VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Trustix
> Secure Linux
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2001-07-18
CVE-2001-1030
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
network
low complexity
caldera
immunix
mandrakesoft
squid
redhat
trustix
7.5
7.5
2001-03-26
CVE-2001-0169
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
local
low complexity
mandrakesoft
redhat
trustix
turbolinux
2.1
2.1
2001-03-12
CVE-2001-0142
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
local
high complexity
immunix
national-science-foundation
mandrakesoft
redhat
trustix
1.2
1.2
2001-03-12
CVE-2001-0117
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
local
high complexity
immunix
mandrakesoft
redhat
trustix
1.2
1.2
2000-12-19
CVE-2000-0917
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
network
low complexity
caldera
redhat
trustix
critical
10.0
10
2000-12-11
CVE-2000-1009
dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
local
low complexity
redhat
trustix
7.2
7.2
2000-11-14
CVE-2000-0867
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
local
low complexity
debian
mandrakesoft
redhat
slackware
trustix
7.2
7.2
2000-11-14
CVE-2000-0844
Permissions, Privileges, and Access Controls vulnerability in multiple products
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
network
low complexity
caldera
immunix
conectiva
sgi
debian
ibm
mandrakesoft
redhat
slackware
sun
suse
trustix
turbolinux
CWE-264
critical
10.0
10
2000-10-20
CVE-2000-0791
Unspecified vulnerability in Trustix Secure Linux 1.1
Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.
local
low complexity
trustix
4.6
4.6
2000-07-16
CVE-2000-0666
Remote Format String vulnerability in Multiple Linux Vendor rpc.statd
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
network
low complexity
conectiva
debian
redhat
suse
trustix
critical
10.0
10
«
Previous
1
2
3
4
5
6
(current)
»