CVE List - 2000 / February
Showing 1 - 100 of 377 CVEs for February 2000 (Page 1 of 4)
| CVE ID | Date | Title |
|---|---|---|
| CVE-1999-0004 | 2000-02-04 | MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. |
| CVE-1999-0015 | 2000-02-04 | Teardrop IP denial of service. |
| CVE-1999-0030 | 2000-02-04 | root privileges via buffer overflow in xlock command on SGI IRIX systems. |
| CVE-1999-0033 | 2000-02-04 | Command execution in Sun systems via buffer overflow in the at program. |
| CVE-1999-0061 | 2000-02-04 | File creation and deletion, and remote execution, in the BSD line printer daemon (lpd). |
| CVE-1999-0076 | 2000-02-04 | Buffer overflow in wu-ftp from PASV command causes a core dump. |
| CVE-1999-0078 | 2000-02-04 | pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
| CVE-1999-0086 | 2000-02-04 | AIX routed allows remote users to modify sensitive files. |
| CVE-1999-0088 | 2000-02-04 | IRIX and AIX automountd services (autofsd) allow remote users to execute root commands. |
| CVE-1999-0089 | 2000-02-04 | Buffer overflow in AIX libDtSvc library can allow local users to gain root access. |
| CVE-1999-0092 | 2000-02-04 | Various vulnerabilities in the AIX portmir command allows local users to obtain root access. |
| CVE-1999-0098 | 2000-02-04 | Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities. |
| CVE-1999-0104 | 2000-02-04 | A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| CVE-1999-0105 | 2000-02-04 | finger allows recursive searches by using a long string of @ symbols. |
| CVE-1999-0106 | 2000-02-04 | Finger redirection allows finger bombs. |
| CVE-1999-0107 | 2000-02-04 | Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of /... |
| CVE-1999-0114 | 2000-02-04 | Local users can execute commands as other users, and read other users' files, through the filter command in the Elm elm-2.4 mail package using a symlink attack. |
| CVE-1999-0119 | 2000-02-04 | Windows NT 4.0 beta allows users to read and delete shares. |
| CVE-1999-0121 | 2000-02-04 | Buffer overflow in dtaction command gives root access. |
| CVE-1999-0123 | 2000-02-04 | Race condition in Linux mailx command allows local users to read user files. |
| CVE-1999-0127 | 2000-02-04 | swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access. |
| CVE-1999-0140 | 2000-02-04 | Denial of service in RAS/PPTP on NT systems. |
| CVE-1999-0144 | 2000-02-04 | Denial of service in Qmail by specifying a large number of recipients with the RCPT command. |
| CVE-1999-0156 | 2000-02-04 | wu-ftpd FTP daemon allows any user and password combination. |
| CVE-1999-0163 | 2000-02-04 | In older versions of Sendmail, an attacker could use a pipe character to execute root commands. |
| CVE-1999-0165 | 2000-02-04 | NFS cache poisoning. |
| CVE-1999-0169 | 2000-02-04 | NFS allows attackers to read and write any file on the system by specifying a false UID. |
| CVE-1999-0171 | 2000-02-04 | Denial of service in syslog by sending it a large number of superfluous messages. |
| CVE-1999-0193 | 2000-02-04 | Denial of service in Ascend and 3com routers, which can be rebooted by sending a zero length TCP option. |
| CVE-1999-0195 | 2000-02-04 | Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. |
| CVE-1999-0197 | 2000-02-04 | finger 0@host on some systems may print information on some user accounts. |
| CVE-1999-0198 | 2000-02-04 | finger .@host on some systems may print information on some user accounts. |
| CVE-1999-0200 | 2000-02-04 | Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password. |
| CVE-1999-0205 | 2000-02-04 | Denial of service in Sendmail 8.6.11 and 8.6.12. |
| CVE-1999-0213 | 2000-02-04 | libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. |
| CVE-1999-0216 | 2000-02-04 | Denial of service of inetd on Linux through SYN and RST packets. |
| CVE-1999-0220 | 2000-02-04 | Attackers can do a denial of service of IRC by crashing the server. |
| CVE-1999-0222 | 2000-02-04 | Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL. |
| CVE-1999-0226 | 2000-02-04 | Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. |
| CVE-1999-0229 | 2000-02-04 | Denial of service in Windows NT IIS server using ..\.. |
| CVE-1999-0231 | 2000-02-04 | Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access. |
| CVE-1999-0232 | 2000-02-04 | Buffer overflow in NCSA WebServer (version 1.5c) gives remote access. |
| CVE-1999-0235 | 2000-02-04 | Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote access. |
| CVE-1999-0238 | 2000-02-04 | php.cgi allows attackers to read any file on the system. |
| CVE-1999-0240 | 2000-02-04 | Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy. |
| CVE-1999-0241 | 2000-02-04 | Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |
| CVE-1999-0242 | 2000-02-04 | Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords. |
| CVE-1999-0243 | 2000-02-04 | Linux cfingerd could be exploited to gain root access. |
| CVE-1999-0246 | 2000-02-04 | HP Remote Watch allows a remote user to gain root access. |
| CVE-1999-0249 | 2000-02-04 | Windows NT RSHSVC program allows remote users to execute arbitrary commands. |
| CVE-1999-0250 | 2000-02-04 | Denial of service in Qmail through long SMTP commands. |
| CVE-1999-0253 | 2000-02-04 | IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL. |
| CVE-1999-0255 | 2000-02-04 | Buffer overflow in ircd allows arbitrary command execution. |
| CVE-1999-0257 | 2000-02-04 | Nestea variation of teardrop IP fragmentation denial of service. |
| CVE-1999-0258 | 2000-02-04 | Bonk variation of teardrop IP fragmentation denial of service. |
| CVE-1999-0261 | 2000-02-04 | Netmanager Chameleon SMTPd has several buffer overflows that cause a crash. |
| CVE-1999-0271 | 2000-02-04 | Progressive Networks Real Video server (pnserver) can be crashed remotely. |
| CVE-1999-0283 | 2000-02-04 | The Java Web Server would allow remote users to obtain the source code for CGI programs. |
| CVE-1999-0284 | 2000-02-04 | Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command. |
| CVE-1999-0285 | 2000-02-04 | Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. |
| CVE-1999-0286 | 2000-02-04 | In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages. |
| CVE-1999-0287 | 2000-02-04 | Vulnerability in the Wguest CGI program. |
| CVE-1999-0298 | 2000-02-04 | ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack. |
| CVE-1999-0306 | 2000-02-04 | buffer overflow in HP xlock program. |
| CVE-1999-0307 | 2000-02-04 | Buffer overflow in HP-UX cstm program allows local users to gain root privileges. |
| CVE-1999-0317 | 2000-02-04 | Buffer overflow in Linux su command gives root access to local users. |
| CVE-1999-0319 | 2000-02-04 | Buffer overflow in xmcd 2.1 allows local users to gain access through a user resource setting. |
| CVE-1999-0330 | 2000-02-04 | Linux bdash game has a buffer overflow that allows local users to gain root access. |
| CVE-1999-0331 | 2000-02-04 | Buffer overflow in Internet Explorer 4.0(1). |
| CVE-1999-0333 | 2000-02-04 | HP OpenView Omniback allows remote execution of commands as root via spoofing, and local users can gain root access via a symlink attack. |
| CVE-1999-0336 | 2000-02-04 | Buffer overflow in mstm in HP-UX allows local users to gain root access. |
| CVE-1999-0345 | 2000-02-04 | Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
| CVE-1999-0347 | 2000-02-04 | Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the... |
| CVE-1999-0352 | 2000-02-04 | ControlIT 4.5 and earlier (aka Remotely Possible) has weak password encryption. |
| CVE-1999-0354 | 2000-02-04 | Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that... |
| CVE-1999-0356 | 2000-02-04 | ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book. |
| CVE-1999-0360 | 2000-02-04 | MS Site Server 2.0 with IIS 4 can allow users to upload content, including ASP, to the target web site, thus allowing them to execute commands remotely. |
| CVE-1999-0361 | 2000-02-04 | NetWare version of LaserFiche stores usernames and passwords unencrypted, and allows administrative changes without logging. |
| CVE-1999-0364 | 2000-02-04 | Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data. |
| CVE-1999-0370 | 2000-02-04 | In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files. |
| CVE-1999-0381 | 2000-02-04 | super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access. |
| CVE-1999-0389 | 2000-02-04 | Buffer overflow in the bootp server in the Debian Linux netstd package. |
| CVE-1999-0394 | 2000-02-04 | DPEC Online Courseware allows an attacker to change another user's password without knowing the original password. |
| CVE-1999-0397 | 2000-02-04 | The demo version of the Quakenbush NT Password Appraiser sends passwords across the network in plaintext. |
| CVE-1999-0398 | 2000-02-04 | In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login. |
| CVE-1999-0399 | 2000-02-04 | The DCC server command in the Mirc 5.5 client doesn't filter characters from file names properly, allowing remote attackers to place a malicious file in a different location, possibly allowing... |
| CVE-1999-0400 | 2000-02-04 | Denial of service in Linux 2.2.0 running the ldd command on a core file. |
| CVE-1999-0401 | 2000-02-04 | A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. |
| CVE-1999-0406 | 2000-02-04 | Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege. |
| CVE-1999-0411 | 2000-02-04 | Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access. |
| CVE-1999-0419 | 2000-02-04 | When the Microsoft SMTP service attempts to send a message to a server and receives a 4xx error code, it quickly and repeatedly attempts to redeliver the message, causing a... |
| CVE-1999-0426 | 2000-02-04 | The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing. |
| CVE-1999-0427 | 2000-02-04 | Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long file names. |
| CVE-1999-0431 | 2000-02-04 | Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service. |
| CVE-1999-0434 | 2000-02-04 | XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. |
| CVE-1999-0435 | 2000-02-04 | MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM. |
| CVE-1999-0443 | 2000-02-04 | Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password. |
| CVE-1999-0444 | 2000-02-04 | Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files. |
| CVE-1999-0450 | 2000-02-04 | In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe). |
| CVE-1999-0451 | 2000-02-04 | Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port. |