N/A
Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request."
27.9%
1999-12-16
N/A
Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords.
19.4%
1999-12-16
N/A
Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request.
5.7%
1999-12-15
N/A
classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form.
3.1%
1999-12-15
N/A
classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters.
3.6%
1999-12-15
N/A
The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information.
0.1%
1999-12-14
N/A
daynad program in Intel InBusiness E-mail Station does not require authentication, which allows remote attackers to modify its configuration, delete files, or read mail.
0.5%
1999-12-14
N/A
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
0.2%
1999-12-14
N/A
Buffer overflow in VDO Live Player allows remote attackers to execute commands on the VDO client via a malformed .vdo file.
5.7%
1999-12-13
N/A
War FTP Daemon 1.70 allows remote attackers to cause a denial of service by flooding it with connections.
0.7%
1999-12-13
N/A
Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed.
8.7%
1999-12-13
N/A
The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system.
0.4%
1999-12-12
N/A
The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL.
1.3%
1999-12-12
N/A
Buffer overflow in Solaris sadmind allows remote attackers to gain root privileges using a NETMGT_PROC_SERVICE request.
5.9%
1999-12-10
N/A
The Windows help system can allow a local user to execute commands as another user by editing a table of contents metafile with a .CNT extension and modifying the topic action to include the commands to be executed when the .hlp file is accessed.
0.5%
1999-12-10
N/A
htdig allows remote attackers to execute commands via filenames with shell metacharacters.
0.8%
1999-12-09
N/A
Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.
2.4%
1999-12-09
N/A
Buffer overflow in Xshipwars xsw program.
5.8%
1999-12-09
N/A
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
2.4%
1999-12-08
N/A
Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client window and use a server-side redirect to access local files via that window, aka "Server-side Page Reference Redirect."
4.6%
1999-12-08
N/A
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail.
0.1%
1999-12-07
N/A
Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.
7.3%
1999-12-07
N/A
Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name.
6.4%
1999-12-06
N/A
Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol.
7.0%
1999-12-06
N/A
Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system.
0.1%
1999-12-05
N/A
The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file.
0.1%
1999-12-05
N/A
UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack.
0.4%
1999-12-04
N/A
ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program.
0.7%
1999-12-03
N/A
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.
0.4%
1999-12-03
N/A
Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed RETR command.
0.2%
1999-12-03
N/A
Buffer overflow in UnixWare xauto program allows local users to gain root privilege.
0.6%
1999-12-03
N/A
Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port.
0.6%
1999-12-03
N/A
UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.
0.5%
1999-12-03
N/A
The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.
0.5%
1999-12-03
N/A
dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which allows a local user to modify the ownership of arbitrary files.
0.1%
1999-12-02
N/A
Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file.
0.1%
1999-12-02
N/A
Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server.
11.9%
1999-12-02
N/A
IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin.
0.0%
1999-12-02
N/A
The default permissions for Endymion MailMan allow local users to read email or modify files.
0.1%
1999-12-02
N/A
UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.
0.4%
1999-12-02
N/A
Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin.
0.6%
1999-12-01
N/A
ZBServer Pro allows remote attackers to read source code for executable files by inserting a . (dot) into the URL.
0.6%
1999-12-01
N/A
FreeBSD mount_union command allows local users to gain root privileges via a symlink attack.
0.1%
1999-12-01
N/A
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.
0.3%
1999-12-01
N/A
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
0.3%
1999-12-01
N/A
FreeBSD gdc program allows local users to modify files via a symlink attack.
0.4%
1999-12-01
N/A
login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist.
0.2%
1999-12-01
N/A
Buffer overflow in FreeBSD gdc program.
1.1%
1999-12-01
N/A
Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure.
0.9%
1999-12-01
N/A
Denial of service in MDaemon 2.7 via a large number of connection attempts.
0.5%
1999-12-01