Openlinux Eserver

DATE	CVE	VULNERABILITY TITLE	RISK
2001-12-21	CVE-2001-0869	Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands. network low complexity caldera redhat suse	7.5
2001-12-06	CVE-2001-0851	Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie. network low complexity caldera linux suse	5.0
2001-08-31	CVE-2000-1195	Security Bypass vulnerability in Openlinux Eserver telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option. network low complexity caldera	7.5
2001-03-26	CVE-2001-0181	Unspecified vulnerability in Caldera products Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands. network low complexity caldera critical	10.0
2001-03-12	CVE-2001-0139	inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. local high complexity caldera immunix debian mandrakesoft redhat	1.2
2001-01-09	CVE-2000-1134	Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. local low complexity immunix conectiva caldera hp mandrakesoft redhat suse	7.2
2000-12-19	CVE-2000-0917	Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands. network low complexity caldera redhat trustix critical	10.0
2000-11-14	CVE-2000-0844	Permissions, Privileges, and Access Controls vulnerability in multiple products Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. network low complexity caldera immunix conectiva sgi debian ibm mandrakesoft redhat slackware sun suse trustix turbolinux CWE-264 critical	10.0
2000-07-04	CVE-2000-0594	BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters. network low complexity caldera freebsd mandrakesoft	5.0