Unix
CVEs (18)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0513 | 0.09 | — | 0.70 | Jan 5, 1998 | ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. | |||
| CVE-2001-1092 | 0.03 | — | 0.01 | Sep 10, 2001 | msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file. | |||
| CVE-2001-0369 | 0.03 | — | 0.01 | Jun 27, 2001 | Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a local attacker to obtain root access via a long command line argument (non-existent printer name). | |||
| CVE-1999-0691 | 0.03 | — | 0.01 | Sep 13, 1999 | Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. | |||
| CVE-2000-0314 | 0.00 | — | 0.02 | Mar 12, 2001 | traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||
| CVE-2000-0315 | 0.00 | — | 0.02 | Mar 12, 2001 | traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks. | |||
| CVE-2001-0134 | 0.00 | — | 0.04 | Mar 12, 2001 | Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name. | |||
| CVE-2000-0845 | 0.00 | — | 0.01 | Nov 14, 2000 | kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to read arbitrary files by specifying the full file name in the initialization packet. | |||
| CVE-1999-0687 | 0.00 | — | 0.02 | Sep 13, 1999 | The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands. | |||
| CVE-1999-0713 | 0.00 | — | 0.00 | Jun 11, 1999 | The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges. | |||
| CVE-1999-0406 | 0.00 | — | 0.00 | Feb 19, 1999 | Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege. | |||
| CVE-1999-0714 | 0.00 | — | 0.00 | Feb 15, 1999 | Vulnerability in Compaq Tru64 UNIX edauth command. | |||
| CVE-1999-0358 | 0.00 | — | 0.00 | Feb 1, 1999 | Digital Unix 4.0 has a buffer overflow in the inc program of the mh package. | |||
| CVE-1999-1458 | 0.00 | — | 0.01 | Jan 25, 1999 | Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument. | |||
| CVE-1999-1044 | 0.00 | — | 0.00 | May 7, 1998 | Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges. | |||
| CVE-1999-1210 | 0.00 | — | 0.00 | Nov 12, 1997 | xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access. | |||
| CVE-1999-1221 | 0.00 | — | 0.01 | Nov 17, 1996 | dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file. | |||
| CVE-1999-0073 | 0.00 | — | 0.03 | Oct 13, 1995 | Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access. |
- CVE-1999-0513Jan 5, 1998risk 0.09cvss —epss 0.70
ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.
- CVE-2001-1092Sep 10, 2001risk 0.03cvss —epss 0.01
msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file.
- CVE-2001-0369Jun 27, 2001risk 0.03cvss —epss 0.01
Buffer overflow in lpsched on DGUX version R4.20MU06 and MU02 allows a local attacker to obtain root access via a long command line argument (non-existent printer name).
- CVE-1999-0691Sep 13, 1999risk 0.03cvss —epss 0.01
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
- CVE-2000-0314Mar 12, 2001risk 0.00cvss —epss 0.02
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
- CVE-2000-0315Mar 12, 2001risk 0.00cvss —epss 0.02
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
- CVE-2001-0134Mar 12, 2001risk 0.00cvss —epss 0.04
Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name.
- CVE-2000-0845Nov 14, 2000risk 0.00cvss —epss 0.01
kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to read arbitrary files by specifying the full file name in the initialization packet.
- CVE-1999-0687Sep 13, 1999risk 0.00cvss —epss 0.02
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
- CVE-1999-0713Jun 11, 1999risk 0.00cvss —epss 0.00
The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.
- CVE-1999-0406Feb 19, 1999risk 0.00cvss —epss 0.00
Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege.
- CVE-1999-0714Feb 15, 1999risk 0.00cvss —epss 0.00
Vulnerability in Compaq Tru64 UNIX edauth command.
- CVE-1999-0358Feb 1, 1999risk 0.00cvss —epss 0.00
Digital Unix 4.0 has a buffer overflow in the inc program of the mh package.
- CVE-1999-1458Jan 25, 1999risk 0.00cvss —epss 0.01
Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument.
- CVE-1999-1044May 7, 1998risk 0.00cvss —epss 0.00
Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges.
- CVE-1999-1210Nov 12, 1997risk 0.00cvss —epss 0.00
xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access.
- CVE-1999-1221Nov 17, 1996risk 0.00cvss —epss 0.01
dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file.
- CVE-1999-0073Oct 13, 1995risk 0.00cvss —epss 0.03
Telnet allows a remote client to specify environment variables including LD_LIBRARY_PATH, allowing an attacker to bypass the normal system libraries and gain root access.