| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable. |
| Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable. |
| Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths. |
| Red Hat pump DHCP client allows remote attackers to gain root access in some configurations. |
| ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. |
| Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file. |
| Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals. |
| Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. |
| Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. |
| Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. |
| Bash treats any character with a value of 255 as a command separator. |
| Buffer overflow in Dosemu Slang library in Linux. |
| A buffer overflow in lsof allows local users to obtain root privilege. |
| XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. |
| Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. |
| rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter. |
| rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file. |
| The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf. |
| netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface. |
