Vulnerabilites related to immunix - immunix
Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 6.2 | |
immunix | immunix | 7.0_beta | |
conectiva | linux | 5.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters." } ], "id": "CVE-2000-1095", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-01-09T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0179.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0596.html" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000340" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2000/20001120" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-071-1.php3?dis=7.1" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-108.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1936" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5516" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0179.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0596.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000340" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2000/20001120" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-071-1.php3?dis=7.1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-108.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5516" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0120", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-007.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2196" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-007.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2196" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5927" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-06-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 6.2 | |
immunix | immunix | 7.0 | |
immunix | immunix | 7.0_beta | |
mutt | mutt | * | |
conectiva | linux | * | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true }, { "criteria": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "matchCriteriaId": "922D20A2-43EB-45FE-B01C-CBFBE66FA435", "versionEndIncluding": "1.2.5", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "C74C8F2C-92F4-4A9F-BF5A-8B5DF1A50DC7", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands." } ], "id": "CVE-2001-0473", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-06-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0246.html" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000385" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=98473109630421\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-031.php3" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/5615" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-029.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6235" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0246.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=98473109630421\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-031.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/5615" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6235" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:iputils:iputils:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD894839-1AD2-4707-B171-2CE7076D6446", "versionEndIncluding": "2000-10-10", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping\u0027s exposure to bugs that otherwise would occur at lower privileges." } ], "id": "CVE-2000-1213", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-10-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 6.2 | |
immunix | immunix | 7.0 | |
immunix | immunix | 7.0_beta | |
debian | debian_linux | 1.3 | |
debian | debian_linux | 2.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "745ACC17-B6D6-4B4E-9648-A8B45C4A3F7A", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages." } ], "id": "CVE-2001-0738", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-10-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-026-01" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=99258618906506\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/249579" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7098" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-026-01" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=99258618906506\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/249579" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7098" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ], "id": "CVE-2001-0140", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-002.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2183" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5922" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-002.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2183" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5922" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 6.2 | |
conectiva | linux | 4.0 | |
conectiva | linux | 4.0es | |
conectiva | linux | 4.1 | |
conectiva | linux | 4.2 | |
conectiva | linux | 5.0 | |
conectiva | linux | 5.1 | |
caldera | openlinux | * | |
caldera | openlinux_edesktop | 2.4 | |
caldera | openlinux_eserver | 2.3 | |
hp | hp-ux | 11.11 | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2e | |
suse | suse_linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*", "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*", "matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2e:*:*:*:*:*:*:*", "matchCriteriaId": "24EEDE00-6F40-4A9A-BF74-6BE6CEAE39E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing \u003c\u003c redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack." } ], "id": "CVE-2000-1134", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-01-09T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt" }, { "source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2000/20001111a" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/10277" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-117.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-121.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/146657" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1926" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2006" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2000/20001111a" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/10277" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-117.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-121.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/146657" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0118", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-005.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2195" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5925" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-005.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2195" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5925" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*", "matchCriteriaId": "E040A866-0D2C-40E1-B1FB-DB600B389E27", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*", "matchCriteriaId": "D71083B4-1736-4501-8DE8-BC24AC1447AA", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:powerpc:*:*:*:*:*", "matchCriteriaId": "2A32E486-2598-41B3-B6DB-3CC46D239AFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0138", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2001/dsa-016" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2189" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2001/dsa-016" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2189" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 6.2 | |
immunix | immunix | 7.0 | |
immunix | immunix | 7.0_beta | |
university_of_washington | pine | * | |
engardelinux | secure_linux | 1.0.1 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 5.2 | |
redhat | linux | 6.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true }, { "criteria": "cpe:2.3:a:university_of_washington:pine:*:*:*:*:*:*:*:*", "matchCriteriaId": "12627ECC-CFED-4893-8C1C-5CC454A982E1", "versionEndIncluding": "4.33", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:engardelinux:secure_linux:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "79A6E38E-9BC6-4CD7-ABC6-754C9DB07DB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0736", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-10-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-26 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*", "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCE4BBA3-7332-45EE-8C29-BE5A473B559D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:ecommerce:*:*:*:*:*:*:*", "matchCriteriaId": "FB63DADC-A9AE-4FBA-BCCA-9714646DBD04", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:graficas:*:*:*:*:*:*:*", "matchCriteriaId": "99E6E71D-100E-45FA-B90A-C2F7C37E458C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files." } ], "id": "CVE-2001-0170", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-26T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-001.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2181" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5907" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2181" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5907" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:iputils:iputils:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD894839-1AD2-4707-B171-2CE7076D6446", "versionEndIncluding": "2000-10-10", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges." } ], "id": "CVE-2000-1214", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-10-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97208562830613\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/5431.php" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1813" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97208562830613\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/5431.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1813" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 7.0 | |
trustix | secure_linux | 1.1 | |
trustix | secure_linux | 1.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack." } ], "id": "CVE-2001-0117", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/579928" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2191" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/579928" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2191" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-08-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call." }, { "lang": "es", "value": "Vulnerabilidad de cadena de formato en la funci\u00f3n startprinting() de printjob.c en el paquete lpr lpd basado en BSD puede permitir a usuarios locales ganar privilegios mediante una llamada impropia a syslog que usa cadenas de formato de la llamada checkremote()." } ], "id": "CVE-2000-1208", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-08-12T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://online.securityfocus.com/archive/1/137555" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/5286.php" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-066.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1711" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://online.securityfocus.com/archive/1/137555" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/5286.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-066.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1711" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-03-15 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0 | |
mandrakesoft | mandrake_single_network_firewall | 7.2 | |
openbsd | openssh | * | |
openpkg | openpkg | 1.0 | |
conectiva | linux | 5.0 | |
conectiva | linux | 5.1 | |
conectiva | linux | 6.0 | |
conectiva | linux | 7.0 | |
conectiva | linux | ecommerce | |
conectiva | linux | graficas | |
engardelinux | secure_linux | 1.0.1 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux | 8.1 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 7.0 | |
redhat | linux | 7.1 | |
redhat | linux | 7.2 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.2 | |
suse | suse_linux | 7.3 | |
suse | suse_linux | 7.3 | |
suse | suse_linux | 7.3 | |
trustix | secure_linux | 1.1 | |
trustix | secure_linux | 1.2 | |
trustix | secure_linux | 1.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63", "vulnerable": true }, { "criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", "matchCriteriaId": "57BE3D9D-42CA-45A4-A2BB-A7154F177A45", "versionEndExcluding": "3.1", "versionStartIncluding": "2.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2AD28A07-6B9F-443B-88E5-7CE777012037", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCE4BBA3-7332-45EE-8C29-BE5A473B559D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "97177EF7-8FC4-4D4D-A8D9-3628AA0035FB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:ecommerce:*:*:*:*:*:*:*", "matchCriteriaId": "FB63DADC-A9AE-4FBA-BCCA-9714646DBD04", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:graficas:*:*:*:*:*:*:*", "matchCriteriaId": "99E6E71D-100E-45FA-B90A-C2F7C37E458C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:engardelinux:secure_linux:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "79A6E38E-9BC6-4CD7-ABC6-754C9DB07DB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*", "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*", "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*", "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*", "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*", "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges." }, { "lang": "es", "value": "Error \u0027off-by-one\u0027 en el c\u00f3digo de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios." } ], "id": "CVE-2002-0083", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2002-03-15T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Patch" ], "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://online.securityfocus.com/advisories/3960" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://online.securityfocus.com/archive/1/264657" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://www.debian.org/security/2002/dsa-119" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.iss.net/security_center/static/8383.php" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Patch", "Vendor Advisory" ], "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.osvdb.org/730" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/4241" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Patch" ], "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://online.securityfocus.com/advisories/3960" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://online.securityfocus.com/archive/1/264657" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://www.debian.org/security/2002/dsa-119" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.iss.net/security_center/static/8383.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Patch", "Vendor Advisory" ], "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.osvdb.org/730" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/4241" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-193" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-12-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt | Patch, Vendor Advisory | |
cve@mitre.org | http://www.securityfocus.com/archive/1/138550 | Broken Link, Third Party Advisory, VDB Entry | |
cve@mitre.org | http://www.securityfocus.com/bid/1142 | Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/44487 | VDB Entry, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/138550 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1142 | Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/44487 | VDB Entry, Vendor Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*", "matchCriteriaId": "237174A4-E030-4A0B-AD0B-5C463603EAA4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnu:ncurses:*:*:*:*:*:*:*:*", "matchCriteriaId": "05541A17-7388-4157-9481-461E930FC3EF", "versionEndExcluding": "5.6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS." } ], "id": "CVE-2000-0963", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-12-19T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/138550" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1142" }, { "source": "cve@mitre.org", "tags": [ "VDB Entry", "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44487" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/138550" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1142" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "VDB Entry", "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44487" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
national_science_foundation | squid_web_proxy | 2.3_stable4 | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 | |
trustix | secure_linux | 1.1 | |
trustix | secure_linux | 1.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true }, { "criteria": "cpe:2.3:a:national_science_foundation:squid_web_proxy:2.3_stable4:*:*:*:*:*:*:*", "matchCriteriaId": "05BE866B-EBCC-4847-98E9-C89288748B79", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ], "id": "CVE-2001-0142", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2001/dsa-019" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-003.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2184" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5921" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2001/dsa-019" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-003.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2184" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5921" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-09-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 6.2 | |
immunix | immunix | 7.0 | |
immunix | immunix | 7.0_beta | |
redhat | linux | 5.2 | |
redhat | linux | 6.2 | |
redhat | linux | 7.0 | |
suse | suse_linux | 6.0 | |
suse | suse_linux | 6.1 | |
suse | suse_linux | 6.2 | |
suse | suse_linux | 6.3 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option." } ], "id": "CVE-2001-0641", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-09-20T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-05/0087.html" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2001_019_man_txt.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-069.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/190136" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2711" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6530" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-05/0087.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2001_019_man_txt.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-069.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/190136" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2711" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6530" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-06-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7:*:*:*:*:*:*:*", "matchCriteriaId": "5B1168B3-4B2D-435C-BF48-A19BAA8D75AB", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en la funci\u00f3n url_filename de wget 1.8.1 permite que atacantes remotos causen una denegaci\u00f3n de servicio (\"segmentation fault\") y posiblemente ejecuten c\u00f3digo arbitrario mediante una URL muy larga" } ], "id": "CVE-2002-1565", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-06-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000716" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=105474357016184\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2002/dsa-209" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-372.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10851" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000716" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=105474357016184\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2002/dsa-209" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-372.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10851" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-06-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | sgml-tools | 1.0.9.15 | |
immunix | immunix | 6.2 | |
immunix | immunix | 7.0 | |
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:debian:sgml-tools:1.0.9.15:*:*:*:*:*:*:*", "matchCriteriaId": "8AAE68C9-1A01-4457-912C-4250139A676F", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools." } ], "id": "CVE-2001-0416", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-06-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000390" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=98477491130367\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.debian.org/security/2001/dsa-038" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-030.php3" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2001_016_sgmltool_txt.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-027.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/2506" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/2683" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6201" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000390" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=98477491130367\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.debian.org/security/2001/dsa-038" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-030.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2001_016_sgmltool_txt.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/2506" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/2683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6201" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-07-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
caldera | openlinux_server | 3.1 | |
immunix | immunix | 6.2 | |
immunix | immunix | 7.0 | |
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_single_network_firewall | 7.2 | |
squid | squid_web_proxy | 2.3stable3 | |
squid | squid_web_proxy | 2.3stable4 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 7.0 | |
trustix | secure_linux | 1.1 | |
trustix | secure_linux | 1.01 | |
trustix | secure_linux | 1.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:caldera:openlinux_server:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A218B67-B87B-4A5E-B9EF-EF39ADEAD9FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true }, { "criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63", "vulnerable": true }, { "criteria": "cpe:2.3:a:squid:squid_web_proxy:2.3stable3:*:*:*:*:*:*:*", "matchCriteriaId": "1D5299EE-5CA6-4A9E-9543-BDB0ADF9ED68", "vulnerable": true }, { "criteria": "cpe:2.3:a:squid:squid_web_proxy:2.3stable4:*:*:*:*:*:*:*", "matchCriteriaId": "69466E6B-CD99-4A6F-87EE-1CC430573509", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "9406727E-365C-466F-8406-82B393537559", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning." } ], "id": "CVE-2001-1030", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-07-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01" }, { "source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/197727" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/197727" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E02719FF-924A-4E96-AE1D-5994A8D4275E", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*", "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*", "matchCriteriaId": "772E3C7E-9947-414F-8642-18653BB048E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*", "matchCriteriaId": "8D51EC29-8836-4F87-ABF8-FF7530DECBB1", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*", "matchCriteriaId": "518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*", "matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:3.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "E55C28A7-CD21-47CD-AA50-E8B2D89A18E8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "D3C00FC9-AD97-4226-A0EA-7DB14AA592DE", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "44C6203A-D05B-47B1-8BC2-BA021EBAFDEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B3BA7775-30F2-4CA0-BA6E-70ED12A48D90", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "FB038A89-1CA6-4313-B7CE-56C894945FFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2B3BC86F-5718-4232-BFFF-6244A7C09B8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "E6118CC1-6E51-4E1B-8F58-43B337515222", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "F3D3B348-270F-4209-B31A-2B40F5E4A601", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "91D7C561-4D23-430B-A7D8-137E52B08FF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "55919E74-09E7-44BA-9941-D1B69BB1692F", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "45F3C5D8-8BC3-44EB-917A-D0BA051D3D9D", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2A9C005-4392-4C95-9B92-98EEC73EFE73", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "F0297F56-5F41-48FD-AB47-36E3BD2AB7E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1370216-93EB-400F-9AA6-CB2DC316DAA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "84523B48-218B-45F4-9C04-2C103612DCB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "8DF1A678-FEF1-4549-8EDC-518444CFC57F", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "981A0654-C17D-48BB-A8B3-A728CB159C33", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2AA8956D-F533-42BA-A06B-7CDB0A267B2F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A0AA1204-D181-4E1C-B795-159FC57E86A9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "24740C11-59D0-4071-97BD-8BF7084FC1FC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen." } ], "id": "CVE-2000-0844", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-11-14T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html" }, { "source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2000/20000902" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1634" }, { "source": "cve@mitre.org", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2000/20000902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1634" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0116", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-006.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2188" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5917" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-006.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2188" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5917" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
caldera | openlinux_desktop | 2.3 | |
immunix | immunix | 7.0_beta | |
caldera | openlinux_edesktop | 2.4 | |
caldera | openlinux_eserver | 2.3 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:caldera:openlinux_desktop:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "39CEEC92-B7FE-4E41-9966-DDA9EDF943C1", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*", "matchCriteriaId": "E040A866-0D2C-40E1-B1FB-DB600B389E27", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*", "matchCriteriaId": "D71083B4-1736-4501-8DE8-BC24AC1447AA", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ], "id": "CVE-2001-0139", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2190" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2190" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0119", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-004.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2194" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5924" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-004.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2194" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5924" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0143", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-011.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2186" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5923" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-011.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2186" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5923" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
CVE-2001-0139 (GCVE-0-2001-0139)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.545Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linux-inn-symlink(5916)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916" }, { "name": "MDKSA-2001:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3" }, { "name": "2190", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2190" }, { "name": "CSSA-2001-001.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linux-inn-symlink(5916)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916" }, { "name": "MDKSA-2001:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3" }, { "name": "2190", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2190" }, { "name": "CSSA-2001-001.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0139", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linux-inn-symlink(5916)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916" }, { "name": "MDKSA-2001:010", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3" }, { "name": "2190", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2190" }, { "name": "CSSA-2001-001.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0139", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.545Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0738 (GCVE-0-2001-0738)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:30:06.100Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "IMNX-2001-70-026-01", "tags": [ "vendor-advisory", "x_refsource_IMMUNIX", "x_transferred" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-026-01" }, { "name": "VU#249579", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/249579" }, { "name": "klogd-null-byte-dos(7098)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7098" }, { "name": "20010614 sysklogd update -- Immunix OS 6.2, 7.0-beta, 7.0", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=99258618906506\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-02-10T00:00:00", "descriptions": [ { "lang": "en", "value": "LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-26T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "IMNX-2001-70-026-01", "tags": [ "vendor-advisory", "x_refsource_IMMUNIX" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-026-01" }, { "name": "VU#249579", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/249579" }, { "name": "klogd-null-byte-dos(7098)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7098" }, { "name": "20010614 sysklogd update -- Immunix OS 6.2, 7.0-beta, 7.0", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=99258618906506\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0738", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "IMNX-2001-70-026-01", "refsource": "IMMUNIX", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-026-01" }, { "name": "VU#249579", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/249579" }, { "name": "klogd-null-byte-dos(7098)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7098" }, { "name": "20010614 sysklogd update -- Immunix OS 6.2, 7.0-beta, 7.0", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=99258618906506\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0738", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-10-12T00:00:00", "dateUpdated": "2024-08-08T04:30:06.100Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0473 (GCVE-0-2001-0473)
Vulnerability from cvelistv5
Published
2001-09-18 04:00
Modified
2024-08-08 04:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
References
► | URL | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:21:38.677Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010320 Trustix Security Advisory - mutt", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0246.html" }, { "name": "5615", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/5615" }, { "name": "RHSA-2001:029", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-029.html" }, { "name": "20010315 Immunix OS Security update for mutt", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=98473109630421\u0026w=2" }, { "name": "mutt-imap-format-string(6235)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6235" }, { "name": "CLA-2001:385", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000385" }, { "name": "MDKSA-2001-031", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-031.php3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-03-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010320 Trustix Security Advisory - mutt", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0246.html" }, { "name": "5615", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/5615" }, { "name": "RHSA-2001:029", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-029.html" }, { "name": "20010315 Immunix OS Security update for mutt", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=98473109630421\u0026w=2" }, { "name": "mutt-imap-format-string(6235)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6235" }, { "name": "CLA-2001:385", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000385" }, { "name": "MDKSA-2001-031", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-031.php3" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0473", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010320 Trustix Security Advisory - mutt", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0246.html" }, { "name": "5615", "refsource": "OSVDB", "url": "http://www.osvdb.org/5615" }, { "name": "RHSA-2001:029", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-029.html" }, { "name": "20010315 Immunix OS Security update for mutt", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=98473109630421\u0026w=2" }, { "name": "mutt-imap-format-string(6235)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6235" }, { "name": "CLA-2001:385", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000385" }, { "name": "MDKSA-2001-031", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-031.php3" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0473", "datePublished": "2001-09-18T04:00:00", "dateReserved": "2001-05-24T00:00:00", "dateUpdated": "2024-08-08T04:21:38.677Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0140 (GCVE-0-2001-0140)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.442Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2183", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2183" }, { "name": "MDKSA-2001:002", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-002.php3" }, { "name": "tcpdump-arpwatch-symlink(5922)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5922" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2183", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2183" }, { "name": "MDKSA-2001:002", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-002.php3" }, { "name": "tcpdump-arpwatch-symlink(5922)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5922" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0140", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2183", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2183" }, { "name": "MDKSA-2001:002", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-002.php3" }, { "name": "tcpdump-arpwatch-symlink(5922)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5922" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0140", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.442Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0083 (GCVE-0-2002-0083)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:35:17.574Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20020311 TSLSA-2002-0039 - openssh", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html" }, { "name": "CSSA-2002-SCO.10", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt" }, { "name": "730", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/730" }, { "name": "4241", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/4241" }, { "name": "20020308 [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2" }, { "name": "CSSA-2002-SCO.11", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt" }, { "name": "HPSBTL0203-029", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://online.securityfocus.com/advisories/3960" }, { "name": "DSA-119", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2002/dsa-119" }, { "name": "SuSE-SA:2002:009", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html" }, { "name": "CSSA-2002-012.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt" }, { "name": "20020310 OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2" }, { "name": "ESA-20020307-007", "tags": [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred" ], "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html" }, { "name": "CLA-2002:467", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467" }, { "name": "NetBSD-SA2002-004", "tags": [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc" }, { "name": "FreeBSD-SA-02:13", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc" }, { "name": "20020307 OpenSSH Security Advisory (adv.channelalloc)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2" }, { "name": "20020307 [PINE-CERT-20020301] OpenSSH off-by-one", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2" }, { "name": "MDKSA-2002:019", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php" }, { "name": "RHSA-2002:043", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html" }, { "name": "openssh-channel-error(8383)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/8383.php" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt" }, { "name": "20020328 OpenSSH channel_lookup() off by one exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://online.securityfocus.com/archive/1/264657" }, { "name": "20020307 [VulnWatch] [PINE-CERT-20020301] OpenSSH off-by-one", "tags": [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-03-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-06-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20020311 TSLSA-2002-0039 - openssh", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html" }, { "name": "CSSA-2002-SCO.10", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt" }, { "name": "730", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/730" }, { "name": "4241", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/4241" }, { "name": "20020308 [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2" }, { "name": "CSSA-2002-SCO.11", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt" }, { "name": "HPSBTL0203-029", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://online.securityfocus.com/advisories/3960" }, { "name": "DSA-119", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2002/dsa-119" }, { "name": "SuSE-SA:2002:009", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html" }, { "name": "CSSA-2002-012.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt" }, { "name": "20020310 OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2" }, { "name": "ESA-20020307-007", "tags": [ "vendor-advisory", "x_refsource_ENGARDE" ], "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html" }, { "name": "CLA-2002:467", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467" }, { "name": "NetBSD-SA2002-004", "tags": [ "vendor-advisory", "x_refsource_NETBSD" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc" }, { "name": "FreeBSD-SA-02:13", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc" }, { "name": "20020307 OpenSSH Security Advisory (adv.channelalloc)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2" }, { "name": "20020307 [PINE-CERT-20020301] OpenSSH off-by-one", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2" }, { "name": "MDKSA-2002:019", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php" }, { "name": "RHSA-2002:043", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html" }, { "name": "openssh-channel-error(8383)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/8383.php" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt" }, { "name": "20020328 OpenSSH channel_lookup() off by one exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://online.securityfocus.com/archive/1/264657" }, { "name": "20020307 [VulnWatch] [PINE-CERT-20020301] OpenSSH off-by-one", "tags": [ "mailing-list", "x_refsource_VULNWATCH" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0083", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20020311 TSLSA-2002-0039 - openssh", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html" }, { "name": "CSSA-2002-SCO.10", "refsource": "CALDERA", "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt" }, { "name": "730", "refsource": "OSVDB", "url": "http://www.osvdb.org/730" }, { "name": "4241", "refsource": "BID", "url": "http://www.securityfocus.com/bid/4241" }, { "name": "20020308 [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2" }, { "name": "CSSA-2002-SCO.11", "refsource": "CALDERA", "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt" }, { "name": "HPSBTL0203-029", "refsource": "HP", "url": "http://online.securityfocus.com/advisories/3960" }, { "name": "DSA-119", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-119" }, { "name": "SuSE-SA:2002:009", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html" }, { "name": "CSSA-2002-012.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt" }, { "name": "20020310 OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2" }, { "name": "ESA-20020307-007", "refsource": "ENGARDE", "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html" }, { "name": "CLA-2002:467", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467" }, { "name": "NetBSD-SA2002-004", "refsource": "NETBSD", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc" }, { "name": "FreeBSD-SA-02:13", "refsource": "FREEBSD", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc" }, { "name": "20020307 OpenSSH Security Advisory (adv.channelalloc)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2" }, { "name": "20020307 [PINE-CERT-20020301] OpenSSH off-by-one", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2" }, { "name": "MDKSA-2002:019", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php" }, { "name": "RHSA-2002:043", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html" }, { "name": "openssh-channel-error(8383)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8383.php" }, { "name": "http://www.openbsd.org/advisories/ssh_channelalloc.txt", "refsource": "CONFIRM", "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt" }, { "name": "20020328 OpenSSH channel_lookup() off by one exploit", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/264657" }, { "name": "20020307 [VulnWatch] [PINE-CERT-20020301] OpenSSH off-by-one", "refsource": "VULNWATCH", "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0083", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-03-06T00:00:00", "dateUpdated": "2024-08-08T02:35:17.574Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0170 (GCVE-0-2001-0170)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:14:06.578Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "linux-glibc-read-files(5907)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5907" }, { "name": "RHSA-2001:001", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-001.html" }, { "name": "20010110 [slackware-security] glibc 2.2 local vulnerability on setuid binaries", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html" }, { "name": "20010110 Glibc Local Root Exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html" }, { "name": "2181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2181" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "linux-glibc-read-files(5907)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5907" }, { "name": "RHSA-2001:001", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-001.html" }, { "name": "20010110 [slackware-security] glibc 2.2 local vulnerability on setuid binaries", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html" }, { "name": "20010110 Glibc Local Root Exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html" }, { "name": "2181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2181" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0170", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "linux-glibc-read-files(5907)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5907" }, { "name": "RHSA-2001:001", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-001.html" }, { "name": "20010110 [slackware-security] glibc 2.2 local vulnerability on setuid binaries", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html" }, { "name": "20010110 Glibc Local Root Exploit", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html" }, { "name": "2181", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2181" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0170", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-03-08T00:00:00", "dateUpdated": "2024-08-08T04:14:06.578Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1208 (GCVE-0-2000-1208)
Vulnerability from cvelistv5
Published
2002-08-01 04:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.340Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000925 Format strings: bug #1: BSD-lpr", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2" }, { "name": "lpr-checkremote-format-string(5286)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/5286.php" }, { "name": "1711", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1711" }, { "name": "20001004 Immunix OS Security Update for lpr", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://online.securityfocus.com/archive/1/137555" }, { "name": "RHSA-2000:066", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-066.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-05-31T00:00:00", "descriptions": [ { "lang": "en", "value": "Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000925 Format strings: bug #1: BSD-lpr", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2" }, { "name": "lpr-checkremote-format-string(5286)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/5286.php" }, { "name": "1711", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1711" }, { "name": "20001004 Immunix OS Security Update for lpr", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://online.securityfocus.com/archive/1/137555" }, { "name": "RHSA-2000:066", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-066.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1208", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000925 Format strings: bug #1: BSD-lpr", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2" }, { "name": "lpr-checkremote-format-string(5286)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/5286.php" }, { "name": "1711", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1711" }, { "name": "20001004 Immunix OS Security Update for lpr", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/137555" }, { "name": "RHSA-2000:066", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-066.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1208", "datePublished": "2002-08-01T04:00:00", "dateReserved": "2002-07-31T00:00:00", "dateUpdated": "2024-08-08T05:45:37.340Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0963 (GCVE-0-2000-0963)
Vulnerability from cvelistv5
Published
2000-11-29 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:37:31.675Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "gnu-ncurses-term-terminfodirs-bo(44487)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44487" }, { "name": "20001009 ncurses buffer overflows", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/138550" }, { "name": "1142", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1142" }, { "name": "CSSA-2000-036.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "gnu-ncurses-term-terminfodirs-bo(44487)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44487" }, { "name": "20001009 ncurses buffer overflows", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/138550" }, { "name": "1142", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1142" }, { "name": "CSSA-2000-036.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0963", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "gnu-ncurses-term-terminfodirs-bo(44487)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44487" }, { "name": "20001009 ncurses buffer overflows", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/138550" }, { "name": "1142", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1142" }, { "name": "CSSA-2000-036.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0963", "datePublished": "2000-11-29T05:00:00", "dateReserved": "2000-11-24T00:00:00", "dateUpdated": "2024-08-08T05:37:31.675Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0416 (GCVE-0-2001-0416)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:21:37.799Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2001:027", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-027.html" }, { "name": "2506", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2506" }, { "name": "MDKSA-2001:030", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-030.php3" }, { "name": "DSA-038", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2001/dsa-038" }, { "name": "2683", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2683" }, { "name": "SuSE-SA:2001:16", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2001_016_sgmltool_txt.html" }, { "name": "sgmltools-symlink(6201)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6201" }, { "name": "20010316 Immunix OS Security update for sgml-tools", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=98477491130367\u0026w=2" }, { "name": "CLA-2001:390", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000390" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-03-08T00:00:00", "descriptions": [ { "lang": "en", "value": "sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-26T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2001:027", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-027.html" }, { "name": "2506", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2506" }, { "name": "MDKSA-2001:030", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-030.php3" }, { "name": "DSA-038", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2001/dsa-038" }, { "name": "2683", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2683" }, { "name": "SuSE-SA:2001:16", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2001_016_sgmltool_txt.html" }, { "name": "sgmltools-symlink(6201)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6201" }, { "name": "20010316 Immunix OS Security update for sgml-tools", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=98477491130367\u0026w=2" }, { "name": "CLA-2001:390", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000390" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0416", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2001:027", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-027.html" }, { "name": "2506", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2506" }, { "name": "MDKSA-2001:030", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-030.php3" }, { "name": "DSA-038", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2001/dsa-038" }, { "name": "2683", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2683" }, { "name": "SuSE-SA:2001:16", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2001_016_sgmltool_txt.html" }, { "name": "sgmltools-symlink(6201)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6201" }, { "name": "20010316 Immunix OS Security update for sgml-tools", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=98477491130367\u0026w=2" }, { "name": "CLA-2001:390", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000390" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0416", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-05-24T00:00:00", "dateUpdated": "2024-08-08T04:21:37.799Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0844 (GCVE-0-2000-0844)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:37:30.623Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2000:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html" }, { "name": "20000906 glibc locale security problem", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html" }, { "name": "20000902 Conectiva Linux Security Announcement - glibc", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html" }, { "name": "SSRT0689U", "tags": [ "vendor-advisory", "x_refsource_COMPAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html" }, { "name": "TLSA2000020-1", "tags": [ "vendor-advisory", "x_refsource_TURBO", "x_transferred" ], "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html" }, { "name": "20000902 glibc: local root exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2000/20000902" }, { "name": "20000904 UNIX locale format string vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html" }, { "name": "IY13753", "tags": [ "vendor-advisory", "x_refsource_AIXAPAR", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html" }, { "name": "1634", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1634" }, { "name": "CSSA-2000-030.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt" }, { "name": "unix-locale-format-string(5176)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176" }, { "name": "20000901-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-09-04T00:00:00", "descriptions": [ { "lang": "en", "value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2000:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html" }, { "name": "20000906 glibc locale security problem", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html" }, { "name": "20000902 Conectiva Linux Security Announcement - glibc", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html" }, { "name": "SSRT0689U", "tags": [ "vendor-advisory", "x_refsource_COMPAQ" ], "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html" }, { "name": "TLSA2000020-1", "tags": [ "vendor-advisory", "x_refsource_TURBO" ], "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html" }, { "name": "20000902 glibc: local root exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2000/20000902" }, { "name": "20000904 UNIX locale format string vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html" }, { "name": "IY13753", "tags": [ "vendor-advisory", "x_refsource_AIXAPAR" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html" }, { "name": "1634", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1634" }, { "name": "CSSA-2000-030.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt" }, { "name": "unix-locale-format-string(5176)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176" }, { "name": "20000901-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0844", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2000:057", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html" }, { "name": "20000906 glibc locale security problem", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html" }, { "name": "20000902 Conectiva Linux Security Announcement - glibc", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html" }, { "name": "SSRT0689U", "refsource": "COMPAQ", "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html" }, { "name": "TLSA2000020-1", "refsource": "TURBO", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html" }, { "name": "20000902 glibc: local root exploit", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2000/20000902" }, { "name": "20000904 UNIX locale format string vulnerability", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html" }, { "name": "IY13753", "refsource": "AIXAPAR", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html" }, { "name": "1634", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1634" }, { "name": "CSSA-2000-030.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt" }, { "name": "unix-locale-format-string(5176)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176" }, { "name": "20000901-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0844", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-10-18T00:00:00", "dateUpdated": "2024-08-08T05:37:30.623Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0736 (GCVE-0-2001-0736)
Vulnerability from cvelistv5
Published
2001-10-12 04:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:30:06.075Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010416 Immunix OS Security update for pine", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2" }, { "name": "20010527 [ESA-20010509-01] pine temporary file handling vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2" }, { "name": "MDKSA-2001:047", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0" }, { "name": "RHSA-2001:042", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html" }, { "name": "pine-tmp-file-symlink(6367)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-03-31T00:00:00", "descriptions": [ { "lang": "en", "value": "Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-18T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010416 Immunix OS Security update for pine", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2" }, { "name": "20010527 [ESA-20010509-01] pine temporary file handling vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2" }, { "name": "MDKSA-2001:047", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0" }, { "name": "RHSA-2001:042", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html" }, { "name": "pine-tmp-file-symlink(6367)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0736", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010416 Immunix OS Security update for pine", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2" }, { "name": "20010527 [ESA-20010509-01] pine temporary file handling vulnerabilities", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2" }, { "name": "MDKSA-2001:047", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0" }, { "name": "RHSA-2001:042", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html" }, { "name": "pine-tmp-file-symlink(6367)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0736", "datePublished": "2001-10-12T04:00:00", "dateReserved": "2001-10-12T00:00:00", "dateUpdated": "2024-08-08T04:30:06.075Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0118 (GCVE-0-2001-0118)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.433Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "MDKSA-2001-005", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-005.php3" }, { "name": "2195", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2195" }, { "name": "rdist-symlink(5925)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5925" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "MDKSA-2001-005", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-005.php3" }, { "name": "2195", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2195" }, { "name": "rdist-symlink(5925)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5925" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0118", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "MDKSA-2001-005", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-005.php3" }, { "name": "2195", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2195" }, { "name": "rdist-symlink(5925)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5925" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0118", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.433Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0143 (GCVE-0-2001-0143)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.591Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linuxconf-vpop3d-symlink(5923)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5923" }, { "name": "MDKSA-2001:011", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-011.php3" }, { "name": "2186", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2186" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linuxconf-vpop3d-symlink(5923)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5923" }, { "name": "MDKSA-2001:011", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-011.php3" }, { "name": "2186", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2186" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0143", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linuxconf-vpop3d-symlink(5923)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5923" }, { "name": "MDKSA-2001:011", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-011.php3" }, { "name": "2186", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2186" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0143", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.591Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0116 (GCVE-0-2001-0116)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.490Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linux-gpm-symlink(5917)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5917" }, { "name": "MDKSA-2001:006", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-006.php3" }, { "name": "2188", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2188" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linux-gpm-symlink(5917)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5917" }, { "name": "MDKSA-2001:006", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-006.php3" }, { "name": "2188", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2188" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0116", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linux-gpm-symlink(5917)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5917" }, { "name": "MDKSA-2001:006", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-006.php3" }, { "name": "2188", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2188" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0116", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.490Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1095 (GCVE-0-2000-1095)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
References
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:36.993Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1936", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1936" }, { "name": "RHSA-2000:108", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-108.html" }, { "name": "MDKSA-2000:071", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-071-1.php3?dis=7.1" }, { "name": "SuSE-SA:2000:44", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0596.html" }, { "name": "20001112 RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0179.html" }, { "name": "CLSA-2000:340", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000340" }, { "name": "20001120 modutils: local exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2000/20001120" }, { "name": "linux-modprobe-execute-code(5516)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5516" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-11-12T00:00:00", "descriptions": [ { "lang": "en", "value": "modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1936", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1936" }, { "name": "RHSA-2000:108", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-108.html" }, { "name": "MDKSA-2000:071", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-071-1.php3?dis=7.1" }, { "name": "SuSE-SA:2000:44", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0596.html" }, { "name": "20001112 RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0179.html" }, { "name": "CLSA-2000:340", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000340" }, { "name": "20001120 modutils: local exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2000/20001120" }, { "name": "linux-modprobe-execute-code(5516)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5516" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1095", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1936", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1936" }, { "name": "RHSA-2000:108", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-108.html" }, { "name": "MDKSA-2000:071", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-071-1.php3?dis=7.1" }, { "name": "SuSE-SA:2000:44", "refsource": "SUSE", "url": "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0596.html" }, { "name": "20001112 RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd)", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0179.html" }, { "name": "CLSA-2000:340", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000340" }, { "name": "20001120 modutils: local exploit", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2000/20001120" }, { "name": "linux-modprobe-execute-code(5516)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5516" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1095", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-12-14T00:00:00", "dateUpdated": "2024-08-08T05:45:36.993Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0120 (GCVE-0-2001-0120)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.313Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "shadow-utils-useradd-symlink(5927)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5927" }, { "name": "MDKSA-2001:007", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-007.php3" }, { "name": "2196", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2196" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "shadow-utils-useradd-symlink(5927)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5927" }, { "name": "MDKSA-2001:007", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-007.php3" }, { "name": "2196", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2196" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0120", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "shadow-utils-useradd-symlink(5927)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5927" }, { "name": "MDKSA-2001:007", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-007.php3" }, { "name": "2196", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2196" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0120", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.313Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1214 (GCVE-0-2000-1214)
Vulnerability from cvelistv5
Published
2002-08-31 04:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.335Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ping-buf-bo(5431)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/5431.php" }, { "name": "RHSA-2000:087", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "name": "20001025 Immunix OS Security Update for ping package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "name": "1813", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1813" }, { "name": "20001020 Re: [RHSA-2000:087-02] Potential security problems in ping fixed.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97208562830613\u0026w=2" }, { "name": "20001030 Trustix Security Advisory - ping gnupg ypbind", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "ping-buf-bo(5431)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/5431.php" }, { "name": "RHSA-2000:087", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "name": "20001025 Immunix OS Security Update for ping package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "name": "1813", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1813" }, { "name": "20001020 Re: [RHSA-2000:087-02] Potential security problems in ping fixed.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97208562830613\u0026w=2" }, { "name": "20001030 Trustix Security Advisory - ping gnupg ypbind", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1214", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "ping-buf-bo(5431)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/5431.php" }, { "name": "RHSA-2000:087", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "name": "20001025 Immunix OS Security Update for ping package", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "name": "1813", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1813" }, { "name": "20001020 Re: [RHSA-2000:087-02] Potential security problems in ping fixed.", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97208562830613\u0026w=2" }, { "name": "20001030 Trustix Security Advisory - ping gnupg ypbind", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1214", "datePublished": "2002-08-31T04:00:00", "dateReserved": "2002-08-30T00:00:00", "dateUpdated": "2024-08-08T05:45:37.335Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0142 (GCVE-0-2001-0142)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.450Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2184", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2184" }, { "name": "DSA-019", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2001/dsa-019" }, { "name": "squid-email-symlink(5921)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5921" }, { "name": "MDKSA-2001:003", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-003.php3" }, { "name": "20010112 Trustix Security Advisory - diffutils squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2184", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2184" }, { "name": "DSA-019", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2001/dsa-019" }, { "name": "squid-email-symlink(5921)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5921" }, { "name": "MDKSA-2001:003", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-003.php3" }, { "name": "20010112 Trustix Security Advisory - diffutils squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0142", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2184", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2184" }, { "name": "DSA-019", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2001/dsa-019" }, { "name": "squid-email-symlink(5921)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5921" }, { "name": "MDKSA-2001:003", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-003.php3" }, { "name": "20010112 Trustix Security Advisory - diffutils squid", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0142", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.450Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0117 (GCVE-0-2001-0117)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
References
► | URL | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.471Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "IMNX-2000-70-028-01", "tags": [ "vendor-advisory", "x_refsource_IMMUNIX", "x_transferred" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01" }, { "name": "linux-diffutils-sdiff-symlink(5914)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914" }, { "name": "2191", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2191" }, { "name": "VU#579928", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/579928" }, { "name": "MDKSA-2001:008-1", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3" }, { "name": "RHSA-2001:116", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "IMNX-2000-70-028-01", "tags": [ "vendor-advisory", "x_refsource_IMMUNIX" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01" }, { "name": "linux-diffutils-sdiff-symlink(5914)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914" }, { "name": "2191", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2191" }, { "name": "VU#579928", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/579928" }, { "name": "MDKSA-2001:008-1", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3" }, { "name": "RHSA-2001:116", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0117", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "IMNX-2000-70-028-01", "refsource": "IMMUNIX", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01" }, { "name": "linux-diffutils-sdiff-symlink(5914)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914" }, { "name": "2191", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2191" }, { "name": "VU#579928", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/579928" }, { "name": "MDKSA-2001:008-1", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3" }, { "name": "RHSA-2001:116", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0117", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.471Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-1030 (GCVE-0-2001-1030)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
References
► | URL | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:44:06.644Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010718 Squid httpd acceleration acl bug enables portscanning", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/197727" }, { "name": "squid-http-accelerator-portscanning(6862)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862" }, { "name": "RHSA-2001:097", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html" }, { "name": "IMNX-2001-70-031-01", "tags": [ "vendor-advisory", "x_refsource_IMMUNIX", "x_transferred" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01" }, { "name": "MDKSA-2001:066", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3" }, { "name": "CSSA-2001-029.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt" }, { "name": "20010719 TSLSA-2001-0013 - Squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-07-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-06T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010718 Squid httpd acceleration acl bug enables portscanning", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/197727" }, { "name": "squid-http-accelerator-portscanning(6862)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862" }, { "name": "RHSA-2001:097", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html" }, { "name": "IMNX-2001-70-031-01", "tags": [ "vendor-advisory", "x_refsource_IMMUNIX" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01" }, { "name": "MDKSA-2001:066", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3" }, { "name": "CSSA-2001-029.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt" }, { "name": "20010719 TSLSA-2001-0013 - Squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-1030", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010718 Squid httpd acceleration acl bug enables portscanning", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/197727" }, { "name": "squid-http-accelerator-portscanning(6862)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862" }, { "name": "RHSA-2001:097", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html" }, { "name": "IMNX-2001-70-031-01", "refsource": "IMMUNIX", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01" }, { "name": "MDKSA-2001:066", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3" }, { "name": "CSSA-2001-029.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt" }, { "name": "20010719 TSLSA-2001-0013 - Squid", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-1030", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-01-31T00:00:00", "dateUpdated": "2024-08-08T04:44:06.644Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0119 (GCVE-0-2001-0119)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.434Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2194", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2194" }, { "name": "gettyps-symlink(5924)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5924" }, { "name": "MDKSA-2001:004", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-004.php3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2194", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2194" }, { "name": "gettyps-symlink(5924)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5924" }, { "name": "MDKSA-2001:004", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-004.php3" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0119", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2194", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2194" }, { "name": "gettyps-symlink(5924)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5924" }, { "name": "MDKSA-2001:004", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-004.php3" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0119", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.434Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-1565 (GCVE-0-2002-1565)
Vulnerability from cvelistv5
Published
2003-06-05 04:00
Modified
2024-08-08 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL.
References
► | URL | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T03:26:28.998Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20040202-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc" }, { "name": "CSSA-2003-003.0", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt" }, { "name": "CLA-2003:716", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000716" }, { "name": "DSA-209", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2002/dsa-209" }, { "name": "20030604 Immunix Secured OS 7+ wget update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=105474357016184\u0026w=2" }, { "name": "RHSA-2003:372", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-372.html" }, { "name": "wget-url-filename-bo(10851)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10851" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-12-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20040202-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc" }, { "name": "CSSA-2003-003.0", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt" }, { "name": "CLA-2003:716", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000716" }, { "name": "DSA-209", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2002/dsa-209" }, { "name": "20030604 Immunix Secured OS 7+ wget update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=105474357016184\u0026w=2" }, { "name": "RHSA-2003:372", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-372.html" }, { "name": "wget-url-filename-bo(10851)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10851" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1565", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20040202-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc" }, { "name": "CSSA-2003-003.0", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-003.0.txt" }, { "name": "CLA-2003:716", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000716" }, { "name": "DSA-209", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-209" }, { "name": "20030604 Immunix Secured OS 7+ wget update", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=105474357016184\u0026w=2" }, { "name": "RHSA-2003:372", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-372.html" }, { "name": "wget-url-filename-bo(10851)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10851" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1565", "datePublished": "2003-06-05T04:00:00", "dateReserved": "2003-06-04T00:00:00", "dateUpdated": "2024-08-08T03:26:28.998Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0138 (GCVE-0-2001-0138)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.458Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2189", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2189" }, { "name": "MDKSA-2001-001", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3" }, { "name": "linux-wuftpd-privatepw-symlink(5915)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915" }, { "name": "DSA-016", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2001/dsa-016" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2007-05-21T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2189", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2189" }, { "name": "MDKSA-2001-001", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3" }, { "name": "linux-wuftpd-privatepw-symlink(5915)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915" }, { "name": "DSA-016", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2001/dsa-016" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0138", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2189", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2189" }, { "name": "MDKSA-2001-001", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3" }, { "name": "linux-wuftpd-privatepw-symlink(5915)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915" }, { "name": "DSA-016", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2001/dsa-016" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0138", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.458Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0641 (GCVE-0-2001-0641)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:30:05.998Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "man-s-bo(6530)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6530" }, { "name": "RHSA-2001:069", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-069.html" }, { "name": "20010513 RH 7.0:/usr/bin/man exploit: gid man + more", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-05/0087.html" }, { "name": "20010612 man 1.5h10 + man 1.5i-4 exploits", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/190136" }, { "name": "SuSE-SA:2001:019", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2001_019_man_txt.html" }, { "name": "2711", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2711" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-05-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-11T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "man-s-bo(6530)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6530" }, { "name": "RHSA-2001:069", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-069.html" }, { "name": "20010513 RH 7.0:/usr/bin/man exploit: gid man + more", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-05/0087.html" }, { "name": "20010612 man 1.5h10 + man 1.5i-4 exploits", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/190136" }, { "name": "SuSE-SA:2001:019", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2001_019_man_txt.html" }, { "name": "2711", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2711" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0641", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "man-s-bo(6530)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6530" }, { "name": "RHSA-2001:069", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-069.html" }, { "name": "20010513 RH 7.0:/usr/bin/man exploit: gid man + more", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-05/0087.html" }, { "name": "20010612 man 1.5h10 + man 1.5i-4 exploits", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/190136" }, { "name": "SuSE-SA:2001:019", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2001_019_man_txt.html" }, { "name": "2711", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2711" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0641", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-06T00:00:00", "dateUpdated": "2024-08-08T04:30:05.998Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1134 (GCVE-0-2000-1134)
Vulnerability from cvelistv5
Published
2000-12-19 05:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.043Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20001111a", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2000/20001111a" }, { "name": "1926", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1926" }, { "name": "CLA-2000:350", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350" }, { "name": "oval:org.mitre.oval:def:4047", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047" }, { "name": "SSRT1-41U", "tags": [ "vendor-advisory", "x_refsource_COMPAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html" }, { "name": "2006", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2006" }, { "name": "MDKSA-2000-069", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3" }, { "name": "CSSA-2000-042.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt" }, { "name": "RHSA-2000:117", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-117.html" }, { "name": "VU#10277", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/10277" }, { "name": "20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2" }, { "name": "FreeBSD-SA-00:76", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc" }, { "name": "20001028 tcsh: unsafe tempfile in \u003c\u003c redirects", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html" }, { "name": "MDKSA-2000:075", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3" }, { "name": "CSSA-2000-043.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt" }, { "name": "20011103-02-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P" }, { "name": "20001128 /bin/sh creates insecure tmp files", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/146657" }, { "name": "CLSA-2000:354", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354" }, { "name": "RHSA-2000:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-121.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-28T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing \u003c\u003c redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-18T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20001111a", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2000/20001111a" }, { "name": "1926", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1926" }, { "name": "CLA-2000:350", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350" }, { "name": "oval:org.mitre.oval:def:4047", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047" }, { "name": "SSRT1-41U", "tags": [ "vendor-advisory", "x_refsource_COMPAQ" ], "url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html" }, { "name": "2006", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2006" }, { "name": "MDKSA-2000-069", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3" }, { "name": "CSSA-2000-042.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt" }, { "name": "RHSA-2000:117", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-117.html" }, { "name": "VU#10277", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/10277" }, { "name": "20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2" }, { "name": "FreeBSD-SA-00:76", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc" }, { "name": "20001028 tcsh: unsafe tempfile in \u003c\u003c redirects", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html" }, { "name": "MDKSA-2000:075", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3" }, { "name": "CSSA-2000-043.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt" }, { "name": "20011103-02-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P" }, { "name": "20001128 /bin/sh creates insecure tmp files", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/146657" }, { "name": "CLSA-2000:354", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354" }, { "name": "RHSA-2000:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-121.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1134", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing \u003c\u003c redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20001111a", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2000/20001111a" }, { "name": "1926", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1926" }, { "name": "CLA-2000:350", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350" }, { "name": "oval:org.mitre.oval:def:4047", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047" }, { "name": "SSRT1-41U", "refsource": "COMPAQ", "url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html" }, { "name": "2006", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2006" }, { "name": "MDKSA-2000-069", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3" }, { "name": "CSSA-2000-042.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt" }, { "name": "RHSA-2000:117", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-117.html" }, { "name": "VU#10277", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/10277" }, { "name": "20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2" }, { "name": "FreeBSD-SA-00:76", "refsource": "FREEBSD", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc" }, { "name": "20001028 tcsh: unsafe tempfile in \u003c\u003c redirects", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html" }, { "name": "MDKSA-2000:075", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3" }, { "name": "CSSA-2000-043.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt" }, { "name": "20011103-02-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P" }, { "name": "20001128 /bin/sh creates insecure tmp files", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/146657" }, { "name": "CLSA-2000:354", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354" }, { "name": "RHSA-2000:121", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-121.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1134", "datePublished": "2000-12-19T05:00:00", "dateReserved": "2000-12-14T00:00:00", "dateUpdated": "2024-08-08T05:45:37.043Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1213 (GCVE-0-2000-1213)
Vulnerability from cvelistv5
Published
2002-08-31 04:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.360Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2000:087", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "name": "20001025 Immunix OS Security Update for ping package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "name": "20001030 Trustix Security Advisory - ping gnupg ypbind", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-18T00:00:00", "descriptions": [ { "lang": "en", "value": "ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping\u0027s exposure to bugs that otherwise would occur at lower privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2000:087", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "name": "20001025 Immunix OS Security Update for ping package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "name": "20001030 Trustix Security Advisory - ping gnupg ypbind", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1213", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping\u0027s exposure to bugs that otherwise would occur at lower privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2000:087", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "name": "20001025 Immunix OS Security Update for ping package", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "name": "20001030 Trustix Security Advisory - ping gnupg ypbind", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1213", "datePublished": "2002-08-31T04:00:00", "dateReserved": "2002-08-30T00:00:00", "dateUpdated": "2024-08-08T05:45:37.360Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }