Unknown · CVSS Not scored
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584.
Published Aug 30, 2005 · Updated Aug 1, 2024
Unknown · CVSS Not scored
FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Quake 1 and NetQuake servers allow remote attackers to cause a denial of service (resource exhaustion or forced disconnection) via a flood of spoofed UDP connection packets, which exceeds the server's player limit.
Published Aug 31, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user to overwrite or read arbitrary files by providing the target files to runtar.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.
Published Oct 15, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The Cenroll ActiveX control (xenroll.dll) for Terminal Server Editions of Windows NT 4.0 and Windows NT Server 4.0 before SP6 allows remote attackers to cause a denial of service (resource consumption) by creating a large number of arbitrary files on the target machine.
Published Apr 21, 2005 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Vulnerability in a script in Texas A&M University (TAMU) Tiger allows local users to execute arbitrary commands as the Tiger user, usually root.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in its configuration, which allows arbitrary remote attackers to access the server.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console command.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files.
Published Apr 21, 2005 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Microsoft SQL Server 6.5 uses weak encryption for the password for the SQLExecutiveCmdExec account and stores it in an accessible portion of the registry, which could allow local users to gain privileges by reading and decrypting the CmdExecAccount value.
Published Sep 1, 2004 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2) a long HELO command in the SMTP service, or (3) a long user name in the Control Service.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument.
Published Apr 21, 2005 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.
Published Aug 31, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.exe) for Windows NT 4.0 before Service Pack 4 allows remote attackers to cause a denial of service (memory consumption) via a large number of SNMP packets with Object Identifiers (OIDs) that cannot be decoded.
Published Apr 21, 2005 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
Published Apr 21, 2005 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pack 2 creates an update directory with "EVERYONE FULL CONTROL" permissions, which allows local users to cause Inoculan's antivirus update feature to install a Trojan horse dll.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
IIS 3.x and 4.x does not distinguish between pages requiring encryption and those that do not, which allows remote attackers to cause a denial of service (resource exhaustion) via SSL requests to the HTTPS port for normally unencrypted files, which will cause IIS to perform extra work to send the files over SSL.
Published Sep 1, 2004 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to read arbitrary files by specifying the target file in the "file" parameter.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586.
Published Aug 30, 2005 · Updated Aug 1, 2024
Unknown · CVSS Not scored
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.
Published Apr 21, 2005 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through SR10.3 allows remote attackers to gain root privileges via insecure system calls, (1) pad_$dm_cmd and (2) pad_$def_pfk().
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Management information base (MIB) for a 3Com SuperStack II hub running software version 2.10 contains an object identifier (.1.3.6.1.4.1.43.10.4.2) that is accessible by a read-only community string, but lists the entire table of community strings, which could allow attackers to conduct unauthorized activities.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in Celtech ExpressFS FTP server 2.x allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long USER command.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle 200 ARP requests per second allowing a denial of service attack to succeed with a flood of ARP requests exceeding that limit.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes in a MAIL FROM string.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files before they are executed, via a symlink attack on a temporary file.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attackers to execute arbitrary commands as root via an infected mail message with shell metacharacters in the reply-to field.
Published Mar 9, 2002 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Joe's Own Editor (joe) 2.8 sets the world-readable permission on its crash-save file, DEADJOE, which could allow local users to read files that were being edited by other users.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
(1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands.
Published Sep 12, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password.
Published Sep 12, 2001 · Updated Aug 1, 2024