| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0515 | — | 0.00 | — | 0.00 | Jan 1, 1999 | An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv. | ||
| CVE-1999-0520 | — | 0.00 | — | 0.01 | Jan 1, 1999 | A system-critical NETBIOS/SMB share has inappropriate access control. | ||
| CVE-1999-0523 | — | 0.00 | — | 0.01 | Jan 1, 1999 | ICMP echo (ping) is allowed from arbitrary hosts. | ||
| CVE-1999-0527 | — | 0.00 | — | 0.00 | Jan 1, 1999 | The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten. | ||
| CVE-1999-0528 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of. | ||
| CVE-1999-0529 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc. | ||
| CVE-1999-0530 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A system is operating in "promiscuous" mode which allows it to perform packet sniffing. | ||
| CVE-1999-0539 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A trust relationship exists between two Unix hosts. | ||
| CVE-1999-0547 | — | 0.00 | — | 0.00 | Jan 1, 1999 | An SSH server allows authentication through the .rhosts file. | ||
| CVE-1999-0548 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A superfluous NFS server is running, but it is not importing or exporting any file systems. | ||
| CVE-1999-0570 | 0.01 | — | 0.09 | Jan 1, 1999 | Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. | |||
| CVE-1999-0571 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts. | ||
| CVE-1999-0577 | 0.01 | — | 0.13 | Jan 1, 1999 | A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories. | |||
| CVE-1999-0578 | 0.00 | — | 0.00 | Jan 1, 1999 | A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. | |||
| CVE-1999-0579 | 0.01 | — | 0.13 | Jan 1, 1999 | A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. | |||
| CVE-1999-0580 | — | 0.00 | — | 0.00 | Jan 1, 1999 | The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, system-critical permissions. | ||
| CVE-1999-0581 | 0.00 | — | 0.04 | Jan 1, 1999 | The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions. | |||
| CVE-1999-0583 | — | 0.00 | — | 0.00 | Jan 1, 1999 | There is a one-way or two-way trust relationship between Windows NT domains. | ||
| CVE-1999-0584 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A Windows NT file system is not NTFS. | ||
| CVE-1999-0586 | — | 0.00 | — | 0.01 | Jan 1, 1999 | A network service is running on a nonstandard port. | ||
| CVE-1999-0587 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data. | ||
| CVE-1999-0588 | — | 0.00 | — | 0.01 | Jan 1, 1999 | A filter in a router or firewall allows unusual fragmented packets. | ||
| CVE-1999-0589 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A system-critical Windows NT registry key has inappropriate permissions. | ||
| CVE-1999-0591 | — | 0.00 | — | 0.00 | Jan 1, 1999 | An event log in Windows NT has inappropriate access permissions. | ||
| CVE-1999-0592 | — | 0.00 | — | 0.00 | Jan 1, 1999 | The Logon box of a Windows NT system displays the name of the last user who logged in. | ||
| CVE-1999-0593 | 0.00 | — | 0.01 | Jan 1, 1999 | The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. | |||
| CVE-1999-0594 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive. | ||
| CVE-1999-0596 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A Windows NT log file has an inappropriate maximum size or retention period. | ||
| CVE-1999-0597 | — | 0.00 | — | 0.01 | Jan 1, 1999 | A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire. | ||
| CVE-1999-0598 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection. | ||
| CVE-1999-0599 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers. | ||
| CVE-1999-0600 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A network intrusion detection system (IDS) does not verify the checksum on a packet. | ||
| CVE-1999-0601 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets. | ||
| CVE-1999-0603 | — | 0.00 | — | 0.00 | Jan 1, 1999 | In Windows NT, an inappropriate user is a member of a group, e.g. Administrator, Backup Operators, Domain Admins, Domain Guests, Power Users, Print Operators, Replicators, System Operators, etc. | ||
| CVE-1999-0611 | — | 0.00 | — | 0.00 | Jan 1, 1999 | A system-critical Windows NT registry key has an inappropriate value. | ||
| CVE-1999-0613 | — | 0.00 | — | 0.01 | Jan 1, 1999 | The rpc.sprayd service is running. | ||
| CVE-1999-0618 | — | 0.00 | — | 0.00 | Jan 1, 1999 | The rexec service is running. | ||
| CVE-1999-0624 | — | 0.00 | — | 0.01 | Jan 1, 1999 | The rstat/rstatd service is running. | ||
| CVE-1999-0625 | — | 0.00 | — | 0.01 | Jan 1, 1999 | The rpc.rquotad service is running. | ||
| CVE-1999-0629 | — | 0.00 | — | 0.01 | Jan 1, 1999 | The ident/identd service is running. | ||
| CVE-1999-0630 | — | 0.00 | — | 0.00 | Jan 1, 1999 | The NT Alerter and Messenger services are running. | ||
| CVE-1999-0632 | — | 0.00 | — | 0.01 | Jan 1, 1999 | The RPC portmapper service is running. | ||
| CVE-1999-0635 | — | 0.00 | — | 0.01 | Jan 1, 1999 | The echo service is running. | ||
| CVE-1999-0636 | — | 0.00 | — | 0.00 | Jan 1, 1999 | The discard service is running. | ||
| CVE-1999-0637 | — | 0.00 | — | 0.01 | Jan 1, 1999 | The systat service is running. | ||
| CVE-1999-0638 | — | 0.00 | — | 0.01 | Jan 1, 1999 | The daytime service is running. | ||
| CVE-1999-0639 | — | 0.00 | — | 0.01 | Jan 1, 1999 | The chargen service is running. | ||
| CVE-1999-0640 | — | 0.00 | — | 0.00 | Jan 1, 1999 | The Gopher service is running. | ||
| CVE-1999-0641 | — | 0.00 | — | 0.01 | Jan 1, 1999 | The UUCP service is running. | ||
| CVE-1999-0650 | — | 0.00 | — | 0.01 | Jan 1, 1999 | The netstat service is running, which provides sensitive information to remote attackers. |
- CVE-1999-0515Jan 1, 1999risk 0.00cvss —epss 0.00
An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv.
- CVE-1999-0520Jan 1, 1999risk 0.00cvss —epss 0.01
A system-critical NETBIOS/SMB share has inappropriate access control.
- CVE-1999-0523Jan 1, 1999risk 0.00cvss —epss 0.01
ICMP echo (ping) is allowed from arbitrary hosts.
- CVE-1999-0527Jan 1, 1999risk 0.00cvss —epss 0.00
The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten.
- CVE-1999-0528Jan 1, 1999risk 0.00cvss —epss 0.00
A router or firewall forwards external packets that claim to come from inside the network that the router/firewall is in front of.
- CVE-1999-0529Jan 1, 1999risk 0.00cvss —epss 0.00
A router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc.
- CVE-1999-0530Jan 1, 1999risk 0.00cvss —epss 0.00
A system is operating in "promiscuous" mode which allows it to perform packet sniffing.
- CVE-1999-0539Jan 1, 1999risk 0.00cvss —epss 0.00
A trust relationship exists between two Unix hosts.
- CVE-1999-0547Jan 1, 1999risk 0.00cvss —epss 0.00
An SSH server allows authentication through the .rhosts file.
- CVE-1999-0548Jan 1, 1999risk 0.00cvss —epss 0.00
A superfluous NFS server is running, but it is not importing or exporting any file systems.
- CVE-1999-0570Jan 1, 1999risk 0.01cvss —epss 0.09
Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.
- CVE-1999-0571Jan 1, 1999risk 0.00cvss —epss 0.00
A router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts.
- CVE-1999-0577Jan 1, 1999risk 0.01cvss —epss 0.13
A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.
- CVE-1999-0578Jan 1, 1999risk 0.00cvss —epss 0.00
A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.
- CVE-1999-0579Jan 1, 1999risk 0.01cvss —epss 0.13
A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.
- CVE-1999-0580Jan 1, 1999risk 0.00cvss —epss 0.00
The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, system-critical permissions.
- CVE-1999-0581Jan 1, 1999risk 0.00cvss —epss 0.04
The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions.
- CVE-1999-0583Jan 1, 1999risk 0.00cvss —epss 0.00
There is a one-way or two-way trust relationship between Windows NT domains.
- CVE-1999-0584Jan 1, 1999risk 0.00cvss —epss 0.00
A Windows NT file system is not NTFS.
- CVE-1999-0586Jan 1, 1999risk 0.00cvss —epss 0.01
A network service is running on a nonstandard port.
- CVE-1999-0587Jan 1, 1999risk 0.00cvss —epss 0.00
A WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data.
- CVE-1999-0588Jan 1, 1999risk 0.00cvss —epss 0.01
A filter in a router or firewall allows unusual fragmented packets.
- CVE-1999-0589Jan 1, 1999risk 0.00cvss —epss 0.00
A system-critical Windows NT registry key has inappropriate permissions.
- CVE-1999-0591Jan 1, 1999risk 0.00cvss —epss 0.00
An event log in Windows NT has inappropriate access permissions.
- CVE-1999-0592Jan 1, 1999risk 0.00cvss —epss 0.00
The Logon box of a Windows NT system displays the name of the last user who logged in.
- CVE-1999-0593Jan 1, 1999risk 0.00cvss —epss 0.01
The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in.
- CVE-1999-0594Jan 1, 1999risk 0.00cvss —epss 0.00
A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive.
- CVE-1999-0596Jan 1, 1999risk 0.00cvss —epss 0.00
A Windows NT log file has an inappropriate maximum size or retention period.
- CVE-1999-0597Jan 1, 1999risk 0.00cvss —epss 0.01
A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire.
- CVE-1999-0598Jan 1, 1999risk 0.00cvss —epss 0.00
A network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.
- CVE-1999-0599Jan 1, 1999risk 0.00cvss —epss 0.00
A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers.
- CVE-1999-0600Jan 1, 1999risk 0.00cvss —epss 0.00
A network intrusion detection system (IDS) does not verify the checksum on a packet.
- CVE-1999-0601Jan 1, 1999risk 0.00cvss —epss 0.00
A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.
- CVE-1999-0603Jan 1, 1999risk 0.00cvss —epss 0.00
In Windows NT, an inappropriate user is a member of a group, e.g. Administrator, Backup Operators, Domain Admins, Domain Guests, Power Users, Print Operators, Replicators, System Operators, etc.
- CVE-1999-0611Jan 1, 1999risk 0.00cvss —epss 0.00
A system-critical Windows NT registry key has an inappropriate value.
- CVE-1999-0613Jan 1, 1999risk 0.00cvss —epss 0.01
The rpc.sprayd service is running.
- CVE-1999-0618Jan 1, 1999risk 0.00cvss —epss 0.00
The rexec service is running.
- CVE-1999-0624Jan 1, 1999risk 0.00cvss —epss 0.01
The rstat/rstatd service is running.
- CVE-1999-0625Jan 1, 1999risk 0.00cvss —epss 0.01
The rpc.rquotad service is running.
- CVE-1999-0629Jan 1, 1999risk 0.00cvss —epss 0.01
The ident/identd service is running.
- CVE-1999-0630Jan 1, 1999risk 0.00cvss —epss 0.00
The NT Alerter and Messenger services are running.
- CVE-1999-0632Jan 1, 1999risk 0.00cvss —epss 0.01
The RPC portmapper service is running.
- CVE-1999-0635Jan 1, 1999risk 0.00cvss —epss 0.01
The echo service is running.
- CVE-1999-0636Jan 1, 1999risk 0.00cvss —epss 0.00
The discard service is running.
- CVE-1999-0637Jan 1, 1999risk 0.00cvss —epss 0.01
The systat service is running.
- CVE-1999-0638Jan 1, 1999risk 0.00cvss —epss 0.01
The daytime service is running.
- CVE-1999-0639Jan 1, 1999risk 0.00cvss —epss 0.01
The chargen service is running.
- CVE-1999-0640Jan 1, 1999risk 0.00cvss —epss 0.00
The Gopher service is running.
- CVE-1999-0641Jan 1, 1999risk 0.00cvss —epss 0.01
The UUCP service is running.
- CVE-1999-0650Jan 1, 1999risk 0.00cvss —epss 0.01
The netstat service is running, which provides sensitive information to remote attackers.