Filtered by vendor Trustix Subscriptions
Filtered by product Secure Linux Subscriptions
Total 66 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2000-1009 2 Redhat, Trustix 2 Linux, Secure Linux 2024-08-08 N/A
dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
CVE-2000-0917 3 Caldera, Redhat, Trustix 6 Openlinux, Openlinux Ebuilder, Openlinux Edesktop and 3 more 2024-08-08 N/A
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
CVE-2000-0867 5 Debian, Mandrakesoft, Redhat and 2 more 5 Debian Linux, Mandrake Linux, Linux and 2 more 2024-08-08 N/A
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
CVE-2000-0844 13 Caldera, Conectiva, Debian and 10 more 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more 2024-08-08 N/A
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVE-2000-0791 1 Trustix 1 Secure Linux 2024-08-08 N/A
Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.
CVE-2000-0666 5 Conectiva, Debian, Redhat and 2 more 5 Linux, Debian Linux, Linux and 2 more 2024-08-08 N/A
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
CVE-2001-1030 6 Caldera, Immunix, Mandrakesoft and 3 more 8 Openlinux Server, Immunix, Mandrake Linux and 5 more 2024-08-08 N/A
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
CVE-2001-0169 4 Mandrakesoft, Redhat, Trustix and 1 more 5 Mandrake Linux, Mandrake Linux Corporate Server, Linux and 2 more 2024-08-08 N/A
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
CVE-2001-0117 4 Immunix, Mandrakesoft, Redhat and 1 more 5 Immunix, Mandrake Linux, Mandrake Linux Corporate Server and 2 more 2024-08-08 N/A
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
CVE-2001-0142 5 Immunix, Mandrakesoft, National Science Foundation and 2 more 5 Immunix, Mandrake Linux, Squid Web Proxy and 2 more 2024-08-08 N/A
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVE-2002-1319 3 Linux, Redhat, Trustix 4 Linux Kernel, Enterprise Linux, Linux and 1 more 2024-08-08 N/A
The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs.
CVE-2002-0083 9 Conectiva, Engardelinux, Immunix and 6 more 11 Linux, Secure Linux, Immunix and 8 more 2024-08-08 9.8 Critical
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVE-2004-2546 2 Samba, Trustix 2 Samba, Secure Linux 2024-08-08 N/A
Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption).
CVE-2004-2044 4 Francisco Burzi, Oscommerce, Paul Laudanski and 1 more 4 Php-nuke, Osc2nuke, Betanc Php-nuke and 1 more 2024-08-08 N/A
PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string.
CVE-2004-1304 3 File, Gentoo, Trustix 3 File, Linux, Secure Linux 2024-08-08 N/A
Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file.
CVE-2004-1154 4 Redhat, Samba, Suse and 1 more 5 Enterprise Linux, Fedora Core, Samba and 2 more 2024-08-08 N/A
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.
CVE-2004-1071 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-08-08 N/A
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
CVE-2004-1012 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more 6 Cyrus Imap Server, Linux, Openpkg and 3 more 2024-08-08 N/A
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.
CVE-2004-1074 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-08-08 N/A
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
CVE-2004-1073 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-08-08 N/A
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.