Total
252 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0142 | 5 Immunix, Mandrakesoft, National Science Foundation and 2 more | 5 Immunix, Mandrake Linux, Squid Web Proxy and 2 more | 2025-04-03 | 1.2 LOW | N/A |
|
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
|
|||||
| CVE-2001-0869 | 3 Caldera, Redhat, Suse | 5 Openlinux Eserver, Openlinux Workstation, Linux and 2 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.
|
|||||
| CVE-2001-0977 | 4 Debian, Mandrakesoft, Openldap and 1 more | 6 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
|
|||||
| CVE-1999-1182 | 6 Caldera, Debian, Delix and 3 more | 6 Openlinux Lite, Debian Linux, Dld and 3 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
|
|||||
| CVE-2003-0370 | 4 Apple, Kde, Redhat and 1 more | 6 Safari, Kde, Konqueror Embedded and 3 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.
|
|||||
| CVE-2002-0638 | 3 Hp, Mandrakesoft, Redhat | 5 Secure Os, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2025-04-03 | 6.2 MEDIUM | N/A |
|
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
|
|||||
| CVE-2001-0139 | 5 Caldera, Debian, Immunix and 2 more | 7 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver and 4 more | 2025-04-03 | 1.2 LOW | N/A |
|
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
|
|||||
| CVE-1999-0234 | 5 Caldera, Redhat, Sgi and 2 more | 5 Openlinux, Linux, Irix and 2 more | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Bash treats any character with a value of 255 as a command separator.
|
|||||
| CVE-2000-0315 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
|
|||||
| CVE-2002-0069 | 2 Redhat, Squid | 2 Linux, Squid | 2025-04-03 | 2.6 LOW | N/A |
|
Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service.
|
|||||
| CVE-2003-1437 | 6 Bea, Hp, Ibm and 3 more | 8 Weblogic Server, Hp-ux, Aix and 5 more | 2025-04-03 | 2.1 LOW | N/A |
|
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.
|
|||||
| CVE-2000-1214 | 3 Immunix, Iputils, Redhat | 3 Immunix, Iputils, Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.
|
|||||
| CVE-2001-0169 | 4 Mandrakesoft, Redhat, Trustix and 1 more | 5 Mandrake Linux, Mandrake Linux Corporate Server, Linux and 2 more | 2025-04-03 | 2.1 LOW | N/A |
|
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
|
|||||
| CVE-2003-0247 | 1 Redhat | 1 Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops").
|
|||||
| CVE-2001-1013 | 1 Redhat | 1 Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
|
|||||
| CVE-2001-0233 | 3 Debian, Matthew Smith, Redhat | 3 Debian Linux, Micq, Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field.
|
|||||
| CVE-1999-1327 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable.
|
|||||
| CVE-1999-0798 | 5 Bsdi, Freebsd, Openbsd and 2 more | 7 Bsd Os, Freebsd, Openbsd and 4 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
|
|||||
| CVE-1999-1335 | 1 Redhat | 1 Linux | 2025-04-03 | 6.4 MEDIUM | N/A |
|
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.
|
|||||
| CVE-2001-0496 | 2 Mandrakesoft, Redhat | 2 Mandrake Linux, Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.
|
|||||
| CVE-1999-0710 | 1 Redhat | 1 Linux | 2025-04-03 | 7.5 HIGH | N/A |
|
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
|
|||||
| CVE-2000-1220 | 2 Redhat, Sgi | 2 Linux, Irix | 2025-04-03 | 10.0 HIGH | N/A |
|
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
|
|||||
| CVE-2000-0358 | 1 Redhat | 1 Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program.
|
|||||
| CVE-1999-1490 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable.
|
|||||
| CVE-2000-0017 | 1 Redhat | 1 Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.
|
|||||
| CVE-2003-0442 | 2 Php, Redhat | 2 Php, Linux | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.
|
|||||
| CVE-2004-0112 | 24 4d, Apple, Avaya and 21 more | 65 Webstar, Mac Os X, Mac Os X Server and 62 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
|
|||||
| CVE-2003-0434 | 4 Adobe, Mandrakesoft, Redhat and 1 more | 7 Acrobat, Mandrake Linux, Mandrake Linux Corporate Server and 4 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
|
|||||
| CVE-1999-0002 | 3 Bsdi, Caldera, Redhat | 3 Bsd Os, Openlinux, Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.
|
|||||
| CVE-2000-0604 | 1 Redhat | 1 Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp.
|
|||||
| CVE-2000-1010 | 2 Openbsd, Redhat | 2 Openbsd, Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.
|
|||||
| CVE-2004-0217 | 2 Redhat, Symantec | 2 Linux, Antivirus Scan Engine | 2025-04-03 | 3.7 LOW | 7.0 HIGH |
|
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.
|
|||||
| CVE-2000-1095 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
|
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
|
|||||
| CVE-2000-0248 | 1 Redhat | 1 Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.
|
|||||
| CVE-2003-0194 | 1 Redhat | 2 Linux, Tcpdump | 2025-04-03 | 4.6 MEDIUM | N/A |
|
tcpdump does not properly drop privileges to the pcap user when starting up.
|
|||||
| CVE-2000-1221 | 3 Debian, Redhat, Sgi | 3 Debian Linux, Linux, Irix | 2025-04-03 | 10.0 HIGH | N/A |
|
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
|
|||||
| CVE-2000-0508 | 3 Debian, Mandrakesoft, Redhat | 3 Debian Linux, Mandrake Linux, Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
|
|||||
| CVE-1999-1333 | 1 Redhat | 1 Linux | 2025-04-03 | 7.5 HIGH | N/A |
|
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.
|
|||||
| CVE-2004-1335 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2025-04-03 | 2.1 LOW | N/A |
|
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
|
|||||
| CVE-2002-1509 | 1 Redhat | 1 Linux | 2025-04-03 | 3.6 LOW | N/A |
|
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.
|
|||||