| 2002-03-15 | CVE-2002-0080 | Improper Privilege Management vulnerability in multiple products
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. | 2.1 |
| 2002-03-08 | CVE-2002-0069 | Denial of Service vulnerability in Squid Cache SNMP
Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service. | 2.6 |
| 2002-03-08 | CVE-2002-0068 | Buffer Overflow vulnerability in Squid Cache FTP Proxy URL
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters. | 7.5 |
| 2002-03-08 | CVE-2002-0067 | Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. | 7.5 |
| 2002-02-27 | CVE-2002-0004 | Heap Overflow vulnerability in AT Maliciously Formatted Time
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | 7.2 |
| 2002-01-31 | CVE-2002-0045 | slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs. | 7.5 |
| 2002-01-31 | CVE-2002-0044 | GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files. | 3.6 |
| 2001-12-21 | CVE-2001-0886 | Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. | 4.6 |
| 2001-12-21 | CVE-2001-0872 | OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. | 7.2 |
| 2001-12-06 | CVE-2001-0859 | Unspecified vulnerability in Redhat Linux 7.1
2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions. | 5.0 |