Red Hat Linux
by Red Hat
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2000-0508 | 0.04 | — | 0.07 | Dec 19, 1994 | rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request. | |||
| CVE-2001-1002 | 0.03 | — | 0.05 | Aug 31, 2001 | The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands. | |||
| CVE-1999-1491 | 0.03 | — | 0.01 | Feb 2, 1996 | abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program. | |||
| CVE-2002-0378 | 0.00 | — | 0.01 | Jul 3, 2002 | The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts. | |||
| CVE-2001-0859 | 0.00 | — | 0.00 | Dec 6, 2001 | 2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions. | |||
| CVE-2001-0309 | 0.00 | — | 0.01 | Jun 2, 2001 | inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services. | |||
| CVE-2000-0715 | 0.00 | — | 0.00 | Oct 20, 2000 | DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file. | |||
| CVE-2000-0357 | 0.00 | — | 0.00 | Dec 3, 1999 | ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys. | |||
| CVE-1999-1346 | 0.00 | — | 0.00 | Oct 7, 1999 | PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file. | |||
| CVE-1999-1406 | 0.00 | — | 0.00 | Jul 29, 1998 | dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel. | |||
| CVE-1999-1407 | 0.00 | — | 0.00 | Mar 9, 1998 | ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file. |
- CVE-2000-0508Dec 19, 1994risk 0.04cvss —epss 0.07
rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
- CVE-2001-1002Aug 31, 2001risk 0.03cvss —epss 0.05
The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands.
- CVE-1999-1491Feb 2, 1996risk 0.03cvss —epss 0.01
abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program.
- CVE-2002-0378Jul 3, 2002risk 0.00cvss —epss 0.01
The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts.
- CVE-2001-0859Dec 6, 2001risk 0.00cvss —epss 0.00
2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions.
- CVE-2001-0309Jun 2, 2001risk 0.00cvss —epss 0.01
inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services.
- CVE-2000-0715Oct 20, 2000risk 0.00cvss —epss 0.00
DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file.
- CVE-2000-0357Dec 3, 1999risk 0.00cvss —epss 0.00
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.
- CVE-1999-1346Oct 7, 1999risk 0.00cvss —epss 0.00
PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file.
- CVE-1999-1406Jul 29, 1998risk 0.00cvss —epss 0.00
dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel.
- CVE-1999-1407Mar 9, 1998risk 0.00cvss —epss 0.00
ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file.