WebTrends software stores account names and passwords in a file which does not have restricted access permissions.
CVE-1999-0915
URL Live! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-1999-0914
Buffer overflow in the FTP client in the Debian GNU/Linux netstd package.
CVE-1999-0913
dfire.cgi script in Dragon-Fire IDS allows remote users to execute commands via shell metacharacters.
CVE-1999-0912
FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files.
CVE-1999-0911
Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories.
CVE-1999-0910
Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.
CVE-1999-0909
Multihomed Windows systems allow a remote attacker to bypass IP source routing restrictions via a malformed packet with IP options, aka the "Spoofed Route Pointer" vulnerability.
CVE-1999-0908
Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.