote Low Not required Complete Complete Complete
NFS cache poisoning.
29 CVE-1999-0169 1997-07-01 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
NFS allows attackers to read and write any file on the system by specifying a false UID.
30 CVE-1999-0182 Overflow 1997-09-30 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password.
31 CVE-1999-0186 Exec Code 1998-10-01 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters.
32 CVE-1999-0192 Overflow 1997-10-18 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
33 CVE-1999-0197 1999-01-01 2005-10-20
10.0
 None Remote Low Not required Complete Complete Complete
finger [email protected] on some systems may print information on some user accounts.
34 CVE-1999-0198 1999-01-01 2005-10-20
10.0
 None Remote Low Not required Complete Complete Complete
finger [email protected] on some systems may print information on some user accounts.
35 CVE-1999-0200 1999-01-01 2005-10-20
10.0
 None Remote Low Not required Complete Complete Complete
Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password.
36 CVE-1999-0203 +Priv 1995-08-17 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.
37 CVE-1999-0204 Exec Code 1997-01-01 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.
38 CVE-1999-0206 Overflow 1996-10-01 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
39 CVE-1999-0208 Exec Code 1995-12-12 2008-09-09
10.0
 Admin Remote Low Not required Complete Complete Complete
rpc.ypupdated (NIS) allows remote users to execute arbitrary commands.
40 CVE-1999-0210 +Priv 1997-11-26 2018-10-30
10.0
 Admin Remote Low Not required Complete Complete Complete
Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.
41 CVE-1999-0213 DoS 1998-07-15 2018-10-30
10.0
 Admin Remote Low Not required Complete Complete Complete
libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind.
42 CVE-1999-0214 DoS 1992-07-21 2008-09-09
10.0
 None Remote Low Not required Complete Complete Complete
Denial of service by sending forged ICMP unreachable packets.
43 CVE-1999-0220 DoS 1999-01-01 2005-10-20
10.0
 None Remote Low Not required Complete Complete Complete
Attackers can do a denial of service of IRC by crashing the server.
44 CVE-1999-0226 19 DoS 1999-01-01 2017-05-03
10.0
 None Remote Low Not required Complete Complete Complete
Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service.
45 CVE-1999-0232 Overflow 1995-02-01 2017-05-03
10.0
 Admin Remote Low Not required Complete Complete Complete
Buffer overflow in NCSA WebServer (version 1.5c) gives remote access.
46 CVE-1999-0233 Exec Code 1996-02-25 2018-08-13
10.0
 Admin Remote Low Not required Complete Complete Complete
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.
47 CVE-1999-0235 Overflow 1995-02-17 2008-09-09
10.0
 None Remote Low Not required Complete Complete Complete
Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote access.
48 CVE-1999-0236 1997-01-01 2008-09-09
10.0
 None Remote Low Not required Complete Complete Complete
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
49 CVE-1999-0238 1997-08-01 2008-09-09
10.0
 None Remote Low Not required Complete Complete Complete
php.cgi allows attackers to read any file on the system.
50 CVE-1999-0241 Exec Code 1995-11-01 2018-10-30
10.0
 Admin Remote Low Not required Complete Complete Complete
Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.