Suse : Security Vulnerabilities, CVEs, Published In 2001 CVSS score >= 1
Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file.
Max CVSS
7.5
EPSS Score
4.69%
Published
2001-08-02
Updated
2017-10-10
Vulnerability in screen before 3.9.10, related to a multi-attach error, allows local users to gain root privileges when there is a subdirectory under /tmp/screens/.
Max CVSS
7.2
EPSS Score
0.05%
Published
2001-09-05
Updated
2017-12-19
Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow remote attackers to execute arbitrary commands by not opening files securely.
Max CVSS
5.1
EPSS Score
0.29%
Published
2001-11-22
Updated
2017-10-10
Linux kernel before 2.4.11pre3 in multiple Linux distributions allows local users to cause a denial of service (crash) by starting the core vmlinux kernel, possibly related to poor error checking during ELF loading.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-11-21
Updated
2017-10-10
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
Max CVSS
7.2
EPSS Score
0.50%
Published
2001-12-21
Updated
2018-05-03
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.
Max CVSS
7.5
EPSS Score
1.15%
Published
2001-12-21
Updated
2018-05-03
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
Max CVSS
5.0
EPSS Score
0.14%
Published
2001-12-06
Updated
2017-10-10
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.
Max CVSS
6.4
EPSS Score
1.56%
Published
2001-12-06
Updated
2017-10-10
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
Max CVSS
7.5
EPSS Score
31.91%
Published
2001-10-18
Updated
2018-05-03
Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-09-20
Updated
2017-10-10
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-08-02
Updated
2017-12-19
Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and possibly other operating systems, allows local users to gain privileges via a long first command line argument.
Max CVSS
7.2
EPSS Score
0.04%
Published
2001-08-14
Updated
2017-10-10
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.
Max CVSS
7.5
EPSS Score
0.73%
Published
2001-06-27
Updated
2017-12-19
time server daemon timed allows remote attackers to cause a denial of service via malformed packets.
Max CVSS
10.0
EPSS Score
0.72%
Published
2001-06-27
Updated
2017-10-10
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter.
Max CVSS
7.2
EPSS Score
0.04%
Published
2001-05-03
Updated
2017-10-10
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-03-26
Updated
2017-10-10
Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name.
Max CVSS
7.2
EPSS Score
0.04%
Published
2001-03-26
Updated
2017-12-19
rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
Max CVSS
7.2
EPSS Score
0.04%
Published
2001-01-09
Updated
2017-10-19
in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash.
Max CVSS
5.0
EPSS Score
0.52%
Published
2001-01-09
Updated
2017-10-10
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
Max CVSS
7.2
EPSS Score
0.04%
Published
2001-01-09
Updated
2017-10-10
21 vulnerabilities found