CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
151 CVE-1999-0791 1999-10-06 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Hybrid Network cable modems do not include an authentication mechanism for administration, allowing remote attackers to compromise the system through the HSMP protocol.
152 CVE-1999-0798 Overflow 1998-12-04 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
153 CVE-1999-0799 Overflow 1997-06-01 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location.
154 CVE-1999-0801 1999-04-09 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
BMC Patrol allows remote attackers to gain access to an agent by spoofing frames.
155 CVE-1999-0810 DoS 1999-07-21 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Denial of service in Samba NETBIOS name service daemon (nmbd).
156 CVE-1999-0814 1999-08-11 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.
157 CVE-1999-0816 1998-05-10 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
The Motorola CableRouter allows any remote user to connect to and configure the router on port 1024.
158 CVE-1999-0817 1999-09-15 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.
159 CVE-1999-0822 Overflow 1999-11-30 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.
160 CVE-1999-0832 Exec Code Overflow 1999-11-09 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.
161 CVE-1999-0834 Overflow 1999-12-01 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library.
162 CVE-1999-0835 DoS 1999-11-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Denial of service in BIND named via malformed SIG records.
163 CVE-1999-0836 1998-12-02 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack.
164 CVE-1999-0837 DoS 1999-11-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Denial of service in BIND by improperly closing TCP sessions via so_linger.
165 CVE-1999-0853 Overflow +Priv 1999-12-01 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure.
166 CVE-1999-0874 119 DoS Overflow 1999-06-16 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
167 CVE-1999-0876 119 Overflow 2000-01-04 2018-08-13
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in Internet Explorer 4.0 via EMBED tag.
168 CVE-1999-0878 Overflow +Priv 1999-08-22 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.
169 CVE-1999-0879 Overflow +Priv 1999-10-01 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file.
170 CVE-1999-0883 1999-10-25 2018-05-02
10.0
Admin Remote Low Not required Complete Complete Complete
Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine.
171 CVE-1999-0894 2000-01-04 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.
172 CVE-1999-0896 Exec Code Overflow 1999-11-04 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password.
173 CVE-1999-0911 Overflow 1999-08-27 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.
174 CVE-1999-0913 Exec Code 1999-08-05 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
dfire.cgi script in Dragon-Fire IDS allows remote users to execute commands via shell metacharacters.
175 CVE-1999-0919 DoS 1998-05-10 2017-12-18
10.0
Admin Remote Low Not required Complete Complete Complete
A memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections.
176 CVE-1999-0920 Overflow +Priv 1999-05-26 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the pop-2d POP daemon in the IMAP package allows remote attackers to gain privileges via the FOLD command.
177 CVE-1999-0926 DoS 1999-09-03 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Apache allows remote attackers to conduct a denial of service via a large number of MIME headers.
178 CVE-1999-0935 Exec Code 1999-12-15 2005-05-02
10.0
None Remote Low Not required Complete Complete Complete
classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form.
179 CVE-1999-0936 Exec Code 1998-12-03 2005-05-02
10.0
None Remote Low Not required Complete Complete Complete
BNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters.
180 CVE-1999-0937 1998-12-03 2005-05-02
10.0
None Remote Low Not required Complete Complete Complete
BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable.
181 CVE-1999-0943 Overflow +Priv 1999-10-15 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in OpenLink 3.2 allows remote attackers to gain privileges via a long GET request to the web configurator.
182 CVE-1999-0944 1999-10-24 2005-10-20
10.0
None Remote Low Not required Complete Complete Complete
IBM WebSphere ikeyman tool uses weak encryption to store a password for a key database that is used for SSL connections.
183 CVE-1999-0950 Overflow 1999-10-28 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.
184 CVE-1999-0951 Exec Code Overflow 1999-10-22 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote attackers to execute commands.
185 CVE-1999-0953 1999-09-16 2008-09-09
10.0
Admin Remote Low Not required Complete Complete Complete
WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers.
186 CVE-1999-0967 Overflow 1997-11-01 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.
187 CVE-1999-0973 Overflow +Priv 1999-12-07 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.
188 CVE-1999-0974 Overflow +Priv 1999-12-09 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.
189 CVE-1999-0977 Overflow +Priv 1999-12-10 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.
190 CVE-1999-0987 287 1999-11-18 2018-08-13
10.0
None Remote Low Not required Complete Complete Complete
Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name.
191 CVE-1999-0992 Bypass 2000-01-18 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP).
192 CVE-1999-1011 264 Exec Code 1999-07-19 2018-10-15
10.0
Admin Remote Low Not required Complete Complete Complete
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.
193 CVE-1999-1032 +Priv 1991-12-31 2017-10-09
10.0
Admin Remote Low Not required Complete Complete Complete
Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges.
194 CVE-1999-1046 DoS Exec Code Overflow 1999-03-01 2017-12-18
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181.
195 CVE-1999-1049 1999-02-21 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password.
196 CVE-1999-1059 Exec Code 1992-02-25 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands.
197 CVE-1999-1063 Exec Code 1999-06-01 2017-12-18
10.0
Admin Remote Low Not required Complete Complete Complete
CDomain whois_raw.cgi whois CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the fqdn parameter.
198 CVE-1999-1064 DoS Exec Code Overflow 1999-08-22 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow attackers to cause a denial of service and possibly execute arbitrary commands by executing WindowMaker with a long program name (argv[0]).
199 CVE-1999-1086 +Priv 1999-07-15 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.
200 CVE-1999-1119 Exec Code 1992-04-27 2017-10-09
10.0
Admin Remote Low Not required Complete Complete Complete
FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.