
CVE-1999-0374
https://notcve.org/view.php?id=CVE-1999-0374
16 Feb 1999 — Debian GNU/Linux cfengine package is susceptible to a symlink attack. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0374 •

CVE-1999-0368 – WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-0368
09 Feb 1999 — Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. • https://www.exploit-db.com/exploits/19086 •

CVE-1999-0373
https://notcve.org/view.php?id=CVE-1999-0373
01 Feb 1999 — Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0373 •

CVE-1999-0457
https://notcve.org/view.php?id=CVE-1999-0457
17 Jan 1999 — Linux ftpwatch program allows local users to gain root privileges. • http://www.securityfocus.com/bid/317 •

CVE-1999-0678 – Debian 2.1 - HTTPd
https://notcve.org/view.php?id=CVE-1999-0678
17 Jan 1999 — A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server. • https://www.exploit-db.com/exploits/19253 •

CVE-1999-0389
https://notcve.org/view.php?id=CVE-1999-0389
03 Jan 1999 — Buffer overflow in the bootp server in the Debian Linux netstd package. • http://www.securityfocus.com/bid/324 •

CVE-1999-0914 – Stanford University bootpd 2.4.3 / Debian 2.0 - netstd
https://notcve.org/view.php?id=CVE-1999-0914
03 Jan 1999 — Buffer overflow in the FTP client in the Debian GNU/Linux netstd package. • https://www.exploit-db.com/exploits/19256 •

CVE-1999-1276
https://notcve.org/view.php?id=CVE-1999-1276
07 Dec 1998 — fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device. • http://www.debian.org/security/1998/19981207 •

CVE-1999-1411
https://notcve.org/view.php?id=CVE-1999-1411
26 Nov 1998 — The installation of the fsp package 2.71-10 in Debian GNU/Linux 2.0 adds the anonymous FTP user without notifying the administrator, which could automatically enable anonymous FTP on some servers such as wu-ftp. • http://lists.debian.org/debian-security-announce/debian-security-announce-1998/msg00033.html •

CVE-1999-1048
https://notcve.org/view.php?id=CVE-1999-1048
05 Sep 1998 — Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory. • http://marc.info/?l=bugtraq&m=87602746719555&w=2 •