Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1999-12-01 | CVE-1999-0819 | Unspecified vulnerability in Microsoft Windows 2000 and Windows NT NTMail does not disable the VRFY command, even if the administrator has explicitly disabled it. | 5.0 |
| 1999-11-30 | CVE-1999-0824 | Unspecified vulnerability in Microsoft Windows NT 4.0 A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users. | 4.6 |
| 1999-11-29 | CVE-1999-0847 | Unspecified vulnerability in Freechess.Org Fics Program Buffer overflow in free internet chess server (FICS) program, xboard. | 5.0 |
| 1999-11-24 | CVE-1999-1548 | Unspecified vulnerability in Cabletron Smartswitch Router 8000 Firmware 2.0 Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle 200 ARP requests per second allowing a denial of service attack to succeed with a flood of ARP requests exceeding that limit. | 5.0 |
| 1999-11-24 | CVE-1999-0844 | WebConfig Overflow DoS vulnerability in Deerfield Mdaemon 2.8.5/2.8.6 Denial of service in MDaemon WorldClient and WebConfig services via a long URL. | 5.0 |
| 1999-11-19 | CVE-1999-1475 | Unspecified vulnerability in Proftpd Project Proftpd 1.2 ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. | 4.6 |
| 1999-11-19 | CVE-1999-0831 | Denial of service in Linux syslogd via a large number of connections. | 5.0 |
| 1999-11-17 | CVE-1999-1519 | Buffer Overflow DoS vulnerability in Gene6 G6 FTP Server 2.0 Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password. | 5.0 |
| 1999-11-17 | CVE-1999-1092 | Unspecified vulnerability in Iain LEA TIN 1.40 tin 1.40 creates the .tin directory with insecure permissions, which allows local users to read passwords from the .inputhistory file. | 4.6 |
| 1999-11-16 | CVE-1999-1051 | Unspecified vulnerability in Matt Wright Formhandler.Cgi 1.0/2.0/3.0 Default configuration in Matt Wright FormHandler.cgi script allows arbitrary directories to be used for attachments, and only restricts access to the /etc/ directory, which allows remote attackers to read arbitrary files via the reply_message_attach attachment parameter. | 5.0 |