CVE-1999-0038 – BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0038
Buffer overflow in xlock program allows local users to execute commands as root. • https://www.exploit-db.com/exploits/19173 https://www.exploit-db.com/exploits/19172 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0038 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-1999-1408 – HP HP-UX 10.20 / IBM AIX 4.1.5 - 'connect()' Denial of Service
https://notcve.org/view.php?id=CVE-1999-1408
Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service (crash) by using a socket to connect to a port on the localhost, calling shutdown to clear the socket, then using the same socket to connect to a different port on localhost. • https://www.exploit-db.com/exploits/19278 http://marc.info/?l=bugtraq&m=87602167420641&w=2 http://www.securityfocus.com/bid/352 •
CVE-1999-0046 – BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0046
Buffer overflow of rlogin program using TERM environmental variable. • https://www.exploit-db.com/exploits/19203 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0046 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-1999-0309
https://notcve.org/view.php?id=CVE-1999-0309
HP-UX vgdisplay program gives root access to local users. • http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9702-056 •
CVE-1999-1144
https://notcve.org/view.php?id=CVE-1999-1144
Certain files in MPower in HP-UX 10.x are installed with insecure permissions, which allows local users to gain privileges. • http://www.codetalker.com/advisories/vendor/hp/hpsbux9701-051.html https://exchange.xforce.ibmcloud.com/vulnerabilities/2056 •