CVE-2001-0554

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

CVE-2001-0797

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

CVE-1999-0003

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).

CVE-1999-0165

NFS cache poisoning.

CVE-2000-0844

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

CVE-1999-0022

Local user gains root privileges via buffer overflow in rdist, via expstr() function.

CVE-1999-0055

Buffer overflows in Sun libnsl allow root access.

CVE-2000-0471

Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.

CVE-1999-0674

The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.

CVE-1999-0132

Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access.

CVE-1999-0369

The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access.

CVE-1999-0303

Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames.

CVE-1999-0339

Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access.

CVE-2000-0118

The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.