Linux
by Red Hat
CVEs (233)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-1002 | 0.04 | — | 0.09 | Aug 31, 2001 | The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands. | |||
| CVE-2001-0197 | 0.04 | — | 0.13 | Mar 26, 2001 | Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands. | |||
| CVE-2001-0233 | 0.04 | — | 0.15 | Mar 26, 2001 | Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field. | |||
| CVE-2000-0844 | 0.04 | — | 0.15 | Nov 14, 2000 | Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | |||
| CVE-2000-0668 | 0.04 | — | 0.07 | Jul 27, 2000 | pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled. | |||
| CVE-2000-0389 | 0.04 | — | 0.17 | May 16, 2000 | Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges. | |||
| CVE-2000-1221 | 0.04 | — | 0.17 | Jan 8, 2000 | The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended… | |||
| CVE-2000-1220 | 0.04 | — | 0.14 | Jan 8, 2000 | The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file. | |||
| CVE-2000-0017 | 0.04 | — | 0.09 | Dec 21, 1999 | Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter. | |||
| CVE-1999-0710 | 0.04 | — | 0.12 | Jul 25, 1999 | The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. | |||
| CVE-1999-0009 | 0.04 | — | 0.29 | Apr 8, 1998 | Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. | |||
| CVE-1999-0192 | 0.04 | — | 0.10 | Oct 18, 1997 | Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. | |||
| CVE-1999-0042 | 0.04 | — | 0.13 | Apr 7, 1997 | Buffer overflow in University of Washington's implementation of IMAP and POP servers. | |||
| CVE-1999-0041 | 0.04 | — | 0.09 | Feb 13, 1997 | Buffer overflow in NLS (Natural Language Service). | |||
| CVE-2000-0508 | 0.04 | — | 0.09 | Dec 19, 1994 | rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request. | |||
| CVE-2007-3103 | 0.03 | — | 0.01 | Jul 15, 2007 | The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file. | |||
| CVE-2004-1235 | 0.03 | — | 0.03 | Apr 14, 2005 | Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. | |||
| CVE-2005-0750 | 0.03 | — | 0.01 | Mar 27, 2005 | The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. | |||
| CVE-2004-1333 | 0.03 | — | 0.01 | Dec 15, 2004 | Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow. | |||
| CVE-2004-1335 | 0.03 | — | 0.01 | Dec 15, 2004 | Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function. |
- CVE-2001-1002Aug 31, 2001risk 0.04cvss —epss 0.09
The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands.
- CVE-2001-0197Mar 26, 2001risk 0.04cvss —epss 0.13
Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.
- CVE-2001-0233Mar 26, 2001risk 0.04cvss —epss 0.15
Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field.
- CVE-2000-0844Nov 14, 2000risk 0.04cvss —epss 0.15
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
- CVE-2000-0668Jul 27, 2000risk 0.04cvss —epss 0.07
pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.
- CVE-2000-0389May 16, 2000risk 0.04cvss —epss 0.17
Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.
- CVE-2000-1221Jan 8, 2000risk 0.04cvss —epss 0.17
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended…
- CVE-2000-1220Jan 8, 2000risk 0.04cvss —epss 0.14
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
- CVE-2000-0017Dec 21, 1999risk 0.04cvss —epss 0.09
Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.
- CVE-1999-0710Jul 25, 1999risk 0.04cvss —epss 0.12
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
- CVE-1999-0009Apr 8, 1998risk 0.04cvss —epss 0.29
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
- CVE-1999-0192Oct 18, 1997risk 0.04cvss —epss 0.10
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
- CVE-1999-0042Apr 7, 1997risk 0.04cvss —epss 0.13
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
- CVE-1999-0041Feb 13, 1997risk 0.04cvss —epss 0.09
Buffer overflow in NLS (Natural Language Service).
- CVE-2000-0508Dec 19, 1994risk 0.04cvss —epss 0.09
rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
- CVE-2007-3103Jul 15, 2007risk 0.03cvss —epss 0.01
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
- CVE-2004-1235Apr 14, 2005risk 0.03cvss —epss 0.03
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
- CVE-2005-0750Mar 27, 2005risk 0.03cvss —epss 0.01
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
- CVE-2004-1333Dec 15, 2004risk 0.03cvss —epss 0.01
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
- CVE-2004-1335Dec 15, 2004risk 0.03cvss —epss 0.01
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
Page 2 of 12