Vulnerabilities > GNU
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2001-07-12 | CVE-2001-1267 | Unspecified vulnerability in GNU TAR Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. | 2.1 |
2001-05-03 | CVE-2001-0290 | Local Security vulnerability in Mailman Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords. | 4.6 |
2001-02-12 | CVE-2001-0072 | Unspecified vulnerability in GNU Privacy Guard gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust. | 5.0 |
2001-02-12 | CVE-2001-0071 | Unspecified vulnerability in GNU Privacy Guard gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection. | 2.1 |
2001-01-09 | CVE-2000-1137 | Unspecified vulnerability in GNU ED GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. | 4.6 |
2000-12-19 | CVE-2000-0974 | Unspecified vulnerability in GNU Privacy Guard GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection. | 7.5 |
2000-12-19 | CVE-2000-0959 | Unspecified vulnerability in GNU Glibc 2.1.3.10 glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack. | 1.2 |
2000-12-19 | CVE-2000-0947 | Unspecified vulnerability in GNU Cfengine 1.5/1.5.34/1.6 Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command. | 10.0 |
2000-12-19 | CVE-2000-0803 | Unspecified vulnerability in GNU Groff GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff. | 10.0 |
2000-11-14 | CVE-2000-0861 | Unspecified vulnerability in GNU Mailman 1.1 Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion. | 7.2 |