CVE-1999-1299
https://notcve.org/view.php?id=CVE-1999-1299
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file. • http://marc.info/?l=bugtraq&m=87602167420509&w=2 •
CVE-1999-0043
https://notcve.org/view.php?id=CVE-1999-0043
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-1999-0130 – BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon
https://notcve.org/view.php?id=CVE-1999-0130
Local users can start Sendmail in daemon mode and gain root privileges. • https://www.exploit-db.com/exploits/19556 http://www.securityfocus.com/bid/716 •
CVE-1999-0234
https://notcve.org/view.php?id=CVE-1999-0234
Bash treats any character with a value of 255 as a command separator. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234 •
CVE-1999-0131
https://notcve.org/view.php?id=CVE-1999-0131
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. • http://www.securityfocus.com/bid/717 •