VYPR

Linux

by Red Hat

CVEs (233)

  • CVE-2001-1375Jul 19, 2001
    risk 0.00cvss epss 0.00

    tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory.

  • CVE-2001-1374Jul 19, 2001
    risk 0.00cvss epss 0.00

    expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.

  • CVE-2001-1030Jul 18, 2001
    risk 0.00cvss epss 0.02

    Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.

  • CVE-2001-0977Jul 16, 2001
    risk 0.00cvss epss 0.04

    slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.

  • CVE-2001-0439Jul 2, 2001
    risk 0.00cvss epss 0.02

    licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

  • CVE-2001-0473Jun 27, 2001
    risk 0.00cvss epss 0.02

    Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.

  • CVE-2001-0496Jun 27, 2001
    risk 0.00cvss epss 0.00

    kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.

  • CVE-2001-0441Jun 27, 2001
    risk 0.00cvss epss 0.03

    Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.

  • CVE-2001-0309Jun 2, 2001
    risk 0.00cvss epss 0.01

    inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services.

  • CVE-2001-1028May 28, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.

  • CVE-2001-1467Apr 11, 2001
    risk 0.00cvss epss 0.03

    mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks.

  • CVE-2001-0117Mar 12, 2001
    risk 0.00cvss epss 0.00

    sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.

  • CVE-2001-0143Mar 12, 2001
    risk 0.00cvss epss 0.00

    vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2001-0139Mar 12, 2001
    risk 0.00cvss epss 0.00

    inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

  • CVE-2001-0118Mar 12, 2001
    risk 0.00cvss epss 0.00

    rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2000-0314Mar 12, 2001
    risk 0.00cvss epss 0.02

    traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.

  • CVE-2001-0142Mar 12, 2001
    risk 0.00cvss epss 0.00

    squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.

  • CVE-2001-0119Mar 12, 2001
    risk 0.00cvss epss 0.00

    getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2001-0128Mar 12, 2001
    risk 0.00cvss epss 0.00

    Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.

  • CVE-2000-0315Mar 12, 2001
    risk 0.00cvss epss 0.02

    traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.

Page 8 of 12