| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Denial of service of inetd on Linux through SYN and RST packets. |
| Antivir / Linux 2.0.9-9, and possibly earlier versions, allows local users to overwrite arbitrary files via a symlink attack on the .pid_antivir_$$ temporary file. |
| A system does not present an appropriate legal message or warning to a user who is accessing it. |
| The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. |
| Vulnerability when Network Address Translation (NAT) is enabled in Linux 2.2.10 and earlier with ipchains, or FreeBSD 3.2 with ipfw, allows remote attackers to cause a denial of service (kernel panic) via a ping -R (record route) command. |
| mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges. |
| The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option. |
| The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. |
| The rwho/rwhod service is running, which exposes machine status and user information. |
| Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address." |
| The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. |
| A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. |
| Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths. |
| KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. |
| KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
| Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port. |
| The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. |
| Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service. |
| Linux kernel 2.6 before 2.6.15.5 allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data. |
