Total
1207 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-1999-0769 | 4 Caldera, Debian, Paul Vixie and 1 more | 4 Openlinux, Debian Linux, Vixie Cron and 1 more | 2023-12-10 | 7.2 HIGH | N/A |
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. | |||||
CVE-2003-0367 | 2 Debian, Gnu | 2 Debian Linux, Gzip | 2023-12-10 | 2.1 LOW | N/A |
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2004-0837 | 3 Debian, Mysql, Oracle | 3 Debian Linux, Mysql, Mysql | 2023-12-10 | 2.6 LOW | N/A |
MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs. | |||||
CVE-2003-0648 | 2 Debian, Fte | 2 Debian Linux, Fte Text Editor | 2023-12-10 | 10.0 HIGH | N/A |
Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code. | |||||
CVE-2001-0977 | 4 Debian, Mandrakesoft, Openldap and 1 more | 6 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2023-12-10 | 5.0 MEDIUM | N/A |
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. | |||||
CVE-2000-0314 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||||
CVE-2003-0361 | 1 Debian | 1 Debian Linux | 2023-12-10 | 7.5 HIGH | N/A |
gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp. | |||||
CVE-2002-0839 | 2 Apache, Debian | 2 Http Server, Debian Linux | 2023-12-10 | 7.2 HIGH | N/A |
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard. | |||||
CVE-2004-0583 | 3 Debian, Usermin, Webmin | 3 Debian Linux, Usermin, Webmin | 2023-12-10 | 5.0 MEDIUM | N/A |
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords. | |||||
CVE-1999-1496 | 3 Debian, Redhat, Todd Miller | 3 Debian Linux, Linux, Sudo | 2023-12-10 | 2.1 LOW | N/A |
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist. | |||||
CVE-1999-0381 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2023-12-10 | 7.2 HIGH | N/A |
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access. | |||||
CVE-2001-0235 | 1 Debian | 1 Debian Linux | 2023-12-10 | 2.1 LOW | N/A |
Vulnerability in crontab allows local users to read crontab files of other users by replacing the temporary file that is being edited while crontab is running. | |||||
CVE-2001-0111 | 2 Debian, Sam Lantinga | 2 Debian Linux, Splitvt | 2023-12-10 | 7.2 HIGH | N/A |
Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument. | |||||
CVE-2004-0564 | 2 Debian, Roaring Penguin | 2 Debian Linux, Pppoe | 2023-12-10 | 2.1 LOW | N/A |
Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings. | |||||
CVE-2001-0886 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. | |||||
CVE-2003-0440 | 2 Debian, Semi | 2 Debian Linux, Semi | 2023-12-10 | 4.6 MEDIUM | N/A |
The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2003-0308 | 2 Debian, Sendmail | 2 Debian Linux, Sendmail | 2023-12-10 | 7.2 HIGH | N/A |
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. | |||||
CVE-2003-0098 | 2 Apcupsd, Debian | 2 Apcupsd, Debian Linux | 2023-12-10 | 10.0 HIGH | N/A |
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. | |||||
CVE-2004-0488 | 3 Apache, Debian, Redhat | 4 Http Server, Debian Linux, Enterprise Linux Server and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. | |||||
CVE-2001-0138 | 4 Debian, Immunix, Mandrakesoft and 1 more | 5 Debian Linux, Immunix, Mandrake Linux and 2 more | 2023-12-10 | 1.2 LOW | N/A |
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. |