Security Vulnerabilities Published In June 1999

1999 : January February March April May June July August September October November December

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2000-0481		DoS Overflow	1999-06-01	2017-10-10	5.0	None	Remote	Low	Not required	None	None	Partial
Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name.
2	CVE-2000-0373		+Priv	1999-06-01	2017-10-10	7.2	None	Local	Low	Not required	Complete	Complete	Complete
Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges.
3	CVE-2000-0365			1999-06-01	2016-10-18	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices.
4	CVE-2000-0364			1999-06-01	2016-10-18	4.6	None	Local	Low	Not required	Partial	Partial	Partial
screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys.
5	CVE-2000-0353		Exec Code	1999-06-28	2008-09-10	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine.
6	CVE-2000-0118			1999-06-09	2018-10-30	7.2	None	Local	Low	Not required	Complete	Complete	Complete
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.
7	CVE-1999-1496			1999-06-08	2017-12-19	2.1	None	Local	Low	Not required	Partial	None	None
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.
8	CVE-1999-1470		+Priv	1999-06-24	2017-12-19	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Eastman Work Management 3.21 stores passwords in cleartext in the COMMON and LOCATOR registry keys, which could allow local users to gain privileges.
9	CVE-1999-1412		DoS	1999-06-03	2021-09-22	5.0	None	Remote	Low	Not required	None	None	Partial
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes.
10	CVE-1999-1400		Bypass	1999-06-03	2016-10-18	2.1	None	Local	Low	Not required	Partial	None	None
The Economist screen saver 1999 with the "Password Protected" option enabled allows users with physical access to the machine to bypass the screen saver and read files by running Internet Explorer while the screen is still locked.
11	CVE-1999-1365		+Priv Bypass	1999-06-28	2017-10-26	7.2	None	Local	Low	Not required	Complete	Complete	Complete
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default.
12	CVE-1999-1348		DoS	1999-06-30	2016-10-18	2.1	None	Local	Low	Not required	None	None	Partial
Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service.
13	CVE-1999-1237	120	Exec Code Overflow	1999-06-06	2020-07-21	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
14	CVE-1999-1231			1999-06-09	2017-12-19	5.0	None	Remote	Low	Not required	Partial	None	None
ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote attackers to determine user account names on the server.
15	CVE-1999-1164		DoS	1999-06-25	2016-10-18	5.0	None	Remote	Low	Not required	None	None	Partial
Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang.
16	CVE-1999-1063		Exec Code	1999-06-01	2017-12-19	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
CDomain whois_raw.cgi whois CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the fqdn parameter.
17	CVE-1999-1023			1999-06-10	2018-10-30	4.6	None	Local	Low	Not required	Partial	Partial	Partial
useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired.
18	CVE-1999-1019			1999-06-23	2016-10-18	7.2	None	Local	Low	Not required	Complete	Complete	Complete
SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable (processd) with a Trojan horse, facilitating a root or Administrator compromise.
19	CVE-1999-0970		DoS	1999-06-05	2017-12-19	5.0	None	Remote	Low	Not required	None	None	Partial
The OmniHTTPD visadmin.exe program allows a remote attacker to conduct a denial of service via a malformed URL which causes a large number of temporary files to be created.
20	CVE-1999-0938		Exec Code	1999-06-28	2022-08-17	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages.
21	CVE-1999-0929		DoS	1999-06-16	2022-08-17	5.0	None	Remote	Low	Not required	None	None	Partial
Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.
22	CVE-1999-0916			1999-06-29	2022-08-17	2.1	None	Local	Low	Not required	Partial	None	None
WebTrends software stores account names and passwords in a file which does not have restricted access permissions.
23	CVE-1999-0874	119	DoS Overflow	1999-06-16	2018-10-12	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Buffer overflow in IIS 4.0 allows remote attackers to cause a denial of service via a malformed request for files with .HTR, .IDC, or .STM extensions.
24	CVE-1999-0804		DoS	1999-06-01	2008-09-09	5.0	None	Remote	Low	Not required	None	None	Partial
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
25	CVE-1999-0778		Overflow	1999-06-25	2008-09-09	7.2	None	Local	Low	Not required	Complete	Complete	Complete
Buffer overflow in Xi Graphics Accelerated-X server allows local users to gain root access via a long display or query parameter.
26	CVE-1999-0775			1999-06-10	2022-08-17	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.
27	CVE-1999-0772		DoS	1999-06-01	2022-08-17	6.4	None	Remote	Low	Not required	Partial	None	Partial
Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301.
28	CVE-1999-0748		Overflow	1999-06-24	2022-08-17	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Buffer overflows in Red Hat net-tools package.
29	CVE-1999-0742		+Priv	1999-06-22	2008-09-09	5.0	None	Remote	Low	Not required	Partial	None	None
The Debian mailman package uses weak authentication, which allows attackers to gain privileges.
30	CVE-1999-0733		Overflow	1999-06-26	2008-09-09	7.2	None	Local	Low	Not required	Complete	Complete	Complete
Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable.
31	CVE-1999-0731			1999-06-23	2021-01-20	4.6	None	Local	Low	Not required	Partial	Partial	Partial
The KDE klock program allows local users to unlock a session using malformed input.
32	CVE-1999-0730			1999-06-12	2022-08-17	10.0	None	Remote	Low	Not required	Complete	Complete	Complete
The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack.
33	CVE-1999-0726	20	DoS	1999-06-30	2018-10-12	7.8	None	Remote	Low	Not required	None	None	Complete
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
34	CVE-1999-0723		DoS	1999-06-23	2018-10-12	7.1	None	Remote	Medium	Not required	None	None	Complete
The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.
35	CVE-1999-0713		+Priv	1999-06-11	2020-01-21	7.2	None	Local	Low	Not required	Complete	Complete	Complete
The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.
36	CVE-1999-0493			1999-06-07	2018-10-30	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd.
37	CVE-1999-0140		DoS	1999-06-30	2022-08-17	5.0	None	Remote	Low	Not required	None	None	Partial
Denial of service in RAS/PPTP on NT systems.

Total number of vulnerabilities : 37 Page : 1 (This Page)