8 matches found
CVE-2000-0844
The connected records confirm CVE-2000-0844 affects Unix locale subsystem functions that fail to cleanse user-supplied format strings, enabling local attackers to execute arbitrary commands through gettext, catopen, and related calls. The root cause is improper sanitization of format strings in l...
CVE-2000-1134
CVE-2000-1134 concerns multiple shells (tcsh, csh, sh, bash) that follow symlinks when processing here-documents (<
CVE-1999-0234
The CVE-1999-0234 issue involves Bash treating any byte with value 0xFF as a command separator, per the CVE record and related entries (Red Hat, CVE list, EUVD, PT-1996-1035). These connected documents confirm the underlying root cause (parsing of 0xFF) but do not specify exact affected Bash vers...
CVE-2000-0491
CVE-2000-0491 describes a buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm. A crafted FORWARD_QUERY can allow a remote attacker to execute arbitrary commands or cause a denial of service. The available connected documents confirm the affected components and impact but do n...
CVE-2000-0892
CVE-2000-0892 describes a vulnerability where some telnet clients may disclose environment variables to remote telnet servers or via telnet: URLs, due to RFC 1572 (NEW-ENVIRON). The underlying issue is the ability of a server to request environment variables before authentication, potentially exp...
CVE-2000-0917
CVE-2000-0917 describes a format-string vulnerability in LPRng’s use_syslog() in version 3.6.24 (and earlier), enabling remote attackers to execute arbitrary commands. Multiple sources corroborate: Red Hat RHSA-2000-065 notes vulnerability in 3.6.24 and earlier; CERT advisories document the forma...
CVE-1999-0439
The CVE-1999-0439 issue is a Buffer Overflow in procmail prior to 3.12. The vulnerability arises from expansions in the procmailrc configuration file, allowing remote or local attackers to execute commands. Exploitation is possible via the procmailrc processing and can impact confidentiality, int...
CVE-2000-0372
CVE-2000-0372 describes a local privilege escalation in Caldera’s rmt command within the dump package 0.4b4, enabling a local user to gain root privileges. The vulnerability is supported by NVD data (CVSSv2 base score 7.2; LOCAL access; no authentication; full confidentiality, integrity, and avai...