VYPR

Vendor CVEs

Red Hat

All CVEs

3,692 total · sorted by risk
  • CVE-2001-1277Jun 11, 2001
    risk 0.00cvss epss 0.00

    makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters.

  • CVE-2001-0309Jun 2, 2001
    risk 0.00cvss epss 0.01

    inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services.

  • CVE-2001-1028May 28, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.

  • CVE-2001-1467Apr 11, 2001
    risk 0.00cvss epss 0.03

    mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks.

  • CVE-2001-0120Mar 12, 2001
    risk 0.00cvss epss 0.00

    useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.

  • CVE-2001-0138Mar 12, 2001
    risk 0.00cvss epss 0.00

    privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2001-0142Mar 12, 2001
    risk 0.00cvss epss 0.00

    squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.

  • CVE-2000-0315Mar 12, 2001
    risk 0.00cvss epss 0.02

    traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.

  • CVE-2001-0117Mar 12, 2001
    risk 0.00cvss epss 0.00

    sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.

  • CVE-2001-0140Mar 12, 2001
    risk 0.00cvss epss 0.00

    arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

  • CVE-2001-0116Mar 12, 2001
    risk 0.00cvss epss 0.00

    gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2001-0128Mar 12, 2001
    risk 0.00cvss epss 0.00

    Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.

  • CVE-2000-0314Mar 12, 2001
    risk 0.00cvss epss 0.02

    traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.

  • CVE-2001-0119Mar 12, 2001
    risk 0.00cvss epss 0.00

    getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2001-0139Mar 12, 2001
    risk 0.00cvss epss 0.00

    inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

  • CVE-2001-0118Mar 12, 2001
    risk 0.00cvss epss 0.00

    rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2001-0143Mar 12, 2001
    risk 0.00cvss epss 0.00

    vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.

  • CVE-2000-1189Jan 9, 2001
    risk 0.00cvss epss 0.00

    Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges.

  • CVE-2000-0948Dec 19, 2000
    risk 0.00cvss epss 0.00

    GnoRPM before 0.95 allows local users to modify arbitrary files via a symlink attack.

  • CVE-2000-0956Dec 19, 2000
    risk 0.00cvss epss 0.00

    cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions.

  • CVE-2000-0963Dec 19, 2000
    risk 0.00cvss epss 0.01

    Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.

  • CVE-2000-0934Dec 19, 2000
    risk 0.00cvss epss 0.00

    Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack.

  • CVE-2000-1010Dec 11, 2000
    risk 0.00cvss epss 0.05

    Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.

  • CVE-2000-0867Nov 14, 2000
    risk 0.00cvss epss 0.00

    Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.

  • CVE-2000-0714Oct 20, 2000
    risk 0.00cvss epss 0.00

    umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable files.

  • CVE-2000-0031Oct 20, 2000
    risk 0.00cvss epss 0.00

    The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.

  • CVE-2000-0715Oct 20, 2000
    risk 0.00cvss epss 0.00

    DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file.

  • CVE-2000-0750Oct 20, 2000
    risk 0.00cvss epss 0.02

    Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.

  • CVE-2000-0701Oct 20, 2000
    risk 0.00cvss epss 0.00

    The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.

  • CVE-2000-1214Oct 18, 2000
    risk 0.00cvss epss 0.00

    Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.

  • CVE-2000-1213Oct 18, 2000
    risk 0.00cvss epss 0.02

    ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.

  • CVE-2000-1207Sep 30, 2000
    risk 0.00cvss epss 0.00

    userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables…

  • CVE-2000-0633Jul 18, 2000
    risk 0.00cvss epss 0.00

    Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.

  • CVE-2000-0566Jul 3, 2000
    risk 0.00cvss epss 0.00

    makewhatis in Linux man package allows local users to overwrite files via a symlink attack.

  • CVE-2000-0618Jun 22, 2000
    risk 0.00cvss epss 0.00

    Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long DISPLAY environmental variable.

  • CVE-2000-0604Jun 21, 2000
    risk 0.00cvss epss 0.00

    gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp.

  • CVE-2000-0602Jun 21, 2000
    risk 0.00cvss epss 0.00

    Secure Locate (slocate) in Red Hat Linux allows local users to gain privileges via a malformed configuration file that is specified in the LOCATE_PATH environmental variable.

  • CVE-2000-0606Jun 21, 2000
    risk 0.00cvss epss 0.01

    Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.

  • CVE-2000-0483Jun 15, 2000
    risk 0.00cvss epss 0.03

    The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization.

  • CVE-2000-0392May 16, 2000
    risk 0.00cvss epss 0.00

    Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.

  • CVE-2000-0391May 16, 2000
    risk 0.00cvss epss 0.04

    Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.

  • CVE-2000-0390May 16, 2000
    risk 0.00cvss epss 0.04

    Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.

  • CVE-1999-0706Apr 27, 2000
    risk 0.00cvss epss 0.02

    Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.

  • CVE-2000-0289Mar 27, 2000
    risk 0.00cvss epss 0.03

    IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.

  • CVE-2000-0184Mar 9, 2000
    risk 0.00cvss epss 0.00

    Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.

  • CVE-2000-0196Feb 28, 2000
    risk 0.00cvss epss 0.03

    Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.

  • CVE-2000-0186Feb 28, 2000
    risk 0.00cvss epss 0.00

    Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.

  • CVE-2000-0093Jan 21, 2000
    risk 0.00cvss epss 0.01

    An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5.

  • CVE-1999-0894Jan 4, 2000
    risk 0.00cvss epss 0.02

    Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.

  • CVE-1999-1328Dec 31, 1999
    risk 0.00cvss epss 0.00

    linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.

Page 73 of 74