Selection:
XSS CSRF Privilege Buffer Remote Stack
CVE ID Name Status References
CVE-1999-0014

Unauthorized privileged access or denial of service via dtappgather program in CDE.

CERT:CA-98.02.CDE | HP:HPSBUX9801-075 | URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9801-075 | SUN:00185 | URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/185

CVE-1999-0018

Buffer overflow in statd allows root privileges.

AUSCERT:AA-97.29 | BID:127 | URL:http://www.securityfocus.com/bid/127 | CERT:CA-97.26.statd | XF:statd

CVE-1999-0022

Local user gains root privileges via buffer overflow in rdist, via expstr() function.

CERT:CA-97.23.rdist | SUN:00179 | URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/179 | XF:rdist-bo3 | XF:rdist-sept97

CVE-1999-0023

Local user gains root privileges via buffer overflow in rdist, via lookup() function.

CERT:CA-96.14.rdist_vul | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0023 | XF:rdist-bo | XF:rdist-bo2

CVE-1999-0025

root privileges via buffer overflow in df command on SGI IRIX systems.

AUSCERT:AA-97.19.IRIX.df.buffer.overflow.vul | BID:346 | URL:http://www.securityfocus.com/bid/346 | CERT:CA-1997-21 | URL:http://www.cert.org/advisories/CA-1997-21.html | CERT-VN:VU#20851 | URL:http://www.kb.cert.org/vuls/id/20851 | SGI:SGI:19970505-01-A | SGI:SGI:19970505-02-PX | XF:df-bo(440) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/440

CVE-1999-0026

root privileges via buffer overflow in pset command on SGI IRIX systems.

AUSCERT:AA-97.20.IRIX.pset.buffer.overflow.vul | CERT:CA-97.21.sgi_buffer_overflow | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0026 | XF:pset-bo

CVE-1999-0027

root privileges via buffer overflow in eject command on SGI IRIX systems.

AUSCERT:AA-97.21.IRIX.eject.buffer.overflow.vul | CERT:CA-97.21.sgi_buffer_overflow | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0027 | XF:eject-bo

CVE-1999-0028

root privileges via buffer overflow in login/scheme command on SGI IRIX systems.

AUSCERT:AA-97.22.IRIX.login.scheme.buffer.overflow.vul | CERT:CA-97.21.sgi_buffer_overflow | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0028 | XF:sgi-schemebo

CVE-1999-0029

root privileges via buffer overflow in ordist command on SGI IRIX systems.

AUSCERT:AA-97.23-IRIX.ordist.buffer.overflow.vul | CERT:CA-97.21.sgi_buffer_overflow | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0029 | XF:ordist-bo

CVE-1999-0030

root privileges via buffer overflow in xlock command on SGI IRIX systems.

Proposed (19990623)

AUSCERT:AA-97.24.IRIX.xlock.buffer.overflow.vul | CERT:CA-97.21.sgi_buffer_overflow | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0030 | SGI:19970508-02-PX | XF:sgi-xlockbo

CVE-1999-0040

Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.

CERT:CA-97.11.libXt | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0040 | XF:libXt-bo

CVE-1999-0048

Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges.

AUSCERT:AA-97.01 | CERT:CA-97.04.talkd | FREEBSD:FreeBSD-SA-96:21 | SUN:00147 | URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/147 | XF:netkit-talkd | XF:talkd-bo

CVE-1999-0084

Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0.

XF:nfs-mknod(78) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/78

CVE-1999-0093

AIX nslookup command allows local users to obtain root access by not dropping privileges correctly.

ERS:ERS-SVA-E01-1997:008.1 | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0093 | XF:ibm-nslookup

CVE-1999-0094

AIX piodmgrsu command allows local users to gain additional group privileges.

ERS:ERS-SVA-E01-1997:007.1 | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0094 | XF:ibm-piodmgrsu

CVE-1999-0099

Buffer overflow in syslog utility allows local or remote attackers to gain root privileges.

CERT:CA-95.13.syslog.vul | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0099 | XF:smtp-syslog

CVE-1999-0130

Local users can start Sendmail in daemon mode and gain root privileges.

BID:716 | URL:http://www.securityfocus.com/bid/716 | CERT:CA-96.24.sendmail.daemon.mode | XF:sendmail-daemon-mode

CVE-1999-0138

The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.

CERT:CA-96.12.suidperl_vul | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0138 | XF:sperl-suid

CVE-1999-0203

In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.

CERT:CA-95.08 | CIAC:E-03 | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0203 | XF:smtp-sendmail-version5

CVE-1999-0210

Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters.

BID:235 | URL:http://www.securityfocus.com/bid/235 | BUGTRAQ:19971126 Solaris 2.5.1 automountd exploit (fwd) | URL:http://marc.info/?l=bugtraq&m=88053459921223&w=2 | BUGTRAQ:19990103 SUN almost has a clue! (automountd) | URL:http://marc.info/?l=bugtraq&m=91547759121289&w=2 | CERT:CA-99-05 | URL:http://www.cert.org/advisories/CA-99-05-statd-automountd.html | HP:HPSBUX9910-104 | URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9910-104

CVE-1999-0295

Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges.

SUN:00157 | URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/157 | XF:sun-sysdef

CVE-1999-0307

Buffer overflow in HP-UX cstm program allows local users to gain root privileges.

Modified (19991207)

BUGTRAQ:19961116 This week: turn me on, dead man | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0307 | XF:hpux-cstm-bo

CVE-1999-0312

HP ypbind allows attackers with root privileges to modify NIS data.

CERT:CA-93:01.REVISED.HP.NIS.ypbind.vulnerability | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0312 | XF:nis-ypbind

CVE-1999-0328

SGI permissions program allows local users to gain root privileges.

SGI:19971103-01-PX | URL:ftp://patches.sgi.com/support/free/security/advisories/19971103-01-PX | XF:sgi-permtool

CVE-1999-0337

AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.

CERT:CA-94.10.IBM.AIX.bsh.vulnerability.html | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0337 | XF:ibm-bsh

CVE-1999-0339

Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.

MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0339 | RSI:RSI.0007.05-26-98 | XF:sol-sun-libauth

CVE-1999-0376

Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.

BUGTRAQ:Feb20,1999 | L0PHT:Feb18,1999 | MS:MS99-006 | URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-006 | XF:nt-knowndlls-list

CVE-1999-0382

The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.

MS:MS99-008 | URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-008 | XF:nt-screen-saver

CVE-1999-0405

A buffer overflow in lsof allows local users to obtain root privilege.

BUGTRAQ:Feb18,1999 | DEBIAN:19990220a | HERT:002 | OSVDB:3163 | URL:http://www.osvdb.org/3163 | XF:lsof-bo

CVE-1999-0406

Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege.

Proposed (19990728)

BUGTRAQ:Feb19,1999 | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0406 | XF:digital-networker-bo

CVE-1999-0420

umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program.

MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0420 | NETBSD:1999-006

CVE-1999-0423

Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges.

HP:HPSBUX9903-093 | URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-093 | XF:hp-hpterm-files

CVE-1999-0432

ftp on HP-UX 11.00 allows local users to gain privileges.

HP:HPSBUX9903-094 | URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-094 | XF:hp-ftp

CVE-1999-0433

XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

BUGTRAQ:19990321 X11R6 NetBSD Security Problem | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433 | SUSE:Mar28,1999 | XF:xfree86-temp-directories

CVE-1999-0434

XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.

Proposed (19990728)

BID:359 | URL:http://www.securityfocus.com/bid/359 | BUGTRAQ:19990331 Bug in xfs

CVE-1999-0435

MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM.

Proposed (19990623)

HP:HPSBUX9903-096 | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0435

CVE-1999-0436

Domain Enterprise Server Management System (DESMS) in HP-UX allows local users to gain privileges.

HP:HPSBUX9903-095 | URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-095 | XF:hp-desms-servers

CVE-1999-0447

Local users can gain privileges using the debug utility in the MPE/iX operating system.

HP:HPSBMP9904-006 | URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMP9904-006 | XF:mpeix-debug

CVE-1999-0451

Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port.

Proposed (19990726)

BID:343 | URL:http://www.securityfocus.com/bid/343 | BUGTRAQ:Jan19,1999

CVE-1999-0457

Linux ftpwatch program allows local users to gain root privileges.

BID:317 | URL:http://www.securityfocus.com/bid/317 | BUGTRAQ:Jan17,1999 | DEBIAN:19990117 | XF:ftpwatch-vuln

CVE-1999-0534

A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Backup, Change System Time, Create Pagefile, Create Permanent Object, Create Token Name, Debug, Generate Security Audit, Increase Priority, Increase Quota, Load Driver, Lock Memory, Profile Single Process, Remote Shutdown, Replace Process Token, Restore, System Environment, Take Ownership, or Unsolicited Input.

Proposed (19990721)

MISC:https://www.cve.org/CVERecord?id=CVE-1999-0534

CVE-1999-0555

A Unix account with a name other than "root" has UID 0, i.e. root privileges.

Proposed (19990728)

MISC:https://www.cve.org/CVERecord?id=CVE-1999-0555

CVE-1999-0607

quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insufficient access control, which allows remote attackers to obtain the cleartext administrator password and gain privileges.

Modified (20060608)

BUGTRAQ:19990420 Shopping Carts exposing CC data | URL:http://marc.info/?l=bugtraq&m=92462991805485&w=2

CVE-1999-0691

Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.

BID:635 | URL:http://www.securityfocus.com/bid/635 | BUGTRAQ:19990913 Vulnerability in dtaction | CERT:CA-99-11 | COMPAQ:SSRTO615U_DTACTION | HP:HPSBUX9909-103 | URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103 | OVAL:oval:org.mitre.oval:def:3078 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3078 | SUN:00192 | URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192 | XF:cde-dtaction-username-bo

CVE-1999-0692

The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges.

CERT:CA-99-09 | CIAC:J-052 | URL:http://www.ciac.org/ciac/bulletins/j-052.shtml | SGI:19990701-01-P | URL:ftp://patches.sgi.com/support/free/security/advisories/19990701-01-P | XF:sgi-arrayd

CVE-1999-0693

Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.

BID:641 | URL:http://www.securityfocus.com/bid/641 | CERT:CA-99-11 | HP:HPSBUX9909-103 | URL:http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103 | OVAL:oval:org.mitre.oval:def:4374 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4374 | SUN:00192 | URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192 | XF:cde-dtsession-env-bo

CVE-1999-0697

SCO Doctor allows local users to gain root privileges through a Tools option.

BID:621 | URL:http://www.securityfocus.com/bid/621 | BUGTRAQ:19990908 SCO 5.0.5 /bin/doctor nightmare | XF:sco-doctor-execute

CVE-1999-0706

Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.

BID:583 | URL:http://www.securityfocus.com/bid/583 | DEBIAN:19990807 | SUSE:19990817 Security hole in i4l (xmonisdn)

CVE-1999-0708

Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field.

BID:651 | URL:http://www.securityfocus.com/bid/651 | BUGTRAQ:19990921 BP9909-00: cfingerd local buffer overflow

CVE-1999-0713

The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.

BUGTRAQ:19990404 Digital Unix 4.0E /var permission | CIAC:J-044 | URL:http://www.ciac.org/ciac/bulletins/j-044.shtml | COMPAQ:SSRT0600U | XF:cde-dtlogin


Page created:

CVE year by year statistics.

CVE year statistics by common vulnerability domain.

Latest data from: 2024-03-25