CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Linux » Linux Kernel : Security Vulnerabilities (CVSS score >= 3)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1901 CVE-1999-0414 1999-03-01 2008-09-09
5.0
None Remote Low Not required Partial None None
In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection.
1902 CVE-1999-0401 1999-01-01 2008-09-09
3.7
User Local High Not required Partial Partial Partial
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.
1903 CVE-1999-0400 DoS 1999-01-26 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Denial of service in Linux 2.2.0 running the ldd command on a core file.
1904 CVE-1999-0381 Overflow 1999-02-26 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access.
1905 CVE-1999-0335 1996-08-01 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
DEPRECATED. This entry has been deprecated. It is a duplicate of CVE-1999-0032.
1906 CVE-1999-0330 Overflow 1998-03-01 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
Linux bdash game has a buffer overflow that allows local users to gain root access.
1907 CVE-1999-0317 Overflow 1999-11-25 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in Linux su command gives root access to local users.
1908 CVE-1999-0257 DoS 1998-04-01 2008-09-09
5.0
None Remote Low Not required None None Partial
Nestea variation of teardrop IP fragmentation denial of service.
1909 CVE-1999-0245 1995-09-07 2008-09-09
4.6
User Local Low Not required Partial Partial Partial
Some configurations of NIS+ in Linux allowed attackers to log in as the user "+".
1910 CVE-1999-0216 DoS 1997-11-01 2008-09-09
5.0
None Remote Low Not required None None Partial
Denial of service of inetd on Linux through SYN and RST packets.
1911 CVE-1999-0195 DoS 1997-07-01 2008-09-09
5.0
None Remote Low Not required None None Partial
Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1.
1912 CVE-1999-0183 1997-09-01 2008-09-09
6.4
None Remote Low Not required Partial Partial None
Linux implementations of TFTP would allow access to files outside the restricted directory.
1913 CVE-1999-0165 1997-03-01 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
NFS cache poisoning.
1914 CVE-1999-0138 1996-06-26 2008-09-09
7.2
Admin Local Low Not required Complete Complete Complete
The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.
1915 CVE-1999-0128 DoS 1996-12-18 2008-09-09
5.0
None Remote Low Not required None None Partial
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
1916 CVE-1999-0074 1997-07-01 2008-09-09
6.4
None Remote Low Not required Partial Partial None
Listening TCP ports are sequentially allocated, allowing spoofing attacks.
1917 CVE-1999-0061 1997-10-02 2008-09-09
5.1
User Remote High Not required Partial Partial Partial
File creation and deletion, and remote execution, in the BSD line printer daemon (lpd).
Total number of vulnerabilities : 1908   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.