Vulnerabilities > Suse > Suse Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-12-06 | CVE-2001-0851 | Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie. | 5.0 |
| 2001-12-06 | CVE-2001-0834 | Remote Denial of Service/File Disclosure vulnerability in ht://Dig htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file. | 6.4 |
| 2001-11-22 | CVE-2001-0918 | Unspecified vulnerability in Suse Linux 7.2/7.3 Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow remote attackers to execute arbitrary commands by not opening files securely. | 5.1 |
| 2001-09-20 | CVE-2001-0641 | Heap Overflow vulnerability in Man -S Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option. | 4.6 |
| 2001-08-02 | CVE-2001-0610 | Local Security vulnerability in Linux kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | 4.6 |
| 2001-01-09 | CVE-2000-1107 | Unspecified vulnerability in Suse Linux in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash. | 5.0 |
| 2000-12-11 | CVE-2000-1016 | Unspecified vulnerability in Suse Linux 6.3/6.4 The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL. | 5.0 |
| 2000-11-14 | CVE-2000-0869 | The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method. | 5.0 |
| 2000-11-14 | CVE-2000-0868 | The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/. | 5.0 |
| 2000-05-02 | CVE-2000-0433 | Unspecified vulnerability in Suse Linux The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles. | 4.6 |