CVE-1999-0237

Remote execution of arbitrary commands through Guestbook CGI program...

CVE-1999-0262

Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string...

CVE-1999-0149

The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. dot dot attack...

CVE-1999-0066

AnyForm CGI remote execution...

CVE-1999-0045

List of arbitrary files on Web host via nph-test-cgi script...

CVE-1999-0236

ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs...

CVE-1999-0045

CVE-1999-0045 concerns an information-disclosure flaw in the nph-test-cgi script used by some web servers, where an unauthenticated attacker can list directory contents. The Nessus plugin (NCDSA HTTPd nph-test-cgi Arbitrary Directory Listing) explains that the issue arises because the script does...

CVE-1999-0173

CVE-1999-0173 relates to the FormMail CGI program, with multiple sources confirming that it can be used by web servers other than the host where it resides. The connected documentation identifies the affected component as FormMail CGI, but does not provide a detailed root cause or a confirmed fix...

CVE-1999-0264

The CVE-1999-0264 issue concerns the Miva/htmlscript CGI program. A flaw in the htmlscript CGI allows remote read access to arbitrary files via the CGI, effectively exposing files to unauthenticated remote users. The vulnerability is tied to the htmlscript CGI in /cgi-bin (as described by multipl...

CVE-1999-0236

The CVE-1999-0236 entry describes a vulnerability in the ScriptAlias directory handling in NCSA and Apache httpd that allowed attackers to read CGI programs. Affected software is the Apache httpd family utilizing ScriptAlias configuration; the underlying issue is directory handling enabling discl...

CVE-1999-0149

CVE-1999-0149 affects the IRIX “wrap” CGI program. The vulnerability allows remote attackers to perform a directory-listing traversal via a .. (dot dot) attack, exposing arbitrary directories. Multiple sources (Red Hat advisory, CVE records, NVD, Nessus plugin) corroborate that the issue stems fr...

CVE-1999-0237

The CVE-1999-0237 entry concerns the Guestbook CGI program, where the vulnerability enables remote execution of arbitrary commands. Multiple connected sources confirm this is tied to the Guestbook CGI, with OpenVAS noting that the flaw allows commands to be run with the web server’s privileges (t...

CVE-1999-0172

The CVE-1999-0172 entry corresponds to the FormMail CGI (formmail.pl) vulnerability. Public docs describe a well-known security flaw in the FormMail CGI that lets remote attackers execute arbitrary commands on the server with the privileges of the HTTP daemon (often root or nobody). Affected comp...

CVE-1999-0174

The view-source CGI program allows remote attackers to read arbitrary files via a .. dot dot attack...

CVE-1999-0260

The jj CGI program allows command execution via shell metacharacters...

CVE-1999-0148

The IRIX environment is affected by CVE-1999-0148 due to the installed /cgi-bin/handler CGI, which has a well-known flaw that allows arbitrary command execution. The vulnerability can execute commands with the privileges of the HTTP daemon (root or nobody). Documents consistently describe it as r...

CVE-1999-0066

AnyForm CGI remote execution...

CVE-1999-0067

CVE-1999-0067 affects the phf CGI program that is included with NCSA httpd-derived web servers. The vulnerability allows remote command execution by supplying shell metacharacters in input processed by the phf CGI script, due to inadequate input sanitization. The issue can execute commands with t...

CVE-1999-0191

CVE-1999-0191 affects Microsoft IIS via the CGI newdsn.exe script. The vulnerability exists in the /scripts/tools/newdsn.exe CGI, which allows remote attackers to create or overwrite files on the server if NTFS permissions permit, enabling arbitrary file creation and potential DSN overwrites. The...

CVE-1999-0172

FormMail CGI program allows remote execution of commands...