Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
1996-12-03 CVE-1999-0129 Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
local
low complexity
eric-allman sco sun hp ibm bsdi freebsd
4.6
1996-11-22 CVE-1999-1099 Unspecified vulnerability in KTH Kerberos 4
Kerberos 4 allows remote attackers to obtain sensitive information via a malformed UDP packet that generates an error string that inadvertently includes the realm name and the last user.
network
low complexity
kth
5.0
1996-10-16 CVE-1999-0075 Unspecified vulnerability in Washington University Wu-Ftpd
PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password.
network
low complexity
washington-university
5.0
1996-10-08 CVE-1999-0234 Bash treats any character with a value of 255 as a command separator.
local
low complexity
yggdrasil sgi caldera redhat suse
4.6
1996-10-01 CVE-1999-0308 Unspecified vulnerability in HP Hp-Ux 8/9
HP-UX gwind program allows users to modify arbitrary files.
local
low complexity
hp
4.6
1996-09-21 CVE-1999-0961 Unspecified vulnerability in HP Hp-Ux 9.04/9.05
HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation.
local
high complexity
hp
6.2
1996-09-19 CVE-1999-0116 Unspecified vulnerability in IBM AIX and SNG
Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood.
network
low complexity
ibm
5.0
1996-09-17 CVE-1999-1295 Unspecified vulnerability in Transarc DCE Distributed File System 1.1
Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 does not properly initialize the grouplist for users who belong to a large number of groups, which could allow those users to gain access to resources that are protected by DFS.
local
low complexity
transarc
4.6
1996-09-13 CVE-1999-1383 Permissions, Privileges, and Access Controls vulnerability in multiple products
(1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable.
local
low complexity
gnu tcsh CWE-264
4.6
1996-08-26 CVE-1999-1187 Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail. 4.6