CVE-1999-0425
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes. Date published : 1999-09-29
Monthly Archive: September 1999
CVE-1999-0424
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes. Date published : 1999-09-29
CVE-1999-0423
Vulnerability in hpterm on HP-UX 10.20 allows local users to gain additional privileges. Date published : 1999-09-29 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9903-093
CVE-1999-0422
In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set. Date published : 1999-09-29
CVE-1999-0420
umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program. Date published : 1999-09-29
CVE-1999-0417
64 bit Solaris 7 procfs allows local users to perform a denial of service. Date published : 1999-09-29 http://www.securityfocus.com/bid/448
CVE-1999-0414
In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection. Date published : 1999-09-29
CVE-1999-0413
A buffer overflow in the SGI X server allows local users to gain root access through the X server font path. Date published : 1999-09-29 ftp://patches.sgi.com/support/free/security/advisories/19990301-01-PX
CVE-1999-0412
In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension. Date published : 1999-09-29 http://www.securityfocus.com/bid/501
CVE-1999-0410
The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access. Date published : 1999-09-29 http://www.securityfocus.com/bid/293
CVE-1999-0405
A buffer overflow in lsof allows local users to obtain root privilege. Date published : 1999-09-29
CVE-1999-0404
Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution. Date published : 1999-09-29
CVE-1999-0402
wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. Date published : 1999-09-29
CVE-1999-0396
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote attackers to cause a denial of service. Date published : 1999-09-29