CVE-2003-0358

Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.

CVE-2003-0367

znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.

CVE-2003-0382

Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable.

CVE-2003-0098

Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.

CVE-2002-0875

Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.

CVE-2003-0615

Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.

CVE-2003-0308

The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.

CVE-2003-0440

The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.