CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
15301 CVE-1999-0664 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
An application-critical Windows NT registry key has inappropriate permissions.
15302 CVE-1999-0663 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.
15303 CVE-1999-0662 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.
15304 CVE-1999-0661 1999-01-01 2016-10-17
10.0
None Remote Low Not required Complete Complete Complete
A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.
15305 CVE-1999-0654 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
The OS/2 or POSIX subsystem in NT is enabled.
15306 CVE-1999-0653 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A component service related to NIS+ is running.
15307 CVE-1999-0640 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
The Gopher service is running.
15308 CVE-1999-0636 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
The discard service is running.
15309 CVE-1999-0630 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
The NT Alerter and Messenger services are running.
15310 CVE-1999-0618 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
The rexec service is running.
15311 CVE-1999-0611 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A system-critical Windows NT registry key has an inappropriate value.
15312 CVE-1999-0603 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
In Windows NT, an inappropriate user is a member of a group, e.g. Administrator, Backup Operators, Domain Admins, Domain Guests, Power Users, Print Operators, Replicators, System Operators, etc.
15313 CVE-1999-0602 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A network intrusion detection system (IDS) does not properly reassemble fragmented packets.
15314 CVE-1999-0601 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.
15315 CVE-1999-0600 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A network intrusion detection system (IDS) does not verify the checksum on a packet.
15316 CVE-1999-0599 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers.
15317 CVE-1999-0598 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.
15318 CVE-1999-0597 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire.
15319 CVE-1999-0596 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A Windows NT log file has an inappropriate maximum size or retention period.
15320 CVE-1999-0594 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive.
15321 CVE-1999-0592 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
The Logon box of a Windows NT system displays the name of the last user who logged in.
15322 CVE-1999-0591 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
An event log in Windows NT has inappropriate access permissions.
15323 CVE-1999-0590 2000-06-01 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
A system does not present an appropriate legal message or warning to a user who is accessing it.
15324 CVE-1999-0589 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A system-critical Windows NT registry key has inappropriate permissions.
15325 CVE-1999-0587 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data.
15326 CVE-1999-0584 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A Windows NT file system is not NTFS.
15327 CVE-1999-0583 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
There is a one-way or two-way trust relationship between Windows NT domains.
15328 CVE-1999-0581 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions.
15329 CVE-1999-0580 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, system-critical permissions.
15330 CVE-1999-0579 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.
15331 CVE-1999-0577 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.
15332 CVE-1999-0572 1997-01-01 2008-09-09
9.3
Admin Remote Medium Not required Complete Complete Complete
.reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.
15333 CVE-1999-0571 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts.
15334 CVE-1999-0570 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.
15335 CVE-1999-0569 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file.
15336 CVE-1999-0568 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
rpc.admind in Solaris is not running in a secure mode.
15337 CVE-1999-0565 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A Sendmail alias allows input to be piped to a program.
15338 CVE-1999-0564 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
An attacker can force a printer to print arbitrary documents (e.g. if the printer doesn't require a password) or to become disabled.
15339 CVE-1999-0561 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
IIS has the #exec function enabled for Server Side Include (SSI) files.
15340 CVE-1999-0560 1999-01-01 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
A system-critical Windows NT file or directory has inappropriate permissions.
15341 CVE-1999-0559 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A system-critical Unix file or directory has inappropriate permissions.
15342 CVE-1999-0556 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
Two or more Unix accounts have the same UID.
15343 CVE-1999-0555 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A Unix account with a name other than "root" has UID 0, i.e. root privileges.
15344 CVE-1999-0554 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
NFS exports system-critical data to the world, e.g. / or a password file.
15345 CVE-1999-0548 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A superfluous NFS server is running, but it is not importing or exporting any file systems.
15346 CVE-1999-0547 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
An SSH server allows authentication through the .rhosts file.
15347 CVE-1999-0539 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A trust relationship exists between two Unix hosts.
15348 CVE-1999-0535 1997-01-01 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.
15349 CVE-1999-0530 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
A system is operating in "promiscuous" mode which allows it to perform packet sniffing.
15350 CVE-1999-0527 1999-01-01 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.