Download
| Alert*
CVE-1999-0704
Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others. CVE-1999-0769 Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. CVE-1999-0706 Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables. CVE-1999-0872 Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file. CVE-1999-0002 Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems. CVE-1999-0368 Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. CVE-1999-0434 XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. CVE-1999-0433 XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. CVE-1999-0192 Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. CVE-1999-0390 Buffer overflow in Dosemu Slang library in Linux. CVE-2000-0118 The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. CVE-2000-0844 Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. CVE-1999-1328 linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack. CVE-1999-1329 Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges. CVE-1999-1406 dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel. CVE-1999-1327 Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable. CVE-2000-0186 Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument. CVE-2000-0170 Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable. CVE-2000-1010 Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters. CVE-2000-1220 The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file. CVE-1999-1490 xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable. CVE-2000-0607 Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings. CVE-2000-0606 Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter. CVE-2001-1028 Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges. |