Total
250 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1207 | 1 Redhat | 1 Linux | 2016-10-18 | 7.2 HIGH | N/A |
| userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844). | |||||
| CVE-2000-1125 | 1 Redhat | 1 Linux | 2016-10-18 | 7.2 HIGH | N/A |
| restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. | |||||
| CVE-2000-0365 | 1 Redhat | 1 Linux | 2016-10-18 | 4.6 MEDIUM | N/A |
| Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices. | |||||
| CVE-2000-0364 | 1 Redhat | 1 Linux | 2016-10-18 | 4.6 MEDIUM | N/A |
| screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys. | |||||
| CVE-2000-0315 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2016-10-18 | 5.0 MEDIUM | N/A |
| traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks. | |||||
| CVE-2000-0314 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2016-10-18 | 5.0 MEDIUM | N/A |
| traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||||
| CVE-1999-1491 | 1 Redhat | 1 Linux | 2016-10-18 | 7.2 HIGH | N/A |
| abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program. | |||||
| CVE-1999-1490 | 1 Redhat | 1 Linux | 2016-10-18 | 7.2 HIGH | N/A |
| xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable. | |||||
| CVE-1999-1407 | 1 Redhat | 1 Linux | 2016-10-18 | 2.1 LOW | N/A |
| ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file. | |||||
| CVE-1999-1406 | 1 Redhat | 1 Linux | 2016-10-18 | 2.1 LOW | N/A |
| dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel. | |||||
| CVE-1999-1348 | 1 Redhat | 1 Linux | 2016-10-18 | 2.1 LOW | N/A |
| Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service. | |||||
| CVE-1999-1347 | 1 Redhat | 1 Linux | 2016-10-18 | 4.6 MEDIUM | N/A |
| Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm. | |||||
| CVE-1999-1346 | 1 Redhat | 1 Linux | 2016-10-18 | 7.5 HIGH | N/A |
| PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file. | |||||
| CVE-1999-1333 | 1 Redhat | 1 Linux | 2016-10-18 | 7.5 HIGH | N/A |
| automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded. | |||||
| CVE-1999-1332 | 1 Redhat | 1 Linux | 2016-10-18 | 2.1 LOW | N/A |
| gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file. | |||||
| CVE-1999-1330 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2016-10-18 | 4.6 MEDIUM | N/A |
| The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf. | |||||
| CVE-1999-1328 | 1 Redhat | 1 Linux | 2016-10-18 | 7.2 HIGH | N/A |
| linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack. | |||||
| CVE-1999-1327 | 1 Redhat | 1 Linux | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable. | |||||
| CVE-1999-1299 | 2 Redhat, Slackware | 2 Linux, Slackware Linux | 2016-10-18 | 10.0 HIGH | N/A |
| rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file. | |||||
| CVE-1999-1186 | 3 Redhat, Rxvt, Slackware | 3 Linux, Rxvt, Slackware Linux | 2016-10-18 | 7.2 HIGH | N/A |
| rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter. | |||||