| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries. |
| ping in Solaris 2.3 through 2.6 allows local users to cause a denial of service (crash) via a ping request to a multicast address through the loopback interface, e.g. via ping -i. |
| The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users. |
| Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges. |
| The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage. |
| Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. |
| test-cgi program allows an attacker to list files on the server. |
| Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. |
| HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging. |
| finger allows recursive searches by using a long string of @ symbols. |
| Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow attackers to cause a denial of service and possibly execute arbitrary commands by executing WindowMaker with a long program name (argv[0]). |
| Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters. |
| RIP v1 is susceptible to spoofing. |
| Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 14238 while the manager is in network mode. |
| Buffer overflow in AIX dtterm program for the CDE. |
| Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smurf" style attack on another host, by spoofing the connection request. |
| Buffer overflow in AIX lchangelv gives root access. |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. |
| fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access. |
| The ghostscript command with the -dSAFER option allows remote attackers to execute commands. |
