CVE-1999-1053

guestbook.pl cleanses user-inserted SSI commands by removing text between "!--" and "--" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "--".

• https://github.com/siunam321/CVE-1999-1053-PoC

CVE-1999-0678

A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server.

• https://github.com/lto7777777/CVE-1999-0678

CVE-1999-0532

A DNS server allows zone transfers.

• https://github.com/websecnl/Bulk_CVE-1999-0532_Scanner

• https://github.com/Rodney-O-C-Melby/dns-zone-transfer-test

• https://github.com/SleepTheGod/dns-zone-audit

CVE-1999-0524

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

• https://github.com/noraj/ChronoLeak

• https://github.com/threatlabindonesia/CVE-1999-0524-ICMP-Timestamp-and-Address-Mask-Request-Exploit

• https://github.com/b1tsec/CVE-1999-0524

• https://github.com/Ransc0rp1on/ICMP-Timestamp-POC

CVE-1999-0517

An SNMP community name is the default (e.g. public), null, or missing.

• https://github.com/ialejandrozalles/InvestigacionAplicacionCVE-1999-0517

CVE-1999-0016

Land IP denial of service.

• https://github.com/pexmee/CVE-1999-0016-Land-DOS-tool

• https://github.com/Pommaq/CVE-1999-0016-POC

CVE-1999-0001

ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.

• https://github.com/MarcusGutierrez/complex-vulnerabilities