Lucene search
+L

182 matches found

CVE
CVE
added 2002/03/09 5:0 a.m.6416 views

CVE-2001-0554

CVE-2001-0554 affects netkit-telnetd (Telnet daemon) on BSD-based systems, via a buffer overflow in in.telnetd/telrcv handling (triggered by certain Telnet options such as AYT). OpenVAS entries describe a remote attacker potentially causing denial of service or gaining remote code execution; at l...

10CVSS7.4AI score0.37896EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.732 views

CVE-1999-0524

CVE-1999-0524 is an ICMP information-disclosure vulnerability where ICMP replies reveal (1) netmask and (2) timestamp to arbitrary hosts. Connected reports link it to multiple products (e.g., Nutanix AHV advisories NXSA‑AHV series and ABB M2M Gateway plugin) and describe the issue as an informati...

4CVSS6.5AI score0.31586EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.220 views

CVE-2001-0797

CVE-2001-0797 is a buffer overflow in the System V–derived /bin/login (affecting login/telnetd implementations such as TTYPROMPT) triggered by a large number of arguments, enabling remote arbitrary-command execution. The vulnerability affects various System V based OSes and can be exploited via s...

10CVSS7.4AI score0.88836EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.182 views

CVE-1999-0038

CVE-1999-0038 describes a buffer overflow in the xlock program that allows local users to execute commands as root. The connected sources (Red Hat CVE entry, PT Security listing, and multiple feeds) corroborate a local-privilege escalation due to a buffer overflow in xlock, but the documents do n...

8.4CVSS7.9AI score0.01322EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.136 views

CVE-1999-0003

CVE-1999-0003: A buffer overflow in the ToolTalk database server (rpc.ttdbserverd) may allow an attacker to execute arbitrary commands as root. Affected component is ToolTalk’s object database server; exploitation would require access to the vulnerable service. In the provided references, the imp...

10CVSS7.5AI score0.2438EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.125 views

CVE-1999-0028

CVE-1999-0028: Local privilege escalation on SGI IRIX via a buffer overflow in /usr/lib/iaf/scheme (login) affecting IRIX 6.5.x up to 6.5.20. Exploitation reportedly requires certain environment variables and a local account to gain root privileges; the advisory notes it is not the same issue as ...

7.2CVSS7.4AI score0.00438EPSS
CVE
CVE
added 2003/03/21 5:0 a.m.114 views

CVE-2003-0028

Technical details about CVE-2003-0028 are not present in the provided documents. The connected sources reference the CVE in Debian/OpenVAS advisories but do not specify affected products, root cause, versions, impact, or fixes.

7.5CVSS9.8AI score0.15031EPSS
CVE
CVE
added 2003/09/18 4:0 a.m.114 views

CVE-2003-0694

CVE-2003-0694 affects Sendmail 8.12.9, where the prescan function (parsing SMTP headers in parseaddr.c) can be exploited remotely via a buffer overflow to execute arbitrary code. Debian DSA-384 also references CAN-2003-0694 in its two vulnerabilities entry. The available documents confirm affecte...

10CVSS7.7AI score0.60185EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.104 views

CVE-2002-1317

The CVE-2002-1317 flaw affects the Solaris X Window Font Server (XFS) daemon fs.auto, where the Dispatch() function handles XFS queries. This remotely exploitable buffer overflow can allow an attacker to crash the service or execute arbitrary code with the fs.auto/Font Server privileges (typicall...

7.5CVSS8AI score0.24029EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.103 views

CVE-2000-0844

The connected records confirm CVE-2000-0844 affects Unix locale subsystem functions that fail to cleanse user-supplied format strings, enabling local attackers to execute arbitrary commands through gettext, catopen, and related calls. The root cause is improper sanitization of format strings in l...

10CVSS7.7AI score0.15349EPSS
CVE
CVE
added 2005/11/16 9:17 p.m.103 views

CVE-2002-2185

The CVE-2002-2185 issue concerns a flaw in IGMP processing in the Linux kernel that could let a local attacker cause a denial of service by sending an IGMP membership report addressed to a target’s Ethernet address rather than the multicast group address. Public advisories (e.g., RHSA-2006:0101 a...

4.9CVSS4.5AI score0.02493EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.101 views

CVE-1999-0019

Technical details about CVE-1999-0019 are not publicly available in the provided documents. Monitor for official advisories for affected products, impact, and remediation.

5CVSS7.3AI score0.0164EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.98 views

CVE-1999-0009

Summary of CVE-1999-0009 from connected documents : The issue is an inverse query buffer overflow in BIND releases 4.9 and 8. The Red Hat entry mirrors the description: the vulnerability is an inverse query buffer overflow in BIND 4.9 and 8 releases. Tenable/Nessus references indicate this is a r...

10CVSS7.3AI score0.29013EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.93 views

CVE-1999-0078

CVE-1999-0078 affects pcnfsd (rpc.pcnfsd). The vulnerability allows local users to change file permissions or execute arbitrary commands via arguments in the RPC call. Practical impact is limited to local-privilege abuse as described in multiple sources, with no public fixes reported in the docum...

1.9CVSS7.3AI score0.00923EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.90 views

CVE-1999-0039

CVE-1999-0039 refers to the SGI IRIX webdist CGI (webdist.cgi). The vulnerability allows remote attackers to execute arbitrary commands by supplying shell metacharacters in the distloc parameter via the CGI, resulting in arbitrary command execution with the web server user privileges. Multiple so...

7.5CVSS7.9AI score0.16209EPSS
CVE
CVE
added 2002/03/30 5:0 a.m.90 views

CVE-2002-0039

CVE-2002-0039 affects SGI IRIX 6.5 (and older) where rpcbind is vulnerable to remote DoS via malformed RPC packets with invalid lengths, causing a crash. The issue is in the rpcbind/portmap handling and can be triggered remotely without local credentials. SGI released patches and fixes in IRIX 6....

5CVSS6.8AI score0.01272EPSS
CVE
CVE
added 2002/07/01 4:0 a.m.89 views

CVE-2002-0652

CVE-2002-0652 affects xfsmd for IRIX 6.5 through 6.5.16. The vulnerability allows remote attackers to execute arbitrary code by supplying shell metacharacters that are not properly filtered in multiple calls to popen(), e.g., through export_fs(). The description and connected records confirm the ...

7.5CVSS8.2AI score0.09148EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.86 views

CVE-1999-0018

CVE-1999-0018 describes a buffer overflow in statd that permits root privileges . The vulnerability is consistently reported across Red Hat, CVE, NVD sources, describing the same impact. The provided documents do not specify affected OS versions, product families, or exact vulnerable components b...

10CVSS7.7AI score0.10483EPSS
CVE
CVE
added 2002/07/12 4:0 a.m.86 views

CVE-2002-0677

The CVE-2002-0677 entry affects the CDE ToolTalk RPC database server (rpc.ttdbserverd). The OpenVAS/Core/CORE documentation confirms the vulnerability: an attacker can exploit improper range checking on the AUTH_UNIX file descriptor argument passed to _TT_ISCLOSE, using it as an index into a 128-...

7.5CVSS6.8AI score0.06574EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.84 views

CVE-1999-0022

CVE-1999-0022 is supported by connected records indicating a local privilege escalation in rdist through a buffer overflow in the expstr() function, enabling a local user to gain root privileges. The affected software is rdist and the vulnerable component is the expstr() function. The provided ma...

7.8CVSS7.4AI score0.00495EPSS
CVE
CVE
added 2000/01/18 5:0 a.m.84 views

CVE-1999-0270

The CVE-1999-0270 issue affects SGI’s Performer API Search Tool (performer_tools) through the pfdispaly.cgi (pfdisplay) CGI on IRIX. It is a directory traversal vulnerability that allows remote attackers to read arbitrary files, due to a path traversal flaw in pfdispaly.cgi. The documented impact...

5CVSS9.3AI score0.32355EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.81 views

CVE-1999-0208

Summary of CVE-1999-0208 : The vulnerability affects Sun Solaris Network Information Service (NIS) service rpc.ypupdated. A command-injection flaw exists in rpc.ypupdated that occurs when processing RPC requests with an Update command whose map name contains invalid characters. This can allow a r...

10CVSS7.1AI score0.12856EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.80 views

CVE-1999-0149

CVE-1999-0149 affects the IRIX “wrap” CGI program. The vulnerability allows remote attackers to perform a directory-listing traversal via a .. (dot dot) attack, exposing arbitrary directories. Multiple sources (Red Hat advisory, CVE records, NVD, Nessus plugin) corroborate that the issue stems fr...

7.5CVSS7AI score0.02748EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.80 views

CVE-2002-1318

CVE-2002-1318 affects Samba 2.2.2 through 2.2.6. The vulnerability is a buffer overflow in the nttrans path during handling of encrypted password change requests, triggered when a DOS codepage string is converted to a little-endian UCS2 Unicode string. This can lead to denial of service and may a...

10CVSS7.9AI score0.51914EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.79 views

CVE-1999-0025

The vulnerability CVE-1999-0025 affects SGI IRIX df: a buffer/stack overflow caused by insufficient bounds checking on directory or block-device arguments allows a non-privileged process to trigger code execution with root privileges because df is setuid root. CERT/Red Hat ENISA notes describe lo...

7.2CVSS7.5AI score0.12261EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.79 views

CVE-2002-1265

CVE-2002-1265 is evidenced in HP-UX RPC-related DoS advisories; OpenVAS/Nessus entries (PHNE_30091/30092/30093/30094, and PHKL_31500) reference CVE-2002-1265 as the RPC/HP-UX RPC DoS issue. Patches exist (HPSBUX01020 SSRT2384, etc.; PHKL_31500 consolidates fixes) addressing remote DoS via HP-UX R...

5CVSS6.2AI score0.02502EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.78 views

CVE-1999-0241

The provided connected documents confirm CVE-1999-0241 affects X Windows (X11) with a vulnerability in the authentication cookies: guessable magic cookies allow remote attackers to execute commands (e.g., via xterm). Root cause is guessable, enabling remote command execution with no authenticatio...

10CVSS7.9AI score0.04223EPSS
CVE
CVE
added 2001/05/24 4:0 a.m.78 views

CVE-2001-0247

CVE-2001-0247 describes buffer overflow vulnerabilities in BSD-based FTP daemon globbing implementations. Specifically, four BSD glob routines (g_opendir, g_lstat, g_stat, and the glob0 buffer used by glob2/glob3) can overflow when processing long patterns containing a {} sequence, potentially al...

10CVSS7.7AI score0.19318EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.76 views

CVE-1999-0234

The CVE-1999-0234 issue involves Bash treating any byte with value 0xFF as a command separator, per the CVE record and related entries (Red Hat, CVE list, EUVD, PT-1996-1035). These connected documents confirm the underlying root cause (parsing of 0xFF) but do not specify exact affected Bash vers...

4.6CVSS7.5AI score0.004EPSS
CVE
CVE
added 2005/04/21 4:0 a.m.76 views

CVE-2001-1456

The CVE-2001-1456 issue concerns Gauntlet Firewall versions 5.0–6.0, where a buffer overflow in the (1) smap/smapd and (2) CSMAP daemons allows remote attackers to execute arbitrary code via a crafted mail message. The root cause is a buffer overflow in the handling of mail content by these daemo...

7.5CVSS8.3AI score0.05652EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.75 views

CVE-1999-0125

CVE-1999-0125 describes a local buffer overflow in the SGI IRIX mailx program. The vulnerability affects the mailx component of SGI IRIX; the root cause is a buffer overflow that can impact confidentiality, integrity and availability (partial impacts) when an attacker with local access and no aut...

4.6CVSS7.7AI score0.01146EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.75 views

CVE-2002-0678

CVE-2002-0678 relates to the CDE ToolTalk RPC database server (rpc.ttdbserverd). The OpenVAS/CERT CORE disclosures describe two vulnerabilities: (1) _TT_ISCLOSE range-check flaw permitting memory overwriting of the process when a local or remote client calls _TT_ISCLOSE; (2) _TT_TRANSACTION/log_f...

7.2CVSS6.2AI score0.09418EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.74 views

CVE-2002-1323

CVE-2002-1323 concerns Safe.pm (versions <= 2.0.7) used with Perl

4.6CVSS6.2AI score0.00462EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.73 views

CVE-1999-0059

Consolidated data shows CVE-1999-0059 affects the IRIX fam service, enabling an attacker to obtain a list of all files on the server. The vulnerability details specify this behavior but do not provide concrete root-cause code or patch information. The PT-1997-1032 entry notes that there is no inf...

7.3CVSS7.2AI score0.016EPSS
CVE
CVE
added 2005/04/21 4:0 a.m.73 views

CVE-2000-1221

The CVE describes a vulnerability in the line printer daemon (lpd) in the lpr package across multiple Linux operating systems. The root cause is an authentication check that compares the reverse-resolved hostname of the local machine to the hostname returned by gethostname; remote attackers can b...

10CVSS6.7AI score0.16727EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.72 views

CVE-1999-0027

CVE-1999-0027 affects SGI IRIX via a buffer overflow in the eject command that grants root privileges. The Red Hat and CVE listings confirm the same description; PT-1997-1011 notes affected SGI IRIX with no fix details available. The EUVD entry mentions Malware in sbrugna, not a direct technical ...

7.2CVSS8.1AI score0.01168EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.72 views

CVE-1999-0029

CVE-1999-0029 describes a buffer overflow in the ordist command on SGI IRIX systems that can grant root privileges. The connected records corroborate: ordist buffer overflow is the root cause, affecting SGI IRIX environments, with privilege escalation to root (local, low complexity). The provided...

8.4CVSS8.1AI score0.01246EPSS
CVE
CVE
added 1999/09/29 8:0 a.m.72 views

CVE-1999-0073

CVE-1999-0073 describes a vulnerability where a remote Telnet client can specify environment variables, including LD_LIBRARY_PATH, allowing an attacker to bypass normal system libraries and gain root access. The connected Red Hat, CVE, EUVD, and CVE list entries corroborate this description. The ...

10CVSS7.7AI score0.03113EPSS
CVE
CVE
added 2004/06/23 4:0 a.m.72 views

CVE-2004-0136

The CVE-2004-0136 issue affects IRIX 6.5.20–6.5.24 via the mapelf32exec system call, enabling a local attacker to trigger a denial-of-service (system crash) by processing a malformed binary. SGI’s Security Advisory 20040601-01-P notes this as CAN-2004-0136 and provides fixes: upgrade to IRIX 6.5....

2.1CVSS6AI score0.00355EPSS
CVE
CVE
added 2010/05/20 5:0 p.m.71 views

CVE-2010-1039

CVE-2010-1039 describes a remote code execution risk due to an integer overflow in rpc.pcnfsd (PC-NFS daemon) across multiple OSes: IBM AIX 6.1/5.3 and earlier; VIOS 2.1/1.5 and earlier; HP-UX B.11.11/11.23/11.31; SGI IRIX 6.5. The flaw is triggered by parsing crafted RPC requests containing form...

10CVSS7.4AI score0.20173EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.70 views

CVE-1999-0026

CVE-1999-0026 affects SGI IRIX via a buffer overflow in the pset command that can grant root privileges. Affected software is IRIX; root access via local exploitation is implied, but the connected documents do not provide concrete details on vulnerable versions, specific exploit steps, or a confi...

4.6CVSS8.1AI score0.00906EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.70 views

CVE-1999-1102

The CVE-1999-1102 entry concerns lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1 and other BSD-based systems. The vulnerability arises from a symlink-related attack in lpr that enables local users to create or overwrite arbitrary files after the program is invoked 1000 times. Root cause is a symlink hand...

2.1CVSS6.8AI score0.00436EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.70 views

CVE-2002-0875

The CVE-2002-0875 issue affects FAM (File Alteration Monitor) versions around 2.6.6 and 2.6.8, where an unprivileged user could learn the names of files restricted to the root group, constituting an information-disclosure flaw. Public advisories (e.g., Debian DSA-154, Red Hat RHSA-2005:005) descr...

2.1CVSS6.2AI score0.00963EPSS
CVE
CVE
added 2007/09/18 7:0 p.m.70 views

CVE-2007-4938

MPlayer up to 1.0rc1 (and earlier) is affected by a vulnerability where remote attackers can trigger a denial of service (SIGSEGV and application crash) by supplying malformed multimedia files. The confirmed vectors include malformed MP3, Ogg Vorbis, MPEG-1/2, AVI, FLAC, Ogg Theora, WMV, and AAC ...

7.6CVSS8.1AI score0.16048EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.69 views

CVE-1999-0032

Buffer overflow in lpr used on BSD-based systems including Linux allows local users to execute arbitrary code as root via a long -C option. Root cause: overflow in handling the -C classification argument. Impact: local code execution with root privileges. No remediation details are provided in th...

7.2CVSS7.7AI score0.01EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.69 views

CVE-1999-0040

CVE-1999-0040 affects the X Windowing System’s Xt library. The vulnerability is a buffer overflow in Xt that allows local users to execute commands with root privileges. Public details in connected sources confirm the affected component as Xt within X Windowing System, and the impact is local pri...

7.2CVSS7.9AI score0.01228EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.69 views

CVE-1999-0413

CVE-1999-0413 describes a buffer overflow in the SGI X server that enables a local user to gain root privileges via the X server font path. The Red Hat and CVE records corroborate the same core issue: a local-exploit path that could lead to full compromise on affected systems running SGI X server...

7.2CVSS7.4AI score0.00346EPSS
CVE
CVE
added 2003/08/18 4:0 a.m.69 views

CVE-2003-0574

CVE-2003-0574 relates to a System V /bin/login vulnerability (CVE-2001-0797) manifested as a buffer overflow via a large number of environment variables/arguments, enabling potential privilege escalation. Connected entries describe Solaris/SPARC telnet/rlogin vectors and several exploits (e.g., T...

7.2CVSS6.4AI score0.00345EPSS
CVE
CVE
added 2005/10/11 4:0 a.m.69 views

CVE-2005-2925

The CVE-2005-2925 issue concerns SGI IRIX’s runpriv, a setuid-root helper in /usr/sysadm/privbin. The vulnerability arises from a design flaw that permits local attackers to execute arbitrary commands by injecting shell metacharacters into a command line that is otherwise allowed, enabling root p...

7.2CVSS7.3AI score0.00827EPSS
CVE
CVE
added 2000/04/10 4:0 a.m.68 views

CVE-2000-0207

CVE-2000-0207 affects SGI InfoSearch Infosrch.cgi where the fname parameter fails to sanitize input, enabling remote arbitrary command execution via shell metacharacters. This is a remote web-server issue likely yielding command execution under the web server user. Nessus notes describe the flaw ...

7.5CVSS7.3AI score0.07655EPSS
Total number of security vulnerabilities182