CVE-1999-0199 (manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a ...) - glibc 2.2-1 CVE-1999-1598 REJECTED CVE-1999-1597 REJECTED CVE-1999-1596 REJECTED CVE-1999-1595 REJECTED CVE-1999-1594 REJECTED CVE-1999-1593 (Windows Internet Naming Service (WINS) allows remote attackers to caus ...) NOT-FOR-US: Windows CVE-1999-1592 (Multiple unspecified vulnerabilities in sendmail 5, as installed on Su ...) - sendmail (Concerns only ancient sendmail V5) CVE-1999-1591 (Microsoft Internet Information Services (IIS) server 4.0 SP4, without ...) NOT-FOR-US: Microsoft IIS CVE-1999-1590 (Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Coun ...) NOT-FOR-US: Muhammad A. Muquit wwwcoun CVE-1999-1589 (Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users ...) NOT-FOR-US: IBM AIX CVE-1999-1588 (Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 ...) NOT-FOR-US: Sun Solaris CVE-1999-1587 (/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier r ...) NOT-FOR-US: Solaris CVE-1999-XXXX [Insecure access control on GNU Mach's IO ports] - gnumach 1:20050801-3 (bug #46709) NOTE: Nearly six years old :-) CVE-1999-1586 (loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitiz ...) NOT-FOR-US: SunOS CVE-1999-1585 (The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly bef ...) NOT-FOR-US: Solaris CVE-1999-1584 (Unknown vulnerability in (1) loadmodule, and (2) modload if modload is ...) NOT-FOR-US: SunOS CVE-1999-1583 (Buffer overflow in nslookup for AIX 4.3 allows local users to execute ...) NOT-FOR-US: AIX CVE-1999-1582 (By design, the "established" command on the Cisco PIX firewall allows ...) NOT-FOR-US: Cisco CVE-1999-1581 (Memory leak in Simple Network Management Protocol (SNMP) agent (snmp.e ...) NOT-FOR-US: Windows CVE-1999-1580 (SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding ho ...) - sendmail (Sun-specific) CVE-1999-1579 (The Cenroll ActiveX control (xenroll.dll) for Terminal Server Editions ...) NOT-FOR-US: Windows CVE-1999-1578 (Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, I ...) NOT-FOR-US: Windows CVE-1999-1577 (Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Int ...) NOT-FOR-US: Windows CVE-1999-1576 (Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl ...) NOT-FOR-US: Acrobat Reader CVE-1999-1575 (The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (img ...) NOT-FOR-US: Kodak/Wang tools for IE CVE-1999-1574 (Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow ...) NOT-FOR-US: AIX CVE-1999-1573 (Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexe ...) NOT-FOR-US: HP-UX CVE-1999-1568 (Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1565 (Man2html 2.1 and earlier allows local users to overwrite arbitrary fil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1556 (Microsoft SQL Server 6.5 uses weak encryption for the password for the ...) NOT-FOR-US: Microsoft CVE-1999-1550 (bigconf.conf in F5 BIG/ip 2.1.2 and earlier allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1542 (RPMMail before 1.4 allows remote attackers to execute commands via an ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1537 (IIS 3.x and 4.x does not distinguish between pages requiring encryptio ...) NOT-FOR-US: Microsoft CVE-1999-1535 (Buffer overflow in AspUpload.dll in Persits Software AspUpload before ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1531 (Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a mal ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1530 (cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identif ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1520 (A configuration problem in the Ad Server Sample directory (AdSamples) ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1512 (The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1507 (Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1494 (colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1490 (xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access vi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1488 (sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1486 (sadc in IBM AIX 4.1 through 4.3, when called from programs such as tim ...) NOT-FOR-US: AIX CVE-1999-1481 (Squid 2.2.STABLE5 and below, when using external authentication, allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1478 (The Sun HotSpot Performance Engine VM allows a remote attacker to caus ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1476 (A bug in Intel Pentium processor (MMX and Overdrive) allows local user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1473 (When a Web site redirects the browser to another site, Internet Explor ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1472 (Internet Explorer 4.0 allows remote attackers to read arbitrary text a ...) NOT-FOR-US: Microsoft CVE-1999-1468 (rdist in various UNIX systems uses popen to execute sendmail, which al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1456 (thttpd HTTP server 2.03 and earlier allows remote attackers to read ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1455 (RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not prop ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1452 (GINA in Windows NT 4.0 allows attackers with physical access to displa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1437 (ePerl 2.2.12 allows remote attackers to read arbitrary files and possi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1433 (HP JetAdmin D.01.09 on Solaris allows local users to change the permis ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1432 (Power management (Powermanagement) on Solaris 2.4 through 2.6 does not ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1423 (ping in Solaris 2.3 through 2.6 allows local users to cause a denial o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1419 (Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1414 (IBM Netfinity Remote Control allows local users to gain administrator ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1411 (The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 ad ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1409 (The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1407 (ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows loc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1402 (The access permissions for a UNIX domain socket are ignored in Solaris ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1397 (Index Server 2.0 on IIS 4.0 stores physical path information in the Co ...) NOT-FOR-US: Microsoft CVE-1999-1386 (Perl 5.004_04 and earlier follows symbolic links when running with the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1385 (Buffer overflow in ppp program in FreeBSD 2.1 and earlier allows local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1384 (Indigo Magic System Tour in the SGI system tour package (systour) for ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1382 (NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by ch ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1380 (Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX Act ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1379 (DNS allows remote attackers to use DNS name servers as traffic amplifi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1365 (Windows NT searches a user's home directory (%systemroot% by default) ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1363 (Windows NT 3.51 and 4.0 allow local users to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1362 (Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1360 (Windows NT 4.0 allows local users to cause a denial of service via a u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1359 (When the Ntconfig.pol file is used on a server whose name is longer th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1358 (When an administrator in Windows NT or Windows 2000 changes a user pol ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1356 (Compaq Integration Maintenance Utility as used in Compaq Insight Manag ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1351 (Directory traversal vulnerability in KVIrc IRC client 0.9.0 with the " ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1341 (Linux kernel before 2.3.18 or 2.2.13pre15, with SLIP and PPP options, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1339 (Vulnerability when Network Address Translation (NAT) is enabled in Lin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1337 (FTP client in Midnight Commander (mc) before 4.5.11 stores usernames a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1336 (3Com HiPer Access Router Card (HiperARC) 4.0 through 4.2.29 allows rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1335 (snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1333 (automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1332 (gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows loca ...) {DSA-308} - gzip 1.3.5-6 CVE-1999-1331 (netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1330 (The snprintf function in the db library 1.85.4 ignores the size parame ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1329 (Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows lo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1328 (linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1327 (Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows l ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1326 (wu-ftpd 2.4 FTP server does not properly drop privileges when an ABOR ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1325 (SAS System 5.18 on VAX/VMS is installed with insecure permissions for ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1324 (VAXstations running Open VMS 5.3 through 5.5-2 with VMS DECwindows or ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1321 (Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1320 (Vulnerability in Novell NetWare 3.x and earlier allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1318 (/usr/5bin/su in SunOS 4.1.3 and earlier uses a search path that includ ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1317 (Windows NT 4.0 SP4 and earlier allows local users to gain privileges b ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1316 (Passfilt.dll in Windows NT SP2 allows users to create a password that ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1309 (Sendmail before 8.6.7 allows local users to gain root access via a lar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1301 (A design flaw in the Z-Modem protocol allows the remote sender of a fi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1298 (Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FT ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1297 (cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1294 (Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1290 (Buffer overflow in nftp FTP client version 1.40 allows remote maliciou ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1288 (Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1284 (NukeNabber allows remote attackers to cause a denial of service by con ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1279 (An interaction between the AS/400 shared folders feature and Microsoft ...) NOT-FOR-US: Microsoft CVE-1999-1276 (fte-console in the fte package before 0.46b-4.1 does not drop root pri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1263 (Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1262 (Java in Netscape 4.5 does not properly restrict applets from connectin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1259 (Microsoft Office 98, Macintosh Edition, does not properly initialize t ...) NOT-FOR-US: Microsoft CVE-1999-1258 (rpc.pwdauthd in SunOS 4.1.1 and earlier does not properly prevent remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1249 (movemail in HP-UX 10.20 has insecure permissions, which allows local u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1246 (Direct Mailer feature in Microsoft Site Server 3.0 saves user domain n ...) NOT-FOR-US: Microsoft CVE-1999-1243 (SGI Desktop Permissions Tool in IRIX 6.0.1 and earlier allows local us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1233 (IIS 4.0 does not properly restrict access for the initial session requ ...) NOT-FOR-US: Microsoft CVE-1999-1226 (Netscape Communicator 4.7 and earlier allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1223 (IIS 3.0 allows remote attackers to cause a denial of service via a req ...) NOT-FOR-US: Microsoft CVE-1999-1222 (Netbt.sys in Windows NT 4.0 allows remote malicious DNS servers to cau ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1217 (The PATH in Windows NT includes the current working directory (.), whi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1215 (LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1214 (The asynchronous I/O facility in 4.4 BSD kernel does not check user cr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1209 (Vulnerability in scoterm in SCO OpenServer 5.0 and SCO Open Desktop/Op ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1208 (Buffer overflow in ping in AIX 4.2 and earlier allows local users to g ...) NOT-FOR-US: AIX CVE-1999-1205 (nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1204 (Check Point Firewall-1 does not properly handle certain restricted key ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1203 (Multilink PPP for ISDN dialup users in Ascend before 4.6 allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1201 (Windows 95 and Windows 98 systems, when configured with multiple TCP/I ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1199 (Apache WWW server 1.3.1 and earlier allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1198 (BuildDisk program on NeXT systems before 2.0 does not prompt users for ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1197 (TIOCCONS in SunOS 4.1.1 does not properly check the permissions of a u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1194 (chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1193 (The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privile ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1192 (Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1191 (Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1189 (Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1188 (mysqld in MySQL 3.21 creates log files with world-readable permissions ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1181 (Vulnerability in On-Line Customer Registration software for IRIX 6.2 t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1177 (Directory traversal vulnerability in nph-publish before 1.2 allows rem ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1175 (Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS ...) NOT-FOR-US: Cisco CVE-1999-1167 (Cross-site scripting vulnerability in Third Voice Web annotation utili ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1163 (Vulnerability in HP Series 800 S/X/V Class servers allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1162 (Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1161 (Vulnerability in ppl in HP-UX 10.x and earlier allows local users to g ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1160 (Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and pos ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1159 (SSH 2.0.11 and earlier allows local users to request remote forwarding ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1157 (Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to caus ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1156 (BisonWare FTP Server 4.1 and earlier allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1148 (FTP service in IIS 4.0 and earlier allows remote attackers to cause a ...) NOT-FOR-US: Microsoft CVE-1999-1147 (Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1146 (Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1145 (Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and ear ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1144 (Certain files in MPower in HP-UX 10.x are installed with insecure perm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1143 (Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlie ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1142 (SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_ ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1140 (Buffer overflow in CrackLib 2.5 may allow local users to gain root pri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1139 (Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1138 (SCO UNIX System V/386 Release 3.2, and other SCO products, installs th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1137 (The permissions for the /dev/audio device on Solaris 2.2 and earlier, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1136 (Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1132 (Windows NT 4.0 allows remote attackers to cause a denial of service (c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1131 (Buffer overflow in OSF Distributed Computing Environment (DCE) securit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1127 (Windows NT 4.0 does not properly shut down invalid named pipe RPC conn ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1122 (Vulnerability in restore in SunOS 4.0.3 and earlier allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1121 (The default configuration for UUCP in AIX before 3.2 allows local user ...) NOT-FOR-US: AIX CVE-1999-1120 (netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental var ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1119 (FTP installation script anon.ftp in AIX insecurely configures anonymou ...) NOT-FOR-US: AIX CVE-1999-1118 (ndd in Solaris 2.6 allows local users to cause a denial of service by ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1117 (lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files ...) NOT-FOR-US: AIX CVE-1999-1116 (Vulnerability in runpriv in Indigo Magic System Administration subsyst ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1115 (Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr1 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1114 (Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1111 (Vulnerability in StackGuard before 1.21 allows remote attackers to byp ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1109 (Sendmail before 8.10.0 allows remote attackers to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1105 (Windows 95, when Remote Administration and File Sharing for NetWare Ne ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1104 (Windows 95 uses weak encryption for the password list (.pwl) file used ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1103 (dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arb ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1102 (lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1100 (Cisco PIX Private Link 4.1.6 and earlier does not properly process cer ...) NOT-FOR-US: Cisco CVE-1999-1099 (Kerberos 4 allows remote attackers to obtain sensitive information via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1098 (Vulnerability in BSD Telnet client with encryption and Kerberos 4 auth ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1094 (Buffer overflow in Internet Explorer 4.01 and earlier allows remote at ...) NOT-FOR-US: Microsoft CVE-1999-1093 (Buffer overflow in the Window.External function in the JScript Scripti ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1090 (The default configuration of NCSA Telnet package for Macintosh and PC ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1087 (Internet Explorer 4 treats a 32-bit number ("dotless IP address") in t ...) NOT-FOR-US: Microsoft CVE-1999-1085 (SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Bl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1080 (rmmount in SunOS 5.7 may mount file systems without the nosuid flag se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1074 (Webmin before 0.5 does not restrict the number of invalid passwords th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1059 (Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for vari ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1057 (VMS 4.0 through 5.3 allows local users to gain privileges via the ANAL ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1055 (Microsoft Excel 97 does not warn the user before executing worksheet f ...) NOT-FOR-US: Microsoft CVE-1999-1048 (Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1047 (When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1045 (pnserver in RealServer 5.0 and earlier allows remote attackers to caus ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1044 (Vulnerability in Advanced File System Utility (advfs) in Digital UNIX ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1037 (rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary fil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1035 (IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a de ...) NOT-FOR-US: Microsoft CVE-1999-1034 (Vulnerability in login in AT&T System V Release 4 allows local use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1032 (Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1028 (Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1027 (Solaris 2.6 HW3/98 installs admintool with world-writable permissions, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1021 (NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1019 (SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1014 (Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1011 (The Remote Data Service (RDS) DataFactory component of Microsoft Data ...) NOT-FOR-US: Microsoft CVE-1999-1010 (An SSH 1.2.27 server allows a client to use the "none" cipher, even if ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1008 (xsoldier program allows local users to gain root access via a long arg ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1007 (Buffer overflow in VDO Live Player allows remote attackers to execute ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1005 (Groupwise web server GWWEB.EXE allows remote attackers to read arbitra ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1004 (Buffer overflow in the POP server POProxy for the Norton Anti-Virus pr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1001 (Cisco Cache Engine allows a remote attacker to gain access via a null ...) NOT-FOR-US: Cisco CVE-1999-1000 (The web administration interface for Cisco Cache Engine allows remote ...) NOT-FOR-US: Cisco CVE-1999-0999 (Microsoft SQL 7.0 server allows a remote attacker to cause a denial of ...) NOT-FOR-US: Microsoft CVE-1999-0998 (Cisco Cache Engine allows an attacker to replace content in the cache. ...) NOT-FOR-US: Cisco CVE-1999-0997 (wu-ftp with FTP conversion enabled allows an attacker to execute comma ...) {DSA-377} - wu-ftpd 2.6.2-15 CVE-1999-0996 (Buffer overflow in Infoseek Ultraseek search engine allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0995 (Windows NT Local Security Authority (LSA) allows remote attackers to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0994 (Windows NT with SYSKEY reuses the keystream that is used for encryptin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0992 (HP VirtualVault with the PHSS_17692 patch allows unprivileged processe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0991 (Buffer overflow in GoodTech Telnet Server NT allows remote users to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0989 (Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) a ...) NOT-FOR-US: Microsoft CVE-1999-0987 (Windows NT does not properly download a system policy if the domain us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0986 (The ping command in Linux 2.0.3x allows local users to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0982 (The Sun Web-Based Enterprise Management (WBEM) installation script sto ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0981 (Internet Explorer 5.01 and earlier allows a remote attacker to create ...) NOT-FOR-US: Microsoft CVE-1999-0980 (Windows NT Service Control Manager (SCM) allows remote attackers to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0979 (The SCO UnixWare privileged process system allows local users to gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0978 (htdig allows remote attackers to execute commands via filenames with s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0977 (Buffer overflow in Solaris sadmind allows remote attackers to gain roo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0976 (Sendmail allows local users to reinitialize the aliases database via t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0975 (The Windows help system can allow a local user to execute commands as ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0974 (Buffer overflow in Solaris snoop allows remote attackers to gain root ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0973 (Buffer overflow in Solaris snoop program allows remote attackers to ga ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0972 (Buffer overflow in Xshipwars xsw program. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0971 (Buffer overflow in Exim allows local users to gain root privileges via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0969 (The Windows NT RPC service allows remote attackers to conduct a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0968 (Buffer overflow in BNC IRC proxy allows remote attackers to gain privi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0967 (Buffer overflow in the HTML library used by Internet Explorer, Outlook ...) NOT-FOR-US: Microsoft CVE-1999-0966 (Buffer overflow in Solaris getopt in libc allows local users to gain r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0965 (Race condition in xterm allows local users to modify arbitrary files v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0964 (Buffer overflow in FreeBSD setlocale in the libc module allows attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0963 (FreeBSD mount_union command allows local users to gain root privileges ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0962 (Buffer overflow in HPUX passwd command allows local users to gain root ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0961 (HPUX sysdiag allows local users to gain root privileges via a symlink ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0960 (IRIX cdplayer allows local users to create directories in arbitrary lo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0959 (IRIX startmidi program allows local users to modify arbitrary files vi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0958 (sudo 1.5.x allows local users to execute arbitrary commands via a .. ( ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0957 (MajorCool mj_key_cache program allows local users to modify files via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0956 (The NeXT NetInfo _writers property allows local users to gain root pri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0955 (Race condition in wu-ftpd and BSDI ftpd allows remote attackers to gai ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0954 (WWWBoard has a default username and default password. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0953 (WWWBoard stores encrypted passwords in a password file that is under t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0951 (Buffer overflow in OmniHTTPd CGI program imagemap.exe allows remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0950 (Buffer overflow in WFTPD FTP server allows remote attackers to gain ro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0947 (AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0946 (Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0945 (Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange ...) NOT-FOR-US: Microsoft CVE-1999-0943 (Buffer overflow in OpenLink 3.2 allows remote attackers to gain privil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0942 (UnixWare dos7utils allows a local user to gain root privileges by usin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0940 (Buffer overflow in mutt mail client allows remote attackers to execute ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0939 (Denial of service in Debian IRC Epic/epic4 client via a long string. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0938 (MBone SDR Package allows remote attackers to execute commands via shel ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0937 (BNBForm allows remote attackers to read arbitrary files via the autome ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0936 (BNBSurvey survey.cgi program allows remote attackers to execute comman ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0935 (classifieds.cgi allows remote attackers to execute arbitrary commands ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0934 (classifieds.cgi allows remote attackers to read arbitrary files via sh ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0933 (TeamTrack web server allows remote attackers to read arbitrary files v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0932 (Mediahouse Statistics Server allows remote attackers to read the admin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0931 (Buffer overflow in Mediahouse Statistics Server allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0930 (wwwboard allows a remote attacker to delete message board articles via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0928 (Buffer overflow in SmartDesk WebSuite allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0927 (NTMail allows remote attackers to read arbitrary files via a .. (dot d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0924 (The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0922 (An example application in ColdFusion Server 4.0 allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0921 (BMC Patrol allows any remote attacker to flood its UDP port, causing a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0920 (Buffer overflow in the pop-2d POP daemon in the IMAP package allows re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0918 (Denial of service in various Windows systems via malformed, fragmented ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0917 (The Preloader ActiveX control used by Internet Explorer allows remote ...) NOT-FOR-US: Microsoft CVE-1999-0916 (WebTrends software stores account names and passwords in a file which ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0915 (URL Live! web server allows remote attackers to read arbitrary files v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0914 (Buffer overflow in the FTP client in the Debian GNU/Linux netstd packa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0912 (FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0909 (Multihomed Windows systems allow a remote attacker to bypass IP source ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0908 (Denial of service in Solaris TCP streams driver via a malicious connec ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0907 (sccw allows local users to read arbitrary files. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0906 (Buffer overflow in sccw allows local users to gain root access via the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0905 (Denial of service in Axent Raptor firewall via malformed zero-length I ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0904 (Buffer overflow in BFTelnet allows remote attackers to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0903 (genfilt in the AIX Packet Filtering Module does not properly filter tr ...) NOT-FOR-US: AIX CVE-1999-0902 (ypserv allows local administrators to modify password tables. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0901 (ypserv allows a local user to modify the GECOS and login shells of oth ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0900 (Buffer overflow in rpc.yppasswdd allows a local user to gain privilege ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0899 (The Windows NT 4.0 print spooler allows a local user to execute arbitr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0898 (Buffer overflows in Windows NT 4.0 print spooler allow remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0897 (iChat ROOMS Webserver allows remote attackers to read arbitrary files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0896 (Buffer overflow in RealNetworks RealServer administration utility allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0895 (Firewall-1 does not properly restrict access to LDAP attributes. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0894 (Red Hat Linux screen program does not use Unix98 ptys, allowing local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0893 (userOsa in SCO OpenServer allows local users to corrupt files via a sy ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0892 (Buffer overflow in Netscape Communicator before 4.7 via a dynamic font ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0891 (The "download behavior" in Internet Explorer 5 allows remote attackers ...) NOT-FOR-US: Microsoft CVE-1999-0890 (iHTML Merchant allows remote attackers to obtain sensitive information ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0889 (Cisco 675 routers running CBOS allow remote attackers to establish tel ...) NOT-FOR-US: Cisco CVE-1999-0888 (dbsnmp in Oracle Intelligent Agent allows local users to gain privileg ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0887 (FTGate web interface server allows remote attackers to read files via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0886 (The security descriptor for RASMAN allows users to point to an alterna ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0884 (The Zeus web server administrative interface uses weak encryption for ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0883 (Zeus web server allows remote attackers to read arbitrary files by spe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0881 (Falcon web server allows remote attackers to read arbitrary files via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0880 (Denial of service in WU-FTPD via the SITE NEWER command, which does no ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0879 (Buffer overflow in WU-FTPD and related FTP servers allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0878 (Buffer overflow in WU-FTPD and related FTP servers allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0877 (Internet Explorer 5 allows remote attackers to read files via an ExecC ...) NOT-FOR-US: Microsoft CVE-1999-0876 (Buffer overflow in Internet Explorer 4.0 via EMBED tag. ...) NOT-FOR-US: Microsoft CVE-1999-0875 (DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0874 (Buffer overflow in IIS 4.0 allows remote attackers to cause a denial o ...) NOT-FOR-US: Microsoft CVE-1999-0873 (Buffer overflow in Skyfull mail server via MAIL FROM command. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0871 (Internet Explorer 4.0 and 4.01 allow a remote attacker to read files v ...) NOT-FOR-US: Microsoft CVE-1999-0870 (Internet Explorer 4.01 allows remote attackers to read arbitrary files ...) NOT-FOR-US: Microsoft CVE-1999-0869 (Internet Explorer 3.x to 4.01 allows a remote attacker to insert malic ...) NOT-FOR-US: Microsoft CVE-1999-0868 (ucbmail allows remote attackers to execute commands via shell metachar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0867 (Denial of service in IIS 4.0 via a flood of HTTP requests with malform ...) NOT-FOR-US: Microsoft CVE-1999-0866 (Buffer overflow in UnixWare xauto program allows local users to gain r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0865 (Buffer overflow in CommuniGatePro via a long string to the HTTP config ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0864 (UnixWare programs that dump core allow a local user to modify files vi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0861 (Race condition in the SSL ISAPI filter in IIS and other servers may le ...) NOT-FOR-US: Microsoft CVE-1999-0859 (Solaris arp allows local users to read files via the -f parameter, whi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0858 (Internet Explorer 5 allows a remote attacker to modify the IE client's ...) NOT-FOR-US: Microsoft CVE-1999-0856 (login in Slackware 7.0 allows remote attackers to identify valid users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0854 (Ultimate Bulletin Board stores data files in the cgi-bin directory, al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0853 (Buffer overflow in Netscape Enterprise Server and Netscape FastTrack S ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0851 (Denial of service in BIND named via naptr. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0849 (Denial of service in BIND named via maxdname. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0848 (Denial of service in BIND named via consuming more than "fdmax" file d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0847 (Buffer overflow in free internet chess server (FICS) program, xboard. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0842 (Symantec Mail-Gear 1.0 web interface server allows remote users to rea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0839 (Windows NT Task Scheduler installed with Internet Explorer 5 allows a ...) NOT-FOR-US: Microsoft CVE-1999-0838 (Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a den ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0837 (Denial of service in BIND by improperly closing TCP sessions via so_li ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0836 (UnixWare uidadmin allows local users to modify arbitrary files via a s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0835 (Denial of service in BIND named via malformed SIG records. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0834 (Buffer overflow in RSAREF2 via the encryption and decryption functions ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0833 (Buffer overflow in BIND 8.2 via NXT records. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0832 (Buffer overflow in NFS server on Linux allows attackers to execute com ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0831 (Denial of service in Linux syslogd via a large number of connections. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0826 (Buffer overflow in FreeBSD angband allows local users to gain privileg ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0824 (A Windows NT user can use SUBST to map a drive letter to a folder, whi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0823 (Buffer overflow in FreeBSD xmindpath allows local users to gain privil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0820 (FreeBSD seyon allows users to gain privileges via a modified PATH vari ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0819 (NTMail does not disable the VRFY command, even if the administrator ha ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0817 (Lynx WWW client allows a remote attacker to specify command-line param ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0815 (Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0814 (Red Hat pump DHCP client allows remote attackers to gain root access i ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0813 (Cfingerd with ALLOW_EXECUTION enabled does not properly drop privilege ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0812 (Race condition in Samba smbmnt allows local users to mount file system ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0811 (Buffer overflow in Samba smbd program via a malformed message command. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0810 (Denial of service in Samba NETBIOS name service daemon (nmbd). ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0809 (Netscape Communicator 4.x with Javascript enabled does not warn a user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0807 (The Netscape Directory Server installation procedure leaves sensitive ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0806 (Buffer overflow in Solaris dtprintinfo program. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0804 (Denial of service in Linux 2.2.x kernels via malformed ICMP packets co ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0803 (The fwluser script in AIX eNetwork Firewall allows local users to writ ...) NOT-FOR-US: AIX CVE-1999-0802 (Buffer overflow in Internet Explorer 5 allows remote attackers to exec ...) NOT-FOR-US: Microsoft CVE-1999-0801 (BMC Patrol allows remote attackers to gain access to an agent by spoof ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0800 (The GetFile.cfm file in Allaire Forums allows remote attackers to read ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0799 (Buffer overflow in bootpd 2.4.3 and earlier via a long boot file locat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0797 (NIS finger allows an attacker to conduct a denial of service via a lar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0796 (FreeBSD T/TCP Extensions for Transactions can be subjected to spoofing ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0794 (Microsoft Excel does not warn a user when a macro is present in a Symb ...) NOT-FOR-US: Microsoft CVE-1999-0793 (Internet Explorer allows remote attackers to read files by redirecting ...) NOT-FOR-US: Microsoft CVE-1999-0791 (Hybrid Network cable modems do not include an authentication mechanism ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0790 (A remote attacker can read information from a Netscape user's cache vi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0789 (Buffer overflow in AIX ftpd in the libc library. ...) NOT-FOR-US: AIX CVE-1999-0788 (Arkiea nlservd allows remote attackers to conduct a denial of service. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0787 (The SSH authentication agent follows symlinks via a UNIX domain socket ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0786 (The dynamic linker in Solaris allows a local user to create arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0785 (The INN inndstart program allows local users to gain root privileges v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0783 (FreeBSD allows local users to conduct a denial of service by creating ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0782 (KDE kppp allows local users to create a directory in an arbitrary loca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0781 (KDE allows local users to execute arbitrary commands by setting the KD ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0780 (KDE klock allows local users to kill arbitrary processes by specifying ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0779 (Denial of service in HP-UX SharedX recserv program. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0778 (Buffer overflow in Xi Graphics Accelerated-X server allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0777 (IIS FTP servers may allow a remote attacker to read or delete files on ...) NOT-FOR-US: Microsoft CVE-1999-0775 (Cisco Gigabit Switch routers running IOS allow remote attackers to for ...) NOT-FOR-US: Cisco CVE-1999-0774 (Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0773 (Buffer overflow in Solaris lpset program allows local users to gain ro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0772 (Denial of service in Compaq Management Agents and the Compaq Survey Ut ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0771 (The web components of Compaq Management Agents and the Compaq Survey U ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0770 (Firewall-1 sets a long timeout for connections that begin with ACK or ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0769 (Vixie Cron on Linux systems allows local users to set parameters of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0768 (Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO enviro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0766 (The Microsoft Java Virtual Machine allows a malicious Java applet to e ...) NOT-FOR-US: Microsoft CVE-1999-0765 (SGI IRIX midikeys program allows local users to modify arbitrary files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0764 (NetBSD allows ARP packets to overwrite static ARP entries. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0763 (NetBSD on a multi-homed host allows ARP packets on one network to modi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0762 (When Javascript is embedded within the TITLE tag, Netscape Communicato ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0761 (Buffer overflow in FreeBSD fts library routines allows local user to m ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0760 (Undocumented ColdFusion Markup Language (CFML) tags and functions in t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0759 (Buffer overflow in FuseMAIL POP service via long USER and PASS command ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0758 (Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0756 (ColdFusion Administrator with Advanced Security enabled allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0755 (Windows NT RRAS and RAS clients cache a user's password even if the us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0754 (The INN inndstart program allows local users to gain privileges by spe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0753 (The w3-msql CGI script provided with Mini SQL allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0752 (Denial of service in Netscape Enterprise Server via a buffer overflow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0751 (Buffer overflow in Accept command in Netscape Enterprise Server 3.6 wi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0749 (Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 9 ...) NOT-FOR-US: Microsoft CVE-1999-0747 (Denial of service in BSDi Symmetric Multiprocessing (SMP) when an fsta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0746 (A default configuration of in.identd in SuSE Linux waits 120 seconds b ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0745 (Buffer overflow in Source Code Browser Program Database Name Server Da ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0744 (Buffer overflow in Netscape Enterprise Server and FastTrask Server all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0743 (Trn allows local users to overwrite other users' files via symlinks. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0742 (The Debian mailman package uses weak authentication, which allows atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0740 (Remote attackers can cause a denial of service on Linux in.telnetd tel ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0735 (KDE K-Mail allows local users to gain privileges via a symlink attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0734 (A default configuration of CiscoSecure Access Control Server (ACS) all ...) NOT-FOR-US: Cisco CVE-1999-0733 (Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmenta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0732 (The logging facility of the Debian smtp-refuser package allows local u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0731 (The KDE klock program allows local users to unlock a session using mal ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0730 (The zsoelim program in the Debian man-db package allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0729 (Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to cond ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0728 (A Windows NT user can disable the keyboard or mouse by directly callin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0727 (A kernel leak in the OpenBSD kernel allows IPsec packets to be sent un ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0726 (An attacker can conduct a denial of service in Windows NT by executing ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0725 (When IIS is run with a default language of Chinese, Korean, or Japanes ...) NOT-FOR-US: Microsoft CVE-1999-0724 (Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_off ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0723 (The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjecte ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0722 (The default configuration of Cobalt RaQ2 servers allows remote users t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0721 (Denial of service in Windows NT Local Security Authority (LSA) through ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0720 (The pt_chown command in Linux allows local users to modify TTY termina ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0719 (The Guile plugin for the Gnumeric spreadsheet package allows attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0718 (IBM GINA, when used for OS/2 domain authentication of Windows NT users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0717 (A remote attacker can disable the virus warning mechanism in Microsoft ...) NOT-FOR-US: Microsoft CVE-1999-0716 (Buffer overflow in Windows NT 4.0 help file utility via a malformed he ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0715 (Buffer overflow in Remote Access Service (RAS) client allows an attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0714 (Vulnerability in Compaq Tru64 UNIX edauth command. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0713 (The dtlogin program in Compaq Tru64 UNIX allows local users to gain ro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0711 (The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0710 (The Squid package in Red Hat Linux 5.2 and 6.0, and other distribution ...) {DSA-576-1} - squid 2.5.7-1 CVE-1999-0708 (Buffer overflow in cfingerd allows local users to gain root privileges ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0707 (The default FTP configuration in HP Visualize Conference allows confer ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0706 (Linux xmonisdn package allows local users to gain root privileges by m ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0705 (Buffer overflow in INN inews program. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0704 (Buffer overflow in Berkeley automounter daemon (amd) logging facility ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0703 (OpenBSD, BSDI, and other Unix operating systems allow users to set chf ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0702 (Internet Explorer 5.0 and 5.01 allows remote attackers to modify or ex ...) NOT-FOR-US: Microsoft CVE-1999-0701 (After an unattended installation of Windows NT 4.0, an installation fi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0700 (Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malforme ...) NOT-FOR-US: Microsoft CVE-1999-0699 (The Bluestone Sapphire web server allows session hijacking via easily ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0697 (SCO Doctor allows local users to gain root privileges through a Tools ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0696 (Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0695 (The Sybase PowerDynamo personal web server allows attackers to read ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0694 (Denial of service in AIX ptrace system call allows local users to cras ...) NOT-FOR-US: AIX CVE-1999-0693 (Buffer overflow in TT_SESSION environment variable in ToolTalk shared ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0692 (The default configuration of the Array Services daemon (arrayd) disabl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0691 (Buffer overflow in the AddSuLog function of the CDE dtaction utility a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0690 (HP CDE program includes the current directory in root's PATH variable. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0689 (The CDE dtspcd daemon allows local users to execute arbitrary commands ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0688 (Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0687 (The ToolTalk ttsession daemon uses weak RPC authentication, which allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0686 (Denial of service in Netscape Enterprise Server (NES) in HP Virtual Va ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0685 (Buffer overflow in Netscape Communicator via EMBED tags in the plugins ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0683 (Denial of service in Gauntlet Firewall via a malformed ICMP packet. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0682 (Microsoft Exchange 5.5 allows a remote attacker to relay email (i.e. s ...) NOT-FOR-US: Microsoft CVE-1999-0681 (Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.9 ...) NOT-FOR-US: Microsoft CVE-1999-0680 (Windows NT Terminal Server performs extra work when a client opens a n ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0679 (Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0678 (A default configuration of Apache on Debian GNU/Linux sets the ServerR ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0676 (sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitiv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0675 (Check Point FireWall-1 can be subjected to a denial of service via UDP ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0674 (The BSD profil system call allows a local user to modify the internal ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0672 (Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0671 (Buffer overflow in ToxSoft NextFTP client through CWD command. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0668 (The scriptlet.typelib ActiveX control is marked as "safe for scripting ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0628 (The rwho/rwhod service is running, which exposes machine status and us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0627 (The rexd service is running, which uses weak authentication that can a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0626 (A version of rusers is running that exposes valid user information to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0612 (A version of finger is running that exposes valid user information to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0608 (An incorrect configuration of the PDG Shopping Cart CGI program "shopp ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0566 (An attacker can write to syslog files from any location, causing a den ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0551 (HP OpenMail can be misconfigured to allow users to run arbitrary comma ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0526 (An X server's access control is disabled (e.g. through an "xhost +" co ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0514 (UDP messages to broadcast addresses are allowed, allowing for a Fraggl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0513 (ICMP messages to broadcast addresses are allowed, allowing for a Smurf ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0496 (A Windows NT 4.0 user can gain administrative rights by forcing NtOpen ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0494 (Denial of service in WinGate proxy through a buffer overflow in POP3. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0493 (rpc.statd allows remote attackers to forward RPC calls to the local op ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0491 (The prompt parsing in bash allows a local user to execute commands as ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0487 (The DHTML Edit ActiveX control in Internet Explorer allows remote atta ...) NOT-FOR-US: Microsoft CVE-1999-0485 (Remote attackers can cause a system crash through ipintr() in ipq in O ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0484 (Buffer overflow in OpenBSD ping. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0483 (OpenBSD crash using nlink value in FFS and EXT2FS filesystems. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0482 (OpenBSD kernel crash through TSS handling, as caused by the crashme pr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0481 (Denial of service in "poll" in OpenBSD. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0479 (Denial of service Netscape Enterprise Server with VirtualVault on HP-U ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0478 (Denial of service in HP-UX sendmail 8.8.6 related to accepting connect ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0475 (A race condition in how procmail handles .procmailrc files allows a lo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0474 (The ICQ Webserver allows remote attackers to use .. to access arbitrar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0473 (The rsync command before rsync 2.3.1 may inadvertently change the perm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0472 (The SNMP default community name "public" is not properly removed in Ne ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0471 (The remote proxy server in Winroute allows a remote attacker to reconf ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0470 (A weak encryption algorithm is used for passwords in Novell Remote.NLM ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0468 (Internet Explorer 5.0 allows a remote server to read arbitrary files o ...) NOT-FOR-US: Microsoft CVE-1999-0466 (The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0464 (Local users can perform a denial of service in Tripwire 1.2 and earlie ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0463 (Remote attackers can perform a denial of service using IRIX fcagent. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0458 (L0phtcrack 2.5 used temporary files in the system TEMP directory which ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0457 (Linux ftpwatch program allows local users to gain root privileges. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0449 (The ExAir sample site in IIS 4 allows remote attackers to cause a deni ...) NOT-FOR-US: Microsoft CVE-1999-0448 (IIS 4.0 and Apache log HTTP request methods, regardless of how long th ...) NOT-FOR-US: Microsoft CVE-1999-0447 (Local users can gain privileges using the debug utility in the MPE/iX ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0446 (Local users can perform a denial of service in NetBSD 1.3.3 and earlie ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0445 (In Cisco routers under some versions of IOS 12.0 running NAT, some pac ...) NOT-FOR-US: Cisco CVE-1999-0442 (Solaris ff.core allows local users to modify files. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0441 (Remote attackers can perform a denial of service in WinGate machines u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0440 (The byte code verifier component of the Java Virtual Machine (JVM) all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0439 (Buffer overflow in procmail before version 3.12 allows remote or local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0438 (Remote attackers can perform a denial of service in WebRamp systems by ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0437 (Remote attackers can perform a denial of service in WebRamp systems by ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0436 (Domain Enterprise Server Management System (DESMS) in HP-UX allows loc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0433 (XFree86 startx command is vulnerable to a symlink attack, allowing loc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0432 (ftp on HP-UX 11.00 allows local users to gain privileges. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0430 (Cisco Catalyst LAN switches running Catalyst 5000 supervisor software ...) NOT-FOR-US: Cisco CVE-1999-0429 (The Lotus Notes 4.5 client may send a copy of encrypted mail in the cl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0428 (OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and by ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0425 (talkback in Netscape 4.5 allows a local user to kill an arbitrary proc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0424 (talkback in Netscape 4.5 allows a local user to overwrite arbitrary fi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0423 (Vulnerability in hpterm on HP-UX 10.20 allows local users to gain addi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0422 (In some cases, NetBSD 1.3.3 mount allows local users to execute progra ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0421 (During a reboot after an installation of Linux Slackware 3.6, a remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0420 (umapfs allows local users to gain root privileges by changing their ui ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0417 (64 bit Solaris 7 procfs allows local users to perform a denial of serv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0416 (Vulnerability in Cisco 7xx series routers allows a remote attacker to ...) NOT-FOR-US: Cisco CVE-1999-0415 (The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled ...) NOT-FOR-US: Cisco CVE-1999-0414 (In Linux before version 2.0.36, remote attackers can spoof a TCP conne ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0413 (A buffer overflow in the SGI X server allows local users to gain root ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0412 (In IIS and other web servers, an attacker can attack commands as SYSTE ...) NOT-FOR-US: Microsoft CVE-1999-0410 (The cancel command in Solaris 2.6 (i386) has a buffer overflow that al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0409 (Buffer overflow in gnuplot in Linux version 3.5 allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0408 (Files created from interactive shell sessions in Cobalt RaQ microserve ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0407 (By default, IIS 4.0 has a virtual directory /IISADMPWD which contains ...) NOT-FOR-US: Microsoft CVE-1999-0405 (A buffer overflow in lsof allows local users to obtain root privilege. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0404 (Buffer overflow in the Mail-Max SMTP server for Windows systems allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0403 (A bug in Cyrix CPUs on Linux allows local users to perform a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0402 (wget 1.5.3 follows symlinks to change permissions of the target file i ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0396 (A race condition between the select() and accept() calls in NetBSD TCP ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0395 (A race condition in the BackWeb Polite Agent Protocol allows an attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0393 (Remote attackers can cause a denial of service in Sendmail 8.8.x and 8 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0392 (Buffer overflow in Thomas Boutell's cgic library version up to 1.05. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0391 (The cryptographic challenge of SMB authentication in Windows 95 and Wi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0390 (Buffer overflow in Dosemu Slang library in Linux. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0388 (DataLynx suGuard trusts the PATH environment variable to execute the p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0387 (A legacy credential caching mechanism used in Windows 95 and Windows 9 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0386 (Microsoft Personal Web Server and FrontPage Personal Web Server in som ...) NOT-FOR-US: Microsoft CVE-1999-0385 (The LDAP bind function in Exchange 5.5 has a buffer overflow that allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0384 (The Forms 2.0 ActiveX control (included with Visual Basic for Applicat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0383 (ACC Tigris allows public access without a login. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0382 (The screen saver in Windows NT does not verify that its security conte ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0380 (SLMail 3.1 and 3.2 allows local users to access any file in the NTFS f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0379 (Microsoft Taskpads allows remote web sites to execute commands on the ...) NOT-FOR-US: Microsoft CVE-1999-0378 (InterScan VirusWall for Solaris doesn't scan files for viruses when a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0377 (Process table attack in Unix systems allows a remote attacker to perfo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0376 (Local users in Windows NT can obtain administrator privileges by chang ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0375 (Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Researc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0374 (Debian GNU/Linux cfengine package is susceptible to a symlink attack. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0373 (Buffer overflow in the "Super" utility in Debian GNU/Linux, and other ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0372 (The installer for BackOffice Server includes account names and passwor ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0371 (Lynx allows a local user to overwrite sensitive files through /tmp sym ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0369 (The Sun sdtcm_convert calendar utility for OpenWindows has a buffer ov ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0368 (Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0367 (NetBSD netstat command allows local users to access kernel memory. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0366 (In some cases, Service Pack 4 for Windows NT 4.0 can allow access to n ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0365 (The metamail package allows remote command execution using shell metac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0363 (SuSE 5.2 PLP lpc program has a buffer overflow that leads to root comp ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0362 (WS_FTP server remote denial of service through cwd command. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0358 (Digital Unix 4.0 has a buffer overflow in the inc program of the mh pa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0357 (Windows 98 and other operating systems allows remote attackers to caus ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0355 (Local or remote users can force ControlIT 4.5 to reboot or force a use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0353 (rpc.pcnfsd in HP gives remote root access by changing the permissions ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0351 (FTP PASV "Pizza Thief" denial of service and unauthorized data access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0350 (Race condition in the db_loader program in ClearCase gives local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0349 (A buffer overflow in the FTP list (ls) command in IIS allows remote at ...) NOT-FOR-US: Microsoft CVE-1999-0348 (IIS ASP caching problem releases sensitive information when two virtua ...) NOT-FOR-US: Microsoft CVE-1999-0346 (CGI PHP mlog script allows an attacker to read any file on the target ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0344 (NT users can gain debug-level access on a system process using the Sec ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0343 (A malicious Palace server can force a client to execute arbitrary prog ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0342 (Linux PAM modules allow local users to gain root access using temporar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0341 (Buffer overflow in the Linux mail program "deliver" allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0340 (Buffer overflow in Linux Slackware crond program allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0339 (Buffer overflow in the libauth library in Solaris allows local users t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0338 (AIX Licensed Program Product performance tools allow local users to ga ...) NOT-FOR-US: AIX CVE-1999-0337 (AIX batch queue (bsh) allows local and remote users to gain additional ...) NOT-FOR-US: AIX CVE-1999-0335 (DEPRECATED. This entry has been deprecated. It is a duplicate of CVE ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0334 (In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0332 (Buffer overflow in NetMeeting allows denial of service and remote comm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0329 (SGI mediad program allows local users to gain root access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0328 (SGI permissions program allows local users to gain root privileges. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0327 (SGI syserr program allows local users to corrupt files. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0326 (Vulnerability in HP-UX mediainit program. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0325 (vhe_u_mnt program in HP-UX allows local users to create root files thr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0324 (ppl program in HP-UX allows local users to create root files through s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0323 (FreeBSD mmap function allows users to modify append-only or immutable ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0322 (The open() function in FreeBSD allows local attackers to write to arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0321 (Buffer overflow in Solaris kcms_configure command allows local users t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0320 (SunOS rpc.cmsd allows attackers to obtain root access by overwriting a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0318 (Buffer overflow in xmcd 2.0p12 allows local users to gain access throu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0316 (Buffer overflow in Linux splitvt command gives root access to local us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0315 (Buffer overflow in Solaris fdformat command gives root access to local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0314 (ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to g ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0313 (disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0312 (HP ypbind allows attackers with root privileges to modify NIS data. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0311 (fpkg2swpk in HP-UX allows local users to gain root access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0310 (SSH 1.2.25 on HP-UX allows access to new user accounts. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0309 (HP-UX vgdisplay program gives root access to local users. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0308 (HP-UX gwind program allows users to modify arbitrary files. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0305 (The system configuration control (sysctl) facility in BSD based operat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0304 (mmap function in BSD allows local attackers in the kmem group to modif ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0303 (Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0302 (SunOS/Solaris FTP clients can be forced to execute arbitrary commands ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0301 (Buffer overflow in SunOS/Solaris ps command. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0300 (nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0299 (Buffer overflow in FreeBSD lpd through long DNS hostnames. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0297 (Buffer overflow in Vixie Cron library up to version 3.0 allows local u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0296 (Solaris volrmmount program allows attackers to read any file. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0295 (Solaris sysdef command allows local users to read kernel memory, poten ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0294 (All records in a WINS database can be deleted through SNMP for a denia ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0293 (AAA authentication on Cisco systems allows attackers to execute comman ...) NOT-FOR-US: Cisco CVE-1999-0292 (Denial of service through Winpopup using large user names. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0291 (The WinGate proxy is installed without a password, which allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0290 (The WinGate telnet proxy allows remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0289 (The Apache web server for Win32 may provide access to restricted files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0288 (The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0281 (Denial of service in IIS using long URLs. ...) NOT-FOR-US: Microsoft CVE-1999-0280 (Remote command execution in Microsoft Internet Explorer using .lnk and ...) NOT-FOR-US: Microsoft CVE-1999-0279 (Excite for Web Servers (EWS) allows remote command execution via shell ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0278 (In IIS, remote attackers can obtain source code for ASP files by appen ...) NOT-FOR-US: Microsoft CVE-1999-0277 (The WorkMan program can be used to overwrite any file to get root acce ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0276 (mSQL v2.0.1 and below allows remote execution through a buffer overflo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0275 (Denial of service in Windows NT DNS servers by flooding port 53 with t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0274 (Denial of service in Windows NT DNS servers through malicious packet w ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0273 (Denial of service through Solaris 2.5.1 telnet by sending ^D character ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0272 (Denial of service in Slmail v2.5 through the POP3 port. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0270 (Directory traversal vulnerability in pfdispaly.cgi program (sometimes ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0269 (Netscape Enterprise servers may list files through the PageServices qu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0268 (MetaInfo MetaWeb web server allows users to upload, execute, and read ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0267 (Buffer overflow in NCSA HTTP daemon v1.3 allows remote command executi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0266 (The info2www CGI script allows remote file access or remote command ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0265 (ICMP redirect messages may crash or lock up a host. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0264 (htmlscript CGI program allows remote read access to files. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0263 (Solaris SUNWadmap can be exploited to obtain root access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0262 (Hylafax faxsurvey CGI script on Linux allows remote attackers to execu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0260 (The jj CGI program allows command execution via shell metacharacters. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0259 (cfingerd lists all users on a system via search.**@target. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0256 (Buffer overflow in War FTP allows remote execution of commands. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0252 (Buffer overflow in listserv allows arbitrary command execution. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0251 (Denial of service in talk program allows remote attackers to disrupt a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0248 (A race condition in the authentication agent mechanism of sshd 1.2.17 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0247 (Buffer overflow in nnrpd program in INN up to version 1.6 allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0245 (Some configurations of NIS+ in Linux allowed attackers to log in as th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0244 (Livingston RADIUS code has a buffer overflow which can allow remote ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0239 (Netscape FastTrack Web server lists files when a lowercase "get" comma ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0237 (Remote execution of arbitrary commands through Guestbook CGI program. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0236 (ScriptAlias directory in NCSA and Apache httpd allowed attackers to re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0234 (Bash treats any character with a value of 255 as a command separator. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0233 (IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd ...) NOT-FOR-US: Microsoft CVE-1999-0230 (Buffer overflow in Cisco 7xx routers through the telnet service. ...) NOT-FOR-US: Cisco CVE-1999-0228 (Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0227 (Access violation in LSASS.EXE (LSA/LSARPC) program in Windows NT allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0225 (Windows NT 4.0 allows remote attackers to cause a denial of service vi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0224 (Denial of service in Windows NT messenger service through a long usern ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0223 (Solaris syslogd crashes when receiving a message from a host that does ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0221 (Denial of service of Ascend routers through port 150 (remote administr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0219 (Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0218 (Livingston portmaster machines could be rebooted via a series of comma ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0217 (Malicious option settings in UDP packets could force a reboot in SunOS ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0215 (Routed allows attackers to append data to files. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0214 (Denial of service by sending forged ICMP unreachable packets. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0212 (Solaris rpc.mountd generates error messages that allow a remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0211 (Extra long export lists over 256 characters in some mount daemons allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0210 (Automount daemon automountd allows local or remote users to gain privi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0209 (The SunView (SunTools) selection_svc facility allows remote users to r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0208 (rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0207 (Remote attacker can execute commands through Majordomo using the Reply ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0206 (MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0204 (Sendmail 8.6.9 allows remote attackers to execute root commands, using ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0203 (In Sendmail, attackers can gain root privileges via SMTP by specifying ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0202 (The GNU tar command, when used in FTP sessions, may allow an attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0201 (A quote cwd command on FTP servers can reveal the full path of the hom ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0196 (websendmail in Webgais 1.0 allows a remote user to access arbitrary fi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0194 (Denial of service in in.comsat allows attackers to generate messages. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0192 (Buffer overflow in telnet daemon tgetent routing allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0191 (IIS newdsn.exe CGI script allows remote users to overwrite files. ...) NOT-FOR-US: Microsoft CVE-1999-0190 (Solaris rpcbind can be exploited to overwrite arbitrary files and gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0189 (Solaris rpcbind listens on a high numbered UDP port, which may not be ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0188 (The passwd command in Solaris can be subjected to a denial of service. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0185 (In SunOS or Solaris, a remote user could connect from an FTP server's ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0184 (When compiled with the -DALLOW_UPDATES option, bind allows dynamic upd ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0183 (Linux implementations of TFTP would allow access to files outside the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0182 (Samba has a buffer overflow which allows a remote attacker to obtain r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0181 (The wall daemon can be used for denial of service, social engineering ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0180 (in.rshd allows users to login with a NULL username and execute command ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0179 (Windows NT crashes or locks up when a Samba client executes a "cd .." ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0178 (Buffer overflow in the win-c-sample program (win-c-sample.exe) in the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0177 (The uploader program in the WebSite web server allows a remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0176 (The Webgais program allows a remote user to execute arbitrary commands ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0175 (The convert.bas program in the Novell web server allows a remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0174 (The view-source CGI program allows remote attackers to read arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0173 (FormMail CGI program can be used by web servers other than the host se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0172 (FormMail CGI program allows remote execution of commands. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0170 (Remote attackers can mount an NFS file system in Ultrix or OSF, even i ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0168 (The portmapper may act as a proxy and redirect service requests from a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0167 (In SunOS, NFS file handles could be guessed, giving unauthorized acces ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0166 (NFS allows users to use a "cd .." command to access other directories ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0164 (A race condition in the Solaris ps command allows an attacker to overw ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0162 (The "established" keyword in some Cisco IOS software allowed an attack ...) NOT-FOR-US: Cisco CVE-1999-0161 (In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended I ...) NOT-FOR-US: Cisco CVE-1999-0160 (Some classic Cisco IOS devices have a vulnerability in the PPP CHAP au ...) NOT-FOR-US: Cisco CVE-1999-0159 (Attackers can crash a Cisco IOS router or device, provided they can ge ...) NOT-FOR-US: Cisco CVE-1999-0158 (Cisco PIX firewall manager (PFM) on Windows NT allows attackers to con ...) NOT-FOR-US: Cisco CVE-1999-0157 (Cisco PIX firewall and CBAC IP fragmentation attack results in a denia ...) NOT-FOR-US: Cisco CVE-1999-0155 (The ghostscript command with the -dSAFER option allows remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0153 (Windows 95/NT out of band (OOB) data denial of service through NETBIOS ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0152 (The DG/UX finger daemon allows remote command execution through shell ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0151 (The SATAN session key may be disclosed if the user points the web brow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0150 (The Perl fingerd program allows arbitrary command execution from remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0149 (The wrap CGI program in IRIX allows remote attackers to view arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0148 (The handler CGI program in IRIX allows arbitrary command execution. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0147 (The aglimpse CGI program of the Glimpse package allows remote executio ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0146 (The campas CGI program provided with some NCSA web servers allows an a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0145 (Sendmail WIZ command enabled, allowing root access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0143 (Kerberos 4 key servers allow a user to masquerade as another by breaki ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0142 (The Java Applet Security Manager implementation in Netscape Navigator ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0141 (Java Bytecode Verifier allows malicious applets to execute arbitrary c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0139 (Buffer overflow in Solaris x86 mkcookie allows local users to obtain r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0138 (The suidperl and sperl program do not give up root privileges when cha ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0137 (The dip program on many Linux systems allows local users to gain root ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0136 (Kodak Color Management System (KCMS) on Solaris allows a local user to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0135 (admintool in Solaris allows a local user to write to arbitrary files a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0134 (vold in Solaris 2.x allows local users to gain root access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0133 (fm_fls license server for Adobe Framemaker allows local users to overw ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0132 (Expreserve, as used in vi and ex, allows local users to overwrite arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0131 (Buffer overflow and denial of service in Sendmail 8.7.5 and earlier th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0130 (Local users can start Sendmail in daemon mode and gain root privileges ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0129 (Sendmail allows local users to write to a file and gain group permissi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0128 (Oversized ICMP ping packets can result in a denial of service, aka Pin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0126 (SGI IRIX buffer overflow in xterm and Xaw allows root access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0125 (Buffer overflow in SGI IRIX mailx program. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0124 (Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0122 (Buffer overflow in AIX lchangelv gives root access. ...) NOT-FOR-US: AIX CVE-1999-0120 (Sun/Solaris utmp file allows local users to gain root access if it is ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0118 (AIX infod allows local users to gain root access through an X display. ...) NOT-FOR-US: AIX CVE-1999-0117 (AIX passwd allows local users to gain root access. ...) NOT-FOR-US: AIX CVE-1999-0116 (Denial of service when an attacker sends many SYN packets to create mu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0115 (AIX bugfiler program allows local users to gain root access. ...) NOT-FOR-US: AIX CVE-1999-0113 (Some implementations of rlogin allow root access if given a -froot par ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0112 (Buffer overflow in AIX dtterm program for the CDE. ...) NOT-FOR-US: AIX CVE-1999-0111 (RIP v1 is susceptible to spoofing. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0109 (Buffer overflow in ffbconfig in Solaris 2.5.1. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0108 (The printers program in IRIX has a buffer overflow that gives root acc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0103 (Echo and chargen, or other combinations of UDP services, can be used i ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0102 (Buffer overflow in SLmail 3.x allows attackers to execute commands usi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0101 (Buffer overflow in AIX and Solaris "gethostbyname" library call allows ...) NOT-FOR-US: AIX CVE-1999-0100 (Remote access in AIX innd 1.5.1, using control messages. ...) NOT-FOR-US: AIX CVE-1999-0099 (Buffer overflow in syslog utility allows local or remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0097 (The AIX FTP client can be forced to execute commands from a malicious ...) NOT-FOR-US: AIX CVE-1999-0096 (Sendmail decode alias can be used to overwrite sensitive files. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0095 (The debug command in Sendmail is enabled, allowing attackers to execut ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0094 (AIX piodmgrsu command allows local users to gain additional group priv ...) NOT-FOR-US: AIX CVE-1999-0093 (AIX nslookup command allows local users to obtain root access by not d ...) NOT-FOR-US: AIX CVE-1999-0091 (Buffer overflow in AIX writesrv command allows local users to obtain r ...) NOT-FOR-US: AIX CVE-1999-0090 (Buffer overflow in AIX rcp command allows local users to obtain root a ...) NOT-FOR-US: AIX CVE-1999-0087 (Denial of service in AIX telnet can freeze a system and prevent users ...) NOT-FOR-US: AIX CVE-1999-0085 (Buffer overflow in rwhod on AIX and other operating systems allows rem ...) NOT-FOR-US: AIX CVE-1999-0084 (Certain NFS servers allow users to use mknod to gain privileges by cre ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0083 (getcwd() file descriptor leak in FTP. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0082 (CWD ~root command in ftpd allows root access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0081 (wu-ftp allows files to be overwritten via the rnfr command. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0080 (Certain configurations of wu-ftp FTP server 2.4 use a _PATH_EXECPATH s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0079 (Remote attackers can cause a denial of service in FTP by issuing multi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0077 (Predictable TCP sequence numbers allow spoofing. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0075 (PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV comma ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0074 (Listening TCP ports are sequentially allocated, allowing spoofing atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0073 (Telnet allows a remote client to specify environment variables includi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0072 (Buffer overflow in AIX xdat gives root access to local users. ...) NOT-FOR-US: AIX CVE-1999-0071 (Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0070 (test-cgi program allows an attacker to list files on the server. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0069 (Solaris ufsrestore buffer overflow. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0068 (CGI PHP mylog script allows an attacker to read any file on the target ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0067 (phf CGI program allows remote command execution through shell metachar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0066 (AnyForm CGI remote execution. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0065 (Multiple buffer overflows in how dtmail handles attachments allows a r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0064 (Buffer overflow in AIX lquerylv program gives root access to local use ...) NOT-FOR-US: AIX CVE-1999-0063 (Cisco IOS 12.0 and other versions can be crashed by malicious UDP pack ...) NOT-FOR-US: Cisco CVE-1999-0062 (The chpass command in OpenBSD allows a local user to gain root access ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0060 (Attackers can cause a denial of service in Ascend MAX and Pipeline rou ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0059 (IRIX fam service allows an attacker to obtain a list of all files on t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0058 (Buffer overflow in PHP cgi program, php.cgi allows shell access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0057 (Vacation program allows command execution by remote users through a se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0056 (Buffer overflow in Sun's ping program can give root access to local us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0055 (Buffer overflows in Sun libnsl allow root access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0054 (Sun's ftpd daemon can be subjected to a denial of service. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0053 (TCP RST denial of service in FreeBSD. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0052 (IP fragmentation denial of service in FreeBSD allows a remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0051 (Arbitrary file creation and program execution using FLEXlm LicenseMana ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0050 (Buffer overflow in HP-UX newgrp program. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0049 (Csetup under IRIX allows arbitrary file creation or overwriting. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0048 (Talkd, when given corrupt DNS information, can be used to execute arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0047 (MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0046 (Buffer overflow of rlogin program using TERM environmental variable. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0045 (List of arbitrary files on Web host via nph-test-cgi script. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0044 (fsdump command in IRIX allows local users to obtain root access by mod ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0043 (Command execution via shell metachars in INN daemon (innd) 1.5 using " ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0042 (Buffer overflow in University of Washington's implementation of IMAP a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0041 (Buffer overflow in NLS (Natural Language Service). ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0040 (Buffer overflow in Xt library of X Windowing System allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0039 (webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0038 (Buffer overflow in xlock program allows local users to execute command ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0037 (Arbitrary command execution via metamail package using message headers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0036 (IRIX login program with a nonzero LOCKOUT parameter allows creation or ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0035 (Race condition in signal handling routine in ftpd, allowing read/write ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0034 (Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0032 (Buffer overflow in lpr, as used in BSD-based systems including Linux, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0031 (JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and ...) NOT-FOR-US: Microsoft CVE-1999-0029 (root privileges via buffer overflow in ordist command on SGI IRIX syst ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0028 (root privileges via buffer overflow in login/scheme command on SGI IRI ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0027 (root privileges via buffer overflow in eject command on SGI IRIX syste ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0026 (root privileges via buffer overflow in pset command on SGI IRIX system ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0025 (root privileges via buffer overflow in df command on SGI IRIX systems. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0024 (DNS cache poisoning via BIND, by predictable query IDs. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0023 (Local user gains root privileges via buffer overflow in rdist, via loo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0022 (Local user gains root privileges via buffer overflow in rdist, via exp ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0021 (Arbitrary command execution via buffer overflow in Count.cgi (wwwcount ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0019 (Delete or create a file via rpc.statd, due to invalid information. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0018 (Buffer overflow in statd allows root privileges. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0017 (FTP servers can allow an attacker to connect to arbitrary ports on mac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0016 (Land IP denial of service. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0014 (Unauthorized privileged access or denial of service via dtappgather pr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0013 (Stolen credentials from SSH clients via ssh-agent program, allowing ot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0012 (Some web servers under Microsoft Windows allow remote attackers to byp ...) NOT-FOR-US: Microsoft CVE-1999-0011 (Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0010 (Denial of Service vulnerability in BIND 8 Releases via maliciously for ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0009 (Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0008 (Buffer overflow in NIS+, in Sun's rpc.nisd program. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0007 (Information from SSL-encrypted sessions via PKCS #1. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0006 (Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0005 (Arbitrary command execution via IMAP buffer overflow in authenticate c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0003 (Execute commands as root via buffer overflow in Tooltalk database serv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0002 (Buffer overflow in NFS mountd gives root access to remote attackers, m ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1572 (cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operat ...) {DSA-664-1} - cpio 2.5-1.2 (bug #293379) CVE-1999-1571 (Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1570 (Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1569 (Quake 1 and NetQuake servers allow remote attackers to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1567 (Seapine Software TestTrack server allows a remote attacker to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1566 (Buffer overflow in iParty server 1.2 and earlier allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1564 (FreeBSD 3.2 and possibly other versions allows a local user to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1563 (Nachuatec D435 and D445 printer allows remote attackers to cause a den ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1562 (gFTP FTP client 1.13, and other versions before 2.0.0, records a passw ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1561 (Nullsoft SHOUTcast server stores the administrative password in plaint ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1560 (Vulnerability in a script in Texas A&M University (TAMU) Tiger all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1559 (Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the lo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1558 (Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows un ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1557 (Buffer overflow in the login functions in IMAP server (imapd) in Ipswi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1555 (Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1554 (/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the gro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1553 (Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1552 (dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earli ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1551 (Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1549 (Lynx 2.x does not properly distinguish between internal and external H ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1548 (Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle 2 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1547 (Oracle Web Listener 2.1 allows remote attackers to bypass access restr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1546 (netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1545 (Joe's Own Editor (joe) 2.8 sets the world-readable permission on its c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1544 (Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows loca ...) NOT-FOR-US: Microsoft CVE-1999-1543 (MacOS uses weak encryption for passwords that are stored in the Users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1541 (shell-lock in Cactus Software Shell Lock allows local users to read or ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1540 (shell-lock in Cactus Software Shell Lock uses weak encryption (trivial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1539 (Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1538 (When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in ...) NOT-FOR-US: Microsoft CVE-1999-1536 (.sbstart startup script in AcuShop Salesbuilder is world writable, whi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1534 (Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia b ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1533 (Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1532 (Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1529 (A buffer overflow exists in the HELO command in Trend Micro Interscan ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1528 (ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not automaticall ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1527 (Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1526 (Auto-update feature of Macromedia Shockwave 7 transmits a user's passw ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1525 (Macromedia Shockwave before 6.0 allows a malicious webmaster to read a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1524 (FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1523 (Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1522 (Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1521 (Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1519 (Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1518 (Operating systems with shared memory implementations based on BSD 4.4 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1517 (runtar in the Amanda backup system used in various UNIX operating syst ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1516 (A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1515 (A non-default configuration in TenFour TFS Gateway 4.0 allows an attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1514 (Buffer overflow in Celtech ExpressFS FTP server 2.x allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1513 (Management information base (MIB) for a 3Com SuperStack II hub running ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1511 (Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1510 (Buffer overflows in Bisonware FTP server prior to 4.1 allow remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1509 (Directory traversal vulnerability in Etype Eserv 2.50 web server allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1508 (Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1506 (Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1505 (Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1504 (Stalker Internet Mail Server 1.6 allows a remote attacker to cause a d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1503 (Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1502 (Buffer overflows in Quake 1.9 client allows remote malicious servers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1501 ((1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1500 (Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1499 (named in ISC BIND 4.9 and 8.1 allows local users to destroy files via ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1498 (Slackware Linux 3.4 pkgtool allows local attacker to read and write to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1497 (Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1496 (Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to det ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1495 (xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1493 (Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1492 (Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows loc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1491 (abuse.console in Red Hat 2.1 uses relative pathnames to find and execu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1489 (Buffer overflow in TestChip function in XFree86 SuperProbe in Slackwar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1487 (Vulnerability in digest in AIX 4.3 allows printq users to gain root pr ...) NOT-FOR-US: AIX CVE-1999-1485 (nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP po ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1484 (Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1483 (Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1482 (SVGAlib zgv 3.0-7 and earlier allows local users to gain root access v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1480 ((1) acledit and (2) aclput in AIX 4.3 allow local users to create or m ...) NOT-FOR-US: AIX CVE-1999-1479 (The textcounter.pl by Matt Wright allows remote attackers to execute a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1477 (Buffer overflow in GNOME libraries 1.0.8 allows local user to gain roo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1475 (ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1474 (PowerPoint 95 and 97 allows remote attackers to cause an application t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1471 (Buffer overflow in passwd in BSD based operating systems 4.3 and earli ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1470 (Eastman Work Management 3.21 stores passwords in cleartext in the COMM ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1469 (Buffer overflow in w3-auth CGI program in miniSQL package allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1467 (Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trust ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1466 (Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote ...) NOT-FOR-US: Cisco CVE-1999-1465 (Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast swi ...) NOT-FOR-US: Cisco CVE-1999-1464 (Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast swi ...) NOT-FOR-US: Cisco CVE-1999-1463 (Windows NT 4.0 before SP3 allows remote attackers to bypass firewall r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1462 (Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b an ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1461 (inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH en ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1460 (BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1459 (BMC PATROL Agent before 3.2.07 allows local users to gain root privile ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1458 (Buffer overflow in at program in Digital UNIX 4.0 allows local users t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1457 (Buffer overflow in thttpd HTTP server before 2.04-31 allows remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1454 (Macromedia "The Matrix" screen saver on Windows 95 with the "Password ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1453 (Internet Explorer 4 allows remote attackers (malicious web site operat ...) NOT-FOR-US: Microsoft CVE-1999-1451 (The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remo ...) NOT-FOR-US: Microsoft CVE-1999-1450 (Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX Ope ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1449 (SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1448 (Eudora and Eudora Light before 3.05 allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1447 (Internet Explorer 4.0 allows remote attackers to cause a denial of ser ...) NOT-FOR-US: Microsoft CVE-1999-1446 (Internet Explorer 3 records a history of all URL's that are visited by ...) NOT-FOR-US: Microsoft CVE-1999-1445 (Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1444 (genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1443 (Micah Software Full Armor Network Configurator and Zero Administration ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1442 (Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1441 (Linux 2.0.34 does not properly prevent users from sending SIGIO signal ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1440 (Win32 ICQ 98a 1.30, and possibly other versions, does not display the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1439 (gcc 2.7.2 allows local users to overwrite arbitrary files via a symlin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1438 (Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1436 (Ray Chan WWW Authorization Gateway 0.1 CGI program allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1435 (Buffer overflow in libsocks5 library of Socks 5 (socks5) 1.0r5 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1434 (login in Slackware Linux 3.2 through 3.5 does not properly check for a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1431 (ZAK in Appstation mode allows users to bypass the "Run only allowed ap ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1430 (PIM software for Royal daVinci does not properly password-protext acce ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1429 (DIT TransferPro installs devices with world-readable and world-writabl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1428 (Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 allows local user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1427 (Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 create lock files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1426 (Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links wh ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1425 (Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write pe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1424 (Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions w ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1422 (The default configuration of Slackware 3.4, and possibly other version ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1421 (NBase switches NH208 and NH215 run a TFTP server which allows remote a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1420 (NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door pa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1418 (ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1417 (Format string vulnerability in AnswerBook2 (AB2) web server dwhttpd 3. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1416 (AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1415 (Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1413 (Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1412 (A possible interaction between Apple MacOS X release 1.0 and Apache HT ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1410 (addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1408 (Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users ...) NOT-FOR-US: AIX CVE-1999-1406 (dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1405 (snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory wi ...) NOT-FOR-US: AIX CVE-1999-1404 (IBM/Tivoli OPC Tracker Agent version 2 release 1 allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1403 (IBM/Tivoli OPC Tracker Agent version 2 release 1 creates files, direct ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1401 (Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1400 (The Economist screen saver 1999 with the "Password Protected" option e ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1399 (spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1398 (Vulnerability in xfsdump in SGI IRIX may allow local users to obtain r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1396 (Vulnerability in integer multiplication emulation code on SPARC archit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1395 (Vulnerability in Monitor utility (SYS$SHARE:SPISHR.EXE) in VMS 5.0 thr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1394 (BSD 4.4 based operating systems, when running at security level 1, all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1393 (Control Panel "Password Security" option for Apple Powerbooks allows a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1392 (Vulnerability in restore0.9 installation script in NeXT 1.0a and 1.0 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1391 (Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1390 (suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1389 (US Robotics/3Com Total Control Chassis with Frame Relay between 3.6.22 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1388 (passwd in SunOS 4.1.x allows local users to overwrite arbitrary files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1387 (Windows NT 4.0 SP2 allows remote attackers to cause a denial of servic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1383 ((1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain pr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1381 (Buffer overflow in dbadmin CGI program 1.0.1 on Linux allows remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1378 (dbmlparser.exe CGI guestbook program does not perform a chroot operati ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1377 (Matt Wright's download.cgi 1.0 allows remote attackers to read arbitra ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1376 (Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extens ...) NOT-FOR-US: Microsoft CVE-1999-1375 (FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1374 (perlshop.cgi shopping cart program stores sensitive customer informati ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1373 (FORE PowerHub before 5.0.1 allows remote attackers to cause a denial o ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1372 (Triactive Remote Manager with Basic authentication enabled stores the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1371 (Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1370 (The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) ...) NOT-FOR-US: Microsoft CVE-1999-1369 (Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaint ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1368 (AV Option for MS Exchange Server option for InoculateIT 4.53, and poss ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1367 (Internet Explorer 5.0 does not properly reset the username/password ca ...) NOT-FOR-US: Microsoft CVE-1999-1366 (Pegasus e-mail client 3.0 and earlier uses weak encryption to store PO ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1364 (Windows NT 4.0 allows local users to cause a denial of service (crash) ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1361 (Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1357 (Netscape Communicator 4.04 through 4.7 (and possibly other versions) i ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1355 (BMC Patrol component, when installed with Compaq Insight Management Ag ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1354 (E-mail client in Softarc FirstClass Internet Server 5.506 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1353 (Nosque MsgCore 2.14 stores passwords in cleartext: (1) the administrat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1352 (mknod in Linux 2.2 follows symbolic links, which could allow local use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1350 (ARCAD Systemhaus 0.078-5 installs critical programs and files with wor ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1349 (NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote attackers to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1348 (Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable P ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1347 (Xsession in Red Hat Linux 6.1 and earlier can allow local users with r ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1346 (PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier inc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1345 (Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1344 (Auto_FTP.pl script in Auto_FTP 0.2 stores usernames and passwords in p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1343 (HTTP server for Xerox DocuColor 4 LP allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1342 (ICQ ActiveList Server allows remote attackers to cause a denial of ser ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1340 (Buffer overflow in faxalter in hylafax 4.0.2 allows local users to gai ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1338 (Delegate proxy 5.9.3 and earlier creates files and directories in the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1334 (Multiple buffer overflows in filter command in Elm 2.4 allows attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1323 (Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1322 (The installation of 1ArcServe Backup and Inoculan AV client modules fo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1319 (Vulnerability in object server program in SGI IRIX 5.2 through 6.1 all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1315 (Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1314 (Vulnerability in union file system in FreeBSD 2.2 and earlier, and pos ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1313 (Manual page reader (man) in FreeBSD 2.2 and earlier allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1312 (Vulnerability in DEC OpenVMS VAX 5.5-2 through 5.0, and OpenVMS AXP 1. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1311 (Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1310 REJECTED CVE-1999-1308 (Certain programs in HP-UX 10.20 do not properly handle large user IDs ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1307 (Vulnerability in urestore in Novell UnixWare 1.1 allows local users to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1306 (Cisco IOS 9.1 and earlier does not properly handle extended IP access ...) NOT-FOR-US: Cisco CVE-1999-1305 (Vulnerability in "at" program in SCO UNIX 4.2 and earlier allows local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1304 (Vulnerability in login in SCO UNIX 4.2 and earlier allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1303 (Vulnerability in prwarn in SCO UNIX 4.2 and earlier allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1302 (Unspecified vulnerability in pt_chmod in SCO UNIX 4.2 and earlier allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1300 (Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1299 (rcp on various Linux systems including Red Hat 4.0 allows a "nobody" u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1296 (Buffer overflow in Kerberos IV compatibility libraries as used in Kerb ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1295 (Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1293 (mod_proxy in Apache 1.2.5 and earlier allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1292 (Buffer overflow in web administration feature of Kolban Webcam32 4.8.3 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1291 (TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and pos ...) NOT-FOR-US: Microsoft CVE-1999-1289 (ICQ 98 beta on Windows NT leaks the internal IP address of a client in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1287 (Vulnerability in Analog 3.0 and earlier allows remote attackers to rea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1286 (addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1285 (Linux 2.1.132 and earlier allows local users to cause a denial of serv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1283 (Opera 3.2.1 allows remote attackers to cause a denial of service (appl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1282 (RealSystem G2 server stores the administrator password in cleartext in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1281 (Development version of Breeze Network Server allows remote attackers t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1280 (Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1278 (nlog CGI scripts do not properly filter shell metacharacters from the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1277 (BackWeb client stores the username and password in cleartext for proxy ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1275 (Lotus cc:Mail release 8 stores the postoffice password in plaintext in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1274 (iPass RoamServer 3.1 creates temporary files with world-writable permi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1273 (Squid Internet Object Cache 1.1.20 allows users to bypass access contr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1272 (Buffer overflows in CDROM Confidence Test program (cdrom) allow local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1271 (Macromedia Dreamweaver uses weak encryption to store FTP passwords, wh ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1270 (KMail in KDE 1.0 provides a PGP passphrase as a command line argument ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1269 (Screen savers in KDE beta 3 allows local users to overwrite arbitrary ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1268 (Vulnerability in KDE konsole allows local users to hijack or observe s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1267 (KDE file manager (kfm) uses a TCP server for certain file operations, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1266 (rsh daemon (rshd) generates different error messages when a valid user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1265 (SMTP server in SLmail 3.1 and earlier allows remote attackers to cause ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1264 (WebRamp M3 router does not disable remote telnet or HTTP access to its ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1261 (Buffer overflow in Rainbow Six Multiplayer allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1260 (mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive serv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1257 (Xyplex terminal server 6.0.1S1, and possibly other versions, allows re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1256 (Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition store ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1255 (Hyperseek allows remote attackers to modify the hyperseek configuratio ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1254 (Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1253 (Vulnerability in a kernel error handling routine in SCO OpenServer 5.0 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1252 (Vulnerability in a certain system call in SCO UnixWare 2.0.x and 2.1.0 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1251 (Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1250 (Vulnerability in CGI program in the Lasso application by Blue World, a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1248 (Vulnerability in Support Watch (aka SupportWatch) in HP-UX 8.0 through ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1247 (Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1245 (vacm ucd-snmp SNMP server, version 3.52, does not properly disable acc ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1244 (IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary f ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1242 (Vulnerability in subnetconfig in HP-UX 9.01 and 9.0 allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1241 (Internet Explorer, with a security setting below Medium, allows remote ...) NOT-FOR-US: Microsoft CVE-1999-1240 (Buffer overflow in cddbd CD database server allows remote attackers to ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1239 (HP-UX 9.x does not properly enable the Xauthority mechanism in certain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1238 (Vulnerability in CORE-DIAG fileset in HP message catalog in HP-UX 9.05 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1237 (Multiple buffer overflows in smbvalid/smbval SMB authentication librar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1236 (Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1235 (Internet Explorer 5.0 records the username and password for FTP server ...) NOT-FOR-US: Microsoft CVE-1999-1234 (LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a d ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1232 (Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1231 (ssh 2.0.12, and possibly other versions, allows valid user names to at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1230 (Quake 2 server allows remote attackers to cause a denial of service vi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1229 (Quake 2 server 3.13 on Linux does not properly check file permissions ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1228 (Various modems that do not implement a guard time, or are configured w ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1227 (Ethereal allows local users to overwrite arbitrary files via a symlink ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1225 (rpc.mountd on Linux, Ultrix, and possibly other operating systems, all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1224 (IMAP 4.1 BETA, and possibly other versions, does not properly handle t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1221 (dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1220 (Majordomo 1.94.3 and earlier allows remote attackers to execute arbitr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1219 (Vulnerability in sgihelp in the SGI help system and print manager in I ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1218 (Vulnerability in finger in Commodore Amiga UNIX 2.1p2a and earlier all ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1216 (Cisco routers 9.17 and earlier allow remote attackers to bypass securi ...) NOT-FOR-US: Cisco CVE-1999-1213 (Vulnerability in telnet service in HP-UX 10.30 allows attackers to cau ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1212 (Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1211 (Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1210 (xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to ov ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1207 (Buffer overflow in web-admin tool in NetXRay 2.6 allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1206 (SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1202 (StarTech (1) POP3 proxy server and (2) telnet server allows remote att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1200 (Vintra SMTP MailServer allows remote attackers to cause a denial of se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1196 (Hummingbird Exceed X version 5 allows remote attackers to cause a deni ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1195 (NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus def ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1190 (Buffer overflow in POP3 server of Admiral Systems EmailClub 1.05 allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1187 (Pine before version 3.94 allows local users to gain privileges via a s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1186 (rxvt, when compiled with the PRINT_PIPE option in various Linux operat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1185 (Buffer overflow in SCO mscreen allows local users to gain root privile ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1184 (Buffer overflow in Elm 2.4 and earlier allows local users to gain priv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1183 (System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1182 (Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for L ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1180 (O'Reilly WebSite 1.1e and Website Pro 2.0 allows remote attackers to e ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1179 (Vulnerability in man.sh CGI script, included in May 1998 issue of SysA ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1178 (Sambar Server 4.1 beta allows remote attackers to obtain sensitive inf ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1176 (Buffer overflow in cidentd ident daemon allows local users to gain roo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1174 (ZIP drive for Iomega ZIP-100 disks allows attackers with physical acce ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1173 (Corel Word Perfect 8 for Linux creates a temporary working directory w ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1172 (By design, Maximizer Enterprise 4 calendar and address book program al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1171 (IPswitch WS_FTP allows local users to gain additional privileges and m ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1170 (IPswitch IMail allows local users to gain additional privileges and mo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1169 (nobo 1.2 allows remote attackers to cause a denial of service (crash) ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1168 (install.iss installation script for Internet Security Scanner (ISS) fo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1166 (Linux 2.0.37 does not properly encode the Custom segment limit, which ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1165 (GNU fingerd 1.37 does not properly drop privileges before accessing us ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1164 (Microsoft Outlook client allows remote attackers to cause a denial of ...) NOT-FOR-US: Microsoft CVE-1999-1158 (Buffer overflow in (1) pluggable authentication module (PAM) on Solari ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1155 (LakeWeb Mail List CGI script allows remote attackers to execute arbitr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1154 (LakeWeb Filemail CGI script allows remote attackers to execute arbitra ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1153 (HAMcards Postcard CGI script 1.0 allows remote attackers to execute ar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1152 (Compaq/Microcom 6000 Access Integrator does not disconnect a client af ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1151 (Compaq/Microcom 6000 Access Integrator does not cause a session timeou ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1150 (Livingston Portmaster routers running ComOS use the same initial seque ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1149 (Buffer overflow in CSM Proxy 4.1 allows remote attackers to cause a de ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1141 (Ascom Timeplex router allows remote attackers to obtain sensitive info ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1135 (Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root pri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1134 (Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root pri ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1133 (HP-UX 9.x and 10.x running X windows may allow local attackers to gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1130 (Default configuration of the search engine in Netscape Enterprise Serv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1129 (Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers ...) NOT-FOR-US: Cisco CVE-1999-1128 (Internet Explorer 3.01 on Windows 95 allows remote malicious web sites ...) NOT-FOR-US: Microsoft CVE-1999-1126 (Cisco Resource Manager (CRM) 1.1 and earlier creates certain files wit ...) NOT-FOR-US: Cisco CVE-1999-1125 (Oracle Webserver 2.1 and earlier runs setuid root, but the configurati ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1124 (HTTP Client application in ColdFusion allows remote attackers to bypas ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1123 (The installation of Sun Source (sunsrc) tapes allows local users to ga ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1113 (Buffer overflow in Eudora Internet Mail Server (EIMS) 2.01 and earlier ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1112 (Buffer overflow in IrfanView32 3.07 and earlier allows attackers to ex ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1110 (Windows Media Player ActiveX object as used in Internet Explorer 5.0 r ...) NOT-FOR-US: Microsoft CVE-1999-1108 REJECTED CVE-1999-1107 (Buffer overflow in kppp in KDE allows local users to gain root access ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1106 (Buffer overflow in kppp in KDE allows local users to gain root access ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1101 (Kabsoftware Lydia utility uses weak encryption to store user passwords ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1097 (Microsoft NetMeeting 2.1 allows one client to read the contents of ano ...) NOT-FOR-US: Microsoft CVE-1999-1096 (Buffer overflow in kscreensaver in KDE klock allows local users to gai ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1095 (sort creates temporary files and follows symbolic links, which allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1092 (tin 1.40 creates the .tin directory with insecure permissions, which a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1091 (UNIX news readers tin and rtin create the /tmp/.tin_log file with inse ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1089 (Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows loca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1088 (Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1086 (Novell 5 and earlier, when running over IPX with a packet signature le ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1084 (The "AEDebug" registry key is installed with insecure permissions, whi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1083 (Directory traversal vulnerability in Jana proxy web server 1.45 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1082 (Directory traversal vulnerability in Jana proxy web server 1.40 allows ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1081 (Vulnerability in files.pl script in Novell WebServer Examples Toolkit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1079 (Vulnerability in ptrace in AIX 4.3 allows local users to gain privileg ...) NOT-FOR-US: AIX CVE-1999-1078 (WS_FTP Pro 6.0 uses weak encryption for passwords in its initializatio ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1077 (Idle locking function in MacOS 9 allows local attackers to bypass the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1076 (Idle locking function in MacOS 9 allows local users to bypass the pass ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1075 (inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserv ...) NOT-FOR-US: AIX CVE-1999-1073 (Excite for Web Servers (EWS) 1.1 records the first two characters of a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1072 (Excite for Web Servers (EWS) 1.1 allows local users to gain privileges ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1071 (Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentic ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1070 (Buffer overflow in ping CGI program in Xylogics Annex terminal service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1069 (Directory traversal vulnerability in carbo.dll in iCat Carbo Server 3. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1068 (Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1067 (SGI MachineInfo CGI program, installed by default on some web servers, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1066 (Quake 1 server responds to an initial UDP game connection request with ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1065 (Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1064 (Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow att ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1063 (CDomain whois_raw.cgi whois CGI script allows remote attackers to exec ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1062 (HP Laserjet printers with JetDirect cards, when configured with TCP/IP ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1061 (HP Laserjet printers with JetDirect cards, when configured with TCP/IP ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1060 (Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1058 (Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote atta ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1056 REJECTED CVE-1999-1054 (The default configuration of FLEXlm license manager 6.0d, and possibly ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1053 (guestbook.pl cleanses user-inserted SSI commands by removing text betw ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1052 (Microsoft FrontPage stores form results in a default location in /_pri ...) NOT-FOR-US: Microsoft CVE-1999-1051 (Default configuration in Matt Wright FormHandler.cgi script allows arb ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1050 (Directory traversal vulnerability in Matt Wright FormHandler.cgi scrip ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1049 (ARCserve NT agents use weak encryption (XOR) for passwords, which allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1046 (Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to ca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1043 (Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) mal ...) NOT-FOR-US: Microsoft CVE-1999-1042 (Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log fi ...) NOT-FOR-US: Cisco CVE-1999-1041 (Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1040 (Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1039 (Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 22 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1038 (Tiger 2.2.3 allows local users to overwrite arbitrary files via a syml ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1036 (COPS 1.04 allows local users to overwrite or create arbitrary files vi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1033 (Microsoft Outlook Express before 4.72.3612.1700 allows a malicious use ...) NOT-FOR-US: Microsoft CVE-1999-1031 (counter.exe 2.70 allows a remote attacker to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1030 (counter.exe 2.70 allows a remote attacker to cause a denial of service ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1029 (SSH server (sshd2) before 2.0.12 does not properly record login attemp ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1026 (aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1025 (CDE screen lock program (screenlock) on Solaris 2.6 does not properly ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1024 (ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1023 (useradd in Solaris 7.0 does not properly interpret certain date format ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1022 (serial_ports administrative program in IRIX 4.x and 5.x trusts the use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1020 (The installation of Novell Netware NDS 5.99 provides an unauthenticate ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1018 (IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1017 (Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1016 (Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) Front ...) NOT-FOR-US: Microsoft CVE-1999-1015 (Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1013 (named-xfer in AIX 4.1.5 and 4.2.1 allows members of the system group t ...) NOT-FOR-US: AIX CVE-1999-1012 (SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other ope ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1009 (The Disney Go Express Search allows remote attackers to access and mod ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1006 (Groupwise web server GWWEB.EXE allows remote attackers to determine th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1003 (War FTP Daemon 1.70 allows remote attackers to cause a denial of servi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-1002 (Netscape Navigator uses weak encryption for storing a user's Netscape ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0993 (Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5. ...) NOT-FOR-US: Microsoft CVE-1999-0990 (Error messages generated by gdm with the VerboseAuth setting allows an ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0988 (UnixWare pkgtrans allows local users to read arbitrary files via a sym ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0985 (CC Whois program whois.cgi allows remote attackers to execute commands ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0984 (Matt's Whois program whois.cgi allows remote attackers to execute comm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0983 (Whois Internic Lookup program whois.cgi allows remote attackers to exe ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0970 (The OmniHTTPD visadmin.exe program allows a remote attacker to conduct ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0952 (Buffer overflow in Solaris lpstat via class argument allows local user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0949 (Buffer overflow in canuum program for Canna input system allows local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0948 (Buffer overflow in uum program for Canna input system allows local use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0944 (IBM WebSphere ikeyman tool uses weak encryption to store a password fo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0941 (Mutt mail client allows a remote attacker to execute commands via shel ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0929 (Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0926 (Apache allows remote attackers to conduct a denial of service via a la ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0925 (UnityMail allows remote attackers to conduct a denial of service via a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0923 (Sample runnable code snippets in ColdFusion Server 4.0 allow remote at ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0919 (A memory leak in a Motorola CableRouter allows remote attackers to con ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0913 (dfire.cgi script in Dragon-Fire IDS allows remote users to execute com ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0911 (Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attack ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0910 (Microsoft Site Server and Commercial Internet System (MCIS) do not set ...) NOT-FOR-US: Microsoft CVE-1999-0885 (Alibaba web server allows remote attackers to execute commands via a p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0882 (Falcon web server allows remote attackers to determine the absolute pa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0872 (Buffer overflow in Vixie cron allows local users to gain root access v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0863 (Buffer overflow in FreeBSD seyon via HOME environmental variable, -emu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0862 (Insecure directory permissions in RPM distribution for PostgreSQL allo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0860 (Solaris chkperm allows local users to read files owned by bin via the ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0857 (FreeBSD gdc program allows local users to modify files via a symlink a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0855 (Buffer overflow in FreeBSD gdc program. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0852 (IBM WebSphere sets permissions that allow a local user to modify a dei ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0850 (The default permissions for Endymion MailMan allow local users to read ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0846 (Denial of service in MDaemon 2.7 via a large number of connection atte ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0845 (Buffer overflow in SCO su program allows local users to gain root acce ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0844 (Denial of service in MDaemon WorldClient and WebConfig services via a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0843 (Denial of service in Cisco routers running NAT via a PORT command from ...) NOT-FOR-US: Cisco CVE-1999-0841 (Buffer overflow in CDE mailtool allows local users to gain root privil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0840 (Buffer overflow in CDE dtmail and dtmailpr programs allows local users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0830 (Buffer overflow in SCO UnixWare Xsco command via a long argument. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0829 (HP Secure Web Console uses weak encryption. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0828 (UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow loca ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0827 (By default, Internet Explorer 5.0 and other versions enables the "Navi ...) NOT-FOR-US: Microsoft CVE-1999-0825 (The default permissions for UnixWare /var/mail allow local users to re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0822 (Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AU ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0821 (FreeBSD seyon allows local users to gain privileges by providing a mal ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0818 (Buffer overflow in Solaris kcms_configure via a long NETPATH environme ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0816 (The Motorola CableRouter allows any remote user to connect to and conf ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0808 (Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0805 (Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and ea ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0798 (Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0795 (The NIS+ rpc.nisd server allows remote attackers to execute certain RP ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0792 (ROUTERmate has a default SNMP community name which allows remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0784 (Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0776 (Alibaba HTTP server allows remote attackers to read files via a .. (do ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0767 (Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES e ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0757 (The ColdFusion CFCRYPT program for encrypting CFML templates has weak ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0750 (Hotmail allows Javascript to be executed via the HTML STYLE tag, allow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0748 (Buffer overflows in Red Hat net-tools package. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0741 (QMS CrownNet Unix Utilities for 2060 allows root to log on without a p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0739 (The codebrws.asp sample file in IIS and Site Server allows remote atta ...) NOT-FOR-US: Microsoft CVE-1999-0738 (The code.asp sample file in IIS and Site Server allows remote attacker ...) NOT-FOR-US: Microsoft CVE-1999-0737 (The viewcode.asp sample file in IIS and Site Server allows remote atta ...) NOT-FOR-US: Microsoft CVE-1999-0736 (The showcode.asp sample file in IIS and Site Server allows remote atta ...) NOT-FOR-US: Microsoft CVE-1999-0712 (A vulnerability in Caldera Open Administration System (COAS) allows th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0698 (Denial of service in IP protocol logger (ippl) on Red Hat and Debian L ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0684 (Denial of service in Sendmail 8.8.6 in HPUX. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0677 (The WebRamp web administration utility has a default password. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0673 (Buffer overflow in ALMail32 POP3 client via From: or To: headers. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0670 (Buffer overflow in the Eyedog ActiveX control allows a remote attacker ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0669 (The Eyedog ActiveX control is marked as "safe for scripting" for Inter ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0667 (The ARP protocol allows any host to spoof ARP replies and poison the A ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0665 (An application-critical Windows NT registry key has an inappropriate v ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0664 (An application-critical Windows NT registry key has inappropriate perm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0663 (A system-critical program, library, or file has a checksum or other in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0662 (A system-critical program or library does not have the appropriate pat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0661 (A system is running a version of software that was replaced with a Tro ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0660 REJECTED CVE-1999-0659 REJECTED CVE-1999-0658 REJECTED CVE-1999-0657 (WinGate is being used. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0656 (The ugidd RPC interface, by design, allows remote attackers to enumera ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0655 REJECTED CVE-1999-0654 (The OS/2 or POSIX subsystem in NT is enabled. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0653 (A component service related to NIS+ is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0652 REJECTED CVE-1999-0651 (The rsh/rlogin service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0650 (The netstat service is running, which provides sensitive information t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0649 REJECTED CVE-1999-0648 REJECTED CVE-1999-0647 REJECTED CVE-1999-0646 REJECTED CVE-1999-0645 REJECTED CVE-1999-0644 REJECTED CVE-1999-0643 REJECTED CVE-1999-0642 REJECTED CVE-1999-0641 (The UUCP service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0640 (The Gopher service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0639 (The chargen service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0638 (The daytime service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0637 (The systat service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0636 (The discard service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0635 (The echo service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0634 REJECTED CVE-1999-0633 REJECTED CVE-1999-0632 (The RPC portmapper service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0631 REJECTED CVE-1999-0630 (The NT Alerter and Messenger services are running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0629 (The ident/identd service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0625 (The rpc.rquotad service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0624 (The rstat/rstatd service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0623 REJECTED CVE-1999-0622 REJECTED CVE-1999-0621 REJECTED CVE-1999-0620 REJECTED CVE-1999-0619 REJECTED CVE-1999-0618 (The rexec service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0617 REJECTED CVE-1999-0616 REJECTED CVE-1999-0615 REJECTED CVE-1999-0614 REJECTED CVE-1999-0613 (The rpc.sprayd service is running. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0611 (A system-critical Windows NT registry key has an inappropriate value. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0610 (An incorrect configuration of the Webcart CGI program could disclose p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0609 (An incorrect configuration of the SoftCart CGI program "SoftCart.exe" ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0607 (quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under th ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0606 (An incorrect configuration of the EZMall 2000 shopping cart CGI progr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0605 (An incorrect configuration of the Order Form 1.0 shopping cart CGI pr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0604 (An incorrect configuration of the WebStore 1.0 shopping cart CGI progr ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0603 (In Windows NT, an inappropriate user is a member of a group, e.g. Admi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0602 (A network intrusion detection system (IDS) does not properly reassembl ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0601 (A network intrusion detection system (IDS) does not properly handle da ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0600 (A network intrusion detection system (IDS) does not verify the checksu ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0599 (A network intrusion detection system (IDS) does not properly handle pa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0598 (A network intrusion detection system (IDS) does not properly handle pa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0597 (A Windows NT account policy does not forcibly disconnect remote users ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0596 (A Windows NT log file has an inappropriate maximum size or retention p ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0595 (A Windows NT system does not clear the system page file during shutdow ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0594 (A Windows NT system does not restrict access to removable media drives ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0593 (The default setting for the Winlogon key entry ShutdownWithoutLogon in ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0592 (The Logon box of a Windows NT system displays the name of the last use ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0591 (An event log in Windows NT has inappropriate access permissions. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0590 (A system does not present an appropriate legal message or warning to a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0589 (A system-critical Windows NT registry key has inappropriate permission ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0588 (A filter in a router or firewall allows unusual fragmented packets. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0587 (A WWW server is not running in a restricted file system, e.g. through ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0586 (A network service is running on a nonstandard port. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0585 (A Windows NT administrator account has the default name of Administrat ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0584 (A Windows NT file system is not NTFS. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0583 (There is a one-way or two-way trust relationship between Windows NT do ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0582 (A Windows NT account policy has inappropriate, security-critical setti ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0581 (The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, sy ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0580 (The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, s ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0579 (A Windows NT system's registry audit policy does not log an event succ ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0578 (A Windows NT system's registry audit policy does not log an event succ ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0577 (A Windows NT system's file audit policy does not log an event success ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0576 (A Windows NT system's file audit policy does not log an event success ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0575 (A Windows NT system's user audit policy does not log an event success ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0572 (.reg files are associated with the Windows NT registry editor (regedit ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0571 (A router's configuration service or management interface (such as a we ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0570 (Windows NT is not using a password filter utility, e.g. PASSFILT.DLL. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0569 (A URL for a WWW directory allows auto-indexing, which provides a list ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0568 (rpc.admind in Solaris is not running in a secure mode. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0565 (A Sendmail alias allows input to be piped to a program. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0564 (An attacker can force a printer to print arbitrary documents (e.g. if ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0562 (The registry in Windows NT can be accessed remotely by users who are n ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0561 (IIS has the #exec function enabled for Server Side Include (SSI) files ...) NOT-FOR-US: Microsoft CVE-1999-0560 (A system-critical Windows NT file or directory has inappropriate permi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0559 (A system-critical Unix file or directory has inappropriate permissions ...) - webmin 1.160-1 CVE-1999-0556 (Two or more Unix accounts have the same UID. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0555 (A Unix account with a name other than "root" has UID 0, i.e. root priv ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0554 (NFS exports system-critical data to the world, e.g. / or a password fi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0550 (A router's routing tables can be obtained from arbitrary hosts. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0549 (Windows NT automatically logs in an administrator upon rebooting. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0548 (A superfluous NFS server is running, but it is not importing or export ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0547 (An SSH server allows authentication through the .rhosts file. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0546 (The Windows NT guest account is enabled. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0541 (A password for accessing a WWW URL is guessable. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0539 (A trust relationship exists between two Unix hosts. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0537 (A configuration in a web browser such as Internet Explorer or Netscape ...) NOT-FOR-US: Microsoft CVE-1999-0535 (A Windows NT account policy for passwords has inappropriate, security- ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0534 (A Windows NT user has inappropriate rights or privileges, e.g. Act as ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0533 (A DNS server allows inverse queries. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0532 (A DNS server allows zone transfers. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0531 REJECTED CVE-1999-0530 (A system is operating in "promiscuous" mode which allows it to perform ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0529 (A router or firewall forwards packets that claim to come from IANA res ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0528 (A router or firewall forwards external packets that claim to come from ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0527 (The permissions for system-critical data in an anonymous FTP account a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0525 (IP traceroute is allowed from arbitrary hosts. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0524 (ICMP information such as (1) netmask and (2) timestamp is allowed from ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0523 (ICMP echo (ping) is allowed from arbitrary hosts. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0522 (The permissions for a system-critical NIS+ table (e.g. passwd) are ina ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0521 (An NIS domain name is easily guessable. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0520 (A system-critical NETBIOS/SMB share has inappropriate access control. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0519 (A NETBIOS/SMB share password is the default, null, or missing. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0518 (A NETBIOS/SMB share password is guessable. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0517 (An SNMP community name is the default (e.g. public), null, or missing. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0516 (An SNMP community name is guessable. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0515 (An unrestricted remote trust relationship for Unix systems has been se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0512 (A mail server is explicitly configured to allow SMTP mail relay, which ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0511 (IP forwarding is enabled on a machine which is not a router or firewal ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0510 (A router or firewall allows source routed packets from arbitrary hosts ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0509 (Perl, sh, csh, or other shell interpreters are installed in the cgi-bi ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0508 (An account on a router, firewall, or other network device has a defaul ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0507 (An account on a router, firewall, or other network device has a guessa ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0506 (A Windows NT domain user or administrator account has a default, null, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0505 (A Windows NT domain user or administrator account has a guessable pass ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0504 (A Windows NT local user or administrator account has a default, null, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0503 (A Windows NT local user or administrator account has a guessable passw ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0502 (A Unix account has a default, null, blank, or missing password. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0501 (A Unix account has a guessable password. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0499 (NETBIOS share information may be published through SNMP registry keys ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0498 (TFTP is not running in a restricted directory, allowing a remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0497 (Anonymous FTP is enabled. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0495 (A remote attacker can gain access to a file system using .. (dot dot) ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0492 (The ffingerd 1.19 allows remote attackers to identify users on the tar ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0490 (MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn ...) NOT-FOR-US: Microsoft CVE-1999-0489 (MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste ...) NOT-FOR-US: Microsoft CVE-1999-0488 (Internet Explorer 4.0 and 5.0 allows a remote attacker to execute secu ...) NOT-FOR-US: Microsoft CVE-1999-0486 (Denial of service in AOL Instant Messenger when a remote attacker send ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0480 (Local attackers can conduct a denial of service in Midnight Commander ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0477 (The Expression Evaluator in the ColdFusion Application Server allows a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0476 (A weak encryption algorithm is used for passwords in SCO TermVision, a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0469 (Internet Explorer 5.0 allows window spoofing, allowing a remote attack ...) NOT-FOR-US: Microsoft CVE-1999-0467 (The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a re ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0465 (Remote attackers can crash Lynx and Internet Explorer using an IMG tag ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0462 (suidperl in Linux Perl does not check the nosuid mount option on file ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0461 (Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0460 (Buffer overflow in Linux autofs module through long directory names al ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0459 (Local users can perform a denial of service in Alpha Linux, using MILO ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0455 (The Expression Evaluator sample application in ColdFusion allows remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0454 (A remote attacker can sometimes identify the operating system of a hos ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0453 (An attacker can identify a CISCO device by sending a SYN packet to por ...) NOT-FOR-US: Cisco CVE-1999-0452 (A service or application has a backdoor password that was placed there ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0451 (Denial of service in Linux 2.0.36 allows local users to prevent any se ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0450 (In IIS, an attacker could determine a real path using a request for a ...) NOT-FOR-US: Microsoft CVE-1999-0444 (Remote attackers can perform a denial of service in Windows machines u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0443 (Patrol management software allows a remote attacker to conduct a repla ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0435 (MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain ...) NOT-FOR-US: HP-UX CVE-1999-0434 (XFree86 xfs command is vulnerable to a symlink attack, allowing local ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0431 (Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragm ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0427 (Eudora 4.1 allows remote attackers to perform a denial of service by s ...) NOT-FOR-US: Eudora CVE-1999-0426 (The default permissions of /dev/kmem in Linux versions before 2.0.36 a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0419 (When the Microsoft SMTP service attempts to send a message to a server ...) NOT-FOR-US: Microsoft CVE-1999-0418 (Denial of service in SMTP applications such as Sendmail, when a remote ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0411 (Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, ...) NOT-FOR-US: SCO CVE-1999-0406 (Digital Unix Networker program nsralist has a buffer overflow which al ...) NOT-FOR-US: DEC UNIX CVE-1999-0401 (A race condition in Linux 2.2.1 allows local users to read arbitrary m ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0400 (Denial of service in Linux 2.2.0 running the ldd command on a core fil ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0399 (The DCC server command in the Mirc 5.5 client doesn't filter character ...) NOT-FOR-US: Mirc CVE-1999-0398 (In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0397 (The demo version of the Quakenbush NT Password Appraiser sends passwor ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0394 (DPEC Online Courseware allows an attacker to change another user's pas ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0389 (Buffer overflow in the bootp server in the Debian Linux netstd package ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0381 (super 3.11.6 and other versions have a buffer overflow in the syslog u ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0370 (In Sun Solaris and SunOS, man and catman contain vulnerabilities that ...) NOT-FOR-US: Sun CVE-1999-0364 (Microsoft Access 97 stores a database password as plaintext in a forei ...) NOT-FOR-US: Microsoft CVE-1999-0361 (NetWare version of LaserFiche stores usernames and passwords unencrypt ...) NOT-FOR-US: NetWare CVE-1999-0360 (MS Site Server 2.0 with IIS 4 can allow users to upload content, inclu ...) NOT-FOR-US: Windows CVE-1999-0359 (ptylogin in Unix systems allows users to perform a denial of service b ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0356 (ControlIT v4.5 and earlier uses weak encryption to store usernames and ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0354 (Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution o ...) NOT-FOR-US: Windows CVE-1999-0352 (ControlIT 4.5 and earlier (aka Remotely Possible) has weak password en ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0347 (Internet Explorer 4.01 allows remote attackers to read local files and ...) NOT-FOR-US: Windows CVE-1999-0345 (Jolt ICMP attack causes a denial of service in Windows 95 and Windows ...) NOT-FOR-US: Windows CVE-1999-0336 (Buffer overflow in mstm in HP-UX allows local users to gain root acces ...) NOT-FOR-US: HP CVE-1999-0333 (HP OpenView Omniback allows remote execution of commands as root via s ...) NOT-FOR-US: HP CVE-1999-0331 (Buffer overflow in Internet Explorer 4.0(1). ...) NOT-FOR-US: Windows CVE-1999-0330 (Linux bdash game has a buffer overflow that allows local users to gain ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0319 (Buffer overflow in xmcd 2.1 allows local users to gain access through ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0317 (Buffer overflow in Linux su command gives root access to local users. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0307 (Buffer overflow in HP-UX cstm program allows local users to gain root ...) NOT-FOR-US: HP CVE-1999-0306 (buffer overflow in HP xlock program. ...) NOT-FOR-US: HP CVE-1999-0298 (ypbind with -ypset and -ypsetme options activated in Linux Slackware a ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0287 (Vulnerability in the Wguest CGI program. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0286 (In some NT web servers, appending a space at the end of a URL may allo ...) NOT-FOR-US: Windows CVE-1999-0285 (Denial of service in telnet from the Windows NT Resource Kit, by openi ...) NOT-FOR-US: Windows CVE-1999-0284 (Denial of service to NT mail servers including Ipswitch, Mdaemon, and ...) NOT-FOR-US: Windows CVE-1999-0283 (The Java Web Server would allow remote users to obtain the source code ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0282 REJECTED CVE-1999-0271 (Progressive Networks Real Video server (pnserver) can be crashed remot ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0261 (Netmanager Chameleon SMTPd has several buffer overflows that cause a c ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0258 (Bonk variation of teardrop IP fragmentation denial of service. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0257 (Nestea variation of teardrop IP fragmentation denial of service. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0255 (Buffer overflow in ircd allows arbitrary command execution. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0254 (A hidden SNMP community string in HP OpenView allows remote attackers ...) NOT-FOR-US: HP CVE-1999-0253 (IIS 3.0 with the iis-fix hotfix installed allows remote intruders to r ...) NOT-FOR-US: Windows CVE-1999-0250 (Denial of service in Qmail through long SMTP commands. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0249 (Windows NT RSHSVC program allows remote users to execute arbitrary com ...) NOT-FOR-US: Windows CVE-1999-0246 (HP Remote Watch allows a remote user to gain root access. ...) NOT-FOR-US: HP CVE-1999-0243 (Linux cfingerd could be exploited to gain root access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0242 (Remote attackers can access mail files via POP3 in some Linux systems ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0241 (Guessable magic cookies in X Windows allows remote attackers to execut ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0240 (Some filters or firewalls allow fragmented SYN packets with IP reserve ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0238 (php.cgi allows attackers to read any file on the system. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0235 (Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote acces ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0232 (Buffer overflow in NCSA WebServer (version 1.5c) gives remote access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0231 (Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 package ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0229 (Denial of service in Windows NT IIS server using ..\.. ...) NOT-FOR-US: Windows CVE-1999-0226 (Windows NT TCP/IP processes fragmented IP packets improperly, causing ...) NOT-FOR-US: Windows CVE-1999-0222 (Denial of service in Cisco IOS web server allows attackers to reboot t ...) NOT-FOR-US: Cisco CVE-1999-0220 (Attackers can do a denial of service of IRC by crashing the server. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0216 (Denial of service of inetd on Linux through SYN and RST packets. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0213 (libnsl in Solaris allowed an attacker to perform a denial of service o ...) NOT-FOR-US: Solaris CVE-1999-0205 (Denial of service in Sendmail 8.6.11 and 8.6.12. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0200 (Windows NT FTP server (WFTP) with the guest account enabled without a ...) NOT-FOR-US: Windows CVE-1999-0198 (finger .@host on some systems may print information on some user accou ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0197 (finger 0@host on some systems may print information on some user accou ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0195 (Denial of service in RPC portmapper allows attackers to register or un ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0193 (Denial of service in Ascend and 3com routers, which can be rebooted by ...) NOT-FOR-US: Ascend/3com CVE-1999-0187 REJECTED CVE-1999-0186 (In Solaris, an SNMP subagent has a default community string that allow ...) NOT-FOR-US: Solaris CVE-1999-0171 (Denial of service in syslog by sending it a large number of superfluou ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0169 (NFS allows attackers to read and write any file on the system by speci ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0165 (NFS cache poisoning. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0163 (In older versions of Sendmail, an attacker could use a pipe character ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0156 (wu-ftpd FTP daemon allows any user and password combination. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0154 (IIS 2.0 and 3.0 allows remote attackers to read the source code for AS ...) NOT-FOR-US: Windows CVE-1999-0144 (Denial of service in Qmail by specifying a large number of recipients ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0140 (Denial of service in RAS/PPTP on NT systems. ...) NOT-FOR-US: Windows CVE-1999-0127 (swinstall and swmodify commands in SD-UX package in HP-UX systems allo ...) NOT-FOR-US: HP-UX CVE-1999-0123 (Race condition in Linux mailx command allows local users to read user ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0121 (Buffer overflow in dtaction command gives root access. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0119 (Windows NT 4.0 beta allows users to read and delete shares. ...) NOT-FOR-US: Windows CVE-1999-0114 (Local users can execute commands as other users, and read other users' ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0110 REJECTED CVE-1999-0107 (Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker t ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0106 (Finger redirection allows finger bombs. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0105 (finger allows recursive searches by using a long string of @ symbols. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0104 (A later variation on the Teardrop IP denial of service attack, a.k.a. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0098 (Buffer overflow in SMTP HELO command in Sendmail allows a remote attac ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0092 (Various vulnerabilities in the AIX portmir command allows local users ...) NOT-FOR-US: AIX CVE-1999-0089 (Buffer overflow in AIX libDtSvc library can allow local users to gain ...) NOT-FOR-US: AIX CVE-1999-0088 (IRIX and AIX automountd services (autofsd) allow remote users to execu ...) NOT-FOR-US: AIX CVE-1999-0086 (AIX routed allows remote users to modify sensitive files. ...) NOT-FOR-US: AIX CVE-1999-0078 (pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0076 (Buffer overflow in wu-ftp from PASV command causes a core dump. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0061 (File creation and deletion, and remote execution, in the BSD line prin ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0033 (Command execution in Sun systems via buffer overflow in the at program ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0030 (root privileges via buffer overflow in xlock command on SGI IRIX syste ...) NOT-FOR-US: SGI CVE-1999-0020 REJECTED CVE-1999-0015 (Teardrop IP denial of service. ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0004 (MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlo ...) NOT-FOR-US: Data pre-dating the Security Tracker CVE-1999-0001 (ip_input.c in BSD-derived TCP/IP implementations allows remote attacke ...) NOT-FOR-US: Data pre-dating the Security Tracker