Unknown · CVSS Not scored
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.
Published Sep 29, 1999 · Updated Mar 8, 2026
Medium · CVSS 5.4
Race condition in signal handling routine in ftpd, allowing read/write arbitrary files.
Published Sep 29, 1999 · Updated Oct 20, 2025
Low · CVSS 3.5
Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases.
Published Sep 29, 1999 · Updated Aug 27, 2025
High · CVSS 8.2
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.
Published Sep 29, 1999 · Updated Aug 25, 2025
High · CVSS 7
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
Published Sep 29, 1999 · Updated Apr 9, 2025
Medium · CVSS 5.4
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
Published Sep 29, 1999 · Updated Apr 9, 2025
Unknown · CVSS Not scored
The SNMP default community name "public" is not properly removed in NetApps C630 Netcache, even if the administrator tries to disable it.
Published Sep 29, 1999 · Updated Mar 17, 2025
Unknown · CVSS Not scored
Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm.
Published Sep 29, 1999 · Updated Mar 17, 2025
Unknown · CVSS Not scored
Land IP denial of service.
Published Sep 29, 1999 · Updated Mar 17, 2025
High · CVSS 7.5
Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command.
Published Sep 1, 2004 · Updated Jan 16, 2025
Critical · CVSS 9.8
Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.
Published Sep 29, 1999 · Updated Oct 29, 2024
High · CVSS 7.8
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
Published Sep 29, 1999 · Updated Oct 29, 2024
High · CVSS 8.4
root privileges via buffer overflow in ordist command on SGI IRIX systems.
Published Sep 29, 1999 · Updated Oct 29, 2024
High · CVSS 8.4
IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.
Published Sep 29, 1999 · Updated Oct 29, 2024
Unknown · CVSS Not scored
Buffer overflow in NLS (Natural Language Service).
Published Sep 29, 1999 · Updated Sep 17, 2024
High · CVSS 8.4
Buffer overflow in xlock program allows local users to execute commands as root.
Published Sep 29, 1999 · Updated Sep 12, 2024
High · CVSS 7.3
webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter.
Published Sep 29, 1999 · Updated Sep 12, 2024
Critical · CVSS 9.8
AnyForm CGI remote execution.
Published Sep 29, 1999 · Updated Aug 1, 2024
High · CVSS 8.4
Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0.
Published Sep 29, 1999 · Updated Aug 1, 2024
High · CVSS 7.3
IRIX fam service allows an attacker to obtain a list of all files on the server.
Published Sep 29, 1999 · Updated Aug 1, 2024
High · CVSS 7.5
IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.
Published Sep 29, 1999 · Updated Aug 1, 2024
Critical · CVSS 9.8
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
Published Sep 29, 1999 · Updated Aug 1, 2024
High · CVSS 8.4
Solaris ufsrestore buffer overflow.
Published Sep 29, 1999 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg.
Published Sep 12, 2001 · Updated Aug 1, 2024
High · CVSS 8.4
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.
Published Sep 29, 1999 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user to overwrite or read arbitrary files by providing the target files to runtar.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Vulnerability in a script in Texas A&M University (TAMU) Tiger allows local users to execute arbitrary commands as the Tiger user, usually root.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in its configuration, which allows arbitrary remote attackers to access the server.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console command.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value.
Published Sep 1, 2004 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2) a long HELO command in the SMTP service, or (3) a long user name in the Control Service.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pack 2 creates an update directory with "EVERYONE FULL CONTROL" permissions, which allows local users to cause Inoculan's antivirus update feature to install a Trojan horse dll.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the files over SSL.
Published Sep 1, 2004 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through SR10.3 allows remote attackers to gain root privileges via insecure system calls, (1) pad_$dm_cmd and (2) pad_$def_pfk().
Published Sep 12, 2001 · Updated Aug 1, 2024