CVE |
Vendors |
Products |
Updated |
CVSS |
CVE-1999-0520 |
|
|
2005-10-20 |
6.4 |
A system-critical NETBIOS/SMB share has inappropriate access control. |
CVE-1999-0515 |
|
|
2005-10-20 |
10.0 |
An unrestricted remote trust relationship for Unix systems has been set up, e.g. by using a + sign in /etc/hosts.equiv. |
CVE-1999-0512 |
|
|
2005-10-20 |
10.0 |
A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers. |
CVE-1999-0495 |
|
|
2005-10-20 |
10.0 |
A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares. |
CVE-1999-0492 |
|
|
2005-10-20 |
10.0 |
The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses. |
CVE-1999-0465 |
|
|
2005-10-20 |
10.0 |
Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter. |
CVE-1999-0454 |
|
|
2005-10-20 |
10.0 |
A remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso. |
CVE-1999-0452 |
|
|
2005-10-20 |
10.0 |
A service or application has a backdoor password that was placed there by the developer. |
CVE-1999-0596 |
|
|
2005-10-20 |
10.0 |
A Windows NT log file has an inappropriate maximum size or retention period. |
CVE-1999-0397 |
|
|
2005-10-20 |
10.0 |
The demo version of the Quakenbush NT Password Appraiser sends passwords across the network in plaintext. |
CVE-1999-0394 |
|
|
2005-10-20 |
10.0 |
DPEC Online Courseware allows an attacker to change another user's password without knowing the original password. |
CVE-1999-0361 |
|
|
2005-10-20 |
10.0 |
NetWare version of LaserFiche stores usernames and passwords unencrypted, and allows administrative changes without logging. |
CVE-1999-0286 |
|
|
2005-10-20 |
10.0 |
In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages. |
CVE-1999-0271 |
|
|
2005-10-20 |
5.0 |
Progressive Networks Real Video server (pnserver) can be crashed remotely. |
CVE-1999-0255 |
|
|
2005-10-20 |
10.0 |
Buffer overflow in ircd allows arbitrary command execution. |
CVE-1999-0243 |
|
|
2005-10-20 |
10.0 |
Linux cfingerd could be exploited to gain root access. |
CVE-1999-0240 |
|
|
2005-10-20 |
7.5 |
Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy. |
CVE-1999-0220 |
|
|
2005-10-20 |
10.0 |
Attackers can do a denial of service of IRC by crashing the server. |
CVE-1999-0200 |
|
|
2005-10-20 |
10.0 |
Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password. |
CVE-1999-0198 |
|
|
2005-10-20 |
10.0 |
finger .@host on some systems may print information on some user accounts. |