Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatLinux

229 matches found

CVE
CVEadded 2000/05/24 4:0 a.m.38 views

CVE-2000-0357

ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.

7.5CVSS6.9AI score0.00432EPSS
CVE
CVEadded 2001/05/07 4:0 a.m.38 views

CVE-2001-0143

vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.

1.2CVSS6.4AI score0.00068EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.38 views

CVE-2001-0859

2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions.

5CVSS6.8AI score0.00471EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.38 views

CVE-2002-0044

GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.

3.6CVSS6.3AI score0.00141EPSS
CVE
CVEadded 2004/09/01 4:0 a.m.38 views

CVE-2003-0019

uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.

7.2CVSS6.3AI score0.0021EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.37 views

CVE-1999-1407

ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file.

2.1CVSS7.1AI score0.00137EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.37 views

CVE-1999-1490

xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable.

7.2CVSS7.3AI score0.00133EPSS
CVE
CVEadded 2000/06/02 4:0 a.m.37 views

CVE-2000-0230

Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.

7.2CVSS7.2AI score0.00117EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.37 views

CVE-2001-0787

LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges.

4.6CVSS6.7AI score0.00116EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.37 views

CVE-2002-0069

Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service.

2.6CVSS6.6AI score0.01365EPSS
CVE
CVEadded 2003/06/09 4:0 a.m.37 views

CVE-2003-0188

lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.

7.2CVSS6.8AI score0.0006EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.36 views

CVE-1999-1328

linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.

7.2CVSS7AI score0.00061EPSS
CVE
CVEadded 2000/12/11 5:0 a.m.36 views

CVE-2000-1009

dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.

7.2CVSS6.2AI score0.00133EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.36 views

CVE-2001-0889

Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.

7.5CVSS7.4AI score0.01007EPSS
CVE
CVEadded 2003/04/11 4:0 a.m.36 views

CVE-2003-0135

vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended.

7.5CVSS6.6AI score0.00527EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.35 views

CVE-1999-0748

Buffer overflows in Red Hat net-tools package.

7.5CVSS7AI score0.00518EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.35 views

CVE-1999-1048

Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory.

4.6CVSS7.8AI score0.00087EPSS
CVE
CVEadded 2001/09/12 4:0 a.m.35 views

CVE-1999-1095

sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.

7.2CVSS7.2AI score0.00064EPSS
CVE
CVEadded 2001/01/22 5:0 a.m.35 views

CVE-2000-1010

Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.

10CVSS7.6AI score0.02323EPSS
CVE
CVEadded 2001/01/22 5:0 a.m.35 views

CVE-2000-1189

Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges.

7.2CVSS7.5AI score0.0005EPSS
CVE
CVEadded 2001/06/27 4:0 a.m.35 views

CVE-2001-0496

kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.

4.6CVSS6.8AI score0.00067EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.34 views

CVE-1999-1542

RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.

10CVSS7.6AI score0.02323EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.34 views

CVE-2000-0322

The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters.

10CVSS7.2AI score0.77767EPSS
CVE
CVEadded 2001/01/22 5:0 a.m.34 views

CVE-2000-0934

Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack.

7.2CVSS6.8AI score0.0005EPSS
CVE
CVEadded 2002/03/09 5:0 a.m.33 views

CVE-1999-1335

snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.

6.4CVSS6.9AI score0.00515EPSS
CVE
CVEadded 2000/05/24 4:0 a.m.33 views

CVE-2000-0365

Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices.

4.6CVSS6.7AI score0.00073EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.33 views

CVE-2001-0869

Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.

7.5CVSS7.4AI score0.02385EPSS
CVE
CVEadded 2003/06/16 4:0 a.m.33 views

CVE-2003-0354

Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job.

7.5CVSS7.2AI score0.00825EPSS
CVE
CVEadded 2001/09/12 4:0 a.m.30 views

CVE-1999-1406

dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel.

2.1CVSS7AI score0.00081EPSS
Total number of security vulnerabilities229