Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
1998-10-02 CVE-1999-1403 Multiple vulnerability in IBM Tivoli OPC Tracker Agent 1.0X/2.0X/3.0X
IBM/Tivoli OPC Tracker Agent version 2 release 1 creates files, directories, and IPC message queues with insecure permissions (world-readable and world-writable), which could allow local users to disrupt operations and possibly gain privileges by modifying or deleting files.
local
low complexity
ibm
7.2
1998-10-02 CVE-1999-0343 Unspecified vulnerability in Palace Client
A malicious Palace server can force a client to execute arbitrary programs.
network
high complexity
palace
5.1
1998-10-01 CVE-1999-0870 Unspecified vulnerability in Microsoft Internet Explorer 4.0.1
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.
network
high complexity
microsoft
2.6
1998-10-01 CVE-1999-0546 Unspecified vulnerability in Microsoft Windows NT
The Windows NT guest account is enabled.
local
low complexity
microsoft
4.6
1998-10-01 CVE-1999-0506 Unspecified vulnerability in Microsoft Windows 2000 and Windows NT
A Windows NT domain user or administrator account has a default, null, blank, or missing password.
local
low complexity
microsoft
7.2
1998-10-01 CVE-1999-0505 Unspecified vulnerability in Microsoft Windows 2000 and Windows NT
A Windows NT domain user or administrator account has a guessable password.
local
low complexity
microsoft
7.2
1998-10-01 CVE-1999-0186 Unspecified vulnerability in SUN Solaris 2.6
In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters.
network
low complexity
sun
critical
10.0
1998-09-29 CVE-1999-1181 Unspecified vulnerability in SGI Irix
Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges.
local
low complexity
sgi
7.2
1998-09-27 CVE-1999-1228 Various modems that do not implement a guard time, or are configured with a guard time of 0, can allow remote attackers to execute arbitrary modem commands such as ATH, ATH0, etc., via a "+++" sequence that appears in ICMP packets, the subject of an e-mail message, IRC commands, and others.
network
low complexity
logicode diamond us-robotics
7.5
1998-09-25 CVE-1999-1054 Unspecified vulnerability in Globetrotter Flexlm 6.0D
The default configuration of FLEXlm license manager 6.0d, and possibly other versions, allows remote attackers to shut down the server via the lmdown command.
network
low complexity
globetrotter
5.0