| 2001-12-21 | CVE-2001-0872 | OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. | 7.2 |
| 2001-12-06 | CVE-2001-0816 | Unspecified vulnerability in Openbsd Openssh
OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands. | 7.5 |
| 2001-10-18 | CVE-2001-1380 | Unspecified vulnerability in Openbsd Openssh
OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the ~/.ssh/authorized_keys2 file, may not properly handle the "from" option associated with a key, which could allow remote attackers to login from unauthorized IP addresses. | 7.5 |
| 2001-10-03 | CVE-2001-0670 | Buffer Overflow vulnerability in Multiple BSD Vendor lpd
Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue. | 7.5 |
| 2001-08-22 | CVE-2001-0572 | The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands. | 7.5 |
| 2001-08-14 | CVE-2001-0529 | Symbolic Link vulnerability in OpenSSH Client X11 Forwarding Cookie Removal File
OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a local attacker to delete any file named 'cookies' via a symlink attack. | 7.2 |
| 2001-06-19 | CVE-2001-1459 | Unspecified vulnerability in Openbsd Openssh
OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d. | 7.5 |
| 2001-06-18 | CVE-2001-0402 | IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port. | 7.5 |
| 2001-05-03 | CVE-2001-0268 | The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. | 7.2 |
| 2001-03-12 | CVE-2000-0312 | Unspecified vulnerability in Openbsd 2.5
cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function. | 7.2 |