Linux
by Red Hat
CVEs (233)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-1138 | 0.03 | — | 0.05 | Oct 27, 2003 | The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//). | |||
| CVE-2002-1155 | 0.03 | — | 0.01 | Jun 16, 2003 | Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument. | |||
| CVE-2003-0019 | 0.03 | — | 0.01 | Feb 19, 2003 | uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode. | |||
| CVE-2002-1814 | 0.03 | — | 0.01 | Dec 31, 2002 | Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments. | |||
| CVE-2002-0004 | 0.03 | — | 0.01 | Feb 27, 2002 | Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | |||
| CVE-2002-0002 | 0.03 | — | 0.05 | Jan 31, 2002 | Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code. | |||
| CVE-2001-0787 | 0.03 | — | 0.01 | Oct 18, 2001 | LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges. | |||
| CVE-2001-0736 | 0.03 | — | 0.01 | Oct 18, 2001 | Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. | |||
| CVE-2001-0641 | 0.03 | — | 0.01 | Sep 20, 2001 | Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option. | |||
| CVE-2001-0169 | 0.03 | — | 0.01 | Mar 26, 2001 | When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib. | |||
| CVE-2001-0170 | 0.03 | — | 0.01 | Mar 26, 2001 | glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. | |||
| CVE-2000-1134 | 0.03 | — | 0.01 | Jan 9, 2001 | Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. | |||
| CVE-2000-1125 | 0.03 | — | 0.01 | Jan 9, 2001 | restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. | |||
| CVE-2000-1095 | 0.03 | — | 0.01 | Jan 9, 2001 | modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters. | |||
| CVE-2000-1009 | 0.03 | — | 0.01 | Dec 11, 2000 | dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. | |||
| CVE-2000-0829 | 0.03 | — | 0.01 | Nov 14, 2000 | The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/. | |||
| CVE-2000-0751 | 0.03 | — | 0.04 | Oct 20, 2000 | mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands. | |||
| CVE-2000-0816 | 0.03 | — | 0.01 | Oct 6, 2000 | Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters. | |||
| CVE-2000-0607 | 0.03 | — | 0.01 | Jun 21, 2000 | Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings. | |||
| CVE-2000-0378 | 0.03 | — | 0.01 | May 3, 2000 | The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in. |
- CVE-2003-1138Oct 27, 2003risk 0.03cvss —epss 0.05
The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
- CVE-2002-1155Jun 16, 2003risk 0.03cvss —epss 0.01
Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.
- CVE-2003-0019Feb 19, 2003risk 0.03cvss —epss 0.01
uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.
- CVE-2002-1814Dec 31, 2002risk 0.03cvss —epss 0.01
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
- CVE-2002-0004Feb 27, 2002risk 0.03cvss —epss 0.01
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
- CVE-2002-0002Jan 31, 2002risk 0.03cvss —epss 0.05
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
- CVE-2001-0787Oct 18, 2001risk 0.03cvss —epss 0.01
LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges.
- CVE-2001-0736Oct 18, 2001risk 0.03cvss —epss 0.01
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
- CVE-2001-0641Sep 20, 2001risk 0.03cvss —epss 0.01
Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.
- CVE-2001-0169Mar 26, 2001risk 0.03cvss —epss 0.01
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
- CVE-2001-0170Mar 26, 2001risk 0.03cvss —epss 0.01
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
- CVE-2000-1134Jan 9, 2001risk 0.03cvss —epss 0.01
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
- CVE-2000-1125Jan 9, 2001risk 0.03cvss —epss 0.01
restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
- CVE-2000-1095Jan 9, 2001risk 0.03cvss —epss 0.01
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
- CVE-2000-1009Dec 11, 2000risk 0.03cvss —epss 0.01
dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
- CVE-2000-0829Nov 14, 2000risk 0.03cvss —epss 0.01
The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/.
- CVE-2000-0751Oct 20, 2000risk 0.03cvss —epss 0.04
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
- CVE-2000-0816Oct 6, 2000risk 0.03cvss —epss 0.01
Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters.
- CVE-2000-0607Jun 21, 2000risk 0.03cvss —epss 0.01
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
- CVE-2000-0378May 3, 2000risk 0.03cvss —epss 0.01
The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in.
Page 3 of 12