CVE-1999-0161
In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering. Date published : 1999-09-29 http://www.osvdb.org/797
Monthly Archive: September 1999
CVE-1999-0160
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. Date published : 1999-09-29
CVE-1999-0159
Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases. Date published :...
CVE-1999-0158
Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM server and retrieve any file whose name and location is known. Date published : 1999-09-29 http://www.cisco.com/warp/public/770/pixmgrfile-pub.shtml...
CVE-1999-0157
Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service. Date published : 1999-09-29 http://www.osvdb.org/1097
CVE-1999-0155
The ghostscript command with the -dSAFER option allows remote attackers to execute commands. Date published : 1999-09-29
CVE-1999-0153
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. Date published : 1999-09-29 http://www.osvdb.org/1666
CVE-1999-0152
The DG/UX finger daemon allows remote command execution through shell metacharacters. Date published : 1999-09-29
CVE-1999-0150
The Perl fingerd program allows arbitrary command execution from remote users. Date published : 1999-09-29
CVE-1999-0149
The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. Date published : 1999-09-29 http://www.securityfocus.com/bid/373
CVE-1999-0148
The handler CGI program in IRIX allows arbitrary command execution. Date published : 1999-09-29 http://www.securityfocus.com/bid/380 ftp://patches.sgi.com/support/free/security/advisories/19970501-02-PX
CVE-1999-0147
The aglimpse CGI program of the Glimpse package allows remote execution of arbitrary commands. Date published : 1999-09-29
CVE-1999-0146
The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file. Date...
CVE-1999-0143
Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys. Date published : 1999-09-29