Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
1998-11-26 CVE-1999-1411 Unspecified vulnerability in Debian Linux 2.0
The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp.
network
low complexity
debian
7.5
7.5
1998-11-19 CVE-1999-1288 Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.
local
low complexity
samba caldera redhat turbolinux
4.6
4.6
1998-11-18 CVE-1999-1107 Unspecified vulnerability in KDE 1.0
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.
local
low complexity
kde
7.2
7.2
1998-11-18 CVE-1999-0782 KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
local
low complexity
freebsd kde linux
2.1
2.1
1998-11-18 CVE-1999-0781 KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
local
low complexity
freebsd kde linux
7.2
7.2
1998-11-18 CVE-1999-0780 KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.
local
low complexity
freebsd kde linux
4.6
4.6
1998-11-16 CVE-1999-0057 Vacation program allows command execution by remote users through a sendmail command.
network
low complexity
eric-allman freebsd hp ibm sun
7.5
7.5
1998-11-12 CVE-1999-1322 The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext.
local
low complexity
broadcom microsoft
4.6
4.6
1998-11-12 CVE-1999-1025 Unspecified vulnerability in SUN Solaris and Sunos
CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string.
local
low complexity
sun
4.6
4.6
1998-11-11 CVE-1999-1289 Unspecified vulnerability in Mirabilis ICQ 98Beta
ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g.
network
low complexity
mirabilis
7.5
7.5