Vulnerabilities > Conectiva

DATE CVE VULNERABILITY TITLE RISK
2001-01-09 CVE-2000-1134 Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. 7.2
2001-01-09 CVE-2000-1095 modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
local
low complexity
immunix conectiva mandrakesoft redhat suse
7.2
2000-11-14 CVE-2000-0844 Permissions, Privileges, and Access Controls vulnerability in multiple products
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
10.0
2000-10-20 CVE-2000-0747 Unspecified vulnerability in Conectiva Linux 4.1/4.2/5.0
The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it.
network
low complexity
conectiva
critical
10.0
2000-10-20 CVE-2000-0715 Link Following vulnerability in multiple products
DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file.
local
low complexity
kirk-bauer conectiva CWE-59
2.1
2000-07-27 CVE-2000-0668 pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.
network
low complexity
michael-k-johnson conectiva redhat
5.0
2000-07-27 CVE-2000-0667 Unspecified vulnerability in Conectiva Linux
Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service.
local
low complexity
conectiva
3.6
2000-07-18 CVE-2000-0633 Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.
local
low complexity
conectiva mandrakesoft redhat
2.1
2000-07-16 CVE-2000-0666 Remote Format String vulnerability in Multiple Linux Vendor rpc.statd
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
network
low complexity
conectiva debian redhat suse trustix
critical
10.0