High
CVE-1999-0373
Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root.
Tag: Buffer Overflow
All CVEs associated with "Buffer Overflow". Page 159/160 • 19109 CVEs.
Subscribe CVEs: RSS for “Buffer Overflow” · RSS (High+Critical only)
About “Buffer Overflow”
A curated feed of “Buffer Overflow”-related CVEs appears below. We currently track 19109 CVEs for this tag (all time). In the last 365 days, 2728 were published. Average CVSS is 7.9 (all time; 8.0 over 365d), and 78% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-121 - Stack-based Buffer Overflow, CWE-122 - Heap-based Buffer Overflow.
In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
1999-02-01
1999-01-28
High
CVE-1999-0952
Buffer overflow in Solaris lpstat via class argument allows local users to gain root access.
1999-01-27
High
CVE-1999-0349
A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands.
1999-01-25
High
CVE-1999-1458
Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument.
1999-01-24
Medium
CVE-1999-1544
Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command.
1999-01-21
High
CVE-1999-0121
Buffer overflow in dtaction command gives root access.
1999-01-14
Critical
CVE-1999-1376
Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands.
1999-01-10
Medium
CVE-1999-0392
Buffer overflow in Thomas Boutell's cgic library version up to 1.05.
1999-01-04
High
CVE-1999-0390
Buffer overflow in Dosemu Slang library in Linux.
1999-01-03
High
CVE-1999-0389
Buffer overflow in the bootp server in the Debian Linux netstd package.
High
CVE-1999-0914
Buffer overflow in the FTP client in the Debian GNU/Linux netstd package.
1999-01-01
Medium
CVE-1999-0231
Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access.
Critical
CVE-1999-0255
Buffer overflow in ircd allows arbitrary command execution.
High
CVE-1999-0276
mSQL v2.0.1 and below allows remote execution through a buffer overflow.
1998-12-26
High
CVE-1999-0968
Buffer overflow in BNC IRC proxy allows remote attackers to gain privileges.
1998-12-12
High
CVE-1999-0139
Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access.
1998-12-04
Critical
CVE-1999-0798
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
High
CVE-1999-1147
Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows remote attackers to execute arbitrary commands via a long string to the Agent port (1827), which is handled by smaxagent.exe.
1998-12-01
High
CVE-1999-0321
Buffer overflow in Solaris kcms_configure command allows local users to gain root access.
High
CVE-1999-0332
Buffer overflow in NetMeeting allows denial of service and remote command execution.
Critical
CVE-1999-0385
The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.
1998-11-18
High
CVE-1999-1107
Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.
1998-11-05
High
CVE-1999-1321
Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handl…
1998-10-12
Critical
CVE-1999-0002
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.
1998-10-08
High
CVE-1999-1381
Buffer overflow in dbadmin CGI program 1.0.1 on Linux allows remote attackers to execute arbitrary commands.
1998-10-06
High
CVE-1999-1185
Buffer overflow in SCO mscreen allows local users to gain root privileges via a long terminal entry (TERM) in the .mscreenrc file.
1998-09-09
High
CVE-1999-0056
Buffer overflow in Sun's ping program can give root access to local users.
1998-09-05
Medium
CVE-1999-1048
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \…
1998-09-01
High
CVE-1999-1292
Buffer overflow in web administration feature of Kolban Webcam32 4.8.3 and earlier allows remote attackers to execute arbitrary commands via a long URL.
1998-08-31
High
CVE-1999-0065
Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands.
1998-08-27
High
CVE-1999-1041
Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 allows a local user to gain root access via (1) a long TERM environmental variable and (2) a long entry in the .mscreenrc file.
1998-08-01
High
CVE-1999-0339
Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.
1998-07-25
Medium
CVE-1999-1070
Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.
1998-07-20
Critical
CVE-1999-0005
Arbitrary command execution via IMAP buffer overflow in authenticate command.
1998-07-16
Medium
CVE-1999-1149
Buffer overflow in CSM Proxy 4.1 allows remote attackers to cause a denial of service (crash) via a long string to the FTP port.
1998-07-14
Critical
CVE-1999-0006
Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.
1998-07-10
High
CVE-1999-1435
Buffer overflow in libsocks5 library of Socks 5 (socks5) 1.0r5 allows local users to gain privileges via long environmental variables.
1998-07-09
High
CVE-1999-0102
Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line.
1998-07-06
High
CVE-1999-1574
Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings."
1998-07-01
Medium
CVE-1999-0494
Denial of service in WinGate proxy through a buffer overflow in POP3.
1998-06-08
Critical
CVE-1999-0008
Buffer overflow in NIS+, in Sun's rpc.nisd program.
1998-05-21
Medium
CVE-1999-0303
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.
1998-05-16
High
CVE-1999-1096
Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable.
1998-05-14
High
CVE-1999-0055
Buffer overflows in Sun libnsl allow root access.
1998-05-03
High
CVE-1999-0126
SGI IRIX buffer overflow in xterm and Xaw allows root access.
1998-05-01
High
CVE-1999-0108
The printers program in IRIX has a buffer overflow that gives root access to local users.
1998-04-29
High
CVE-1999-0069
Solaris ufsrestore buffer overflow.
High
CVE-1999-1106
Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument.
1998-04-14
Medium
CVE-1999-1113
Buffer overflow in Eudora Internet Mail Server (EIMS) 2.01 and earlier on MacOS systems allows remote attackers to cause a denial of service via a long USER command to port 106.
1998-04-08
Critical
CVE-1999-0009
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
Medium
CVE-1999-1015
Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command.
High
CVE-1999-1114
Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges.
High
CVE-1999-1502
Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console…
1998-04-07
High
CVE-1999-1505
Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet.
1998-04-01
Critical
CVE-1999-0003
Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).
Critical
CVE-1999-0098
Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities.
1998-03-01
High
CVE-1999-0330
Linux bdash game has a buffer overflow that allows local users to gain root access.
High
CVE-1999-1272
Buffer overflows in CDROM Confidence Test program (cdrom) allow local users to gain root privileges.
1998-02-18
High
CVE-1999-1207
Buffer overflow in web-admin tool in NetXRay 2.6 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request.
1998-02-01
High
CVE-1999-0256
Buffer overflow in War FTP allows remote execution of commands.
1998-01-25
Medium
CVE-1999-0125
Buffer overflow in SGI IRIX mailx program.
1998-01-10
High
CVE-1999-1176
Buffer overflow in cidentd ident daemon allows local users to gain root privileges via a long line in the .authlie script.
1998-01-01
High
CVE-1999-0284
Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.
High
CVE-1999-0331
Buffer overflow in Internet Explorer 4.0(1).
High
CVE-1999-0341
Buffer overflow in the Linux mail program "deliver" allows local users to gain root access.
1997-12-30
Medium
CVE-1999-0107
Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters.
1997-12-16
Medium
CVE-1999-0004
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
1997-12-15
Medium
CVE-1999-0230
Buffer overflow in Cisco 7xx routers through the telnet service.
1997-12-14
High
CVE-1999-1140
Buffer overflow in CrackLib 2.5 may allow local users to gain root privileges via a long GECOS field.
1997-12-05
Critical
CVE-1999-0018
Buffer overflow in statd allows root privileges.
1997-12-01
High
CVE-1999-0244
Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root.
High
CVE-1999-0340
Buffer overflow in Linux Slackware crond program allows local users to gain root access.
1997-11-05
High
CVE-1999-0021
Arbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program.
1997-11-04
High
CVE-1999-0306
buffer overflow in HP xlock program.
1997-11-01
Critical
CVE-1999-0967
Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.
1997-10-28
High
CVE-1999-0089
Buffer overflow in AIX libDtSvc library can allow local users to gain root access.
High
CVE-1999-0091
Buffer overflow in AIX writesrv command allows local users to obtain root access.
1997-10-24
Medium
CVE-1999-1131
Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or organization.
Medium
CVE-1999-1261
Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command.
1997-10-22
High
CVE-1999-0072
Buffer overflow in AIX xdat gives root access to local users.
1997-10-18
Critical
CVE-1999-0192
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
1997-10-01
High
CVE-1999-0090
Buffer overflow in AIX rcp command allows local users to obtain root access.
1997-09-30
Critical
CVE-1999-0182
Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password.
1997-09-23
High
CVE-1999-0267
Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution.
1997-09-01
High
CVE-1999-0071
Apache httpd cookie buffer overflow for versions 1.1.1 and earlier.
1997-08-01
High
CVE-1999-0301
Buffer overflow in SunOS/Solaris ps command.
1997-07-30
High
CVE-1999-1419
Buffer overflow in nss_nisplus.so.1 library in NIS+ in Solaris 2.3 and 2.4 allows local users to gain root privileges.
1997-07-22
High
CVE-1999-0971
Buffer overflow in Exim allows local users to gain root privileges via a long :include: option in a .forward file.
1997-07-21
High
CVE-1999-0122
Buffer overflow in AIX lchangelv gives root access.
High
CVE-1999-0247
Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands.
High
CVE-1999-1208
Buffer overflow in ping in AIX 4.2 and earlier allows local users to gain root privileges via a long command line argument.
1997-07-17
High
CVE-1999-1182
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.…
1997-07-16
High
CVE-1999-0025
root privileges via buffer overflow in df command on SGI IRIX systems.
Medium
CVE-1999-0026
root privileges via buffer overflow in pset command on SGI IRIX systems.
High
CVE-1999-0027
root privileges via buffer overflow in eject command on SGI IRIX systems.
High
CVE-1999-0028
root privileges via buffer overflow in login/scheme command on SGI IRIX systems.
High
CVE-1999-0029
root privileges via buffer overflow in ordist command on SGI IRIX systems.
High
CVE-1999-0030
root privileges via buffer overflow in xlock command on SGI IRIX systems.
1997-07-01
Medium
CVE-1999-0076
Buffer overflow in wu-ftp from PASV command causes a core dump.
High
CVE-1999-0219
Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command.
1997-06-24
High
CVE-1999-1192
Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
1997-06-19
Medium
CVE-1999-1483
Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
1997-06-12
High
CVE-1999-0033
Command execution in Sun systems via buffer overflow in the at program.
1997-06-01
Critical
CVE-1999-0799
Buffer overflow in bootpd 2.4.3 and earlier via a long boot file location.
1997-05-29
High
CVE-1999-0034
Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.
1997-05-26
High
CVE-1999-0064
Buffer overflow in AIX lquerylv program gives root access to local users.
1997-05-19
High
CVE-1999-1191
Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
1997-05-14
High
CVE-1999-0962
Buffer overflow in HPUX passwd command allows local users to gain root privileges via a command line option.
1997-05-13
High
CVE-1999-1158
Buffer overflow in (1) pluggable authentication module (PAM) on Solaris 2.5.1 and 2.5 and (2) unix_scheme in Solaris 2.4 and 2.3 allows local users to gain root privileges via programs that use these…
Medium
CVE-1999-1184
Buffer overflow in Elm 2.4 and earlier allows local users to gain privileges via a long TERM environmental variable.
1997-05-01
High
CVE-1999-0040
Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges.
High
CVE-1999-0112
Buffer overflow in AIX dtterm program for the CDE.
1997-04-29
High
CVE-1999-1296
Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to gain root privileges via a long line in a kerberos configuration file, which can be specified via th…
1997-04-26
High
CVE-1999-0038
Buffer overflow in xlock program allows local users to execute commands as root.
1997-04-17
High
CVE-1999-0058
Buffer overflow in PHP cgi program, php.cgi allows shell access.
1997-04-07
Critical
CVE-1999-0042
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
1997-04-01
High
CVE-1999-0315
Buffer overflow in Solaris fdformat command gives root access to local users.
1997-03-05
Critical
CVE-1999-0299
Buffer overflow in FreeBSD lpd through long DNS hostnames.
1997-03-04
High
CVE-1999-1489
Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument.
1997-03-01
High
CVE-1999-0318
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.