VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Conectiva
>
Linux
> 4.0es
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2001-07-02
CVE-2001-0440
Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.
network
low complexity
licq
conectiva
mandrakesoft
7.5
7.5
2001-07-02
CVE-2001-0439
licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
network
low complexity
licq
conectiva
freebsd
mandrakesoft
redhat
7.5
7.5
2001-03-26
CVE-2001-0170
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
local
low complexity
immunix
conectiva
debian
redhat
2.1
2.1
2001-01-09
CVE-2000-1134
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
local
low complexity
immunix
conectiva
caldera
hp
mandrakesoft
redhat
suse
7.2
7.2
2000-11-14
CVE-2000-0844
Permissions, Privileges, and Access Controls vulnerability in multiple products
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
network
low complexity
caldera
immunix
conectiva
sgi
debian
ibm
mandrakesoft
redhat
slackware
sun
suse
trustix
turbolinux
CWE-264
critical
10.0
10
2000-07-27
CVE-2000-0668
pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.
network
low complexity
michael-k-johnson
conectiva
redhat
5.0
5.0
2000-07-27
CVE-2000-0667
Unspecified vulnerability in Conectiva Linux
Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service.
local
low complexity
conectiva
3.6
3.6
2000-07-18
CVE-2000-0633
Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.
local
low complexity
conectiva
mandrakesoft
redhat
2.1
2.1
2000-07-16
CVE-2000-0666
Remote Format String vulnerability in Multiple Linux Vendor rpc.statd
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
network
low complexity
conectiva
debian
redhat
suse
trustix
critical
10.0
10