Filtered by vendor Suse
Subscribe
Total
1174 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0064 | 1 Suse | 1 Suse Linux | 2024-02-28 | 2.1 LOW | N/A |
The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory. | |||||
CVE-1999-0434 | 5 Caldera, Debian, Netbsd and 2 more | 5 Openlinux, Debian Linux, Netbsd and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | |||||
CVE-2000-0293 | 1 Suse | 1 Suse Linux | 2024-02-28 | 2.1 LOW | N/A |
aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory. | |||||
CVE-1999-0426 | 1 Suse | 1 Suse Linux | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing. | |||||
CVE-1999-1182 | 6 Caldera, Debian, Delix and 3 more | 6 Openlinux Lite, Debian Linux, Dld and 3 more | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. | |||||
CVE-2001-0172 | 2 Hans Reiser, Suse | 2 Reiserfs, Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name. | |||||
CVE-2001-0918 | 1 Suse | 1 Suse Linux | 2024-02-28 | 5.1 MEDIUM | N/A |
Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow remote attackers to execute arbitrary commands by not opening files securely. | |||||
CVE-2001-0641 | 3 Immunix, Redhat, Suse | 3 Immunix, Linux, Suse Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option. | |||||
CVE-2000-1134 | 7 Caldera, Conectiva, Hp and 4 more | 9 Openlinux, Openlinux Edesktop, Openlinux Eserver and 6 more | 2024-02-28 | 7.2 HIGH | N/A |
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. | |||||
CVE-2003-0847 | 1 Suse | 1 Suse Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file. | |||||
CVE-1999-0462 | 1 Suse | 1 Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk. | |||||
CVE-2002-0004 | 8 Caldera, Debian, Freebsd and 5 more | 9 Openlinux Server, Openlinux Workstation, Debian Linux and 6 more | 2024-02-28 | 7.2 HIGH | N/A |
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | |||||
CVE-2004-0866 | 4 Kde, Microsoft, Mozilla and 1 more | 5 Konqueror, Ie, Internet Explorer and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
Internet Explorer 6.0 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. | |||||
CVE-2002-0762 | 1 Suse | 1 Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or assign extra group privileges to some users by changing filesize limits before calling programs that modify the files. | |||||
CVE-1999-0363 | 2 Plp, Suse | 2 Line Printer Control, Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise. | |||||
CVE-2004-0460 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. | |||||
CVE-2003-1538 | 1 Suse | 3 Office Server, Suse Linux, Suse Linux Openexchange Server | 2024-02-28 | 6.4 MEDIUM | N/A |
susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries. | |||||
CVE-2004-0626 | 4 Conectiva, Gentoo, Linux and 1 more | 4 Linux, Linux, Linux Kernel and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type. | |||||
CVE-2000-0231 | 2 Halloween, Suse | 2 Halloween Linux, Suse Linux | 2024-02-28 | 7.2 HIGH | N/A |
Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges. | |||||
CVE-2002-0083 | 9 Conectiva, Engardelinux, Immunix and 6 more | 11 Linux, Secure Linux, Immunix and 8 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. |