Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malformed URL within an ICQ message.

Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands.

Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request.

Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command.

glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.

glFtpD includes a default glftpd user account with a default password and a UID of 0.

Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.

Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.

wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file.

Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.

IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program.

Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands.

Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request.

WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter.

The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands.

HP-UX aserver program allows local users to gain privileges via a symlink attack.

Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.

Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execute commands via a long GET request.

Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain contro...

Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.

Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attac...

Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.

loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584.

The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with phy...