CVE-1999-0233

IIS 1.0 is reported to allow users to execute arbitrary commands via .bat or .cmd files. The cited sources do not provide concrete technical details beyond this description (no specific root cause, affected versions beyond IIS 1.0, or remediation steps). Exploitation status and in‑the‑wild use ar...

PlusMail plusmail CGI Arbitrary Command Execution

The 'plusmail' CGI is installed. Some versions of this CGI have a well known security flaw that lets an attacker read arbitrary file with the privileges of the HTTP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

CVE-1999-1290

Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string...

CVE-1999-1334

Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via 1 long From: headers, 2 long Reply-To: headers, or 3 via a long -f filterfile command line argument...

Majordomo 1.94.4/1.94.5 - Local -C Parameter (1)

source: https://www.securityfocus.com/bid/903/info It is possible for a local user to gain majordomo privileges through a vulnerability which allows privileged arbitrary commands to be executed. If the -C parameter is passed to majordomo or one of several other scripts when run with the setuid ro...

CVE-1999-0935

classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form...

Lincoln D. Stein nph-publish.cgi pathname Parameter Traversal Arbitrary File Write

The 'nph-publish.cgi' is installed. This CGI has a well known security flaw that lets an attacker to execute arbitrary commands with the privileges of the HTTP daemon usually root or nobody. %NASLMINLEVEL 70300 This script was written by Mathieu Perrin See the Nessus Scripts License for details...

Cobalt RaQ2 cgiwrap Multiple Vulnerabilities

The remote host has 'cgiwrap' is installed. If you are running an unpatched Cobalt RaQ, the version of cgiwrap distributed with that system has a known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon root or nobody. This flaw exists only on the...

Matt Wright guestbook.pl Arbitrary Command Execution

The 'guestbook.pl' is installed. This CGI has a well known security flaw that lets anyone execute arbitrary commands with the privileges of the HTTP daemon root or nobody. %NASLMINLEVEL 70300 This script was written by Mathieu Perrin See the Nessus Scripts License for details Changes by Tenable: ...

CVE-1999-1058

Buffer overflow in Vermillion FTP Daemon VFTPD 1.23 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via several long CWD commands...

CVE-1999-1511

Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service crash and possibly execute arbitrary commands via 1 a long PASS command in the POP3 service, 2 a long HELO command in the SMTP service, or 3 a long user name in the Control Service...

The Matt Wright Guestbook.pl 2.3.1 - Server-Side Include

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Matt Wright...

Alibaba tst.bat Arbitrary Command Execution

The 'tst.bat' CGI script is installed on this machine. This CGI has a well known security flaw that would allow an attacker to read arbitrary files on the remote system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

CVE-1999-0202

The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands...

CVE-1999-0148

The IRIX environment is affected by CVE-1999-0148 due to the installed /cgi-bin/handler CGI, which has a well-known flaw that allows arbitrary command execution. The vulnerability can execute commands with the privileges of the HTTP daemon (root or nobody). Documents consistently describe it as r...

CVE-1999-0176

CVE-1999-0176 concerns the WebGais CGI, where the CGI script is installed on a web server and may allow a remote attacker to execute arbitrary commands. The core detail across connected documents is that the vulnerability enables code execution with the privileges of the web server process (e.g.,...

CVE-1999-0150

The Perl fingerd program allows arbitrary command execution from remote users...

CVE-1999-0048

Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges...

CVE-1999-0005

Arbitrary command execution via IMAP buffer overflow in authenticate command...

CVE-1999-0252

The CVE-1999-0252 entry concerns a buffer overflow in Listserv that allows arbitrary command execution. Connected sources corroborate: Red Hat and CVE ecosystems reference a buffer overflow in Listserv enabling arbitrary command execution. EUVD-1999-0252 adds a malware note, but no explicit vendo...