Total
214 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0834 | 4 Conectiva, Debian, Htdig and 1 more | 4 Linux, Debian Linux, Htdig and 1 more | 2024-11-20 | 6.4 MEDIUM | N/A |
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file. | |||||
CVE-2001-0763 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2024-11-20 | 7.5 HIGH | N/A |
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function. | |||||
CVE-2001-0641 | 3 Immunix, Redhat, Suse | 3 Immunix, Linux, Suse Linux | 2024-11-20 | 4.6 MEDIUM | N/A |
Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option. | |||||
CVE-2001-0610 | 2 Kde, Suse | 2 Kde, Suse Linux | 2024-11-20 | 4.6 MEDIUM | N/A |
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | |||||
CVE-2001-0525 | 1 Suse | 1 Suse Linux | 2024-11-20 | 7.2 HIGH | N/A |
Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and possibly other operating systems, allows local users to gain privileges via a long first command line argument. | |||||
CVE-2001-0458 | 4 Debian, Mandrakesoft, Ralf S. Engelschall and 1 more | 4 Debian Linux, Mandrake Linux, Eperl and 1 more | 2024-11-20 | 7.5 HIGH | N/A |
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands. | |||||
CVE-2001-0388 | 3 Freebsd, Mandrakesoft, Suse | 3 Freebsd, Mandrake Linux, Suse Linux | 2024-11-20 | 10.0 HIGH | N/A |
time server daemon timed allows remote attackers to cause a denial of service via malformed packets. | |||||
CVE-2001-0193 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2024-11-20 | 7.2 HIGH | N/A |
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. | |||||
CVE-2001-0178 | 4 Caldera, Conectiva, Mandrakesoft and 1 more | 5 Openlinux Edesktop, Linux, Mandrake Linux and 2 more | 2024-11-20 | 2.1 LOW | N/A |
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. | |||||
CVE-2001-0172 | 2 Hans Reiser, Suse | 2 Reiserfs, Suse Linux | 2024-11-20 | 7.2 HIGH | N/A |
Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name. | |||||
CVE-2001-0109 | 1 Suse | 1 Suse Linux | 2024-11-20 | 1.2 LOW | N/A |
rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file. | |||||
CVE-2000-1134 | 7 Caldera, Conectiva, Hp and 4 more | 9 Openlinux, Openlinux Edesktop, Openlinux Eserver and 6 more | 2024-11-20 | 7.2 HIGH | N/A |
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. | |||||
CVE-2000-1107 | 1 Suse | 1 Suse Linux | 2024-11-20 | 5.0 MEDIUM | N/A |
in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash. | |||||
CVE-2000-1095 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2024-11-20 | 7.2 HIGH | N/A |
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters. | |||||
CVE-2000-1044 | 1 Suse | 1 Suse Linux | 2024-11-20 | 10.0 HIGH | N/A |
Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges. | |||||
CVE-2000-1040 | 1 Suse | 1 Suse Linux | 2024-11-20 | 10.0 HIGH | N/A |
Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service. | |||||
CVE-2000-1016 | 1 Suse | 1 Suse Linux | 2024-11-20 | 5.0 MEDIUM | N/A |
The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL. | |||||
CVE-2000-0869 | 2 Apache, Suse | 2 Http Server, Suse Linux | 2024-11-20 | 5.0 MEDIUM | N/A |
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method. | |||||
CVE-2000-0868 | 2 Apache, Suse | 2 Http Server, Suse Linux | 2024-11-20 | 5.0 MEDIUM | N/A |
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/. | |||||
CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2024-11-20 | 10.0 HIGH | N/A |
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. |