229 matches found
CVE-1999-0390
CVE-1999-0390 describes a buffer overflow in the Dosemu Slang library for Linux. The set of connected records attributes a local, low-complexity vulnerability with no authentication requirement, potentially impacting confidentiality, integrity, and availability (per NVD metrics). The available do...
CVE-2002-0638
CVE-2002-0638 concerns the util-linux package’s login utilities (notably setpwnam.c used by chfn/chsh). The advisory describes a race condition caused by inadequate locking of a temporary file used when modifying /etc/passwd, enabling a local attacker to escalate privileges. The issue affects Red...
CVE-2003-0551
The CVE-2003-0551 entry concerns the STP protocol in Linux 2.4.x. According to the sources, STP input processing did not properly verify certain lengths, which could allow attackers to cause a denial of service. Public documents reference Red Hat RHSA-2003:239 and Debian DSA advisories (DSA-423-1...
CVE-2003-0442
The CVE-2003-0442 issue concerns the PHP4 transparent session ID feature (session.use_trans_sid). Multiple sources describe a Cross-Site Scripting (XSS) vulnerability in PHP4 prior to 4.3.2 where the PHPSESSID parameter could be used by a remote attacker to inject scripts. The Debian advisory DSA...
CVE-2003-0552
Summary: CVE-2003-0552 affects the Linux kernel 2.4.x bridge handling, enabling remote attackers to spoof the bridge forwarding table by sending forged packets whose source addresses match the target. The vulnerability is described in multiple advisories (e.g., Debian DSA-423-1 and RHSA-2003:239)...
CVE-2001-0119
Getty_ps 2.0.7j is affected by a local symlink race that can cause overwriting of arbitrary files in /tmp, potentially impacting files writable by the effective UID (often root). Mandrake/MGK advisories indicate a temporary-file race fix, updating to getty_ps 2.1.0a (or newer) to remediate. CERT ...
CVE-2003-0364
CVE-2003-0364 affects the Linux kernel 2.4 series: TCP/IP fragment reassembly handling can be abused by crafted packets to trigger high CPU usage via hash table collisions, leading to a denial of service. Debians OpenVAS entries reference kernel updates (e.g., kernel-patch-2.4.18-powerpc, kernel-...
CVE-2004-1613
CVE-2004-1613 affects Mozilla and related Mozilla-based packages. The issue is a denial-of-service caused by certain HTML constructs (TEXTAREA, INPUT, FRAMESET or IMG) followed by a null character and trailing characters, which can crash the application. Affected releases are addressed in vendor ...
CVE-1999-0042
CVE-1999-0042 describes a buffer overflow in University of Washington's IMAP and POP servers. The widely cited details come from multiple connected sources, including a Nessus plugin that specifies a remote buffer overflow in the IMAP server login() function which may allow a remote user to gain ...
CVE-1999-0131
CVE-1999-0131 affects Sendmail up to version 8.7.5 and earlier, where a vulnerability in the GECOS field processing can cause a buffer overflow and denial of service that may grant root access to local users. Publicly documented by Red Hat and OpenVAS entries, as well as CVE records, the vulnerab...
CVE-1999-0234
The CVE-1999-0234 issue involves Bash treating any byte with value 0xFF as a command separator, per the CVE record and related entries (Red Hat, CVE list, EUVD, PT-1996-1035). These connected documents confirm the underlying root cause (parsing of 0xFF) but do not specify exact affected Bash vers...
CVE-1999-0433
XFree86 startx is affected by a symlink attack allowing local users to create files in restricted directories, potentially gaining privileges or causing a denial of service. The provided documents do not specify affected versions or a fix; one PT Security entry notes no information about a newer ...
CVE-1999-0997
CVE-1999-0997 affects wu-ftpd with FTP conversion enabled. A malformed file name can be interpreted as an argument to the converter, enabling command execution (e.g., via tar or uncompress) and giving an attacker the ability to run arbitrary commands with wu-ftpd’s privileges. Related advisories ...
CVE-2000-0289
Summary: CVE-2000-0289 concerns the Linux kernel IP Masquerade (NAT) feature on 2.2.x, where the UDP DLOOSE behavior can allow an attacker to send arbitrary UDP packets to hosts behind a vulnerable NAT by matching only destination IP/port, potentially affecting existing sessions. What is affected...
CVE-2000-1095
CVE-2000-1095 affects modprobe in the modutils 2.3.x package. The vulnerability arises because modprobe uses popen() to invoke the echo program with user-supplied input, allowing unescaped shell metacharacters to be processed via /bin/sh when run through kmod-triggered paths. This can enable a lo...
CVE-2002-0080
CVE-2002-0080 affects rsync when run in daemon mode: it does not call setgroups before dropping privileges, potentially letting local users inherit supplementary group privileges and read files they shouldn’t. The vulnerability is demonstrated across multiple advisories (Mandrake/MDKSA-2002:024, ...
CVE-2003-0041
CVE-2003-0041 affects the Kerberos FTP client. When retrieving a file whose name begins with a pipe character, the client passes the filename to the system() shell call, allowing a remote FTP server to write files outside the current directory or execute commands as the FTP client user. Connected...
CVE-2003-0550
CVE-2003-0550 concerns the STP support in Linux kernel 2.4.x. The vulnerability stems from the STP protocol implementation failing to provide adequate security, enabling attackers to modify the bridge topology. Public documents in the connected set confirm this issue across multiple advisories (e...
CVE-1999-0125
CVE-1999-0125 describes a local buffer overflow in the SGI IRIX mailx program. The vulnerability affects the mailx component of SGI IRIX; the root cause is a buffer overflow that can impact confidentiality, integrity and availability (partial impacts) when an attacker with local access and no aut...
CVE-1999-0832
CVE-1999-0832 concerns a buffer overflow in the Linux NFS server triggered by a long pathname, allowing an attacker to execute commands. The linked records confirm the vulnerability exists in the NFS service on Linux and describe command execution as the impact. The provided documents do not spec...
CVE-2002-1232
CVE-2002-1232 describes a memory leak in ypserv’s ypdb_open (yp_db.c) affecting the NIS package prior to version 2.5. Repeated remote requests for non-existent maps can exhaust memory, causing a denial-of-service condition. Multiple vendor advisories document this issue (e.g., Mandrake MDKSA-2002...
CVE-2003-0370
CVE-2003-0370 affects Konqueror Embedded and KDE 2.2.2 and earlier, where the Common Name (CN) in X.509 certificates is not validated, enabling possible MITM certificate spoofing in TLS/SSL traffic. Public disclosures reference CAN-2003-0370 and describe the remote exploitation potential through ...
CVE-1999-0034
CVE-1999-0034 affects the suidperl (sperl) component in Perl 4.x and 5.x, with the root cause described as a buffer overflow in suidperl. Documented impact indicates complete confidentiality, integrity, and availability compromises (local attack vector, no authentication, no user interaction requ...
CVE-2001-0977
CVE-2001-0977 affects slapd in OpenLDAP, where OpenLDAP 1.x prior to 1.2.12 and 2.x prior to 2.0.8 are vulnerable. The issue is triggered by receiving LDAP BER length fields with invalid lengths, allowing remote attackers to cause a denial-of-service crash. Public advisories describe this as a re...
CVE-2004-0619
CVE-2004-0619 involves an integer overflow in the ubsec_keysetup function of the Broadcom 5820 cryptonet driver used with Linux. The issue allows a local attacker to cause a denial of service (crash) and potentially gain code execution via a negative add_dsa_buf_bytes, resulting in a buffer overf...
CVE-2004-0905
CVE-2004-0905 affects Mozilla Firefox (before the Preview Release), Mozilla (before 1.7.3), and Thunderbird (before 0.8). The issue enables remote attackers to perform cross-domain scripting and potentially execute arbitrary code by convincing a user to drag and drop javascript: links to a frame ...
CVE-1999-0041
Technical details (affected product/version/root cause/patch) are not provided in the connected documents; summaries only note a buffer overflow in NLS. Monitor Red Hat/EUVD/NVD updates for remediation guidance and impact as information becomes available.
CVE-1999-0130
CVE-1999-0130 affects Sendmail 8.7.x and 8.8.x, where a local user can start the SMTP daemon in daemon mode and obtain root privileges. Multiple connected sources corroborate: OpenVAS notes local overflow in Sendmail 8.7.x/8.8.x with daemon-mode enablement; Nessus entries describe local privilege...
CVE-1999-0768
CVE-1999-0768 is a confirmed issue affecting Red Hat systems using Vixie Cron, where a buffer overflow can be triggered via the MAILTO environment variable. The connected Red Hat advisory reiterates the same description and confirms the vulnerability exists in Vixie Cron on Red Hat platforms. The...
CVE-2000-0867
Kernel logging daemon (klogd) in Linux (sysklogd) is vulnerable due to a 'format bug' that fails to cleanse user-supplied format strings, enabling local users to gain root privileges by triggering malformed kernel messages. Mandrake MDKSA-2000:050-1 describes a patched klogd version; Debian patch...
CVE-2000-1221
The CVE describes a vulnerability in the line printer daemon (lpd) in the lpr package across multiple Linux operating systems. The root cause is an authentication check that compares the reverse-resolved hostname of the local machine to the hostname returned by gethostname; remote attackers can b...
CVE-2003-0989
CVE-2003-0989 affects tcpdump prior to 3.8.1, allowing remote attackers to cause a denial of service via certain ISAKMP packets (infinite loop). The issue is cited alongside related CANs (2003-1029, 2004-0057) in Debian/OpenVAS advisories and multiple vendor notes, indicating a class of ISAKMP pa...
CVE-2000-0314
CVE-2000-0314 affects NetBSD 1.3.3 and Linux where traceroute with a large waittime (-w) is not parsed correctly, causing the time delay for sending packets to be zero. This can enable local users to flood other systems. The description covers the affected vectors and impact as stated; no explici...
CVE-2000-0633
Technical details for CVE-2000-0633 are not publicly available in the provided documents. The description notes a local reboot/halt issue in the Mandrake Linux usermode package, but no specifics on affected versions, root cause, or fixes are supplied. Monitor for updates.
CVE-2001-0117
CVE-2001-0117 concerns diffutils’ sdiff 2.7, where sdiff creates temporary files insecurely, enabling a local user to overwrite files via a symlink attack. The issue affects diffutils in affected distributions (e.g., Red Hat advisories note a temporary-file handling vulnerability in sdiff). Explo...
CVE-2002-0836
The CVE-2002-0836 issue affects the tetex family (notably dvips in tetex-bin) where the kpathsea/library code calls system() insecurely. This enables remote command execution via crafted DVI/print jobs, potentially involving fonts. See related advisories (Debian DSA-207-1, RHSA-2002:195, etc.) de...
CVE-2002-1160
The CVE-2002-1160 issue concerns the pam_xauth module, where the default configuration forwards MIT-Magic-Cookies to new X sessions. This can enable a local attacker to gain an administrator’s X session by stealing the cookie from a temporary .xauth file created after root uses su. Public sources...
CVE-1999-0706
The CVE-1999-0706 entry concerns the Linux xmonisdn package, where local users can gain root privileges by modifying environment variables IFS or PATH. The Red Hat and NVD records confirm the same description. Root access is achieved through manipulating search paths and IFS, enabling privilege e...
CVE-1999-0986
The CVE-1999-0986 entry concerns the Linux ping command (Linux 2.0.3x) where local users can cause a denial of service by sending oversized packets using the -R (record route) option. The available data identifies the affected component as the ping utility and the root cause as improper handling ...
CVE-2000-0229
The CVE-2000-0229 issue affects the gpm package, specifically gpm-root, which does not properly drop privileges. Local users can gain elevated group privileges by starting a utility from gpm-root, with the gpm-root running with root group privileges and a failed setgid behavior. Impact is local p...
CVE-2002-0004
CVE-2002-0004 describes a heap corruption vulnerability in the “at” utility caused by a double-free during execution time handling, enabling a local user to potentially execute arbitrary code. The issue is evidenced in multiple advisories (e.g., Debian DSA 102-1/102-2) noting that the remote host...
CVE-2004-1333
The CVE-2004-1333 entry describes an integer overflow in the vc_resize function of Linux kernel 2.4 and 2.6 before 2.6.10, which allows local users to trigger a kernel crash (DoS) via a short new screen value that leads to a buffer overflow. This is the only concrete detail provided in the initia...
CVE-1999-0297
The CVE-1999-0297 issue is a buffer overflow in the Vixie Cron library up to version 3.0, enabling local users to obtain root access via a long environmental variable. The vulnerability is caused by a buffer overflow in the library's handling of environment data. Impact is local privilege escalat...
CVE-1999-0434
The CVE-1999-0434 entry documents a vulnerability in the XFree86 xfs command where a symlink attack enables local users to create files in restricted directories, potentially leading to privilege escalation or a denial of service. Connected sources corroborate the issue as a symlink-based file cr...
CVE-1999-0769
CVE-1999-0769 affects Vixie Cron on Linux systems. The vulnerability allows local users to modify parameters of sendmail commands by manipulating the MAILTO environment variable, as described in multiple sources. Root cause is misuse of MAILTO by cron the environment passed to mail-related comman...
CVE-2000-0017
The CVE-2000-0017 entry describes a buffer overflow in the Linux linuxconf package that allows remote attackers to gain root privileges via a long parameter. This is supported by the NVD entry and corroborated by OpenVAS/PT-Security records referencing linuxconf and the same issue. The available ...
CVE-2000-0566
The CVE-2000-0566 issue concerns the makewhatis script in the Linux man package. The attached documents confirm a local-privilege escalation/vector: makewhatis creates files in /tmp with predictable names and can be exploited via symlink attacks to overwrite arbitrary files or gain elevated privi...
CVE-2001-0142
CVE-2001-0142 affects squid 2.3 and earlier. The issue is a local symlink/race condition that can cause local users to overwrite arbitrary files via temporary file handling in certain configurations. Impact is described as local privilege/content modification without remote access; CVSS reflects ...
CVE-2001-0690
CVE-2001-0690 describes a format-string vulnerability in Exim in batched SMTP mode that can let an unauthenticated remote attacker execute arbitrary code via format strings in SMTP headers. The entry specifies affected Exim versions: 3.22-10 (Red Hat), 3.12 (Debian), and 3.16 (Conectiva). Attack ...
CVE-2002-1155
CVE-2002-1155 describes a buffer overflow in KON kon2 (versions up to 0.3.9b) that allows a local user to execute arbitrary code via a long -Coding command line argument. The vulnerability affects the command line parsing in KON2 and can lead to root-privelege escalation. Public references includ...