Vulnerabilities > GNU

DATE CVE VULNERABILITY TITLE RISK
2001-07-12 CVE-2001-1267 Unspecified vulnerability in GNU TAR
Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a ..
local
low complexity
gnu
2.1
2001-05-03 CVE-2001-0290 Local Security vulnerability in Mailman
Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords.
local
low complexity
gnu
4.6
2001-02-12 CVE-2001-0072 Unspecified vulnerability in GNU Privacy Guard
gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust.
network
low complexity
gnu
5.0
2001-02-12 CVE-2001-0071 Unspecified vulnerability in GNU Privacy Guard
gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection.
local
low complexity
gnu
2.1
2001-01-09 CVE-2000-1137 Unspecified vulnerability in GNU ED
GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.
local
low complexity
gnu
4.6
2000-12-19 CVE-2000-0974 Unspecified vulnerability in GNU Privacy Guard
GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection.
network
low complexity
gnu
7.5
2000-12-19 CVE-2000-0959 Unspecified vulnerability in GNU Glibc 2.1.3.10
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.
local
high complexity
gnu
1.2
2000-12-19 CVE-2000-0947 Unspecified vulnerability in GNU Cfengine 1.5/1.5.34/1.6
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.
network
low complexity
gnu
critical
10.0
2000-12-19 CVE-2000-0803 Unspecified vulnerability in GNU Groff
GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.
network
low complexity
gnu
critical
10.0
2000-11-14 CVE-2000-0861 Unspecified vulnerability in GNU Mailman 1.1
Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion.
local
low complexity
gnu
7.2