Total
252 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1160 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's credentials after root uses su.
|
|||||
| CVE-2001-0736 | 5 Engardelinux, Immunix, Mandrakesoft and 2 more | 6 Secure Linux, Immunix, Mandrake Linux and 3 more | 2025-04-03 | 2.1 LOW | N/A |
|
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
|
|||||
| CVE-2000-0606 | 3 Debian, Mandrakesoft, Redhat | 3 Debian Linux, Mandrake Linux, Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.
|
|||||
| CVE-2000-0666 | 5 Conectiva, Debian, Redhat and 2 more | 5 Linux, Debian Linux, Linux and 2 more | 2025-04-03 | 10.0 HIGH | N/A |
|
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
|
|||||
| CVE-2003-0552 | 1 Redhat | 1 Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.
|
|||||
| CVE-1999-0894 | 1 Redhat | 1 Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.
|
|||||
| CVE-2003-0019 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.
|
|||||
| CVE-1999-0368 | 7 Caldera, Debian, Proftpd Project and 4 more | 8 Openlinux, Debian Linux, Proftpd and 5 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
|
|||||
| CVE-1999-0405 | 4 Debian, Freebsd, Redhat and 1 more | 4 Debian Linux, Freebsd, Linux and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
|
A buffer overflow in lsof allows local users to obtain root privilege.
|
|||||
| CVE-2000-0392 | 3 Cygnus, Mit, Redhat | 5 Cygnus Network Security, Kerbnet, Kerberos and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.
|
|||||
| CVE-2000-0263 | 1 Redhat | 1 Linux | 2025-04-03 | 2.1 LOW | N/A |
|
The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request.
|
|||||
| CVE-2004-1333 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2025-04-03 | 2.1 LOW | N/A |
|
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
|
|||||
| CVE-2000-0356 | 1 Redhat | 1 Linux | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts.
|
|||||
| CVE-1999-1542 | 1 Redhat | 1 Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.
|
|||||
| CVE-1999-0043 | 6 Bsdi, Caldera, Isc and 3 more | 7 Bsd Os, Openlinux, Inn and 4 more | 2025-04-03 | 10.0 HIGH | 9.8 CRITICAL |
|
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
|
|||||
| CVE-2001-0117 | 4 Immunix, Mandrakesoft, Redhat and 1 more | 5 Immunix, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2025-04-03 | 1.2 LOW | N/A |
|
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
|
|||||
| CVE-2002-0083 | 9 Conectiva, Engardelinux, Immunix and 6 more | 11 Linux, Secure Linux, Immunix and 8 more | 2025-04-03 | 10.0 HIGH | 9.8 CRITICAL |
|
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
|
|||||
| CVE-1999-0297 | 5 Bsdi, Freebsd, Netbsd and 2 more | 5 Bsd Os, Freebsd, Netbsd and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
|
|||||
| CVE-2004-0619 | 1 Redhat | 3 Fedora Core, Kernel, Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.
|
|||||
| CVE-1999-1491 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program.
|
|||||
| CVE-2001-0690 | 4 Conectiva, Debian, Redhat and 1 more | 4 Linux, Debian Linux, Linux and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
|
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
|
|||||
| CVE-1999-0390 | 2 Redhat, Suse | 2 Linux, Suse Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in Dosemu Slang library in Linux.
|
|||||
| CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
|
|||||
| CVE-2000-0314 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
|
|||||
| CVE-2004-0905 | 5 Conectiva, Mozilla, Netscape and 2 more | 10 Linux, Firefox, Mozilla and 7 more | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
|
|||||
| CVE-2003-0135 | 1 Redhat | 1 Linux | 2025-04-03 | 7.5 HIGH | N/A |
|
vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended.
|
|||||
| CVE-1999-1329 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.
|
|||||
| CVE-2001-0872 | 3 Openbsd, Redhat, Suse | 3 Openssh, Linux, Suse Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
|
|||||
| CVE-2000-0286 | 1 Redhat | 1 Linux | 2025-04-03 | 2.1 LOW | N/A |
|
X fontserver xfs allows local users to cause a denial of service via malformed input to the server.
|
|||||
| CVE-1999-1186 | 3 Redhat, Rxvt, Slackware | 3 Linux, Rxvt, Slackware Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter.
|
|||||
| CVE-2003-0248 | 1 Redhat | 1 Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.
|
|||||
| CVE-1999-1299 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.
|
|||||
| CVE-1999-0192 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
|
|||||
| CVE-2000-1189 | 1 Redhat | 1 Linux | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges.
|
|||||
| CVE-1999-0009 | 11 Bsdi, Caldera, Data General and 8 more | 13 Bsd Os, Openlinux, Dg Ux and 10 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
|
|||||
| CVE-2001-1383 | 1 Redhat | 1 Linux | 2025-04-03 | 6.2 MEDIUM | N/A |
|
initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files.
|
|||||
| CVE-1999-1348 | 1 Redhat | 1 Linux | 2025-04-03 | 2.1 LOW | N/A |
|
Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service.
|
|||||
| CVE-2004-0902 | 4 Conectiva, Mozilla, Redhat and 1 more | 9 Linux, Mozilla, Thunderbird and 6 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.
|
|||||
| CVE-2003-0550 | 1 Redhat | 1 Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.
|
|||||
| CVE-1999-1332 | 1 Redhat | 1 Linux | 2025-04-03 | 2.1 LOW | N/A |
|
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.
|
|||||