Total
250 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1030 | 6 Caldera, Immunix, Mandrakesoft and 3 more | 8 Openlinux Server, Immunix, Mandrake Linux and 5 more | 2023-12-10 | 7.5 HIGH | N/A |
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. | |||||
CVE-2001-0977 | 4 Debian, Mandrakesoft, Openldap and 1 more | 6 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2023-12-10 | 5.0 MEDIUM | N/A |
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. | |||||
CVE-2001-1013 | 1 Redhat | 1 Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server. | |||||
CVE-2000-1207 | 1 Redhat | 1 Linux | 2023-12-10 | 7.2 HIGH | N/A |
userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844). | |||||
CVE-2002-0080 | 2 Redhat, Samba | 2 Linux, Rsync | 2023-12-10 | 2.1 LOW | N/A |
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. | |||||
CVE-2000-1134 | 7 Caldera, Conectiva, Hp and 4 more | 9 Openlinux, Openlinux Edesktop, Openlinux Eserver and 6 more | 2023-12-10 | 7.2 HIGH | N/A |
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. | |||||
CVE-1999-1299 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2023-12-10 | 10.0 HIGH | N/A |
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file. | |||||
CVE-2000-0314 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||||
CVE-1999-1335 | 1 Redhat | 1 Linux | 2023-12-10 | 6.4 MEDIUM | N/A |
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information. | |||||
CVE-1999-1329 | 1 Redhat | 1 Linux | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges. | |||||
CVE-2000-0184 | 2 Mandrakesoft, Redhat | 2 Mandrake Linux, Linux | 2023-12-10 | 2.1 LOW | N/A |
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords. | |||||
CVE-2002-1814 | 4 Gnome, Mandrakesoft, Redhat and 1 more | 4 Bonobo, Mandrake Linux, Linux and 1 more | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments. | |||||
CVE-2000-0750 | 3 Netbsd, Openbsd, Redhat | 3 Netbsd, Openbsd, Linux | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name. | |||||
CVE-2003-0551 | 1 Redhat | 1 Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service. | |||||
CVE-1999-1496 | 3 Debian, Redhat, Todd Miller | 3 Debian Linux, Linux, Sudo | 2023-12-10 | 2.1 LOW | N/A |
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist. | |||||
CVE-2000-0031 | 1 Redhat | 1 Linux | 2023-12-10 | 6.2 MEDIUM | N/A |
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack. | |||||
CVE-1999-1186 | 3 Redhat, Rxvt, Slackware | 3 Linux, Rxvt, Slackware Linux | 2023-12-10 | 7.2 HIGH | N/A |
rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter. | |||||
CVE-2000-0355 | 3 Bent Bagger, Redhat, Suse | 3 Pbpg, Linux, Suse Linux | 2023-12-10 | 7.5 HIGH | N/A |
pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files. | |||||
CVE-2003-0370 | 4 Apple, Kde, Redhat and 1 more | 6 Safari, Kde, Konqueror Embedded and 3 more | 2023-12-10 | 7.5 HIGH | N/A |
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. | |||||
CVE-2000-1213 | 3 Immunix, Iputils, Redhat | 3 Immunix, Iputils, Linux | 2023-12-10 | 7.5 HIGH | N/A |
ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges. |