Land IP denial of service.
Max CVSS
5.0
EPSS Score
0.15%
Published
1997-12-01
Updated
2008-09-09
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
Max CVSS
7.5
EPSS Score
1.65%
Published
1997-12-10
Updated
2022-08-17
Race condition in signal handling routine in ftpd, allowing read/write arbitrary files.
Max CVSS
5.1
EPSS Score
0.13%
Published
1997-05-29
Updated
2022-08-17
Buffer overflow in NLS (Natural Language Service).
Max CVSS
7.5
EPSS Score
0.60%
Published
1997-02-13
Updated
2022-08-17
The Perl fingerd program allows arbitrary command execution from remote users.
Max CVSS
7.5
EPSS Score
0.35%
Published
1997-07-01
Updated
2022-08-17
manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999.
Max CVSS
9.8
EPSS Score
0.73%
Published
2020-10-06
Updated
2020-12-03
Denial of service of inetd on Linux through SYN and RST packets.
Max CVSS
5.0
EPSS Score
0.22%
Published
1997-11-01
Updated
2022-08-17
wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.
Max CVSS
5.0
EPSS Score
1.22%
Published
1999-01-02
Updated
2022-08-17
The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-04-20
Updated
2014-12-31
A version of finger is running that exposes valid user information to any entity on the network.
Max CVSS
N/A
EPSS Score
96.04%
Published
1997-03-01
Updated
2022-08-17
The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-08-05
Updated
2008-09-09
GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-07-21
Updated
2016-10-18
(1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable.
Max CVSS
4.6
EPSS Score
0.05%
Published
1996-09-13
Updated
2016-10-18
GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands.
Max CVSS
6.2
EPSS Score
0.04%
Published
2000-02-01
Updated
2008-09-10
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess.
Max CVSS
2.1
EPSS Score
0.05%
Published
2000-04-18
Updated
2008-09-10
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.
Max CVSS
3.6
EPSS Score
0.05%
Published
2000-04-18
Updated
2008-09-10
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords.
Max CVSS
4.6
EPSS Score
0.05%
Published
2000-04-18
Updated
2008-09-10
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.
Max CVSS
7.5
EPSS Score
1.06%
Published
2000-05-03
Updated
2008-09-10
The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.
Max CVSS
4.6
EPSS Score
0.06%
Published
2000-10-20
Updated
2008-09-10
GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions.
Max CVSS
4.6
EPSS Score
0.04%
Published
2000-10-20
Updated
2016-10-18
GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.
Max CVSS
10.0
EPSS Score
0.56%
Published
2000-12-19
Updated
2021-05-10
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-11-14
Updated
2017-10-10
Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion.
Max CVSS
7.2
EPSS Score
0.11%
Published
2000-11-14
Updated
2017-10-10
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.
Max CVSS
10.0
EPSS Score
0.30%
Published
2000-12-19
Updated
2017-10-10
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2000-12-19
Updated
2017-10-10
1060 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!