CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-1999-1125
https://notcve.org/view.php?id=CVE-1999-1125
Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file. • http://marc.info/?l=bugtraq&m=87602880019796&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 1CVE-1999-0045 – Apache 1.1 / NCSA HTTPd 1.5.2 / Netscape Server 1.12/1.1/2.0 - a nph-test-cgi
https://notcve.org/view.php?id=CVE-1999-0045
List of arbitrary files on Web host via nph-test-cgi script. • https://www.exploit-db.com/exploits/19536 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0045 •
CVSS: 5.0EPSS: 8%CPEs: 1EXPL: 1CVE-1999-0070 – Apache 0.8.x/1.0.x / NCSA HTTPd 1.x - 'test-cgi' Directory Listing
https://notcve.org/view.php?id=CVE-1999-0070
test-cgi program allows an attacker to list files on the server. • https://www.exploit-db.com/exploits/20435 https://lists.apache.org/thread.html/rc5d27fc1e76dc5650e1a3f1db1de403120f4c2d041cb7352850455c2%40%3Cusers.httpd.apache.org%3E •
CVSS: 10.0EPSS: 29%CPEs: 2EXPL: 0CVE-1999-0067
https://notcve.org/view.php?id=CVE-1999-0067
phf CGI program allows remote command execution through shell metacharacters. • http://www.cert.org/advisories/CA-1996-06.html http://www.osvdb.org/136 http://www.securityfocus.com/bid/629 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •