CVSS: 8.4EPSS: 0%CPEs: 45EXPL: 2CVE-1999-0038 – BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0038
26 Apr 1997 — Buffer overflow in xlock program allows local users to execute commands as root. • https://www.exploit-db.com/exploits/19173 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 5%CPEs: 8EXPL: 1CVE-1999-0042 – Linux imapd - Remote Overflow / File Retrieve
https://notcve.org/view.php?id=CVE-1999-0042
07 Apr 1997 — Buffer overflow in University of Washington's implementation of IMAP and POP servers. • https://www.exploit-db.com/exploits/340 •
CVSS: 10.0EPSS: 3%CPEs: 42EXPL: 1CVE-1999-0046 – BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0046
06 Feb 1997 — Buffer overflow of rlogin program using TERM environmental variable. • https://www.exploit-db.com/exploits/19203 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 2%CPEs: 4EXPL: 0CVE-1999-0047
https://notcve.org/view.php?id=CVE-1999-0047
28 Jan 1997 — MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. • http://www.securityfocus.com/bid/685 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-1999-0297
https://notcve.org/view.php?id=CVE-1999-0297
12 Dec 1996 — Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297 •
CVSS: 10.0EPSS: 1%CPEs: 14EXPL: 0CVE-1999-0043
https://notcve.org/view.php?id=CVE-1999-0043
04 Dec 1996 — Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-1999-0129
https://notcve.org/view.php?id=CVE-1999-0129
03 Dec 1996 — Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. • http://www.cert.org/advisories/CA-1996-25.html •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 1CVE-1999-0130 – BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon
https://notcve.org/view.php?id=CVE-1999-0130
16 Nov 1996 — Local users can start Sendmail in daemon mode and gain root privileges. • https://www.exploit-db.com/exploits/19556 •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 2CVE-1999-0032 – BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation
https://notcve.org/view.php?id=CVE-1999-0032
25 Oct 1996 — Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option. • https://www.exploit-db.com/exploits/19545 •
CVSS: 7.2EPSS: 0%CPEs: 19EXPL: 0CVE-1999-0131
https://notcve.org/view.php?id=CVE-1999-0131
11 Sep 1996 — Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. • http://www.securityfocus.com/bid/717 •