Monthly Archive: September 1999

CVE-1999-0628

The rwho/rwhod service is running, which exposes machine status and user information. Date published : 1999-09-29

CVE-1999-0627

The rexd service is running, which uses weak authentication that can allow an attacker to execute commands. Date published : 1999-09-29

CVE-1999-0626

A version of rusers is running that exposes valid user information to any entity on the network. Date published : 1999-09-29

CVE-1999-0612

A version of finger is running that exposes valid user information to any entity on the network. Date published : 1999-09-29

CVE-1999-0566

An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. Date published : 1999-09-29

CVE-1999-0514

UDP messages to broadcast addresses are allowed, allowing for a Fraggle attack that can cause a denial of service by flooding the target. Date published : 1999-09-29

CVE-1999-0513

ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. Date published : 1999-09-29

CVE-1999-0494

Denial of service in WinGate proxy through a buffer overflow in POP3. Date published : 1999-09-29