Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1998-12-17 | CVE-1999-0188 | Unspecified vulnerability in SUN Solaris and Sunos The passwd command in Solaris can be subjected to a denial of service. | 7.2 |
| 1998-12-12 | CVE-1999-0139 | Unspecified vulnerability in SUN Solaris and Sunos Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. | 7.2 |
| 1998-12-07 | CVE-1999-1276 | fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device. | 7.2 |
| 1998-12-04 | CVE-1999-1147 | Unspecified vulnerability in Platinum Policy Compliance Manager 7.0 Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows remote attackers to execute arbitrary commands via a long string to the Agent port (1827), which is handled by smaxagent.exe. | 7.5 |
| 1998-12-03 | CVE-1999-1280 | Unspecified vulnerability in Hummingbird Exceed 6.0.1.0 Hummingbird Exceed 6.0.1.0 inadvertently includes a DLL that was meant for development and testing, which logs user names and passwords in cleartext in the test.log file. | 7.5 |
| 1998-12-01 | CVE-1999-0321 | Unspecified vulnerability in SUN Solaris Buffer overflow in Solaris kcms_configure command allows local users to gain root access. | 7.2 |
| 1998-11-30 | CVE-1999-1073 | Unspecified vulnerability in Excite EWS 1.1 Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack. | 7.2 |
| 1998-11-30 | CVE-1999-1072 | Unspecified vulnerability in Excite EWS 1.1 Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi. | 7.2 |
| 1998-11-30 | CVE-1999-1071 | Unspecified vulnerability in Excite EWS 1.1 Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file. | 7.2 |
| 1998-11-26 | CVE-1999-1411 | Unspecified vulnerability in Debian Linux 2.0 The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp. | 7.5 |