Openlinux Edesktop Security Vulnerabilities and Issues — Openlinux Edesktop CVE List

CalderaOpenlinux Edesktop

8 matches found

CVE•added 2000/12/19 5:0 a.m.•75 views

CVE-2000-1134

CVE-2000-1134 concerns multiple shells (tcsh, csh, sh, bash) that follow symlinks when processing here-documents (<

7.2CVSS6.2AI score0.01415EPSS

CVE•added 2001/03/09 5:0 a.m.•65 views

CVE-2001-0181

The CVE-2001-0181 entry concerns a format-string vulnerability in the error-logging path of the DHCP server and client in Caldera Linux. The underlying flaw is in how logging is performed, allowing a remote attacker to execute arbitrary commands. The available documents confirm the affected compo...

10CVSS7.5AI score0.05204EPSS

CVE•added 2002/03/09 5:0 a.m.•65 views

CVE-2001-0851

CVE-2001-0851 covers the Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled. The issue arises from the syncookie handling that allows a remote attacker to bypass firewall rules by brute-forcing the cookie, effectively defeating first-hop filtering. Public advisories from Red Hat, SUSE, Mandrak...

5CVSS6.6AI score0.03087EPSS

CVE•added 2001/05/07 4:0 a.m.•60 views

CVE-2001-0139

Inn 2.2.3 is vulnerable to a local temporary-file race condition. The root cause is inn creating temporary files in a world-writable directory (or being configured to use one), enabling symlink attacks that may modify files writable by the news user. Mandrake/MDKSA-2001:010 notes a patch that rel...

1.2CVSS6.3AI score0.00339EPSS

CVE•added 2001/01/22 5:0 a.m.•57 views

CVE-2000-0917

CVE-2000-0917 describes a format-string vulnerability in LPRng’s use_syslog() in version 3.6.24 (and earlier), enabling remote attackers to execute arbitrary commands. Multiple sources corroborate: Red Hat RHSA-2000-065 notes vulnerability in 3.6.24 and earlier; CERT advisories document the forma...

10CVSS7.4AI score0.78658EPSS

CVE•added 2002/03/09 5:0 a.m.•57 views

CVE-2000-1195

The CVE-2000-1195 entry relates to the Linux netkit telnetd: remote authentication bypass when telnetd runs with the -L option in netkit-telnet-0.16 or earlier. Affected software: telnet daemon (telnetd) from the Linux netkit package prior to netkit-telnet-0.16. Root cause: telnetd allows bypassi...

7.5CVSS7.6AI score0.02109EPSS

CVE•added 2000/10/13 4:0 a.m.•56 views

CVE-2000-0594

CVE-2000-0594 affects the BitchX IRC client. The vulnerability arises from improper cleansing of an untrusted format string in the /INVITE command, allowing a remote attacker to trigger a denial of service by inviting a channel whose name includes special formatting characters. Connected document...

5CVSS7AI score0.09871EPSS

CVE•added 2001/05/07 4:0 a.m.•54 views

CVE-2001-0178

CVE-2001-0178 affects KDE2’s kdesu: the keep-password feature uses a UNIX socket to pass authentication data, but KDE2 (before 2.2.0-6) does not verify the socket listener’s identity. This can allow local users to obtain root passwords and gain privileges. Multiple advisories confirm the issue an...

2.1CVSS6.4AI score0.00362EPSS