Vulnerabilities > Redhat > Linux > High

DATE CVE VULNERABILITY TITLE RISK
2002-03-08 CVE-2002-0067 Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.
network
low complexity
squid redhat
7.5
2002-02-27 CVE-2002-0004 Heap Overflow vulnerability in AT Maliciously Formatted Time
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
7.2
2002-01-31 CVE-2002-0045 slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs.
network
low complexity
openldap redhat
7.5
2002-01-31 CVE-2002-0002 Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
network
low complexity
stunnel engardelinux mandrakesoft redhat
7.5
2001-12-21 CVE-2001-0872 OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
local
low complexity
openbsd redhat suse
7.2
2001-12-21 CVE-2001-0869 Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.
network
low complexity
caldera redhat suse
7.5
2001-12-19 CVE-2001-0889 Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.
network
low complexity
university-of-cambridge redhat
7.5
2001-09-20 CVE-2001-0690 Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers. 7.5
2001-08-31 CVE-2001-1002 Remote Command Execution vulnerability in Redhat Linux 6.2/7.0/7.1
The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands.
network
low complexity
redhat
7.5
2001-07-19 CVE-2001-1374 expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.
local
low complexity
don-libes conectiva redhat
7.2