Listening TCP ports are sequentially allocated, allowing spoofing attacks.
Max CVSS
6.4
EPSS Score
0.24%
Published
1997-07-01
Updated
2022-08-17
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
Max CVSS
7.2
EPSS Score
0.04%
Published
1996-06-26
Updated
2022-08-17
Linux implementations of TFTP would allow access to files outside the restricted directory.
Max CVSS
6.4
EPSS Score
23.65%
Published
1997-09-01
Updated
2022-08-17
Buffer overflow in Linux su command gives root access to local users.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-11-25
Updated
2022-08-17
Linux bdash game has a buffer overflow that allows local users to gain root access.
Max CVSS
7.2
EPSS Score
0.04%
Published
1998-03-01
Updated
2022-08-17
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-02-26
Updated
2008-09-09
KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.
Max CVSS
7.2
EPSS Score
0.04%
Published
1998-11-18
Updated
2016-10-18
IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets.
Max CVSS
7.5
EPSS Score
0.88%
Published
1999-07-27
Updated
2016-10-18
Linux 2.0.37 does not properly encode the Custom segment limit, which allows local users to gain root privileges by accessing and modifying kernel memory.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-07-11
Updated
2008-09-05
fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device.
Max CVSS
7.2
EPSS Score
0.04%
Published
1998-12-07
Updated
2017-10-10
Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments.
Max CVSS
7.2
EPSS Score
0.04%
Published
1998-06-22
Updated
2018-09-11
ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall.
Max CVSS
7.5
EPSS Score
1.87%
Published
2001-07-02
Updated
2017-10-10
IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid request and allow the connection to the port specified in the DCC SEND request.
Max CVSS
7.5
EPSS Score
0.48%
Published
2001-07-30
Updated
2018-09-20
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp.
Max CVSS
7.2
EPSS Score
0.04%
Published
2001-10-18
Updated
2016-10-18
Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19, related to user pages.
Max CVSS
6.2
EPSS Score
0.06%
Published
2001-04-17
Updated
2016-12-08
Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain cases, which may lead to a vulnerability.
Max CVSS
7.5
EPSS Score
1.30%
Published
2001-04-17
Updated
2016-12-08
The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.
Max CVSS
7.5
EPSS Score
0.37%
Published
2001-12-31
Updated
2008-09-05
IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions.
Max CVSS
7.5
EPSS Score
1.32%
Published
2002-03-08
Updated
2017-10-10
The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages.
Max CVSS
7.5
EPSS Score
2.01%
Published
2002-07-26
Updated
2024-02-03
TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling.
Max CVSS
7.5
EPSS Score
0.40%
Published
2021-05-18
Updated
2023-02-12
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.
Max CVSS
7.2
EPSS Score
0.05%
Published
2003-03-31
Updated
2018-05-03
Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
2003-12-15
Updated
2016-10-18
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.
Max CVSS
7.2
EPSS Score
0.04%
Published
2004-01-20
Updated
2018-05-03
exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function.
Max CVSS
7.2
EPSS Score
0.04%
Published
2003-12-31
Updated
2008-09-05
The redirect_target function in net/ipv4/netfilter/ipt_REDIRECT.c in the Linux kernel before 2.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending packets to an interface that has a 0.0.0.0 IP address, a related issue to CVE-2015-8787.
Max CVSS
7.8
EPSS Score
0.78%
Published
2016-05-02
Updated
2016-12-01
1525 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!