CVE List - 2000 / January
Showing 101 - 182 of 182 CVEs for January 2000 (Page 2 of 2)
| CVE ID | Date | Title |
|---|---|---|
| CVE-1999-0879 | 2000-01-04 | Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file. |
| CVE-1999-0880 | 2000-01-04 | Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly. |
| CVE-1999-0883 | 2000-01-04 | Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine. |
| CVE-1999-0884 | 2000-01-04 | The Zeus web server administrative interface uses weak encryption for its passwords. |
| CVE-1999-0886 | 2000-01-04 | The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager. |
| CVE-1999-0887 | 2000-01-04 | FTGate web interface server allows remote attackers to read files via a .. (dot dot) attack. |
| CVE-1999-0891 | 2000-01-04 | The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect. |
| CVE-1999-0892 | 2000-01-04 | Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font. |
| CVE-1999-0894 | 2000-01-04 | Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals. |
| CVE-1999-0900 | 2000-01-04 | Buffer overflow in rpc.yppasswdd allows a local user to gain privileges via MD5 hash generation. |
| CVE-1999-0901 | 2000-01-04 | ypserv allows a local user to modify the GECOS and login shells of other users. |
| CVE-1999-0902 | 2000-01-04 | ypserv allows local administrators to modify password tables. |
| CVE-1999-0907 | 2000-01-04 | sccw allows local users to read arbitrary files. |
| CVE-1999-0909 | 2000-01-04 | Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability. |
| CVE-1999-0914 | 2000-01-04 | Buffer overflow in the FTP client in the Debian GNU/Linux netstd package. |
| CVE-1999-0915 | 2000-01-04 | URL Live! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| CVE-1999-0917 | 2000-01-04 | The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files. |
| CVE-1999-0918 | 2000-01-04 | Denial of service in various Windows systems via malformed, fragmented IGMP packets. |
| CVE-1999-0933 | 2000-01-04 | TeamTrack web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| CVE-1999-0934 | 2000-01-04 | classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters. |
| CVE-1999-0935 | 2000-01-04 | classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form. |
| CVE-1999-0936 | 2000-01-04 | BNBSurvey survey.cgi program allows remote attackers to execute commands via shell metacharacters. |
| CVE-1999-0937 | 2000-01-04 | BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable. |
| CVE-1999-0938 | 2000-01-04 | MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages. |
| CVE-1999-0939 | 2000-01-04 | Denial of service in Debian IRC Epic/epic4 client via a long string. |
| CVE-1999-0940 | 2000-01-04 | Buffer overflow in mutt mail client allows remote attackers to execute commands via malformed MIME messages. |
| CVE-1999-0943 | 2000-01-04 | Buffer overflow in OpenLink 3.2 allows remote attackers to gain privileges via a long GET request to the web configurator. |
| CVE-1999-0947 | 2000-01-04 | AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters. |
| CVE-1999-0951 | 2000-01-04 | Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote attackers to execute commands. |
| CVE-1999-0953 | 2000-01-04 | WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers. |
| CVE-1999-0956 | 2000-01-04 | The NeXT NetInfo _writers property allows local users to gain root privileges or conduct a denial of service. |
| CVE-1999-0960 | 2000-01-04 | IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option. |
| CVE-1999-0962 | 2000-01-04 | Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option. |
| CVE-1999-0963 | 2000-01-04 | FreeBSD mount_union command allows local users to gain root privileges via a symlink attack. |
| CVE-1999-0965 | 2000-01-04 | Race condition in xterm allows local users to modify arbitrary files via the logging option. |
| CVE-1999-0967 | 2000-01-04 | Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol. |
| CVE-1999-0969 | 2000-01-04 | The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed... |
| CVE-1999-0972 | 2000-01-04 | Buffer overflow in Xshipwars xsw program. |
| CVE-1999-0973 | 2000-01-04 | Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode. |
| CVE-1999-0974 | 2000-01-04 | Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service. |
| CVE-1999-0975 | 2000-01-04 | The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic... |
| CVE-1999-0977 | 2000-01-04 | Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request. |
| CVE-1999-0978 | 2000-01-04 | htdig allows remote attackers to execute commands via filenames with shell metacharacters. |
| CVE-1999-0979 | 2000-01-04 | The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is... |
| CVE-1999-0980 | 2000-01-04 | Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request. |
| CVE-1999-0981 | 2000-01-04 | Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka... |
| CVE-1999-0982 | 2000-01-04 | The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. |
| CVE-1999-0986 | 2000-01-04 | The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option. |
| CVE-1999-0987 | 2000-01-04 | Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name. |
| CVE-1999-0989 | 2000-01-04 | Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol. |
| CVE-1999-0991 | 2000-01-04 | Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name. |
| CVE-1999-0101 | 2000-01-18 | Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names. |
| CVE-1999-0233 | 2000-01-18 | IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files. |
| CVE-1999-0259 | 2000-01-18 | cfingerd lists all users on a system via search.**@target. |
| CVE-1999-0270 | 2000-01-18 | Directory traversal vulnerability in pfdispaly.cgi program (sometimes referred to as "pfdisplay") for SGI's Performer API Search Tool (performer_tools) allows remote attackers to read arbitrary files. |
| CVE-1999-0683 | 2000-01-18 | Denial of service in Gauntlet Firewall via a malformed ICMP packet. |
| CVE-1999-0694 | 2000-01-18 | Denial of service in AIX ptrace system call allows local users to crash the system. |
| CVE-1999-0708 | 2000-01-18 | Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. |
| CVE-1999-0734 | 2000-01-18 | A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication. |
| CVE-1999-0742 | 2000-01-18 | The Debian mailman package uses weak authentication, which allows attackers to gain privileges. |
| CVE-1999-0743 | 2000-01-18 | Trn allows local users to overwrite other users' files via symlinks. |
| CVE-1999-0753 | 2000-01-18 | The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories. |
| CVE-1999-0768 | 2000-01-18 | Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable. |
| CVE-1999-0770 | 2000-01-18 | Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of... |
| CVE-1999-0775 | 2000-01-18 | Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. |
| CVE-1999-0811 | 2000-01-18 | Buffer overflow in Samba smbd program via a malformed message command. |
| CVE-1999-0831 | 2000-01-18 | Denial of service in Linux syslogd via a large number of connections. |
| CVE-1999-0834 | 2000-01-18 | Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library. |
| CVE-1999-0847 | 2000-01-18 | Buffer overflow in free internet chess server (FICS) program, xboard. |
| CVE-1999-0853 | 2000-01-18 | Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure. |
| CVE-1999-0875 | 2000-01-18 | DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. |
| CVE-1999-0881 | 2000-01-18 | Falcon web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| CVE-1999-0898 | 2000-01-18 | Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request. |
| CVE-1999-0899 | 2000-01-18 | The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider. |
| CVE-1999-0905 | 2000-01-18 | Denial of service in Axent Raptor firewall via malformed zero-length IP options. |
| CVE-1999-0955 | 2000-01-18 | Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gain root access via the SITE EXEC command. |
| CVE-1999-0992 | 2000-01-18 | HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP). |
| CVE-1999-0994 | 2000-01-18 | Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords. |
| CVE-1999-0995 | 2000-01-18 | Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security... |
| CVE-1999-0999 | 2000-01-18 | Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet. |
| CVE-1999-1001 | 2000-01-18 | Cisco Cache Engine allows a remote attacker to gain access via a null username and password. |
| CVE-1999-0001 | 2000-02-04 | ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets. |
| CVE-1999-0004 | 2000-02-04 | MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. |
| CVE-1999-0015 | 2000-02-04 | Teardrop IP denial of service. |
| CVE-1999-0030 | 2000-02-04 | root privileges via buffer overflow in xlock command on SGI IRIX systems. |
| CVE-1999-0033 | 2000-02-04 | Command execution in Sun systems via buffer overflow in the at program. |
| CVE-1999-0061 | 2000-02-04 | File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). |
| CVE-1999-0076 | 2000-02-04 | Buffer overflow in wu-ftp from PASV command causes a core dump. |
| CVE-1999-0078 | 2000-02-04 | pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
| CVE-1999-0086 | 2000-02-04 | AIX routed allows remote users to modify sensitive files. |
| CVE-1999-0088 | 2000-02-04 | IRIX and AIX automountd services (autofsd) allow remote users to execute root commands. |
| CVE-1999-0089 | 2000-02-04 | Buffer overflow in AIX libDtSvc library can allow local users to gain root access. |
| CVE-1999-0092 | 2000-02-04 | Various vulnerabilities in the AIX portmir command allows local users to obtain root access. |
| CVE-1999-0098 | 2000-02-04 | Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities. |
| CVE-1999-0104 | 2000-02-04 | A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| CVE-1999-0105 | 2000-02-04 | finger allows recursive searches by using a long string of @ symbols. |
| CVE-1999-0106 | 2000-02-04 | Finger redirection allows finger bombs. |
| CVE-1999-0107 | 2000-02-04 | Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of /... |
| CVE-1999-0114 | 2000-02-04 | Local users can execute commands as other users, and read other users' files, through the filter command in the Elm elm-2.4 mail package using a symlink attack. |
| CVE-1999-0119 | 2000-02-04 | Windows NT 4.0 beta allows users to read and delete shares. |