| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack. |
| Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. |
| An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5. |
| Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable. |
| The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request. |
| Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt. |
| gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. |
| Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable. |
| X fontserver xfs allows local users to cause a denial of service via malformed input to the server. |
| Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. |
| xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask. |
| ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys. |
| ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program. |
| Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges. |
| Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges. |
| The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization. |
| LogWatch before 2.5 allows local users to execute arbitrary code via a symlink attack on the logwatch temporary directory. |
| Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses. |
| LogWatch 2.5 allows local users to gain root privileges via a symlink attack, a different vulnerability than CVE-2002-0162. |
| Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted images, which could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain weaknesses of NetPBM. |
