The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted. Date published : 1999-09-29 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-005 http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;Q217004
Lynx allows a local user to overwrite sensitive files through /tmp symlinks. Date published : 1999-09-29
The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access. Date published : 1999-09-29 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/183
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. Date published : 1999-09-29
NetBSD netstat command allows local users to access kernel memory. Date published : 1999-09-29 http://www.osvdb.org/7571
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. Date published : 1999-09-29 https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-004...
The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry. Date published : 1999-09-29
SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise. Date published : 1999-09-29 http://www.securityfocus.com/bid/328
WS_FTP server remote denial of service through cwd command. Date published : 1999-09-29 http://www.securityfocus.com/bid/217 http://www.eeye.com/html/Research/Advisories/AD02021999.html
Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets. Date published : 1999-09-29
Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service. Date published : 1999-09-29
rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory. Date published : 1999-09-29 http://www.ciac.org/ciac/bulletins/j-026.shtml http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9902-091
FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client. Date published : 1999-09-29 http://attrition.org/security/advisory/misc/infowar/iw_sec_01.txt
Race condition in the db_loader program in ClearCase gives local users root access by setting SUID bits. Date published : 1999-09-29