By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system.
CVE-1999-0406
Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege.
CVE-1999-0405
A buffer overflow in lsof allows local users to obtain root privilege.
CVE-1999-0404
Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution.
CVE-1999-0403
A bug in Cyrix CPUs on Linux allows local users to perform a denial of service.
CVE-1999-0402
wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.
CVE-1999-0401
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.
CVE-1999-0400
Denial of service in Linux 2.2.0 running the ldd command on a core file.
CVE-1999-0399
The DCC server command in the Mirc 5.5 client doesn't filter characters from file names properly, allowing remote attackers to place a malicious file in a different location, possibly allowing the attacker to execute commands.
CVE-1999-0398
In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.