CVE-2002-1565

all versions

Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and pos

CVE-2000-1208

all versions

Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain p

CVE-2002-0083

all versions

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privilege

9.8CRITICAL

CVE-2001-0738

all versions

LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by

CVE-2001-0736

all versions

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arb

CVE-2001-0641

all versions

Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a lo

CVE-2001-1030

all versions

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_ac

CVE-2001-0473

all versions

Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.

CVE-2001-0416

all versions

sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read fil

CVE-2001-0170

all versions

glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when ex

CVE-2001-0143

all versions

vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.

CVE-2001-0142

all versions

squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.

CVE-2001-0140

all versions

arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

CVE-2001-0139

all versions

inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

CVE-2001-0138

all versions

privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.

CVE-2001-0120

all versions

useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.

CVE-2001-0119

all versions

getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.

CVE-2001-0118

all versions

rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.

CVE-2001-0117

all versions

sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.

CVE-2001-0116

all versions

gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.

CVE-2000-1134

all versions

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processin

CVE-2000-1095

all versions

modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters

CVE-2000-0963

all versions

Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TER

CVE-2000-0844

all versions

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows loc

CVE-2000-1214

all versions

Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 t

CVE-2000-1213

all versions

ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privile

CVE-1999-1111

<= 1.21

Vulnerability in StackGuard before 1.21 allows remote attackers to bypass the Random and Terminator Canary security mechanisms by