Linux
by Red Hat
CVEs (233)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-1375 | 0.00 | — | 0.00 | Jul 19, 2001 | tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory. | |||
| CVE-2001-1374 | 0.00 | — | 0.00 | Jul 19, 2001 | expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd. | |||
| CVE-2001-1030 | 0.00 | — | 0.02 | Jul 18, 2001 | Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. | |||
| CVE-2001-0977 | 0.00 | — | 0.04 | Jul 16, 2001 | slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field. | |||
| CVE-2001-0439 | 0.00 | — | 0.02 | Jul 2, 2001 | licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | |||
| CVE-2001-0473 | 0.00 | — | 0.02 | Jun 27, 2001 | Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. | |||
| CVE-2001-0496 | 0.00 | — | 0.00 | Jun 27, 2001 | kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges. | |||
| CVE-2001-0441 | 0.00 | — | 0.03 | Jun 27, 2001 | Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header. | |||
| CVE-2001-0309 | 0.00 | — | 0.01 | Jun 2, 2001 | inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services. | |||
| CVE-2001-1028 | 0.00 | — | 0.00 | May 28, 2001 | Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges. | |||
| CVE-2001-1467 | 0.00 | — | 0.03 | Apr 11, 2001 | mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks. | |||
| CVE-2001-0117 | 0.00 | — | 0.00 | Mar 12, 2001 | sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. | |||
| CVE-2001-0143 | 0.00 | — | 0.00 | Mar 12, 2001 | vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack. | |||
| CVE-2001-0139 | 0.00 | — | 0.00 | Mar 12, 2001 | inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||
| CVE-2001-0118 | 0.00 | — | 0.00 | Mar 12, 2001 | rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack. | |||
| CVE-2000-0314 | 0.00 | — | 0.02 | Mar 12, 2001 | traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||
| CVE-2001-0142 | 0.00 | — | 0.00 | Mar 12, 2001 | squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||
| CVE-2001-0119 | 0.00 | — | 0.00 | Mar 12, 2001 | getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack. | |||
| CVE-2001-0128 | 0.00 | — | 0.00 | Mar 12, 2001 | Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. | |||
| CVE-2000-0315 | 0.00 | — | 0.02 | Mar 12, 2001 | traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks. |
- CVE-2001-1375Jul 19, 2001risk 0.00cvss —epss 0.00
tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory.
- CVE-2001-1374Jul 19, 2001risk 0.00cvss —epss 0.00
expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.
- CVE-2001-1030Jul 18, 2001risk 0.00cvss —epss 0.02
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
- CVE-2001-0977Jul 16, 2001risk 0.00cvss —epss 0.04
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
- CVE-2001-0439Jul 2, 2001risk 0.00cvss —epss 0.02
licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
- CVE-2001-0473Jun 27, 2001risk 0.00cvss —epss 0.02
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
- CVE-2001-0496Jun 27, 2001risk 0.00cvss —epss 0.00
kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.
- CVE-2001-0441Jun 27, 2001risk 0.00cvss —epss 0.03
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.
- CVE-2001-0309Jun 2, 2001risk 0.00cvss —epss 0.01
inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services.
- CVE-2001-1028May 28, 2001risk 0.00cvss —epss 0.00
Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.
- CVE-2001-1467Apr 11, 2001risk 0.00cvss —epss 0.03
mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks.
- CVE-2001-0117Mar 12, 2001risk 0.00cvss —epss 0.00
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
- CVE-2001-0143Mar 12, 2001risk 0.00cvss —epss 0.00
vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
- CVE-2001-0139Mar 12, 2001risk 0.00cvss —epss 0.00
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
- CVE-2001-0118Mar 12, 2001risk 0.00cvss —epss 0.00
rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.
- CVE-2000-0314Mar 12, 2001risk 0.00cvss —epss 0.02
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
- CVE-2001-0142Mar 12, 2001risk 0.00cvss —epss 0.00
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
- CVE-2001-0119Mar 12, 2001risk 0.00cvss —epss 0.00
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.
- CVE-2001-0128Mar 12, 2001risk 0.00cvss —epss 0.00
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
- CVE-2000-0315Mar 12, 2001risk 0.00cvss —epss 0.02
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
Page 8 of 12