Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2001-12-31 CVE-2001-1559 NULL Pointer Dereference vulnerability in Openbsd 2.9/3.0
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.
local
low complexity
openbsd CWE-476
5.5
2001-12-31 CVE-2001-1494 Link Following vulnerability in multiple products
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
local
low complexity
kernel avaya CWE-59
5.5
2001-08-31 CVE-2000-1198 Improper Locking vulnerability in Qualcomm Qpopper 2.53/3.0
qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes.
local
low complexity
qualcomm CWE-667
5.5
2001-08-29 CVE-2001-0682 Improper Locking vulnerability in multiple products
ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting.
local
low complexity
zonelabs checkpoint CWE-667
5.5
2001-04-17 CVE-2001-1391 Off-by-one Error vulnerability in Linux Kernel
Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory.
local
low complexity
linux CWE-193
5.5
2001-01-09 CVE-2000-1178 Link Following vulnerability in Joseph Allen JOE 2.8
Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes.
local
low complexity
joseph-allen CWE-59
5.5
2000-12-19 CVE-2000-0972 Link Following vulnerability in HP Hp-Ux 11.00
HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates.
local
low complexity
hp CWE-59
5.5
2000-06-06 CVE-2000-0552 Incomplete Cleanup vulnerability in ICQ 2000A
ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information.
local
low complexity
icq CWE-459
5.5
2000-04-23 CVE-2000-0338 Improper Locking vulnerability in Concurrent Versions Software Project Concurrent Versions Software
Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate CVS user.
5.5
1999-12-31 CVE-1999-1386 Link Following vulnerability in Perl
Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/perl-eaXXXXX file.
local
low complexity
perl CWE-59
5.5