VYPR

CVEs

344,488 total · page 6886 of 6,890

  • CVE-1999-0966Jan 27, 1997
    risk 0.00cvss epss 0.00

    Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0].

  • CVE-1999-0081Jan 11, 1997
    risk 0.00cvss epss 0.02

    wu-ftp allows files to be overwritten via the rnfr command.

  • CVE-1999-1088Jan 9, 1997
    risk 0.00cvss epss 0.01

    Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges.

  • CVE-1999-0049Jan 8, 1997
    risk 0.00cvss epss 0.00

    Csetup under IRIX allows arbitrary file creation or overwriting.

  • CVE-1999-1145Jan 7, 1997
    risk 0.00cvss epss 0.01

    Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges.

  • CVE-1999-1311Jan 7, 1997
    risk 0.00cvss epss 0.01

    Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows local users to bypass authentication and gain privileges.

  • CVE-1999-0051Jan 6, 1997
    risk 0.03cvss epss 0.01

    Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.

  • CVE-1999-1249Jan 6, 1997
    risk 0.00cvss epss 0.00

    movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges.

  • CVE-1999-1120Jan 4, 1997
    risk 0.03cvss epss 0.01

    netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges.

  • CVE-1999-0100Jan 1, 1997
    risk 0.00cvss epss 0.03

    Remote access in AIX innd 1.5.1, using control messages.

  • CVE-1999-0163Jan 1, 1997
    risk 0.00cvss epss 0.00

    In older versions of Sendmail, an attacker could use a pipe character to execute root commands.

  • CVE-1999-0166Jan 1, 1997
    risk 0.00cvss epss 0.01

    NFS allows users to use a "cd .." command to access other directories besides the exported file system.

  • CVE-1999-0170Jan 1, 1997
    risk 0.04cvss epss 0.18

    Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list.

  • CVE-1999-0171Jan 1, 1997
    risk 0.00cvss epss 0.00

    Denial of service in syslog by sending it a large number of superfluous messages.

  • CVE-1999-0173Jan 1, 1997
    risk 0.03cvss epss 0.05

    FormMail CGI program can be used by web servers other than the host server that the program resides on.

  • CVE-1999-0178Jan 1, 1997
    risk 0.04cvss epss 0.12

    Buffer overflow in the win-c-sample program (win-c-sample.exe) in the WebSite web server 1.1e allows remote attackers to execute arbitrary code via a long query string.

  • CVE-1999-0179Jan 1, 1997
    risk 0.00cvss epss 0.06

    Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share.

  • CVE-1999-0180Jan 1, 1997
    risk 0.00cvss epss 0.02

    in.rshd allows users to login with a NULL username and execute commands.

  • CVE-1999-0201Jan 1, 1997
    risk 0.00cvss epss 0.06

    A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user.

  • CVE-1999-0202Jan 1, 1997
    risk 0.00cvss epss 0.02

    The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands.

  • CVE-1999-0204Jan 1, 1997
    risk 0.04cvss epss 0.09

    Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.

  • CVE-1999-0217Jan 1, 1997
    risk 0.00cvss epss 0.01

    Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems.

  • CVE-1999-0236HigJan 1, 1997
    risk 0.54cvss 7.5epss 0.26

    ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.

  • CVE-1999-0249Jan 1, 1997
    risk 0.01cvss epss 0.07

    Windows NT RSHSVC program allows remote users to execute arbitrary commands.

  • CVE-1999-0251Jan 1, 1997
    risk 0.00cvss epss 0.02

    Denial of service in talk program allows remote attackers to disrupt a user's display.

  • CVE-1999-0252Jan 1, 1997
    risk 0.00cvss epss 0.03

    Buffer overflow in listserv allows arbitrary command execution.

  • CVE-1999-0253Jan 1, 1997
    risk 0.01cvss epss 0.08

    IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.

  • CVE-1999-0265Jan 1, 1997
    risk 0.00cvss epss 0.01

    ICMP redirect messages may crash or lock up a host.

  • CVE-1999-0274Jan 1, 1997
    risk 0.00cvss epss 0.06

    Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made.

  • CVE-1999-0345Jan 1, 1997
    risk 0.00cvss epss 0.01

    Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.

  • CVE-1999-0496Jan 1, 1997
    risk 0.00cvss epss 0.01

    A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin.

  • CVE-1999-0499Jan 1, 1997
    risk 0.00cvss epss 0.05

    NETBIOS share information may be published through SNMP registry keys in NT.

  • CVE-1999-0503Jan 1, 1997
    risk 0.00cvss epss 0.02

    A Windows NT local user or administrator account has a guessable password.

  • CVE-1999-0504Jan 1, 1997
    risk 0.08cvss epss 0.64

    A Windows NT local user or administrator account has a default, null, blank, or missing password.

  • CVE-1999-0510Jan 1, 1997
    risk 0.00cvss epss 0.02

    A router or firewall allows source routed packets from arbitrary hosts.

  • CVE-1999-0511CriJan 1, 1997
    risk 0.60cvss 9.1epss 0.07

    IP forwarding is enabled on a machine which is not a router or firewall.

  • CVE-1999-0517MedJan 1, 1997
    risk 0.44cvss 5.9epss 0.27

    An SNMP community name is the default (e.g. public), null, or missing.

  • CVE-1999-0518Jan 1, 1997
    risk 0.00cvss epss 0.05

    A NETBIOS/SMB share password is guessable.

  • CVE-1999-0519Jan 1, 1997
    risk 0.00cvss epss 0.06

    A NETBIOS/SMB share password is the default, null, or missing.

  • CVE-1999-0521Jan 1, 1997
    risk 0.00cvss epss 0.00

    An NIS domain name is easily guessable.

  • CVE-1999-0525Jan 1, 1997
    risk 0.00cvss epss 0.03

    IP traceroute is allowed from arbitrary hosts.

  • CVE-1999-0534Jan 1, 1997
    risk 0.00cvss epss 0.02

    A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory,…

  • CVE-1999-0535Jan 1, 1997
    risk 0.00cvss epss 0.06

    A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for password length, password age, or uniqueness.

  • CVE-1999-0550Jan 1, 1997
    risk 0.00cvss epss 0.02

    A router's routing tables can be obtained from arbitrary hosts.

  • CVE-1999-0562Jan 1, 1997
    risk 0.04cvss epss 0.11

    The registry in Windows NT can be accessed remotely by users who are not administrators.

  • CVE-1999-0572Jan 1, 1997
    risk 0.00cvss epss 0.05

    .reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks.

  • CVE-1999-0575Jan 1, 1997
    risk 0.00cvss epss 0.05

    A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking.

  • CVE-1999-0576Jan 1, 1997
    risk 0.00cvss epss 0.05

    A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories.

  • CVE-1999-0582Jan 1, 1997
    risk 0.01cvss epss 0.06

    A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc.

  • CVE-1999-0626Jan 1, 1997
    risk 0.00cvss epss 0.01

    A version of rusers is running that exposes valid user information to any entity on the network.