CVE-2000-0844

The connected records confirm CVE-2000-0844 affects Unix locale subsystem functions that fail to cleanse user-supplied format strings, enabling local attackers to execute arbitrary commands through gettext, catopen, and related calls. The root cause is improper sanitization of format strings in l...

CVE-2000-1134

CVE-2000-1134 concerns multiple shells (tcsh, csh, sh, bash) that follow symlinks when processing here-documents (<

CVE-2001-0851

CVE-2001-0851 covers the Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled. The issue arises from the syncookie handling that allows a remote attacker to bypass firewall rules by brute-forcing the cookie, effectively defeating first-hop filtering. Public advisories from Red Hat, SUSE, Mandrak...

CVE-2001-0181

The CVE-2001-0181 entry concerns a format-string vulnerability in the error-logging path of the DHCP server and client in Caldera Linux. The underlying flaw is in how logging is performed, allowing a remote attacker to execute arbitrary commands. The available documents confirm the affected compo...

CVE-2000-0531

CVE-2000-0531 : Linux gpm program vulnerability where local users can cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets. The NVD entry shows a LOCAL attack vector, LOW base severity, and PARTIAL availability impact; no remediation or workaround details are provided ...

CVE-2001-0139

Inn 2.2.3 is vulnerable to a local temporary-file race condition. The root cause is inn creating temporary files in a world-writable directory (or being configured to use one), enabling symlink attacks that may modify files writable by the news user. Mandrake/MDKSA-2001:010 notes a patch that rel...

CVE-2000-0917

CVE-2000-0917 describes a format-string vulnerability in LPRng’s use_syslog() in version 3.6.24 (and earlier), enabling remote attackers to execute arbitrary commands. Multiple sources corroborate: Red Hat RHSA-2000-065 notes vulnerability in 3.6.24 and earlier; CERT advisories document the forma...

CVE-2000-1195

The CVE-2000-1195 entry relates to the Linux netkit telnetd: remote authentication bypass when telnetd runs with the -L option in netkit-telnet-0.16 or earlier. Affected software: telnet daemon (telnetd) from the Linux netkit package prior to netkit-telnet-0.16. Root cause: telnetd allows bypassi...

CVE-2000-0594

CVE-2000-0594 affects the BitchX IRC client. The vulnerability arises from improper cleansing of an untrusted format string in the /INVITE command, allowing a remote attacker to trigger a denial of service by inviting a channel whose name includes special formatting characters. Connected document...

CVE-2001-0869

CVE-2001-0869 is a format-string vulnerability in the Cyrus SASL library (cyrus-sasl) affecting the default logging callback _sasl_syslog in common.c. The Mandrake MDKSA-2002:018 advisory notes a format bug in cyrus-sasl that could allow a remote attacker to obtain access or elevate privileges, w...