| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2010-0002 |
20 |
|
|
2010-01-14 |
2011-08-08 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, and 4.0 enables the --show-control-chars option in LS_OPTIONS, which allows local users to send escape sequences to terminal emulators, or hide the existence of a file, via a crafted filename. |
|
2 |
CVE-2008-3896 |
200 |
|
+Info |
2008-09-03 |
2009-01-29 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer before and after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer. |
|
3 |
CVE-2006-4624 |
94 |
|
|
2006-09-07 |
2010-09-15 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI. |
|
4 |
CVE-2006-4573 |
|
|
DoS |
2006-10-24 |
2010-09-15 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences. |
|
5 |
CVE-2006-1902 |
119 |
|
Overflow |
2006-04-20 |
2011-02-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.NOTE: the vendor states that the essence of the issue is "not correctly interpreting an offset to a pointer as a signed value." |
|
6 |
CVE-2006-1712 |
|
|
XSS |
2006-04-11 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument. |
|
7 |
CVE-2005-3137 |
|
|
|
2005-10-05 |
2010-04-02 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960. |
|
8 |
CVE-2005-2960 |
|
|
|
2005-10-05 |
2010-04-02 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137. |
|
9 |
CVE-2005-2180 |
|
|
|
2005-07-11 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files. |
|
10 |
CVE-2005-1918 |
|
|
Dir. Trav. |
2005-12-31 |
2010-08-21 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/". |
|
11 |
CVE-2005-0990 |
|
|
|
2005-05-02 |
2010-08-21 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink attack on the unsh.X temporary file. |
|
12 |
CVE-2004-2459 |
|
|
|
2004-12-31 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table. |
|
13 |
CVE-2004-2014 |
|
|
|
2004-12-31 |
2010-08-21 |
2.6 |
None |
Local |
High |
Not required |
None |
Partial |
Partial |
|
Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded. |
|
14 |
CVE-2004-1453 |
|
|
|
2004-12-31 |
2010-08-21 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program. |
|
15 |
CVE-2004-1382 |
|
|
|
2004-12-31 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968. |
|
16 |
CVE-2004-1377 |
|
|
|
2004-12-27 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files. |
|
17 |
CVE-2004-1296 |
|
|
|
2004-12-31 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files. |
|
18 |
CVE-2004-0970 |
|
|
|
2005-02-09 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367. |
|
19 |
CVE-2004-0969 |
|
|
|
2005-02-09 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. |
|
20 |
CVE-2004-0968 |
|
|
|
2005-02-09 |
2010-08-21 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files. |
|
21 |
CVE-2004-0966 |
|
|
|
2005-02-09 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files. |
|
22 |
CVE-2004-0797 |
|
|
DoS |
2004-10-20 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The error handling in the (1) inflate and (2) inflateBack functions in ZLib compression library 1.2.x allows local users to cause a denial of service (application crash). |
|
23 |
CVE-2004-0422 |
|
|
|
2004-07-07 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack. |
|
24 |
CVE-2004-0256 |
|
|
|
2004-11-23 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp. |
|
25 |
CVE-2003-0858 |
399 |
|
DoS |
2003-12-15 |
2011-03-31 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. |
|
26 |
CVE-2003-0854 |
|
1
|
|
2003-11-17 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. |
|
27 |
CVE-2002-0389 |
|
|
|
2002-06-18 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives. |
|
28 |
CVE-2001-1267 |
|
|
Dir. Trav. |
2001-07-12 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot). |
|
29 |
CVE-2001-0071 |
|
|
|
2001-02-12 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection. |
|
30 |
CVE-2000-0269 |
|
|
|
2000-04-18 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess. |
