CVE-1999-0774: Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names.
Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names.
Published Jan 4, 2000 · Updated Aug 1, 2024
Browse CVE records published in January 1999, with severity, affected products, CWE, KEV, and source-backed vulnerability context.
Showing 50 of 184 matching CVEs · Page 3 of 4.
Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names.
Published Jan 4, 2000 · Updated Aug 1, 2024
Denial of service in Samba NETBIOS name service daemon (nmbd).
Published Jan 4, 2000 · Updated Aug 1, 2024
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.
Published Jan 4, 2000 · Updated Aug 1, 2024
The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack.
Published Jan 4, 2000 · Updated Aug 1, 2024
IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.
Published Jan 4, 2000 · Updated Aug 1, 2024
A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication.
Published Jan 18, 2000 · Updated Aug 1, 2024
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
Published Jan 4, 2000 · Updated Aug 1, 2024
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.
Published Jan 4, 2000 · Updated Aug 1, 2024
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.
Published Jan 4, 2000 · Updated Aug 1, 2024
KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories.
Published Jan 4, 2000 · Updated Aug 1, 2024
Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program.
Published Jan 4, 2000 · Updated Aug 1, 2024
NetBSD allows ARP packets to overwrite static ARP entries.
Published Jan 4, 2000 · Updated Aug 1, 2024
Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.
Published Jan 18, 2000 · Updated Aug 1, 2024
A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.
Published Jan 4, 2000 · Updated Aug 1, 2024
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
Published Jan 4, 2000 · Updated Aug 1, 2024
Buffer overflow in INN inews program.
Published Jan 4, 2000 · Updated Aug 1, 2024
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page".
Published Jan 4, 2000 · Updated Aug 1, 2024
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.
Published Jan 4, 2000 · Updated Aug 1, 2024
The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack.
Published Jan 4, 2000 · Updated Aug 1, 2024
Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
Published Jan 4, 2000 · Updated Aug 1, 2024
The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories.
Published Jan 18, 2000 · Updated Aug 1, 2024
Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.
Published Jan 4, 2000 · Updated Aug 1, 2024
SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor.
Published Jan 4, 2000 · Updated Aug 1, 2024
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages.
Published Jan 4, 2000 · Updated Aug 1, 2024
Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems.
Published Jan 18, 2000 · Updated Aug 1, 2024
Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301.
Published Jan 4, 2000 · Updated Aug 1, 2024
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
Published Jan 4, 2000 · Updated Aug 1, 2024
The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.
Published Jan 4, 2000 · Updated Aug 1, 2024
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.
Published Jan 18, 2000 · Updated Aug 1, 2024
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
Published Jan 4, 2000 · Updated Aug 1, 2024
Trn allows local users to overwrite other users' files via symlinks.
Published Jan 18, 2000 · Updated Aug 1, 2024
Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.
Published Jan 4, 2000 · Updated Aug 1, 2024
The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.
Published Jan 4, 2000 · Updated Aug 1, 2024
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.
Published Jan 4, 2000 · Updated Aug 1, 2024
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
Published Jan 4, 2000 · Updated Aug 1, 2024
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
Published Jan 4, 2000 · Updated Aug 1, 2024
Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Export Favorites feature, aka the "ImportExportFavorites" vulnerability.
Published Jan 4, 2000 · Updated Aug 1, 2024
Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.
Published Jan 4, 2000 · Updated Aug 1, 2024
Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x.
Published Jan 4, 2000 · Updated Aug 1, 2024
After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.
Published Jan 4, 2000 · Updated Aug 1, 2024
The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges.
Published Jan 4, 2000 · Updated Aug 1, 2024
Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.
Published Jan 4, 2000 · Updated Aug 1, 2024
OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character and block devices.
Published Jan 4, 2000 · Updated Aug 1, 2024
A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.
Published Jan 4, 2000 · Updated Aug 1, 2024
Vulnerability in Compaq Tru64 UNIX edauth command.
Published Jan 4, 2000 · Updated Aug 1, 2024
Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field.
Published Jan 18, 2000 · Updated Aug 1, 2024
The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. (dot dot) attack.
Published Jan 4, 2000 · Updated Aug 1, 2024
Windows NT Terminal Server performs extra work when a client opens a new connection but before it is authenticated, allowing for a denial of service.
Published Jan 4, 2000 · Updated Aug 1, 2024
Denial of service in Gauntlet Firewall via a malformed ICMP packet.
Published Jan 18, 2000 · Updated Aug 1, 2024
HP CDE program includes the current directory in root's PATH variable.
Published Jan 4, 2000 · Updated Aug 1, 2024