Download
| Alert*
CVE-1999-0009
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. CVE-1999-0768 Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable. CVE-1999-0704 Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others. CVE-1999-0769 Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. CVE-1999-0706 Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables. CVE-1999-0010 Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. CVE-1999-0034 Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. CVE-1999-0011 Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. CVE-1999-0740 Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable. CVE-1999-0872 Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file. CVE-1999-0002 Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems. CVE-1999-0125 Buffer overflow in SGI IRIX mailx program. CVE-1999-1048 Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory. CVE-1999-0192 Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. CVE-1999-0390 Buffer overflow in Dosemu Slang library in Linux. CVE-1999-1182 Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. CVE-2000-0118 The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. CVE-1999-1331 netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface. CVE-2000-0170 Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable. CVE-1999-1330 The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf. CVE-2000-1220 The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file. CVE-2000-1221 The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modif ... |