The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
Max CVSS
10.0
EPSS Score
2.10%
Published
2000-01-08
Updated
2017-07-11
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug."
Max CVSS
5.0
EPSS Score
1.30%
Published
2000-12-19
Updated
2020-12-09
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
Max CVSS
7.2
EPSS Score
0.16%
Published
2000-11-14
Updated
2018-05-03
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
Max CVSS
10.0
EPSS Score
0.48%
Published
2000-11-14
Updated
2018-10-30
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
Max CVSS
10.0
EPSS Score
8.05%
Published
2000-07-16
Updated
2018-05-03
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-06-21
Updated
2008-09-10
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-06-21
Updated
2008-09-10
Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name.
Max CVSS
10.0
EPSS Score
8.41%
Published
2000-07-02
Updated
2018-05-03
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password.
Max CVSS
5.0
EPSS Score
0.79%
Published
2000-06-21
Updated
2017-10-10
CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which allows a remote attacker to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.68%
Published
2000-06-16
Updated
2017-10-10
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a CGI POST request.
Max CVSS
5.0
EPSS Score
0.68%
Published
2000-06-21
Updated
2017-10-10
CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a malformed IPP request.
Max CVSS
5.0
EPSS Score
0.68%
Published
2000-06-21
Updated
2017-10-10
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
Max CVSS
5.0
EPSS Score
0.34%
Published
2000-03-27
Updated
2008-09-10
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-03-22
Updated
2008-09-10
The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions.
Max CVSS
7.5
EPSS Score
0.45%
Published
2000-02-05
Updated
2022-08-17
The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-02-02
Updated
2016-10-18
Linux apcd program allows local attackers to modify arbitrary files via a symlink attack.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-02-01
Updated
2008-09-10
17 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!