| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file. |
| xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable. |
| abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program. |
| RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command. |
| Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter. |
| The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack. |
| An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5. |
| Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file. |
| Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable. |
| Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt. |
| Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message. |
| The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request. |
| X fontserver xfs allows local users to cause a denial of service via malformed input to the server. |
| Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts. |
| traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. |
| traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks. |
| The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters. |
| Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. |
| Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program. |
| Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems. |
