Total
57 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0004 | 8 Caldera, Debian, Freebsd and 5 more | 9 Openlinux Server, Openlinux Workstation, Debian Linux and 6 more | 2023-12-10 | 7.2 HIGH | N/A |
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | |||||
CVE-2004-0233 | 3 Sgi, Slackware, Utempter | 3 Propack, Slackware Linux, Utempter | 2023-12-10 | 2.1 LOW | N/A |
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files. | |||||
CVE-1999-0298 | 2 Slackware, Sun | 2 Slackware Linux, Sunos | 2023-12-10 | 7.5 HIGH | N/A |
ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack. | |||||
CVE-1999-0192 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. | |||||
CVE-1999-0746 | 2 Slackware, Suse | 2 Slackware Linux, Suse Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service. | |||||
CVE-2003-0195 | 1 Slackware | 1 Slackware Linux | 2023-12-10 | 5.0 MEDIUM | N/A |
CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out. | |||||
CVE-1999-0041 | 5 Cray, Gnu, Ibm and 2 more | 6 Unicos, Unicos Max, Libc and 3 more | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in NLS (Natural Language Service). | |||||
CVE-1999-0421 | 1 Slackware | 1 Slackware Linux | 2023-12-10 | 7.2 HIGH | N/A |
During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password. | |||||
CVE-2001-1036 | 2 Gnu, Slackware | 2 Findutils, Slackware Linux | 2023-12-10 | 7.2 HIGH | N/A |
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory. | |||||
CVE-1999-0242 | 1 Slackware | 1 Slackware Linux | 2023-12-10 | 7.5 HIGH | N/A |
Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords. | |||||
CVE-2004-0231 | 4 Gentoo, Midnight Commander, Sgi and 1 more | 4 Linux, Midnight Commander, Propack and 1 more | 2023-12-10 | 2.1 LOW | N/A |
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations." | |||||
CVE-2003-0335 | 1 Slackware | 1 Slackware Linux | 2023-12-10 | 7.5 HIGH | N/A |
rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec. | |||||
CVE-2003-0977 | 2 Cvs, Slackware | 2 Cvs, Slackware Linux | 2023-12-10 | 7.5 HIGH | N/A |
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests. | |||||
CVE-2004-0424 | 3 Linux, Sgi, Slackware | 3 Linux Kernel, Propack, Slackware Linux | 2023-12-10 | 7.2 HIGH | N/A |
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | |||||
CVE-1999-1299 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2023-12-10 | 10.0 HIGH | N/A |
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file. | |||||
CVE-2000-0314 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||||
CVE-2002-1814 | 4 Gnome, Mandrakesoft, Redhat and 1 more | 4 Bonobo, Mandrake Linux, Linux and 1 more | 2023-12-10 | 4.6 MEDIUM | N/A |
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments. | |||||
CVE-2004-0530 | 1 Slackware | 1 Slackware Linux | 2023-12-10 | 7.2 HIGH | N/A |
The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path. | |||||
CVE-1999-1186 | 3 Redhat, Rxvt, Slackware | 3 Linux, Rxvt, Slackware Linux | 2023-12-10 | 7.2 HIGH | N/A |
rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter. | |||||
CVE-1999-0433 | 5 Netbsd, Redhat, Slackware and 2 more | 5 Netbsd, Linux, Slackware Linux and 2 more | 2023-12-10 | 4.6 MEDIUM | N/A |
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. |