Filtered by vendor Trustix
Subscriptions
Total
67 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2000-1009 | 2 Redhat, Trustix | 2 Linux, Secure Linux | 2024-08-08 | N/A |
dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. | ||||
CVE-2000-0917 | 3 Caldera, Redhat, Trustix | 6 Openlinux, Openlinux Ebuilder, Openlinux Edesktop and 3 more | 2024-08-08 | N/A |
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands. | ||||
CVE-2000-0867 | 5 Debian, Mandrakesoft, Redhat and 2 more | 5 Debian Linux, Mandrake Linux, Linux and 2 more | 2024-08-08 | N/A |
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. | ||||
CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2024-08-08 | N/A |
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | ||||
CVE-2000-0791 | 1 Trustix | 1 Secure Linux | 2024-08-08 | N/A |
Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse. | ||||
CVE-2000-0666 | 5 Conectiva, Debian, Redhat and 2 more | 5 Linux, Debian Linux, Linux and 2 more | 2024-08-08 | N/A |
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. | ||||
CVE-2001-1030 | 6 Caldera, Immunix, Mandrakesoft and 3 more | 8 Openlinux Server, Immunix, Mandrake Linux and 5 more | 2024-08-08 | N/A |
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. | ||||
CVE-2001-0169 | 4 Mandrakesoft, Redhat, Trustix and 1 more | 5 Mandrake Linux, Mandrake Linux Corporate Server, Linux and 2 more | 2024-08-08 | N/A |
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib. | ||||
CVE-2001-0117 | 4 Immunix, Mandrakesoft, Redhat and 1 more | 5 Immunix, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2024-08-08 | N/A |
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. | ||||
CVE-2001-0142 | 5 Immunix, Mandrakesoft, National Science Foundation and 2 more | 5 Immunix, Mandrake Linux, Squid Web Proxy and 2 more | 2024-08-08 | N/A |
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. | ||||
CVE-2002-1319 | 3 Linux, Redhat, Trustix | 4 Linux Kernel, Enterprise Linux, Linux and 1 more | 2024-08-08 | N/A |
The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs. | ||||
CVE-2002-0083 | 9 Conectiva, Engardelinux, Immunix and 6 more | 11 Linux, Secure Linux, Immunix and 8 more | 2024-08-08 | 9.8 Critical |
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. | ||||
CVE-2004-2546 | 2 Samba, Trustix | 2 Samba, Secure Linux | 2024-08-08 | N/A |
Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption). | ||||
CVE-2004-2044 | 4 Francisco Burzi, Oscommerce, Paul Laudanski and 1 more | 4 Php-nuke, Osc2nuke, Betanc Php-nuke and 1 more | 2024-08-08 | N/A |
PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string. | ||||
CVE-2004-1304 | 3 File, Gentoo, Trustix | 3 File, Linux, Secure Linux | 2024-08-08 | N/A |
Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file. | ||||
CVE-2004-1154 | 4 Redhat, Samba, Suse and 1 more | 5 Enterprise Linux, Fedora Core, Samba and 2 more | 2024-08-08 | N/A |
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow. | ||||
CVE-2004-1071 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-08-08 | N/A |
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. | ||||
CVE-2004-1012 | 6 Carnegie Mellon University, Conectiva, Openpkg and 3 more | 6 Cyrus Imap Server, Linux, Openpkg and 3 more | 2024-08-08 | N/A |
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. | ||||
CVE-2004-1074 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-08-08 | N/A |
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary. | ||||
CVE-2004-1073 | 5 Linux, Redhat, Suse and 2 more | 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-08-08 | N/A |
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality. |