Lucene search
K

8 matches found

CVE
CVE
added 2001/01/22 5:0 a.m.101 views

CVE-2000-0844

The connected records confirm CVE-2000-0844 affects Unix locale subsystem functions that fail to cleanse user-supplied format strings, enabling local attackers to execute arbitrary commands through gettext, catopen, and related calls. The root cause is improper sanitization of format strings in l...

10CVSS7.7AI score0.15349EPSS
CVE
CVE
added 2000/12/19 5:0 a.m.79 views

CVE-2000-1134

CVE-2000-1134 concerns multiple shells (tcsh, csh, sh, bash) that follow symlinks when processing here-documents (<

7.2CVSS6.2AI score0.01415EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.72 views

CVE-1999-0234

The CVE-1999-0234 issue involves Bash treating any byte with value 0xFF as a command separator, per the CVE record and related entries (Red Hat, CVE list, EUVD, PT-1996-1035). These connected documents confirm the underlying root cause (parsing of 0xFF) but do not specify exact affected Bash vers...

4.6CVSS7.5AI score0.004EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.64 views

CVE-2000-0491

CVE-2000-0491 describes a buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm. A crafted FORWARD_QUERY can allow a remote attacker to execute arbitrary commands or cause a denial of service. The available connected documents confirm the affected components and impact but do n...

10CVSS8AI score0.17776EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.61 views

CVE-2000-0892

CVE-2000-0892 describes a vulnerability where some telnet clients may disclose environment variables to remote telnet servers or via telnet: URLs, due to RFC 1572 (NEW-ENVIRON). The underlying issue is the ability of a server to request environment variables before authentication, potentially exp...

2.6CVSS6.2AI score0.01166EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.59 views

CVE-2000-0917

CVE-2000-0917 describes a format-string vulnerability in LPRng’s use_syslog() in version 3.6.24 (and earlier), enabling remote attackers to execute arbitrary commands. Multiple sources corroborate: Red Hat RHSA-2000-065 notes vulnerability in 3.6.24 and earlier; CERT advisories document the forma...

10CVSS7.4AI score0.78658EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.53 views

CVE-1999-0439

The CVE-1999-0439 issue is a Buffer Overflow in procmail prior to 3.12. The vulnerability arises from expansions in the procmailrc configuration file, allowing remote or local attackers to execute commands. Exploitation is possible via the procmailrc processing and can impact confidentiality, int...

7.5CVSS7.6AI score0.02482EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.42 views

CVE-2000-0372

CVE-2000-0372 describes a local privilege escalation in Caldera’s rmt command within the dump package 0.4b4, enabling a local user to gain root privileges. The vulnerability is supported by NVD data (CVSSv2 base score 7.2; LOCAL access; no authentication; full confidentiality, integrity, and avai...

7.2CVSS7AI score0.00358EPSS