CVE-1999-0532: A DNS server allows zone transfers.
A DNS server allows zone transfers.
Published Feb 4, 2000 · Updated Mar 17, 2025
Browse CVE records published in February 1999, with severity, affected products, CWE, KEV, and source-backed vulnerability context.
Showing 50 of 312 matching CVEs · Page 1 of 7.
A DNS server allows zone transfers.
Published Feb 4, 2000 · Updated Mar 17, 2025
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
Published Feb 4, 2000 · Updated Mar 17, 2025
An SNMP community name is the default (e.g. public), null, or missing.
Published Feb 4, 2000 · Updated Mar 17, 2025
An SNMP community name is guessable.
Published Feb 4, 2000 · Updated Mar 17, 2025
A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.
Published Feb 4, 2000 · Updated Mar 17, 2025
In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters.
Published Feb 4, 2000 · Updated Mar 17, 2025
The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system.
Published Feb 4, 2000 · Updated Aug 1, 2024
Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter.
Published Feb 4, 2000 · Updated Aug 1, 2024
UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.
Published Feb 4, 2000 · Updated Aug 1, 2024
Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system.
Published Feb 4, 2000 · Updated Aug 1, 2024
Whois Internic Lookup program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry.
Published Feb 4, 2000 · Updated Aug 1, 2024
Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.
Published Feb 4, 2000 · Updated Aug 1, 2024
Matt's Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry.
Published Feb 4, 2000 · Updated Aug 1, 2024
Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed.
Published Feb 4, 2000 · Updated Aug 1, 2024
IBM WebSphere ikeyman tool uses weak encryption to store a password for a key database that is used for SSL connections.
Published Feb 4, 2000 · Updated Aug 1, 2024
Netscape Navigator uses weak encryption for storing a user's Netscape mail password.
Published Feb 4, 2000 · Updated Aug 1, 2024
Mutt mail client allows a remote attacker to execute commands via shell metacharacters.
Published Feb 4, 2000 · Updated Aug 1, 2024
War FTP Daemon 1.70 allows remote attackers to cause a denial of service by flooding it with connections.
Published Feb 4, 2000 · Updated Aug 1, 2024
Buffer overflow in canuum program for Canna input system allows local users to gain root privileges.
Published Feb 4, 2000 · Updated Aug 1, 2024
CC Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry.
Published Feb 4, 2000 · Updated Aug 1, 2024
Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.
Published Feb 4, 2000 · Updated Aug 1, 2024
Buffer overflow in uum program for Canna input system allows local users to gain root privileges.
Published Feb 4, 2000 · Updated Aug 1, 2024
The OmniHTTPD visadmin.exe program allows a remote attacker to conduct a denial of service via a malformed URL which causes a large number of temporary files to be created.
Published Feb 4, 2000 · Updated Aug 1, 2024
Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls.
Published Feb 14, 2001 · Updated Aug 1, 2024
Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.
Published Feb 4, 2000 · Updated Aug 1, 2024
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.
Published Feb 4, 2000 · Updated Aug 1, 2024
Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.
Published Feb 4, 2000 · Updated Aug 1, 2024
dfire.cgi script in Dragon-Fire IDS allows remote users to execute commands via shell metacharacters.
Published Feb 4, 2000 · Updated Aug 1, 2024
A memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections.
Published Feb 4, 2000 · Updated Aug 1, 2024
FreeBSD gdc program allows local users to modify files via a symlink attack.
Published Feb 4, 2000 · Updated Aug 1, 2024
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
Published Feb 4, 2000 · Updated Aug 1, 2024
UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers.
Published Feb 4, 2000 · Updated Aug 1, 2024
Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.
Published Feb 4, 2000 · Updated Aug 1, 2024
Falcon web server allows remote attackers to determine the absolute path of the web root via long file names.
Published Feb 4, 2000 · Updated Aug 1, 2024
Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file.
Published Feb 4, 2000 · Updated Aug 1, 2024
Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI.
Published Feb 4, 2000 · Updated Aug 1, 2024
Buffer overflow in FreeBSD gdc program.
Published Feb 4, 2000 · Updated Aug 1, 2024
FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument.
Published Feb 4, 2000 · Updated Aug 1, 2024
IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin.
Published Feb 4, 2000 · Updated Aug 1, 2024
Buffer overflow in SCO UnixWare Xsco command via a long argument.
Published Feb 4, 2000 · Updated Aug 1, 2024
Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable.
Published Feb 4, 2000 · Updated Aug 1, 2024
Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests.
Published Feb 14, 2001 · Updated Aug 1, 2024
Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port.
Published Feb 4, 2000 · Updated Aug 1, 2024
The Motorola CableRouter allows any remote user to connect to and configure the router on port 1024.
Published Feb 4, 2000 · Updated Aug 1, 2024
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
Published Feb 4, 2000 · Updated Aug 1, 2024
Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command.
Published Feb 4, 2000 · Updated Aug 1, 2024
Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type.
Published Feb 4, 2000 · Updated Aug 1, 2024
Denial of service in MDaemon WorldClient and WebConfig services via a long URL.
Published Feb 4, 2000 · Updated Aug 1, 2024
Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option.
Published Feb 4, 2000 · Updated Aug 1, 2024
HP Secure Web Console uses weak encryption.
Published Feb 4, 2000 · Updated Aug 1, 2024