Linux Security Vulnerabilities and Issues — Linux CVE List

Lucene search

RedhatLinux

12 matches found

CVE•added 2003/04/02 5:0 a.m.•68 views

CVE-2002-0062

Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."

7.2CVSS6.5AI score0.00203EPSS

CVE•added 2003/04/02 5:0 a.m.•62 views

CVE-2002-0638

setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utili...

6.2CVSS6.4AI score0.00085EPSS

CVE•added 2003/04/02 5:0 a.m.•50 views

CVE-2002-0506

Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt.

7.2CVSS8.2AI score0.00228EPSS

CVE•added 2003/04/02 5:0 a.m.•46 views

CVE-2001-1374

expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.

7.2CVSS6.6AI score0.00053EPSS

CVE•added 2003/04/02 5:0 a.m.•46 views

CVE-2001-1383

initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files.

6.2CVSS6.7AI score0.0005EPSS

CVE•added 2003/04/02 5:0 a.m.•43 views

CVE-2002-0068

Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.

7.5CVSS7.8AI score0.05561EPSS

CVE•added 2003/04/02 5:0 a.m.•42 views

CVE-2001-1375

tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory.

4.6CVSS7.2AI score0.00136EPSS

CVE•added 2003/04/02 5:0 a.m.•41 views

CVE-2001-1028

Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.

7.2CVSS7.2AI score0.0018EPSS

CVE•added 2003/04/02 5:0 a.m.•39 views

CVE-2002-0067

Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.

7.5CVSS6.7AI score0.00223EPSS

CVE•added 2003/04/02 5:0 a.m.•37 views

CVE-1999-1490

xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable.

7.2CVSS7.3AI score0.00133EPSS

CVE•added 2003/04/02 5:0 a.m.•37 views

CVE-2002-0069

Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service.

2.6CVSS6.6AI score0.01365EPSS

CVE•added 2003/04/11 4:0 a.m.•36 views

CVE-2003-0135

vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended.

7.5CVSS6.6AI score0.00527EPSS