CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-1999-0002 119 Overflow 1998-10-12 2009-01-26
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.
2 CVE-1999-0009 Overflow 1998-04-08 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
3 CVE-1999-0010 DoS 1998-04-08 2018-10-30
5.0
None Remote Low Not required None None Partial
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
4 CVE-1999-0011 DoS 1998-04-08 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
5 CVE-1999-0034 Overflow 1997-05-29 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.
6 CVE-1999-0037 Exec Code 1997-05-21 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.
7 CVE-1999-0041 Overflow 1997-02-13 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in NLS (Natural Language Service).
8 CVE-1999-0042 Overflow 1997-04-07 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
9 CVE-1999-0043 Exec Code 1996-12-04 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
10 CVE-1999-0125 Overflow 1998-01-25 2018-10-30
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in SGI IRIX mailx program.
11 CVE-1999-0130 +Priv 1996-11-16 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Local users can start Sendmail in daemon mode and gain root privileges.
12 CVE-1999-0131 DoS Overflow 1996-09-11 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
13 CVE-1999-0192 Overflow 1997-10-18 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
14 CVE-1999-0234 1996-10-08 2008-09-09
4.6
None Local Low Not required Partial Partial Partial
Bash treats any character with a value of 255 as a command separator.
15 CVE-1999-0297 Overflow 1996-12-12 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
16 CVE-1999-0318 Overflow 1997-03-01 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
17 CVE-1999-0368 Overflow 1999-02-09 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
18 CVE-1999-0390 Overflow 1999-01-04 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Dosemu Slang library in Linux.
19 CVE-1999-0405 Overflow 1999-02-18 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
A buffer overflow in lsof allows local users to obtain root privilege.
20 CVE-1999-0433 DoS +Priv 1999-03-21 2008-09-09
4.6
None Local Low Not required Partial Partial Partial
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
21 CVE-1999-0434 DoS +Priv 1999-03-30 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
22 CVE-1999-0502 1998-03-01 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
A Unix account has a default, null, blank, or missing password.
23 CVE-1999-0704 Overflow 1999-09-16 2008-09-09
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
24 CVE-1999-0705 Overflow 1999-09-01 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in INN inews program.
25 CVE-1999-0706 +Priv 2000-04-27 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.
26 CVE-1999-0710 1999-07-25 2018-05-03
7.5
None Remote Low Not required Partial Partial Partial
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
27 CVE-1999-0740 DoS 1999-08-19 2008-09-09
6.4
None Remote Low Not required Partial None Partial
Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.
28 CVE-1999-0748 Overflow 1999-06-24 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflows in Red Hat net-tools package.
29 CVE-1999-0768 Overflow 1999-08-25 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.
30 CVE-1999-0769 1999-08-25 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
31 CVE-1999-0798 Overflow 1998-12-04 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
32 CVE-1999-0804 DoS 1999-06-01 2008-09-09
5.0
None Remote Low Not required None None Partial
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
33 CVE-1999-0814 1999-08-11 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.
34 CVE-1999-0832 Exec Code Overflow 1999-11-09 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.
35 CVE-1999-0868 Exec Code 1997-02-20 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
36 CVE-1999-0872 Overflow 1999-08-25 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
37 CVE-1999-0894 2000-01-04 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.
38 CVE-1999-0986 DoS 1999-12-08 2008-09-09
5.0
None Remote Low Not required None None Partial
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
39 CVE-1999-0997 Exec Code 1999-12-20 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
40 CVE-1999-1048 Overflow +Priv 1998-09-05 2017-10-10
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory.
41 CVE-1999-1095 1997-10-06 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.
42 CVE-1999-1182 Overflow +Priv 1997-07-17 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
43 CVE-1999-1186 +Priv 1996-01-02 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter.
44 CVE-1999-1288 +Priv 1998-11-19 2017-10-10
4.6
None Local Low Not required Partial Partial Partial
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.
45 CVE-1999-1299 1997-02-03 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.
46 CVE-1999-1327 Overflow +Priv 1999-12-31 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable.
47 CVE-1999-1328 1999-12-31 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.
48 CVE-1999-1329 Overflow +Priv 1999-12-31 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.
49 CVE-1999-1330 Overflow 1999-12-31 2016-10-18
4.6
None Local Low Not required Partial Partial Partial
The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.
50 CVE-1999-1331 DoS 1999-12-31 2008-09-10
2.1
None Local Low Not required None None Partial
netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface.
Total number of vulnerabilities : 3974   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.