VARIoT IoT vulnerabilities database
| VAR-199906-0005 | CVE-1999-1412 | Apple MacOS Security hole |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs, which generates a large number of processes. A vulnerability in the MacOS X Server may crash it while under heavy load.
The vulnerability appears while stress testing a server running the Apache web server and 32 or more process are concurntly doing HTTP GET request to a CGI script in a loop. The system will panic and display a stack trace with ipc_task_init.
Although the vulnerability is not related to web servering it can only be reproduced so far using this means
| VAR-199905-0021 | CVE-1999-0803 | AIX eNetwork Firewall fwluser Script to write arbitrary file vulnerabilities |
CVSS V2: 2.1 CVSS V3: - Severity: LOW |
The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack. A vulnerability exists in the fwluser script in the AIX eNetwork firewall
| VAR-199905-0009 | CVE-1999-1393 | apple's macOS Vulnerability in |
CVSS V2: 4.6 CVSS V3: - Severity: MEDIUM |
Control Panel "Password Security" option for Apple Powerbooks allows attackers with physical access to the machine to bypass the security by booting it with an emergency startup disk and using a disk editor to modify the on/off toggle or password in the aaaaaaaAPWD file, which is normally inaccessible. apple's macOS Exists in unspecified vulnerabilities.None. Powerbooks come with a 'Password Security' Control Panel. This allows the user to create a password that must be entered prior to the OS mounting the hard drive. This feature can be enabled or disabled by the user. The control panel stores the enabled/disabled state, as well as an encrypted verion of the password, in a file called 'aaaaaaaaAPWD' in the root of the drive. The problem is that this security feature can be bypassed with a boot disk and hard drive utility
| VAR-199905-0051 | CVE-1999-1566 | iParty Conferencing Server Remote Denial of Service Attack Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters. A buffer overflow condition has been discovered in the Intel iParty server. The server will need to be restarted to regain normal functionality.
This issue may be due to a buffer overrun, potentially resulting in arbitrary code execution. This possibility has not been confirmed. iParty is a small voice conference chat program developed by Intel Experimental Technologies Department. The iParty meeting service daemon does not correctly handle the malformed requests submitted by users. Remote attackers can use this vulnerability to carry out denial-of-service attacks on the meeting service system
| VAR-199905-0031 | CVE-1999-0739 | IIS And web server codebrws.asp Sample file read arbitrary file vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. IIS is prone to a remote security vulnerability.
Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks
| VAR-199905-0028 | CVE-1999-0736 | Microsoft IIS of showcode.asp Vulnerability to view arbitrary files in files |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. Microsoft IIS of showcode.asp Passed source There is a vulnerability that allows arbitrary files to be viewed by specifying a relative path in the parameter.ASP You may get important information about the source code and system.
IIS 4.0 installs a number of sample ASP scripts including one called "showcode.asp". This script allows clients to view the source of other sample scripts via a browser. The "showcode.asp" script does not perform sufficent checks and allows files outside the sample directory to be requested. In particular, it does not check for ".." in the path of the requested file.
The script takes one parameter, "source", which is the file to view. The script's default location URL is:
http://www.sitename.com/msadc/Samples/SELECTOR/showcode.asp
Similar vulnerabilities have been noted in ViewCode.asp, CodeBrws.asp and Winmsdp.exe
| VAR-199905-0030 | CVE-1999-0738 | IIS And web server code.asp Sample file read arbitrary file vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. IIS is prone to a remote security vulnerability.
Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks
| VAR-199905-0029 | CVE-1999-0737 | Microsoft IIS 4.0 showcode.asp Example script to see arbitrary file vulnerabilities (MS99-013) |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. IIS is prone to a remote security vulnerability.
Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks
| VAR-199904-0053 | No CVE | Cisco IOS Software Input Access List Leakage with NAT |
CVSS V2: - CVSS V3: - Severity: - |
It is reported that Cisco routers running versions 12.0 are affected by a vulnerability which allows packets to bypass input filter rules.
When certain versions of Cisco IOS are configured with both input access lists and NAT, an interaction between different software bugs allows packets to bypass the input filter rules.
This situation allows for a false sense of security by the administrators of affected devices.
This may allow an attacker to circumvent access control restrictions, possibly aiding them in further compromise of protected computers.
| VAR-199904-0034 | CVE-1999-0471 | Winroute Security hole |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The remote proxy server in Winroute allows a remote attacker to reconfigure the proxy without authentication through the "cancel" button
| VAR-199904-0039 | CVE-1999-1323 | Internet Email Gateways (NAVIEG) navieg.ini and MS Exchange (NAVMSE) ModifyPassword Registry key Norton AntiVirus Encryption error vulnerability |
CVSS V2: 4.6 CVSS V3: - Severity: MEDIUM |
Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE. ini, (2) ModifyPassword registry entry under NAVMSE
| VAR-199904-0026 | CVE-1999-0445 | IOS Cisco routing running NAT Filter vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters
| VAR-199903-0049 | CVE-1999-1559 | Xylan OmniSwitch Input validation vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports one session at a time. Omniswitch is prone to a security bypass vulnerability. Xylan OmniSwitch prior to 3.2.6 is vulnerable
| VAR-199903-0024 | CVE-1999-0415 | Cisco router HTTP Server vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration. Cisco 7Xx Routers is prone to a denial-of-service vulnerability.
Attackers can exploit this issue to cause a denial-of-service condition. A remote attacker could exploit this vulnerability to change the router's configuration
| VAR-199903-0025 | CVE-1999-0416 | Cisco Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port. There are vulnerabilities in the Cisco 7xx series
| VAR-199903-0051 | CVE-2000-0019 | IMail POP3 daemon Security hole |
CVSS V2: 2.1 CVSS V3: - Severity: LOW |
IMail POP3 daemon uses weak encryption, which allows local users to read files. IMail is prone to a local security vulnerability
| VAR-199903-0048 | CVE-1999-1551 | Ipswitch IMail Buffer overflow DoS Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL. The IMail web server can be crashed by requesting an abnormally long URL. There is a buffer overflow vulnerability in Ipswitch IMail Service version 5.0
| VAR-199903-0014 | CVE-1999-0221 | Ascend Router security vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Denial of service of Ascend routers through port 150 (remote administration). Ascend Router is prone to a denial-of-service vulnerability.
Attackers can exploit this issue to cause a denial-of-service condition
| VAR-199903-0015 | CVE-1999-0222 | Cisco IOS Security hole |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL. Cisco Router is prone to a denial-of-service vulnerability.
Attackers can exploit this issue to cause a denial-of-service condition. An attacker can use long URLs to cause a denial of service
| VAR-199903-0001 | CVE-1999-1046 | NT IMail IMonitor Buffer Overflow DoS Vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Buffer overflow in IMonitor in IMail 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 8181. The IMail IMonitor service can be crashed by exploiting a buffer overflow vulnerability