Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
1996-10-08 CVE-1999-0234 Bash treats any character with a value of 255 as a command separator.
local
low complexity
yggdrasil sgi caldera redhat suse
4.6
1996-10-01 CVE-1999-0308 Unspecified vulnerability in HP Hp-Ux 8/9
HP-UX gwind program allows users to modify arbitrary files.
local
low complexity
hp
4.6
1996-09-21 CVE-1999-0961 Unspecified vulnerability in HP Hp-Ux 9.04/9.05
HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation.
local
high complexity
hp
6.2
1996-09-19 CVE-1999-0116 Unspecified vulnerability in IBM AIX and SNG
Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood.
network
low complexity
ibm
5.0
1996-09-17 CVE-1999-1295 Unspecified vulnerability in Transarc DCE Distributed File System 1.1
Transarc DCE Distributed File System (DFS) 1.1 for Solaris 2.4 and 2.5 does not properly initialize the grouplist for users who belong to a large number of groups, which could allow those users to gain access to resources that are protected by DFS.
local
low complexity
transarc
4.6
1996-09-13 CVE-1999-1383 Permissions, Privileges, and Access Controls vulnerability in multiple products
(1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable.
local
low complexity
gnu tcsh CWE-264
4.6
1996-08-26 CVE-1999-1187 Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail. 4.6
1996-08-03 CVE-1999-1413 Unspecified vulnerability in SUN Solaris and Sunos
Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g.
local
low complexity
sun
4.6
1996-07-01 CVE-1999-0175 Unspecified vulnerability in Novell web Server 1.0
The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server.
network
low complexity
novell
5.0
1996-05-23 CVE-1999-1313 Unspecified vulnerability in Freebsd
Manual page reader (man) in FreeBSD 2.2 and earlier allows local users to gain privileges via a sequence of commands.
local
low complexity
freebsd
4.6