Lista CVE - 1999 / Settembre
Visualizzazione 201 - 300 di 320 CVE per Settembre 1999 (Pagina 3 di 4)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-1999-0308 | 1999-09-29 | HP-UX gwind program allows users to modify arbitrary files. |
| CVE-1999-0309 | 1999-09-29 | HP-UX vgdisplay program gives root access to local users. |
| CVE-1999-0310 | 1999-09-29 | SSH 1.2.25 on HP-UX allows access to new user accounts. |
| CVE-1999-0311 | 1999-09-29 | fpkg2swpk in HP-UX allows local users to gain root access. |
| CVE-1999-0312 | 1999-09-29 | HP ypbind allows attackers with root privileges to modify NIS data. |
| CVE-1999-0313 | 1999-09-29 | disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames. |
| CVE-1999-0314 | 1999-09-29 | ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames. |
| CVE-1999-0315 | 1999-09-29 | Buffer overflow in Solaris fdformat command gives root access to local users. |
| CVE-1999-0316 | 1999-09-29 | Buffer overflow in Linux splitvt command gives root access to local users. |
| CVE-1999-0320 | 1999-09-29 | SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files. |
| CVE-1999-0321 | 1999-09-29 | Buffer overflow in Solaris kcms_configure command allows local users to gain root access. |
| CVE-1999-0324 | 1999-09-29 | ppl program in HP-UX allows local users to create root files through symlinks. |
| CVE-1999-0325 | 1999-09-29 | vhe_u_mnt program in HP-UX allows local users to create root files through symlinks. |
| CVE-1999-0326 | 1999-09-29 | Vulnerability in HP-UX mediainit program. |
| CVE-1999-0327 | 1999-09-29 | SGI syserr program allows local users to corrupt files. |
| CVE-1999-0328 | 1999-09-29 | SGI permissions program allows local users to gain root privileges. |
| CVE-1999-0329 | 1999-09-29 | SGI mediad program allows local users to gain root access. |
| CVE-1999-0332 | 1999-09-29 | Buffer overflow in NetMeeting allows denial of service and remote command execution. |
| CVE-1999-0334 | 1999-09-29 | In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. |
| CVE-1999-0337 | 1999-09-29 | AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled. |
| CVE-1999-0338 | 1999-09-29 | AIX Licensed Program Product performance tools allow local users to gain root access. |
| CVE-1999-0339 | 1999-09-29 | Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. |
| CVE-1999-0340 | 1999-09-29 | Buffer overflow in Linux Slackware crond program allows local users to gain root access. |
| CVE-1999-0341 | 1999-09-29 | Buffer overflow in the Linux mail program "deliver" allows local users to gain root access. |
| CVE-1999-0342 | 1999-09-29 | Linux PAM modules allow local users to gain root access using temporary files. |
| CVE-1999-0344 | 1999-09-29 | NT users can gain debug-level access on a system process using the Sechole exploit. |
| CVE-1999-0346 | 1999-09-29 | CGI PHP mlog script allows an attacker to read any file on the target server. |
| CVE-1999-0348 | 1999-09-29 | IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. |
| CVE-1999-0349 | 1999-09-29 | A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands. |
| CVE-1999-0350 | 1999-09-29 | Race condition in the db_loader program in ClearCase gives local users root access by setting SUID bits. |
| CVE-1999-0351 | 1999-09-29 | FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client. |
| CVE-1999-0353 | 1999-09-29 | rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory. |
| CVE-1999-0355 | 1999-09-29 | Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service. |
| CVE-1999-0357 | 1999-09-29 | Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets. |
| CVE-1999-0362 | 1999-09-29 | WS_FTP server remote denial of service through cwd command. |
| CVE-1999-0363 | 1999-09-29 | SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise. |
| CVE-1999-0365 | 1999-09-29 | The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry. |
| CVE-1999-0366 | 1999-09-29 | In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. |
| CVE-1999-0367 | 1999-09-29 | NetBSD netstat command allows local users to access kernel memory. |
| CVE-1999-0368 | 1999-09-29 | Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. |
| CVE-1999-0369 | 1999-09-29 | The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access. |
| CVE-1999-0371 | 1999-09-29 | Lynx allows a local user to overwrite sensitive files through /tmp symlinks. |
| CVE-1999-0372 | 1999-09-29 | The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. |
| CVE-1999-0373 | 1999-09-29 | Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root. |
| CVE-1999-0374 | 1999-09-29 | Debian GNU/Linux cfengine package is susceptible to a symlink attack. |
| CVE-1999-0375 | 1999-09-29 | Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands. |
| CVE-1999-0376 | 1999-09-29 | Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs. |
| CVE-1999-0377 | 1999-09-29 | Process table attack in Unix systems allows a remote attacker to perform a denial of service by filling a machine's process tables through multiple connections to network services. |
| CVE-1999-0379 | 1999-09-29 | Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting. |
| CVE-1999-0382 | 1999-09-29 | The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges. |
| CVE-1999-0383 | 1999-09-29 | ACC Tigris allows public access without a login. |
| CVE-1999-0384 | 1999-09-29 | The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. |
| CVE-1999-0385 | 1999-09-29 | The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. |
| CVE-1999-0386 | 1999-09-29 | Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL. |
| CVE-1999-0388 | 1999-09-29 | DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root. |
| CVE-1999-0391 | 1999-09-29 | The cryptographic challenge of SMB authentication in Windows 95 and Windows 98 can be reused, allowing an attacker to replay the response and impersonate a user. |
| CVE-1999-0392 | 1999-09-29 | Buffer overflow in Thomas Boutell's cgic library version up to 1.05. |
| CVE-1999-0396 | 1999-09-29 | A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. |
| CVE-1999-0402 | 1999-09-29 | wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. |
| CVE-1999-0404 | 1999-09-29 | Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution. |
| CVE-1999-0405 | 1999-09-29 | A buffer overflow in lsof allows local users to obtain root privilege. |
| CVE-1999-0410 | 1999-09-29 | The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access. |
| CVE-1999-0412 | 1999-09-29 | In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension. |
| CVE-1999-0413 | 1999-09-29 | A buffer overflow in the SGI X server allows local users to gain root access through the X server font path. |
| CVE-1999-0414 | 1999-09-29 | In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection. |
| CVE-1999-0417 | 1999-09-29 | 64 bit Solaris 7 procfs allows local users to perform a denial of service. |
| CVE-1999-0420 | 1999-09-29 | umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program. |
| CVE-1999-0422 | 1999-09-29 | In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set. |
| CVE-1999-0423 | 1999-09-29 | Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges. |
| CVE-1999-0424 | 1999-09-29 | talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes. |
| CVE-1999-0425 | 1999-09-29 | talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes. |
| CVE-1999-0430 | 1999-09-29 | Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload. |
| CVE-1999-0432 | 1999-09-29 | ftp on HP-UX 11.00 allows local users to gain privileges. |
| CVE-1999-0433 | 1999-09-29 | XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. |
| CVE-1999-0436 | 1999-09-29 | Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges. |
| CVE-1999-0437 | 1999-09-29 | Remote attackers can perform a denial of service in WebRamp systems by sending a malicious string to the HTTP port. |
| CVE-1999-0438 | 1999-09-29 | Remote attackers can perform a denial of service in WebRamp systems by sending a malicious UDP packet to port 5353, changing its IP address. |
| CVE-1999-0441 | 1999-09-29 | Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service. |
| CVE-1999-0442 | 1999-09-29 | Solaris ff.core allows local users to modify files. |
| CVE-1999-0445 | 1999-09-29 | In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. |
| CVE-1999-0446 | 1999-09-29 | Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS. |
| CVE-1999-0447 | 1999-09-29 | Local users can gain privileges using the debug utility in the MPE/iX operating system. |
| CVE-1999-0448 | 1999-09-29 | IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote attacker to hide the URL they really request. |
| CVE-1999-0449 | 1999-09-29 | The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3)... |
| CVE-1999-0457 | 1999-09-29 | Linux ftpwatch program allows local users to gain root privileges. |
| CVE-1999-0458 | 1999-09-29 | L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password information. |
| CVE-1999-0463 | 1999-09-29 | Remote attackers can perform a denial of service using IRIX fcagent. |
| CVE-1999-0466 | 1999-09-29 | The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device. |
| CVE-1999-0471 | 1999-09-29 | The remote proxy server in Winroute allows a remote attacker to reconfigure the proxy without authentication through the "cancel" button. |
| CVE-1999-0473 | 1999-09-29 | The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred. |
| CVE-1999-0474 | 1999-09-29 | The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory. |
| CVE-1999-0475 | 1999-09-29 | A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail. |
| CVE-1999-0478 | 1999-09-29 | Denial of service in HP-UX sendmail 8.8.6 related to accepting connections. |
| CVE-1999-0479 | 1999-09-29 | Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems. |
| CVE-1999-0481 | 1999-09-29 | Denial of service in "poll" in OpenBSD. |
| CVE-1999-0482 | 1999-09-29 | OpenBSD kernel crash through TSS handling, as caused by the crashme program. |
| CVE-1999-0483 | 1999-09-29 | OpenBSD crash using nlink value in FFS and EXT2FS filesystems. |
| CVE-1999-0484 | 1999-09-29 | Buffer overflow in OpenBSD ping. |
| CVE-1999-0485 | 1999-09-29 | Remote attackers can cause a system crash through ipintr() in ipq in OpenBSD. |
| CVE-1999-0487 | 1999-09-29 | The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files. |