Filtered by vendor Trustix
Subscribe
Total
67 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0117 | 4 Immunix, Mandrakesoft, Redhat and 1 more | 5 Immunix, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2024-11-20 | 1.2 LOW | N/A |
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. | |||||
CVE-2000-1009 | 2 Redhat, Trustix | 2 Linux, Secure Linux | 2024-11-20 | 7.2 HIGH | N/A |
dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. | |||||
CVE-2000-0917 | 3 Caldera, Redhat, Trustix | 6 Openlinux, Openlinux Ebuilder, Openlinux Edesktop and 3 more | 2024-11-20 | 10.0 HIGH | N/A |
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands. | |||||
CVE-2000-0867 | 5 Debian, Mandrakesoft, Redhat and 2 more | 5 Debian Linux, Mandrake Linux, Linux and 2 more | 2024-11-20 | 7.2 HIGH | N/A |
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. | |||||
CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2024-11-20 | 10.0 HIGH | N/A |
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | |||||
CVE-2000-0791 | 1 Trustix | 1 Secure Linux | 2024-11-20 | 4.6 MEDIUM | N/A |
Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse. | |||||
CVE-2000-0666 | 5 Conectiva, Debian, Redhat and 2 more | 5 Linux, Debian Linux, Linux and 2 more | 2024-11-20 | 10.0 HIGH | N/A |
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. |