Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 1998-11-12 | CVE-1999-1322 | The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext. | 4.6 |
| 1998-11-12 | CVE-1999-1025 | Unspecified vulnerability in SUN Solaris and Sunos CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string. | 4.6 |
| 1998-11-04 | CVE-1999-0052 | IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. | 5.0 |
| 1998-10-26 | CVE-1999-0215 | Unspecified vulnerability in SGI Irix Routed allows attackers to append data to files. | 6.4 |
| 1998-10-13 | CVE-1999-0053 | Unspecified vulnerability in Freebsd 6.2 TCP RST denial of service in FreeBSD. | 5.0 |
| 1998-10-05 | CVE-1999-1291 | Unspecified vulnerability in Microsoft Windows 95 and Windows NT TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target. | 5.0 |
| 1998-10-02 | CVE-1999-1404 | Multiple vulnerability in IBM Tivoli OPC Tracker Agent 1.0X/2.0X/3.0X IBM/Tivoli OPC Tracker Agent version 2 release 1 allows remote attackers to cause a denial of service (resource exhaustion) via malformed data to the localtracker client port (5011), which prevents the connection from being closed properly. | 5.0 |
| 1998-10-02 | CVE-1999-0343 | Unspecified vulnerability in Palace Client A malicious Palace server can force a client to execute arbitrary programs. | 5.1 |
| 1998-10-01 | CVE-1999-0546 | Unspecified vulnerability in Microsoft Windows NT The Windows NT guest account is enabled. | 4.6 |
| 1998-09-25 | CVE-1999-1054 | Unspecified vulnerability in Globetrotter Flexlm 6.0D The default configuration of FLEXlm license manager 6.0d, and possibly other versions, allows remote attackers to shut down the server via the lmdown command. | 5.0 |