High

DATE	CVE	VULNERABILITY TITLE	RISK
2001-06-27	CVE-2001-0458	Remote Buffer Overflow vulnerability in ePerl Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands. network low complexity ralf-s-engelschall debian mandrakesoft suse	7.5
2001-06-27	CVE-2001-0441	Buffer Overflow vulnerability in SLRN Long Header Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header. network low complexity debian mandrakesoft redhat	7.5
2001-05-03	CVE-2001-0279	Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges. local low complexity debian mandrakesoft	7.2
2001-03-12	CVE-2001-0128	Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. local low complexity redhat zope conectiva debian freebsd mandrakesoft	7.2
2001-01-09	CVE-2000-1134	Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. local low complexity immunix conectiva caldera hp mandrakesoft redhat suse	7.2
2001-01-09	CVE-2000-1095	modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters. local low complexity immunix conectiva mandrakesoft redhat suse	7.2
2000-12-11	CVE-2000-1059	Unspecified vulnerability in Mandrakesoft Mandrake Linux 7.0/7.1 The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges. local low complexity mandrakesoft	7.2
2000-11-14	CVE-2000-0867	Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. local low complexity debian mandrakesoft redhat slackware trustix	7.2
2000-07-03	CVE-2000-0566	makewhatis in Linux man package allows local users to overwrite files via a symlink attack. local low complexity caldera mandrakesoft redhat	7.2
2000-05-29	CVE-2000-0454	Unspecified vulnerability in Mandrakesoft Mandrake Linux 7.0 Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter. local low complexity mandrakesoft	7.2