Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1998-11-30 | CVE-1999-1072 | Unspecified vulnerability in Excite EWS 1.1 Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi. | 7.2 |
| 1998-11-30 | CVE-1999-1071 | Unspecified vulnerability in Excite EWS 1.1 Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file. | 7.2 |
| 1998-11-26 | CVE-1999-1411 | Unspecified vulnerability in Debian Linux 2.0 The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp. | 7.5 |
| 1998-11-18 | CVE-1999-1107 | Unspecified vulnerability in KDE 1.0 Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable. | 7.2 |
| 1998-11-18 | CVE-1999-0781 | KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables. | 7.2 |
| 1998-11-16 | CVE-1999-0057 | Vacation program allows command execution by remote users through a sendmail command. | 7.5 |
| 1998-11-11 | CVE-1999-1289 | Unspecified vulnerability in Mirabilis ICQ 98Beta ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. | 7.5 |
| 1998-11-09 | CVE-1999-1155 | Unspecified vulnerability in Lakeweb Mail List CGI Script LakeWeb Mail List CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | 7.5 |
| 1998-11-09 | CVE-1999-1154 | Unspecified vulnerability in Lakeweb Filemail CGI Script LakeWeb Filemail CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | 7.5 |
| 1998-11-09 | CVE-1999-1153 | Unspecified vulnerability in Hamcards Postcard CGI Hamcards Postcard CGI 1.0 HAMcards Postcard CGI script 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | 7.5 |