Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1996-09-17 | CVE-1999-1295 | Unspecified vulnerability in Transarc DCE Distributed File System 1.1 Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 does not properly initialize the grouplist for users who belong to a large number of groups, which could allow those users to gain access to resources that are protected by DFS. | 4.6 |
| 1996-09-13 | CVE-1999-1383 | Permissions, Privileges, and Access Controls vulnerability in multiple products (1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable. | 4.6 |
| 1996-08-26 | CVE-1999-1187 | Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail. | 4.6 |
| 1996-08-03 | CVE-1999-1413 | Unspecified vulnerability in SUN Solaris and Sunos Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. | 4.6 |
| 1996-07-01 | CVE-1999-0175 | Unspecified vulnerability in Novell web Server 1.0 The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server. | 5.0 |
| 1996-05-23 | CVE-1999-1313 | Unspecified vulnerability in Freebsd Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands. | 4.6 |
| 1996-04-24 | CVE-1999-0019 | Delete or create a file via rpc.statd, due to invalid information. | 5.0 |
| 1996-04-03 | CVE-1999-1103 | Unspecified vulnerability in Digital OSF 1 dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter. | 4.6 |
| 1996-02-21 | CVE-1999-0143 | Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys. | 4.6 |
| 1996-02-08 | CVE-1999-0103 | Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. network low complexity | 5.0 |