CVE List - 1999 / September
Showing 1 - 100 of 320 CVEs for September 1999 (Page 1 of 4)
| CVE ID | Date | Title |
|---|---|---|
| CVE-1999-0002 | 1999-09-29 | Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems. |
| CVE-1999-0003 | 1999-09-29 | Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd). |
| CVE-1999-0005 | 1999-09-29 | Arbitrary command execution via IMAP buffer overflow in authenticate command. |
| CVE-1999-0006 | 1999-09-29 | Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command. |
| CVE-1999-0007 | 1999-09-29 | Information from SSL-encrypted sessions via PKCS #1. |
| CVE-1999-0008 | 1999-09-29 | Buffer overflow in NIS+, in Sun's rpc.nisd program. |
| CVE-1999-0009 | 1999-09-29 | Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| CVE-1999-0010 | 1999-09-29 | Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. |
| CVE-1999-0013 | 1999-09-29 | Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user. |
| CVE-1999-0014 | 1999-09-29 | Unauthorized privileged access or denial of service via dtappgather program in CDE. |
| CVE-1999-0017 | 1999-09-29 | FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. |
| CVE-1999-0018 | 1999-09-29 | Buffer overflow in statd allows root privileges. |
| CVE-1999-0019 | 1999-09-29 | Delete or create a file via rpc.statd, due to invalid information. |
| CVE-1999-0021 | 1999-09-29 | Arbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program. |
| CVE-1999-0022 | 1999-09-29 | Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
| CVE-1999-0023 | 1999-09-29 | Local user gains root privileges via buffer overflow in rdist, via lookup() function. |
| CVE-1999-0024 | 1999-09-29 | DNS cache poisoning via BIND, by predictable query IDs. |
| CVE-1999-0025 | 1999-09-29 | root privileges via buffer overflow in df command on SGI IRIX systems. |
| CVE-1999-0026 | 1999-09-29 | root privileges via buffer overflow in pset command on SGI IRIX systems. |
| CVE-1999-0027 | 1999-09-29 | root privileges via buffer overflow in eject command on SGI IRIX systems. |
| CVE-1999-0028 | 1999-09-29 | root privileges via buffer overflow in login/scheme command on SGI IRIX systems. |
| CVE-1999-0029 | 1999-09-29 | root privileges via buffer overflow in ordist command on SGI IRIX systems. |
| CVE-1999-0032 | 1999-09-29 | Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option. |
| CVE-1999-0034 | 1999-09-29 | Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. |
| CVE-1999-0036 | 1999-09-29 | IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files. |
| CVE-1999-0037 | 1999-09-29 | Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. |
| CVE-1999-0038 | 1999-09-29 | Buffer overflow in xlock program allows local users to execute commands as root. |
| CVE-1999-0039 | 1999-09-29 | webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter. |
| CVE-1999-0040 | 1999-09-29 | Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| CVE-1999-0041 | 1999-09-29 | Buffer overflow in NLS (Natural Language Service). |
| CVE-1999-0042 | 1999-09-29 | Buffer overflow in University of Washington's implementation of IMAP and POP servers. |
| CVE-1999-0043 | 1999-09-29 | Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. |
| CVE-1999-0044 | 1999-09-29 | fsdump command in IRIX allows local users to obtain root access by modifying sensitive files. |
| CVE-1999-0045 | 1999-09-29 | List of arbitrary files on Web host via nph-test-cgi script. |
| CVE-1999-0046 | 1999-09-29 | Buffer overflow of rlogin program using TERM environmental variable. |
| CVE-1999-0047 | 1999-09-29 | MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. |
| CVE-1999-0048 | 1999-09-29 | Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges. |
| CVE-1999-0049 | 1999-09-29 | Csetup under IRIX allows arbitrary file creation or overwriting. |
| CVE-1999-0050 | 1999-09-29 | Buffer overflow in HP-UX newgrp program. |
| CVE-1999-0051 | 1999-09-29 | Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX. |
| CVE-1999-0052 | 1999-09-29 | IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. |
| CVE-1999-0053 | 1999-09-29 | TCP RST denial of service in FreeBSD. |
| CVE-1999-0054 | 1999-09-29 | Sun's ftpd daemon can be subjected to a denial of service. |
| CVE-1999-0055 | 1999-09-29 | Buffer overflows in Sun libnsl allow root access. |
| CVE-1999-0056 | 1999-09-29 | Buffer overflow in Sun's ping program can give root access to local users. |
| CVE-1999-0057 | 1999-09-29 | Vacation program allows command execution by remote users through a sendmail command. |
| CVE-1999-0058 | 1999-09-29 | Buffer overflow in PHP cgi program, php.cgi allows shell access. |
| CVE-1999-0059 | 1999-09-29 | IRIX fam service allows an attacker to obtain a list of all files on the server. |
| CVE-1999-0060 | 1999-09-29 | Attackers can cause a denial of service in Ascend MAX and Pipeline routers with a malformed packet to the discard port, which is used by the Java Configurator tool. |
| CVE-1999-0062 | 1999-09-29 | The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage. |
| CVE-1999-0063 | 1999-09-29 | Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. |
| CVE-1999-0064 | 1999-09-29 | Buffer overflow in AIX lquerylv program gives root access to local users. |
| CVE-1999-0065 | 1999-09-29 | Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. |
| CVE-1999-0066 | 1999-09-29 | AnyForm CGI remote execution. |
| CVE-1999-0067 | 1999-09-29 | phf CGI program allows remote command execution through shell metacharacters. |
| CVE-1999-0068 | 1999-09-29 | CGI PHP mylog script allows an attacker to read any file on the target server. |
| CVE-1999-0069 | 1999-09-29 | Solaris ufsrestore buffer overflow. |
| CVE-1999-0070 | 1999-09-29 | test-cgi program allows an attacker to list files on the server. |
| CVE-1999-0071 | 1999-09-29 | Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. |
| CVE-1999-0072 | 1999-09-29 | Buffer overflow in AIX xdat gives root access to local users. |
| CVE-1999-0073 | 1999-09-29 | Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access. |
| CVE-1999-0074 | 1999-09-29 | Listening TCP ports are sequentially allocated, allowing spoofing attacks. |
| CVE-1999-0075 | 1999-09-29 | PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password. |
| CVE-1999-0077 | 1999-09-29 | Predictable TCP sequence numbers allow spoofing. |
| CVE-1999-0079 | 1999-09-29 | Remote attackers can cause a denial of service in FTP by issuing multiple PASV commands, causing the server to run out of available ports. |
| CVE-1999-0080 | 1999-09-29 | Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH setting to a directory with dangerous commands, such as /bin, which allows remote authenticated users to gain root access via... |
| CVE-1999-0081 | 1999-09-29 | wu-ftp allows files to be overwritten via the rnfr command. |
| CVE-1999-0082 | 1999-09-29 | CWD ~root command in ftpd allows root access. |
| CVE-1999-0083 | 1999-09-29 | getcwd() file descriptor leak in FTP. |
| CVE-1999-0084 | 1999-09-29 | Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0. |
| CVE-1999-0085 | 1999-09-29 | Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. |
| CVE-1999-0087 | 1999-09-29 | Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. |
| CVE-1999-0090 | 1999-09-29 | Buffer overflow in AIX rcp command allows local users to obtain root access. |
| CVE-1999-0091 | 1999-09-29 | Buffer overflow in AIX writesrv command allows local users to obtain root access. |
| CVE-1999-0093 | 1999-09-29 | AIX nslookup command allows local users to obtain root access by not dropping privileges correctly. |
| CVE-1999-0094 | 1999-09-29 | AIX piodmgrsu command allows local users to gain additional group privileges. |
| CVE-1999-0095 | 1999-09-29 | The debug command in Sendmail is enabled, allowing attackers to execute commands as root. |
| CVE-1999-0096 | 1999-09-29 | Sendmail decode alias can be used to overwrite sensitive files. |
| CVE-1999-0097 | 1999-09-29 | The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). |
| CVE-1999-0099 | 1999-09-29 | Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. |
| CVE-1999-0100 | 1999-09-29 | Remote access in AIX innd 1.5.1, using control messages. |
| CVE-1999-0102 | 1999-09-29 | Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line. |
| CVE-1999-0108 | 1999-09-29 | The printers program in IRIX has a buffer overflow that gives root access to local users. |
| CVE-1999-0109 | 1999-09-29 | Buffer overflow in ffbconfig in Solaris 2.5.1. |
| CVE-1999-0111 | 1999-09-29 | RIP v1 is susceptible to spoofing. |
| CVE-1999-0112 | 1999-09-29 | Buffer overflow in AIX dtterm program for the CDE. |
| CVE-1999-0113 | 1999-09-29 | Some implementations of rlogin allow root access if given a -froot parameter. |
| CVE-1999-0116 | 1999-09-29 | Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood. |
| CVE-1999-0117 | 1999-09-29 | AIX passwd allows local users to gain root access. |
| CVE-1999-0120 | 1999-09-29 | Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root. |
| CVE-1999-0122 | 1999-09-29 | Buffer overflow in AIX lchangelv gives root access. |
| CVE-1999-0125 | 1999-09-29 | Buffer overflow in SGI IRIX mailx program. |
| CVE-1999-0126 | 1999-09-29 | SGI IRIX buffer overflow in xterm and Xaw allows root access. |
| CVE-1999-0128 | 1999-09-29 | Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
| CVE-1999-0129 | 1999-09-29 | Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| CVE-1999-0130 | 1999-09-29 | Local users can start Sendmail in daemon mode and gain root privileges. |
| CVE-1999-0131 | 1999-09-29 | Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. |
| CVE-1999-0132 | 1999-09-29 | Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. |
| CVE-1999-0133 | 1999-09-29 | fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access. |
| CVE-1999-0134 | 1999-09-29 | vold in Solaris 2.x allows local users to gain root access. |