Vulnerabilities > Redhat > Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-03-03 | CVE-2002-1509 | Unspecified vulnerability in Redhat Linux 7.2/7.3/8.0 A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email. | 3.6 |
| 2003-02-19 | CVE-2003-0019 | Unspecified vulnerability in Redhat Linux 8.0 uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. | 7.2 |
| 2003-02-19 | CVE-2002-1160 | Unspecified vulnerability in Redhat Linux The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's credentials after root uses su. | 7.2 |
| 2002-12-31 | CVE-2002-2185 | Denial Of Service vulnerability in Multiple Vendor Spoofed IGMP Report The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. | 4.9 |
| 2002-12-31 | CVE-2002-1814 | Buffer Overflow vulnerability in Bonobo EFSTool Commandline Argument Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments. | 4.6 |
| 2002-11-04 | CVE-2002-1232 | Remote Network Information Leakage vulnerability in YPServ Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist. | 5.0 |
| 2002-10-28 | CVE-2002-0836 | dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. | 7.5 |
| 2002-08-12 | CVE-2002-0638 | setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. | 6.2 |
| 2002-08-12 | CVE-2002-0506 | Buffer Overflow vulnerability in LibNewt Library Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt. | 7.2 |
| 2002-08-12 | CVE-2000-1208 | Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | 7.2 |