Lucene search
K
ConectivaLinux

63 matches found

CVE
CVE
added 2000/09/21 4:0 a.m.63 views

CVE-2000-0701

The vulnerability CVE-2000-0701 affects the Mailman project’s wrapper program in versions 2.0beta3 and 2.0beta4. The root cause is improper cleansing of untrusted format strings, which permits local privilege escalation. The NVD entry lists local attack vector with low complexity and partial impa...

4.6CVSS7AI score0.00389EPSS
CVE
CVE
added 2001/09/18 4:0 a.m.62 views

CVE-2001-0473

CVE-2001-0473 affects the Mutt email client (Imap-related code) prior to version 1.2.5. The vulnerability is a format string issue in the IMAP handling that can allow a remote, malicious IMAP server to execute arbitrary commands on the local machine. The Mandrakelinux MDKSA-2001:031 advisory spec...

7.5CVSS7.3AI score0.0206EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.62 views

CVE-2001-1374

Summary (concrete details from connected documents): The vulnerability is in the expect utility prior to version 5.32, where it searches for its libraries in /var/tmp before other directories. A local attacker could exploit this by placing a Trojan horse library that mkpasswd would load, potentia...

7.2CVSS6.6AI score0.00371EPSS
CVE
CVE
added 2003/08/05 4:0 a.m.61 views

CVE-2003-0540

CVE-2003-0540 affects Postfix 1.1.12 and earlier. The issue stems from the address parser: (1) a malformed envelope address to a local host with a ".!" in MAIL FROM or Errors-To headers can cause the nqmgr to lock, or (2) a valid MAIL FROM with a RCPT TO containing ".!" can lock the SMTP listener...

5CVSS6.3AI score0.21261EPSS
CVE
CVE
added 2004/07/06 4:0 a.m.61 views

CVE-2004-0626

The CVE-2004-0626 issue affects the Linux kernel 2.6 netfilter subsystem when using iptables with TCP options. Affected code path is tcp_find_option; a large option length can produce a negative value after casting to char, causing an infinite loop that consumes CPU and leads to remote DoS. This ...

5CVSS6.2AI score0.02761EPSS
CVE
CVE
added 2005/03/09 5:0 a.m.61 views

CVE-2005-0207

CVE-2005-0207 corresponds to an unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x where NFS clients can trigger a denial of service via NFS client O_DIRECT error handling. The issue is documented in multiple advisories (RHSA-2005:366 / CESA-2005:366) and CentOS/Ubuntu/NVD entries. Aff...

2.1CVSS6.2AI score0.0041EPSS
CVE
CVE
added 2000/08/03 4:0 a.m.57 views

CVE-2000-0667

The CVE-2000-0667 issue affects the Linux gpm daemon (the General Purpose Mouse utility) and allows a local user to delete arbitrary files. Concrete details from connected sources indicate the vulnerability exists in gpm versions 1.19.2 and earlier and is exploitable by a local user to remove fil...

3.6CVSS6.4AI score0.00418EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.57 views

CVE-2001-0178

CVE-2001-0178 affects KDE2’s kdesu: the keep-password feature uses a UNIX socket to pass authentication data, but KDE2 (before 2.2.0-6) does not verify the socket listener’s identity. This can allow local users to obtain root passwords and gain privileges. Multiple advisories confirm the issue an...

2.1CVSS6.4AI score0.00362EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.56 views

CVE-2000-0668

CVE-2000-0668 affects the Linux pam_console PAM module when a display manager (gdm or kdm) has XDMCP enabled. The vulnerability allows a user to access the system console and reboot the system, with a Medium severity (CVSS v2 base score 5.0) and a Partial availability impact. The provided sources...

5CVSS6.9AI score0.0724EPSS
CVE
CVE
added 2001/09/18 4:0 a.m.56 views

CVE-2001-0440

The connected document (MDKSA-2001:032-1) confirms a vulnerability in Licq pre-1.0.3 where received URLs are parsed without sufficient checks and passed to the system() call. This allows remote attackers to cause arbitrary commands to be executed on the client, via crafted URLs, and can lead to d...

7.5CVSS7.8AI score0.04635EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.53 views

CVE-2001-1375

CVE-2001-1375 affects tcl/tk (tcltk) 8.3.1, where libraries may be searched in the current working directory before others. This could allow a local user to execute arbitrary code by placing a Trojan library in a user-controlled directory. The Mandrake advisory notes a related issue and indicates...

4.6CVSS7.2AI score0.00411EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.50 views

CVE-2000-0747

The CVE-2000-0747 entry concerns OpenLDAP prior to version 1.2.11 on Conectiva Linux. The issue arises from the logrotate script sending an improper signal to the kernel log daemon (klogd), which results in klogd being killed. The available records describe the vulnerable component as the logrota...

10CVSS6.9AI score0.01725EPSS
CVE
CVE
added 2000/09/21 4:0 a.m.48 views

CVE-2000-0715

Summary (CVE-2000-0715) : The vulnerability affects Red Hat Linux 6.2’s DiskCheck script (diskcheck.pl), a Powertools utility that alerts on near-capacity disks. Diskcheck.pl creates a temporary file in /tmp with a predictable name and runs with elevated privileges (setuid root). An attacker can ...

2.1CVSS6.3AI score0.00414EPSS
Total number of security vulnerabilities63