Weekly Vulnerabilities Reports > April 12 to 18, 1999
4 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 1 high severity vulnerabilities. This weekly summary report vulnerabilities in 6 products from 4 vendors including Microsoft, Netbsd, Realnetworks, and Darren Reed. Vulnerabilities are notably categorized as .
- 1 reported vulnerabilities are remotely exploitables.
- 4 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 1 reported vulnerabilities.
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
1 High Vulnerabilities
|1999-04-15||CVE-1999-1244||Darren Reed|| Unspecified vulnerability in Darren Reed Ipfilter |
IPFilter 3.2.3 through 3.2.10 allows local users to modify arbitrary files via a symlink attack on the saved output file.
2 Medium Vulnerabilities
|1999-04-12||CVE-1999-0444||Microsoft|| Denial-Of-Service vulnerability in Microsoft Windows 95, Windows 98 and Windows NT |
Remote attackers can perform a denial of service in Windows machines using malicious ARP packets, forcing a message box display for each packet or filling up log files.
|1999-04-14||CVE-1999-1369||Realnetworks|| Unspecified vulnerability in Realnetworks Realserver 126.96.36.1993 |
Real Media RealServer (rmserver) 188.8.131.523 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges.
1 Low Vulnerabilities
|1999-04-12||CVE-1999-0446||Netbsd|| Unspecified vulnerability in Netbsd 1.3.1/1.3.2/1.3.3 |
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS.