36 matches found
CVE-1999-0017
CVE-1999-0017 is a documented FTP bounce vulnerability where an FTP server can be abused to connect to arbitrary ports on an attacker-controlled host by exploiting the PORT/PORT-like mechanisms. The core issue is that an FTP server’s data connection handling allows bounce traffic to other hosts (...
CVE-1999-0002
CVE-1999-0002 is a buffer overflow in the NFS mountd service that can give remote root access on Linux-like systems. The core description across sources confirms a remote-executable overflow in mountd, potentially enabling privilege elevation without an account. Public references describe related...
CVE-1999-0368
The CVE-1999-0368 issue involves buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD that can lead to remote root access (palmetto). Red Hat’s entry reiterates the same vulnerability. Nessus plugin 10318 (WU-FTPD Multiple Vulnerabilities) and 10318’s description cite the overflow as enabling...
CVE-2000-0844
The connected records confirm CVE-2000-0844 affects Unix locale subsystem functions that fail to cleanse user-supplied format strings, enabling local attackers to execute arbitrary commands through gettext, catopen, and related calls. The root cause is improper sanitization of format strings in l...
CVE-1999-0009
Summary of CVE-1999-0009 from connected documents : The issue is an inverse query buffer overflow in BIND releases 4.9 and 8. The Red Hat entry mirrors the description: the vulnerability is an inverse query buffer overflow in BIND 4.9 and 8 releases. Tenable/Nessus references indicate this is a r...
CVE-1999-0043
CVE-1999-0043 affects the INN daemon (innd) v1.5, where command execution is possible via shell metacharacters in control messages (e.g., "newgroup", "rmgroup"). Documents consistently reference INN 1.5 and shell metachar vulnerabilities; remediation guidance appears as upgrading to 1.6 or later....
CVE-1999-0047
Sendmail MIME conversion overflow CVE-1999-0047 affects versions 8.8.3 and 8.8.4. The vulnerability, described as a MIME conversion overflow, can allow an attacker to execute arbitrary commands as root on a remote host. Remediation: upgrade to Sendmail 8.8.5 or later. This entry is supported by m...
CVE-2000-1134
CVE-2000-1134 concerns multiple shells (tcsh, csh, sh, bash) that follow symlinks when processing here-documents (<
CVE-1999-0042
CVE-1999-0042 describes a buffer overflow in University of Washington's IMAP and POP servers. The widely cited details come from multiple connected sources, including a Nessus plugin that specifies a remote buffer overflow in the IMAP server login() function which may allow a remote user to gain ...
CVE-1999-0234
The CVE-1999-0234 issue involves Bash treating any byte with value 0xFF as a command separator, per the CVE record and related entries (Red Hat, CVE list, EUVD, PT-1996-1035). These connected documents confirm the underlying root cause (parsing of 0xFF) but do not specify exact affected Bash vers...
CVE-1999-0434
The CVE-1999-0434 entry documents a vulnerability in the XFree86 xfs command where a symlink attack enables local users to create files in restricted directories, potentially leading to privilege escalation or a denial of service. Connected sources corroborate the issue as a symlink-based file cr...
CVE-1999-0769
CVE-1999-0769 affects Vixie Cron on Linux systems. The vulnerability allows local users to modify parameters of sendmail commands by manipulating the MAILTO environment variable, as described in multiple sources. Root cause is misuse of MAILTO by cron the environment passed to mail-related comman...
CVE-1999-0880
CVE-1999-0880 corresponds to a memory exhaustion DoS in WU-FTPD caused by the SITE NEWER command not freeing memory. Multiple connected sources confirm the issue and reference affected software as WU-FTPD, with a specific note that versions prior to 2.6.0 are vulnerable (Nessus plugin title indic...
CVE-2000-0566
The CVE-2000-0566 issue concerns the makewhatis script in the Linux man package. The attached documents confirm a local-privilege escalation/vector: makewhatis creates files in /tmp with predictable names and can be exploited via symlink attacks to overwrite arbitrary files or gain elevated privi...
CVE-2001-0851
CVE-2001-0851 covers the Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled. The issue arises from the syncookie handling that allows a remote attacker to bypass firewall rules by brute-forcing the cookie, effectively defeating first-hop filtering. Public advisories from Red Hat, SUSE, Mandrak...
CVE-1999-0104
Technical details about CVE-1999-0104 are not publicly provided in the supplied documents; affected products, impact specifics, and remediation are not disclosed. Monitor for updates.
CVE-1999-0872
CVE-1999-0872 is a vulnerability in Vixie cron where a buffer overflow can be triggered by a long MAILTO value in a crontab, enabling local users to gain root access. The Red Hat CVE entry and related records confirm the issue but do not provide remediation steps or patched versions in the connec...
CVE-2000-0491
CVE-2000-0491 describes a buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm. A crafted FORWARD_QUERY can allow a remote attacker to execute arbitrary commands or cause a denial of service. The available connected documents confirm the affected components and impact but do n...
CVE-2000-0531
CVE-2000-0531 : Linux gpm program vulnerability where local users can cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets. The NVD entry shows a LOCAL attack vector, LOW base severity, and PARTIAL availability impact; no remediation or workaround details are provided ...
CVE-2000-0218
The CVE-2000-0218 entry concerns a buffer overflow in the Linux mount and umount utilities that allows local users to gain root privileges via a long relative pathname. Affected component: the mount/umount helpers in Linux. Root cause: a buffer overflow vulnerability enabling escalation to root (...
CVE-2000-0892
CVE-2000-0892 describes a vulnerability where some telnet clients may disclose environment variables to remote telnet servers or via telnet: URLs, due to RFC 1572 (NEW-ENVIRON). The underlying issue is the ability of a server to request environment variables before authentication, potentially exp...
CVE-1999-0731
CVE-1999-0731 affects the KDE klock program. The issue allows local users to unlock a session via malformed input, as described in multiple sources (NVD/RH/CVE lists). The CVSS-derived impact includes partial confidentiality, integrity, and availability impacts with local exploitation and no auth...
CVE-2000-0370
CVE-2000-0370 affects Caldera Linux smail. The debug option allows remote command execution via shell metacharacters in the -D option for rmail, enabling full compromise of confidentiality, integrity, and availability (CVSSv2 base score 10.0). Exploitation details are not provided in the availabl...
CVE-2000-0917
CVE-2000-0917 describes a format-string vulnerability in LPRng’s use_syslog() in version 3.6.24 (and earlier), enabling remote attackers to execute arbitrary commands. Multiple sources corroborate: Red Hat RHSA-2000-065 notes vulnerability in 3.6.24 and earlier; CERT advisories document the forma...
CVE-2000-0374
The CVE describes that the default configuration of kdm (Caldera/Mandrake Linux and possibly others) allows XDMCP connections from any host, causing information leakage and potential bypass of access restrictions. CERT/CC notes this as an information leakage vulnerability via XDMCP daemon default...
CVE-2000-0530
The CVE-2000-0530 entry describes a vulnerability in KDE 1.1.2 where the KApplication-class creates configuration files without proper ownership checks or existence verification. The result is a local privilege-attack risk: a local user can exploit a symlink/ownership flaw to overwrite arbitrary ...
CVE-1999-0712
CVE-1999-0712 affects Caldera Open Administration System (COAS). The vulnerability allows the /etc/shadow password file to be made world-readable, indicating a confidentiality impact. Exploitation details are not provided in the connected documents; sources (Red Hat, CVE entries, and PT Security)...
CVE-2002-1199
The CVE-2002-1199 issue affects the ypxfrd daemon used for NIS map distribution. The getdbm procedure constructs a path to /var/yp/domain/map without proper validation, allowing directory traversal via the domain and map arguments and enabling a symlink-based override that can expose files outsid...
CVE-1999-0439
The CVE-1999-0439 issue is a Buffer Overflow in procmail prior to 3.12. The vulnerability arises from expansions in the procmailrc configuration file, allowing remote or local attackers to execute commands. Exploitation is possible via the procmailrc processing and can impact confidentiality, int...
CVE-1999-1288
CVE-1999-1288 concerns Samba 1.9.18, which ships with a prototype application wsmbconf installed with incorrect permissions (including setgid). This config allows local users to read/write files and, due to bugs in wsmbconf, may enable privilege elevation. The OpenVAS entry reiterates an elevate-...
CVE-1999-0879
CVE-1999-0879 describes a buffer overflow in WU-FTPD and related FTP servers that allows remote attackers to gain root privileges by exploiting macro variables in a message file. The vulnerability affects the FTP server software in the late 1990s era; multiple sources (including Red Hat CVE refer...
CVE-2000-0369
The CVE-2000-0369 entry describes a vulnerability in the IDENT server of Caldera Linux 2.3 where the server spawns multiple threads per IDENT request. This threading pattern can be exploited by remote attackers to trigger a denial-of-service condition against the impacted system. The reported imp...
CVE-2000-0192
The CVE-2000-0192 issue affects the default installation of Caldera OpenLinux 2.3 via the rpm_query CGI, which allows remote attackers to enumerate installed RPMs by accessing the CGI over the web server. This leads to information disclosure about installed services and versions (partial confiden...
CVE-2000-0438
CVE-2000-0438 describes a buffer overflow in the Linux fdmount utility that can be triggered by a long mountpoint parameter. Local users in the floppy group could execute arbitrary commands with the exploit. The vulnerability is due to an inadequate bound check in fdmount, leading to potential co...
CVE-2001-0850
The CVE-2001-0850 entry concerns a configuration error in the libdb1 package of OpenLinux 3.1. The vulnerability arises from insecure versions of snprintf and vsnprintf used by libdb1, which could allow local or remote users to trigger a buffer overflow. Affected software: OpenLinux 3.1 (libdb1)....
CVE-2000-0372
CVE-2000-0372 describes a local privilege escalation in Caldera’s rmt command within the dump package 0.4b4, enabling a local user to gain root privileges. The vulnerability is supported by NVD data (CVSSv2 base score 7.2; LOCAL access; no authentication; full confidentiality, integrity, and avai...