All the vulnerabilites related to caldera - openlinux
cve-2000-0491
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:21
Severity ?
EPSS score ?
Summary
Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2000-06/0025.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/1279 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/1370 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/1233 | vdb-entry, x_refsource_BID | |
| http://www.novell.com/linux/security/advisories/suse_security_announce_49.html | vendor-advisory, x_refsource_SUSE | |
| ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-013.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://archives.neohapsis.com/archives/bugtraq/2000-05/0241.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:30.809Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000607 Conectiva Linux Security Announcement - gdm",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0025.html"
},
{
"name": "1279",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1279"
},
{
"name": "1370",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1370"
},
{
"name": "1233",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1233"
},
{
"name": "20000524 Security hole in gdm \u003c= 2.0beta4-25",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_49.html"
},
{
"name": "CSSA-2000-013.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-013.0.txt"
},
{
"name": "20000521 \"gdm\" remote hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0241.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-04-27T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000607 Conectiva Linux Security Announcement - gdm",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0025.html"
},
{
"name": "1279",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1279"
},
{
"name": "1370",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1370"
},
{
"name": "1233",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1233"
},
{
"name": "20000524 Security hole in gdm \u003c= 2.0beta4-25",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_49.html"
},
{
"name": "CSSA-2000-013.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-013.0.txt"
},
{
"name": "20000521 \"gdm\" remote hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0241.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000607 Conectiva Linux Security Announcement - gdm",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0025.html"
},
{
"name": "1279",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1279"
},
{
"name": "1370",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1370"
},
{
"name": "1233",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1233"
},
{
"name": "20000524 Security hole in gdm \u003c= 2.0beta4-25",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_49.html"
},
{
"name": "CSSA-2000-013.0",
"refsource": "CALDERA",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-013.0.txt"
},
{
"name": "20000521 \"gdm\" remote hole",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0241.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0491",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-07-11T00:00:00",
"dateUpdated": "2024-08-08T05:21:30.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0017
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:56.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:25:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0017",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0017",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:56.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0439
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:41
Severity ?
EPSS score ?
Summary
Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0439 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:44.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0439"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:35:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0439"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0439",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0439",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0439"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0439",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:44.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0844
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
EPSS score ?
Summary
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:30.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2000:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"name": "20000906 glibc locale security problem",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"name": "20000902 Conectiva Linux Security Announcement - glibc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"name": "SSRT0689U",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"name": "TLSA2000020-1",
"tags": [
"vendor-advisory",
"x_refsource_TURBO",
"x_transferred"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"name": "20000902 glibc: local root exploit",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2000/20000902"
},
{
"name": "20000904 UNIX locale format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"name": "IY13753",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"name": "1634",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1634"
},
{
"name": "CSSA-2000-030.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"name": "unix-locale-format-string(5176)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
},
{
"name": "20000901-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-09-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2000:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"name": "20000906 glibc locale security problem",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"name": "20000902 Conectiva Linux Security Announcement - glibc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"name": "SSRT0689U",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ"
],
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"name": "TLSA2000020-1",
"tags": [
"vendor-advisory",
"x_refsource_TURBO"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"name": "20000902 glibc: local root exploit",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2000/20000902"
},
{
"name": "20000904 UNIX locale format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"name": "IY13753",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"name": "1634",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1634"
},
{
"name": "CSSA-2000-030.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"name": "unix-locale-format-string(5176)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
},
{
"name": "20000901-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0844",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2000:057",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"name": "20000906 glibc locale security problem",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"name": "20000902 Conectiva Linux Security Announcement - glibc",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"name": "SSRT0689U",
"refsource": "COMPAQ",
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"name": "TLSA2000020-1",
"refsource": "TURBO",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"name": "20000902 glibc: local root exploit",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2000/20000902"
},
{
"name": "20000904 UNIX locale format string vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"name": "IY13753",
"refsource": "AIXAPAR",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"name": "1634",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1634"
},
{
"name": "CSSA-2000-030.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"name": "unix-locale-format-string(5176)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
},
{
"name": "20000901-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0844",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-10-18T00:00:00",
"dateUpdated": "2024-08-08T05:37:30.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0047
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/685 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "685",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/685"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "685",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/685"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0047",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "685",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/685"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0047",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0531
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:21
Severity ?
EPSS score ?
Summary
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/1377 | vdb-entry, x_refsource_BID | |
| http://www.redhat.com/support/errata/RHSA-2000-045.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/5010 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000620 Bug in gpm",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl"
},
{
"name": "1377",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1377"
},
{
"name": "RHSA-2000:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-045.html"
},
{
"name": "linux-gpm-gpmctl-dos(5010)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010"
},
{
"name": "20000728 MDKSA:2000-025 gpm update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000620 Bug in gpm",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl"
},
{
"name": "1377",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1377"
},
{
"name": "RHSA-2000:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-045.html"
},
{
"name": "linux-gpm-gpmctl-dos(5010)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010"
},
{
"name": "20000728 MDKSA:2000-025 gpm update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0531",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000620 Bug in gpm",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000@apollo.aci.com.pl"
},
{
"name": "1377",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1377"
},
{
"name": "RHSA-2000:045",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-045.html"
},
{
"name": "linux-gpm-gpmctl-dos(5010)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010"
},
{
"name": "20000728 MDKSA:2000-025 gpm update",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0531",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-07-11T00:00:00",
"dateUpdated": "2024-08-08T05:21:31.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0434
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:41
Severity ?
EPSS score ?
Summary
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/359 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:45.503Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "359",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/359"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-04-20T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "359",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/359"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "359",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/359"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0434",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:45.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0879
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:55
Severity ?
EPSS score ?
Summary
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0879 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:55:28.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0879"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T08:06:32",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0879"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0879",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0879"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0879",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-12-08T00:00:00",
"dateUpdated": "2024-08-01T16:55:28.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0042
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.030Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in University of Washington\u0027s implementation of IMAP and POP servers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:30:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in University of Washington\u0027s implementation of IMAP and POP servers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0042",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0192
Vulnerability from cvelistv5
Published
2000-04-25 04:00
Modified
2024-08-08 05:05
Severity ?
EPSS score ?
Summary
The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows remote attackers to determine what packages are installed on the system.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/1036 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2000-03/0029.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:54.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1036"
},
{
"name": "20000304 OpenLinux 2.3: rpm_query",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0029.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows remote attackers to determine what packages are installed on the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1036",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1036"
},
{
"name": "20000304 OpenLinux 2.3: rpm_query",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0029.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows remote attackers to determine what packages are installed on the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1036"
},
{
"name": "20000304 OpenLinux 2.3: rpm_query",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0029.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0192",
"datePublished": "2000-04-25T04:00:00",
"dateReserved": "2000-03-22T00:00:00",
"dateUpdated": "2024-08-08T05:05:54.198Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0769
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
EPSS score ?
Summary
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/611 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "611",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/611"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "611",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/611"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0769",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "611",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/611"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0769",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:37.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0892
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 05:37
Severity ?
EPSS score ?
Summary
Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/22404 | third-party-advisory, x_refsource_CERT-VN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/6644 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:31.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#22404",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/22404"
},
{
"name": "telnet-obtain-env-variable(6644)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6644"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-09-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#22404",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/22404"
},
{
"name": "telnet-obtain-env-variable(6644)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6644"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#22404",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/22404"
},
{
"name": "telnet-obtain-env-variable(6644)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6644"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0892",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2000-11-14T00:00:00",
"dateUpdated": "2024-08-08T05:37:31.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0880
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:55
Severity ?
EPSS score ?
Summary
Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0880 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:55:28.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0880"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T08:07:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0880"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0880",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0880",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0880"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0880",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-12-08T00:00:00",
"dateUpdated": "2024-08-01T16:55:28.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1199
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:19
Severity ?
EPSS score ?
Summary
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
References
| ▼ | URL | Tags |
|---|---|---|
| http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903 | vendor-advisory, x_refsource_SUNALERT | |
| http://marc.info/?l=bugtraq&m=103426842025029&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40 | vendor-advisory, x_refsource_CALDERA | |
| http://www.iss.net/security_center/static/10329.php | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/538033 | third-party-advisory, x_refsource_CERT-VN | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securityfocus.com/bid/5937 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:27.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "47903",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903"
},
{
"name": "20021010 Multiple vendor ypxfrd map handling vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103426842025029\u0026w=2"
},
{
"name": "CSSA-2002-SCO.40",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40"
},
{
"name": "ypxfrd-file-disclosure(10329)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10329.php"
},
{
"name": "VU#538033",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/538033"
},
{
"name": "oval:org.mitre.oval:def:2423",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423"
},
{
"name": "5937",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5937"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "47903",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903"
},
{
"name": "20021010 Multiple vendor ypxfrd map handling vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103426842025029\u0026w=2"
},
{
"name": "CSSA-2002-SCO.40",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40"
},
{
"name": "ypxfrd-file-disclosure(10329)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10329.php"
},
{
"name": "VU#538033",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/538033"
},
{
"name": "oval:org.mitre.oval:def:2423",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423"
},
{
"name": "5937",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5937"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "47903",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903"
},
{
"name": "20021010 Multiple vendor ypxfrd map handling vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103426842025029\u0026w=2"
},
{
"name": "CSSA-2002-SCO.40",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40"
},
{
"name": "ypxfrd-file-disclosure(10329)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10329.php"
},
{
"name": "VU#538033",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/538033"
},
{
"name": "oval:org.mitre.oval:def:2423",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423"
},
{
"name": "5937",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5937"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1199",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-10-11T00:00:00",
"dateUpdated": "2024-08-08T03:19:27.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1288
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
EPSS score ?
Summary
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/1406 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/11397 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.caldera.com/support/security/advisories/SA-1998.35.txt | vendor-advisory, x_refsource_CALDERA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:02.749Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "samba-wsmbconf(1406)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1406"
},
{
"name": "19981119 Vulnerability in Samba on RedHat, Caldera and PHT TurboLinux",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/11397"
},
{
"name": "SA-1998.35",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.caldera.com/support/security/advisories/SA-1998.35.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1998-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "samba-wsmbconf(1406)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1406"
},
{
"name": "19981119 Vulnerability in Samba on RedHat, Caldera and PHT TurboLinux",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/11397"
},
{
"name": "SA-1998.35",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.caldera.com/support/security/advisories/SA-1998.35.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1288",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "samba-wsmbconf(1406)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1406"
},
{
"name": "19981119 Vulnerability in Samba on RedHat, Caldera and PHT TurboLinux",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/11397"
},
{
"name": "SA-1998.35",
"refsource": "CALDERA",
"url": "http://www.caldera.com/support/security/advisories/SA-1998.35.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1288",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:02.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0002
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:07
Severity ?
EPSS score ?
Summary
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ciac.org/ciac/bulletins/j-006.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
| ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I | vendor-advisory, x_refsource_SGI | |
| http://www.securityfocus.com/bid/121 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:07:57.748Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "J-006",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/j-006.shtml"
},
{
"name": "19981006-01-I",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I"
},
{
"name": "121",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/121"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "J-006",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/j-006.shtml"
},
{
"name": "19981006-01-I",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I"
},
{
"name": "121",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/121"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "J-006",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/j-006.shtml"
},
{
"name": "19981006-01-I",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I"
},
{
"name": "121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/121"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0002",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:07:57.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0104
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5743 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.securityfocus.com/bid/80175 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5743",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5743"
},
{
"name": "80175",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/80175"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-22T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:5743",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5743"
},
{
"name": "80175",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/80175"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:5743",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5743"
},
{
"name": "80175",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/80175"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0104",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0872
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:55
Severity ?
EPSS score ?
Summary
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/611 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/759 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:55:29.003Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "611",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/611"
},
{
"name": "759",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/759"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "611",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/611"
},
{
"name": "759",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/759"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0872",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "611",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/611"
},
{
"name": "759",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/759"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0872",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-12-08T00:00:00",
"dateUpdated": "2024-08-01T16:55:29.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0009
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
References
| ▼ | URL | Tags |
|---|---|---|
| ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX | vendor-advisory, x_refsource_SGI | |
| http://www.securityfocus.com/bid/134 | vdb-entry, x_refsource_BID | |
| http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083 | vendor-advisory, x_refsource_HP | |
| http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/180 | vendor-advisory, x_refsource_SUN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:56.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19980603-01-PX",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"name": "134",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/134"
},
{
"name": "HPSBUX9808-083",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
},
{
"name": "00180",
"tags": [
"vendor-advisory",
"x_refsource_SUN",
"x_transferred"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-02T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19980603-01-PX",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"name": "134",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/134"
},
{
"name": "HPSBUX9808-083",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
},
{
"name": "00180",
"tags": [
"vendor-advisory",
"x_refsource_SUN"
],
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19980603-01-PX",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"name": "134",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/134"
},
{
"name": "HPSBUX9808-083",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
},
{
"name": "00180",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0009",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:56.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0731
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
EPSS score ?
Summary
The KDE klock program allows local users to unlock a session using malformed input.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/489 | vdb-entry, x_refsource_BID | |
| https://github.com/KDE/kde1-kdebase/commit/04906bd5de2f220bf100b605dad37b4a1d9a91a6 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "489",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/489"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/KDE/kde1-kdebase/commit/04906bd5de2f220bf100b605dad37b4a1d9a91a6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The KDE klock program allows local users to unlock a session using malformed input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-20T00:37:42",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "489",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/489"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/KDE/kde1-kdebase/commit/04906bd5de2f220bf100b605dad37b4a1d9a91a6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The KDE klock program allows local users to unlock a session using malformed input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "489",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/489"
},
{
"name": "https://github.com/KDE/kde1-kdebase/commit/04906bd5de2f220bf100b605dad37b4a1d9a91a6",
"refsource": "MISC",
"url": "https://github.com/KDE/kde1-kdebase/commit/04906bd5de2f220bf100b605dad37b4a1d9a91a6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0731",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:37.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0566
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:21
Severity ?
EPSS score ?
Summary
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
References
| ▼ | URL | Tags |
|---|---|---|
| ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-021.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:015 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.redhat.com/support/errata/RHSA-2000-041.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/4900 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2000-07/0390.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/1434 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-2000-021.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-021.0.txt"
},
{
"name": "MDKSA-2000:015",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:015"
},
{
"name": "RHSA-2000:041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-041.html"
},
{
"name": "linux-man-makewhatis-tmp(4900)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4900"
},
{
"name": "20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - MAN",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0390.html"
},
{
"name": "1434",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1434"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "makewhatis in Linux man package allows local users to overwrite files via a symlink attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-2000-021.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-021.0.txt"
},
{
"name": "MDKSA-2000:015",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:015"
},
{
"name": "RHSA-2000:041",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-041.html"
},
{
"name": "linux-man-makewhatis-tmp(4900)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4900"
},
{
"name": "20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - MAN",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0390.html"
},
{
"name": "1434",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1434"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0566",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "makewhatis in Linux man package allows local users to overwrite files via a symlink attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-2000-021.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-021.0.txt"
},
{
"name": "MDKSA-2000:015",
"refsource": "MANDRAKE",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:015"
},
{
"name": "RHSA-2000:041",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-041.html"
},
{
"name": "linux-man-makewhatis-tmp(4900)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4900"
},
{
"name": "20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - MAN",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0390.html"
},
{
"name": "1434",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1434"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0566",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-07-12T00:00:00",
"dateUpdated": "2024-08-08T05:21:31.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0917
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
EPSS score ?
Summary
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
References
| ▼ | URL | Tags |
|---|---|---|
| ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc | vendor-advisory, x_refsource_FREEBSD | |
| http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://www.cert.org/advisories/CA-2000-22.html | third-party-advisory, x_refsource_CERT | |
| http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.redhat.com/support/errata/RHSA-2000-065.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/5287 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/1712 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:31.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-00:56",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc"
},
{
"name": "CSSA-2000-033.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt"
},
{
"name": "CA-2000-22",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2000-22.html"
},
{
"name": "20000925 Format strings: bug #2: LPRng",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html"
},
{
"name": "RHSA-2000:065",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-065.html"
},
{
"name": "lprng-format-string(5287)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287"
},
{
"name": "1712",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1712"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-00:56",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc"
},
{
"name": "CSSA-2000-033.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt"
},
{
"name": "CA-2000-22",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2000-22.html"
},
{
"name": "20000925 Format strings: bug #2: LPRng",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html"
},
{
"name": "RHSA-2000:065",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-065.html"
},
{
"name": "lprng-format-string(5287)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287"
},
{
"name": "1712",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1712"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-00:56",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc"
},
{
"name": "CSSA-2000-033.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt"
},
{
"name": "CA-2000-22",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2000-22.html"
},
{
"name": "20000925 Format strings: bug #2: LPRng",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html"
},
{
"name": "RHSA-2000:065",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-065.html"
},
{
"name": "lprng-format-string(5287)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287"
},
{
"name": "1712",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1712"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0917",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-11-24T00:00:00",
"dateUpdated": "2024-08-08T05:37:31.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-0851
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:37
Severity ?
EPSS score ?
Summary
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3 | vendor-advisory, x_refsource_MANDRAKE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/7461 | vdb-entry, x_refsource_XF | |
| http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html | vendor-advisory, x_refsource_SUSE | |
| http://www.redhat.com/support/errata/RHSA-2001-142.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.linuxsecurity.com/advisories/other_advisory-1683.html | vendor-advisory, x_refsource_ENGARDE | |
| http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000432 | vendor-advisory, x_refsource_CONECTIVA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:06.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2001:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3"
},
{
"name": "linux-syncookie-bypass-filter(7461)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7461"
},
{
"name": "SuSE-SA:2001:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html"
},
{
"name": "RHSA-2001:142",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-142.html"
},
{
"name": "ESA-20011106-01",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1683.html"
},
{
"name": "CSSA-2001-38.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt"
},
{
"name": "CLA-2001:432",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000432"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-26T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2001:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3"
},
{
"name": "linux-syncookie-bypass-filter(7461)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7461"
},
{
"name": "SuSE-SA:2001:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html"
},
{
"name": "RHSA-2001:142",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-142.html"
},
{
"name": "ESA-20011106-01",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1683.html"
},
{
"name": "CSSA-2001-38.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt"
},
{
"name": "CLA-2001:432",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000432"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2001:082",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3"
},
{
"name": "linux-syncookie-bypass-filter(7461)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7461"
},
{
"name": "SuSE-SA:2001:039",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html"
},
{
"name": "RHSA-2001:142",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-142.html"
},
{
"name": "ESA-20011106-01",
"refsource": "ENGARDE",
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1683.html"
},
{
"name": "CSSA-2001-38.0",
"refsource": "CALDERA",
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt"
},
{
"name": "CLA-2001:432",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000432"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0851",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-11-22T00:00:00",
"dateUpdated": "2024-08-08T04:37:06.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0374
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions.
References
| ▼ | URL | Tags |
|---|---|---|
| http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:025 | vendor-advisory, x_refsource_MANDRAKE | |
| ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-021.0.txt | vendor-advisory, x_refsource_CALDERA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/4856 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/1446 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2002:025",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:025"
},
{
"name": "CSSA-1999-021.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-021.0.txt"
},
{
"name": "xdmcp-kdm-default-configuration(4856)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4856"
},
{
"name": "1446",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1446"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2002:025",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:025"
},
{
"name": "CSSA-1999-021.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-021.0.txt"
},
{
"name": "xdmcp-kdm-default-configuration(4856)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4856"
},
{
"name": "1446",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1446"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0374",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2002:025",
"refsource": "MANDRAKE",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:025"
},
{
"name": "CSSA-1999-021.0",
"refsource": "CALDERA",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-021.0.txt"
},
{
"name": "xdmcp-kdm-default-configuration(4856)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4856"
},
{
"name": "1446",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1446"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0374",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-05-23T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-0850
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:37
Severity ?
EPSS score ?
Summary
A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/7427 | vdb-entry, x_refsource_XF | |
| http://www.caldera.com/support/security/advisories/CSSA-2001-037.0.txt | vendor-advisory, x_refsource_CALDERA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:07.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openlinux-libdb-bo(7427)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7427"
},
{
"name": "CSSA-2001-037.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-037.0.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-26T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openlinux-libdb-bo(7427)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7427"
},
{
"name": "CSSA-2001-037.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-037.0.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openlinux-libdb-bo(7427)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7427"
},
{
"name": "CSSA-2001-037.0",
"refsource": "CALDERA",
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-037.0.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0850",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-11-22T00:00:00",
"dateUpdated": "2024-08-08T04:37:07.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0369
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/1266 | vdb-entry, x_refsource_BID | |
| ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-029.1.txt | vendor-advisory, x_refsource_CALDERA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1266",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1266"
},
{
"name": "CSSA-1999-029.1",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-029.1.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1266",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1266"
},
{
"name": "CSSA-1999-029.1",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-029.1.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1266",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1266"
},
{
"name": "CSSA-1999-029.1",
"refsource": "CALDERA",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-029.1.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0369",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-05-23T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0370
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command.
References
| ▼ | URL | Tags |
|---|---|---|
| ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-001.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://www.securityfocus.com/bid/1268 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.488Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-1999-001.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-001.0.txt"
},
{
"name": "1268",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1268"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-01-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-1999-001.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-001.0.txt"
},
{
"name": "1268",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1268"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-1999-001.0",
"refsource": "CALDERA",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-001.0.txt"
},
{
"name": "1268",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1268"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0370",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-05-23T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0372
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
Vulnerability in Caldera rmt command in the dump package 0.4b4 allows a local user to gain root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-014.0.txt | vendor-advisory, x_refsource_CALDERA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/2268 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/7940 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CSSA-1999-014.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-014.0.txt"
},
{
"name": "linux-rmt(2268)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2268"
},
{
"name": "7940",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7940"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in Caldera rmt command in the dump package 0.4b4 allows a local user to gain root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CSSA-1999-014.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-014.0.txt"
},
{
"name": "linux-rmt(2268)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2268"
},
{
"name": "7940",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7940"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in Caldera rmt command in the dump package 0.4b4 allows a local user to gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-1999-014.0",
"refsource": "CALDERA",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-014.0.txt"
},
{
"name": "linux-rmt(2268)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2268"
},
{
"name": "7940",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7940"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0372",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-05-23T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0530
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:21
Severity ?
EPSS score ?
Summary
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/4583 | vdb-entry, x_refsource_XF | |
| ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://www.securityfocus.com/bid/1291 | vdb-entry, x_refsource_BID | |
| http://www.redhat.com/support/errata/RHSA-2000-032.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000531 KDE::KApplication feature?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html"
},
{
"name": "kde-configuration-file-creation(4583)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4583"
},
{
"name": "CSSA-2000-015.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt"
},
{
"name": "1291",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1291"
},
{
"name": "RHSA-2000:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000531 KDE::KApplication feature?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html"
},
{
"name": "kde-configuration-file-creation(4583)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4583"
},
{
"name": "CSSA-2000-015.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt"
},
{
"name": "1291",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1291"
},
{
"name": "RHSA-2000:032",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-032.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0530",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000531 KDE::KApplication feature?",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html"
},
{
"name": "kde-configuration-file-creation(4583)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4583"
},
{
"name": "CSSA-2000-015.0",
"refsource": "CALDERA",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt"
},
{
"name": "1291",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1291"
},
{
"name": "RHSA-2000:032",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-032.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0530",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-07-11T00:00:00",
"dateUpdated": "2024-08-08T05:21:31.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0043
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 20:03
Severity ?
EPSS score ?
Summary
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:isc:inn:1.4sec:*:*:*:*:*:*:*",
"cpe:2.3:a:isc:inn:1.4sec2:*:*:*:*:*:*:*",
"cpe:2.3:a:isc:inn:1.4unoff3:*:*:*:*:*:*:*",
"cpe:2.3:a:isc:inn:1.4unoff4:*:*:*:*:*:*:*",
"cpe:2.3:a:isc:inn:1.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "inn",
"vendor": "isc",
"versions": [
{
"status": "affected",
"version": "1.4sec"
},
{
"status": "affected",
"version": "1.4sec2"
},
{
"status": "affected",
"version": "1.4unoff3"
},
{
"status": "affected",
"version": "1.4unoff4"
},
{
"status": "affected",
"version": "1.5"
}
]
},
{
"cpes": [
"cpe:2.3:a:netscape:news_server:1.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "news_server",
"vendor": "netscape",
"versions": [
{
"status": "affected",
"version": "1.1"
}
]
},
{
"cpes": [
"cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bsd_os",
"vendor": "bsdi",
"versions": [
{
"status": "affected",
"version": "2.1"
}
]
},
{
"cpes": [
"cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "openlinux",
"vendor": "caldera",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "4.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "4.1"
}
]
},
{
"cpes": [
"cpe:2.3:h:nec:goah_intrasv:1.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "goah_intrasv",
"vendor": "nec",
"versions": [
{
"status": "affected",
"version": "1.1"
}
]
},
{
"cpes": [
"cpe:2.3:h:nec:goah_networksv:1.2:*:*:*:*:*:*:*",
"cpe:2.3:h:nec:goah_networksv:2.2:*:*:*:*:*:*:*",
"cpe:2.3:h:nec:goah_networksv:3.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "goah_networksv",
"vendor": "nec",
"versions": [
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.1"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-1999-0043",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T19:56:17.928328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T20:03:35.981Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Command execution via shell metachars in INN daemon (innd) 1.5 using \"newgroup\" and \"rmgroup\" control messages, and others."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:31:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Command execution via shell metachars in INN daemon (innd) 1.5 using \"newgroup\" and \"rmgroup\" control messages, and others."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0043",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T20:03:35.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0368
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:34
Severity ?
EPSS score ?
Summary
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:51.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:24:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0368",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0368",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:51.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0234
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:34
Severity ?
EPSS score ?
Summary
Bash treats any character with a value of 255 as a command separator.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:50.903Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bash treats any character with a value of 255 as a command separator."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:59:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0234",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bash treats any character with a value of 255 as a command separator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0234",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:50.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0712
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:48
Severity ?
EPSS score ?
Summary
A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0712 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0712"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:54:37",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0712"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0712",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0712",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0712"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0712",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:37.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0438
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:21
Severity ?
EPSS score ?
Summary
Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/1239 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:30.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1239",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1239"
},
{
"name": "20000522 fdmount buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in fdmount on Linux systems allows local users in the \"floppy\" group to execute arbitrary commands via a long mountpoint parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1239",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1239"
},
{
"name": "20000522 fdmount buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0438",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in fdmount on Linux systems allows local users in the \"floppy\" group to execute arbitrary commands via a long mountpoint parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1239",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1239"
},
{
"name": "20000522 fdmount buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0438",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-06-14T00:00:00",
"dateUpdated": "2024-08-08T05:21:30.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-1134
Vulnerability from cvelistv5
Published
2000-12-19 05:00
Modified
2024-08-08 05:45
Severity ?
EPSS score ?
Summary
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:45:37.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20001111a",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2000/20001111a"
},
{
"name": "1926",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1926"
},
{
"name": "CLA-2000:350",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350"
},
{
"name": "oval:org.mitre.oval:def:4047",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047"
},
{
"name": "SSRT1-41U",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html"
},
{
"name": "2006",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2006"
},
{
"name": "MDKSA-2000-069",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3"
},
{
"name": "CSSA-2000-042.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt"
},
{
"name": "RHSA-2000:117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-117.html"
},
{
"name": "VU#10277",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/10277"
},
{
"name": "20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2"
},
{
"name": "FreeBSD-SA-00:76",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc"
},
{
"name": "20001028 tcsh: unsafe tempfile in \u003c\u003c redirects",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html"
},
{
"name": "MDKSA-2000:075",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3"
},
{
"name": "CSSA-2000-043.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt"
},
{
"name": "20011103-02-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P"
},
{
"name": "20001128 /bin/sh creates insecure tmp files",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/146657"
},
{
"name": "CLSA-2000:354",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354"
},
{
"name": "RHSA-2000:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-10-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing \u003c\u003c redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20001111a",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2000/20001111a"
},
{
"name": "1926",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1926"
},
{
"name": "CLA-2000:350",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350"
},
{
"name": "oval:org.mitre.oval:def:4047",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047"
},
{
"name": "SSRT1-41U",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ"
],
"url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html"
},
{
"name": "2006",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2006"
},
{
"name": "MDKSA-2000-069",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3"
},
{
"name": "CSSA-2000-042.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt"
},
{
"name": "RHSA-2000:117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-117.html"
},
{
"name": "VU#10277",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/10277"
},
{
"name": "20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2"
},
{
"name": "FreeBSD-SA-00:76",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc"
},
{
"name": "20001028 tcsh: unsafe tempfile in \u003c\u003c redirects",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html"
},
{
"name": "MDKSA-2000:075",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3"
},
{
"name": "CSSA-2000-043.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt"
},
{
"name": "20011103-02-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P"
},
{
"name": "20001128 /bin/sh creates insecure tmp files",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/146657"
},
{
"name": "CLSA-2000:354",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354"
},
{
"name": "RHSA-2000:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing \u003c\u003c redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20001111a",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2000/20001111a"
},
{
"name": "1926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1926"
},
{
"name": "CLA-2000:350",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350"
},
{
"name": "oval:org.mitre.oval:def:4047",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047"
},
{
"name": "SSRT1-41U",
"refsource": "COMPAQ",
"url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html"
},
{
"name": "2006",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2006"
},
{
"name": "MDKSA-2000-069",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3"
},
{
"name": "CSSA-2000-042.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt"
},
{
"name": "RHSA-2000:117",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-117.html"
},
{
"name": "VU#10277",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/10277"
},
{
"name": "20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2"
},
{
"name": "FreeBSD-SA-00:76",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc"
},
{
"name": "20001028 tcsh: unsafe tempfile in \u003c\u003c redirects",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html"
},
{
"name": "MDKSA-2000:075",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3"
},
{
"name": "CSSA-2000-043.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt"
},
{
"name": "20011103-02-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P"
},
{
"name": "20001128 /bin/sh creates insecure tmp files",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/146657"
},
{
"name": "CLSA-2000:354",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354"
},
{
"name": "RHSA-2000:121",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-1134",
"datePublished": "2000-12-19T05:00:00",
"dateReserved": "2000-12-14T00:00:00",
"dateUpdated": "2024-08-08T05:45:37.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0218
Vulnerability from cvelistv5
Published
2000-04-10 04:00
Modified
2024-08-08 05:05
Severity ?
EPSS score ?
Summary
Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/6980 | vdb-entry, x_refsource_OSVDB | |
| http://www.osvdb.org/7004 | vdb-entry, x_refsource_OSVDB | |
| ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txt | vendor-advisory, x_refsource_CALDERA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:54.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6980",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6980"
},
{
"name": "7004",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7004"
},
{
"name": "CSSA-2000-002.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-02-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6980",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6980"
},
{
"name": "7004",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7004"
},
{
"name": "CSSA-2000-002.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6980",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6980"
},
{
"name": "7004",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7004"
},
{
"name": "CSSA-2000-002.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0218",
"datePublished": "2000-04-10T04:00:00",
"dateReserved": "2000-03-22T00:00:00",
"dateUpdated": "2024-08-08T05:05:54.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-199712-0008
Vulnerability from variot
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. This problem is a design issue with the common implementation of the FTP protocol. In essence, the vulnerability is as follows: when a user FTP's into a host to retrieve files, the connection is two way (i.e. when you log in and request a file, the server then opens a connection back to your host of origin to deliver your requested data). Most FTP servers support what is called 'active mode' which allows users to specify a number of parameters to the FTP daemon. One of these is the PORT command, which lets you specify where you would like the return data connection to be sent. Therefore, instead of opening a connection back to yourself to drop off your requested files or data, you can then open that connection back to another host. This is true with both retrieving and putting data. Attackers can exploit this in some instances to circumvent access control, export restrictions, etc. There is a vulnerability in the FTP server
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199712-0008",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sunos",
"scope": "eq",
"trust": 1.9,
"vendor": "sun",
"version": "4.1.4"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "4.1.3u1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.5"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.4"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.3"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.6,
"vendor": "sun",
"version": "5.5.1"
},
{
"model": "unixware",
"scope": "eq",
"trust": 1.3,
"vendor": "sco",
"version": "2.1"
},
{
"model": "open desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "sco",
"version": "3.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.0"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "3.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.3,
"vendor": "freebsd",
"version": "2.0"
},
{
"model": "inet",
"scope": "eq",
"trust": 1.0,
"vendor": "gnu",
"version": "5.01"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "1.0"
},
{
"model": "openlinux",
"scope": "eq",
"trust": 1.0,
"vendor": "caldera",
"version": "1.2"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "1.2"
},
{
"model": "openserver",
"scope": "eq",
"trust": 1.0,
"vendor": "sco",
"version": "5.0.4"
},
{
"model": "inet",
"scope": "eq",
"trust": 1.0,
"vendor": "gnu",
"version": "6.02"
},
{
"model": "wu-ftpd",
"scope": "eq",
"trust": 1.0,
"vendor": "washington university",
"version": "2.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "2.1.7"
},
{
"model": "inet",
"scope": "eq",
"trust": 1.0,
"vendor": "gnu",
"version": "6.01"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "1.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.0,
"vendor": "netbsd",
"version": "1.2.1"
},
{
"model": "reliant unix",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "university wu-ftpd academ[beta1-15]",
"scope": "eq",
"trust": 0.3,
"vendor": "washington",
"version": "2.4.2"
},
{
"model": "solaris x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "solaris 2.5 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.0.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.1.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.0.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "5.0"
},
{
"model": "irix h",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix g",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix e",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix d",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix a",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "4.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.2"
},
{
"model": "open server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "5.0"
},
{
"model": "software serv-u",
"scope": "eq",
"trust": 0.3,
"vendor": "rhino",
"version": "4.1"
},
{
"model": "software serv-u",
"scope": "eq",
"trust": 0.3,
"vendor": "rhino",
"version": "4.0.0.4"
},
{
"model": "software serv-u",
"scope": "eq",
"trust": 0.3,
"vendor": "rhino",
"version": "3.1"
},
{
"model": "software serv-u",
"scope": "eq",
"trust": 0.3,
"vendor": "rhino",
"version": "3.0"
},
{
"model": "goat software mgftp",
"scope": "eq",
"trust": 0.3,
"vendor": "mad",
"version": "2.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.24"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.16"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.9"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.7"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.6"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "9.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.6"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.2"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.7.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "2.0.5"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "1.1.5.1"
},
{
"model": "unix d",
"scope": "eq",
"trust": 0.3,
"vendor": "digital",
"version": "4.0"
},
{
"model": "unix c",
"scope": "eq",
"trust": 0.3,
"vendor": "digital",
"version": "4.0"
},
{
"model": "unix b",
"scope": "eq",
"trust": 0.3,
"vendor": "digital",
"version": "4.0"
},
{
"model": "unix a",
"scope": "eq",
"trust": 0.3,
"vendor": "digital",
"version": "4.0"
},
{
"model": "unix",
"scope": "eq",
"trust": 0.3,
"vendor": "digital",
"version": "4.0"
},
{
"model": "unix g",
"scope": "eq",
"trust": 0.3,
"vendor": "digital",
"version": "3.2"
}
],
"sources": [
{
"db": "BID",
"id": "126"
},
{
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnu:inet:5.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnu:inet:6.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:washington_university:wu-ftpd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnu:inet:6.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sco:open_desktop:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:caldera:openlinux:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:siemens:reliant_unix:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.4:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:4.1.3u1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sco:openserver:5.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sco:unixware:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0017"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This problem was initially posted to the Bugtraq mailing list by *Hobbit* (hobbit@avian.org) on July12/1995.",
"sources": [
{
"db": "BID",
"id": "126"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
],
"trust": 0.9
},
"cve": "CVE-1999-0017",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-17",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-1999-0017",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-199712-006",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-17",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17"
},
{
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. This problem is a design issue with the common implementation of the FTP protocol. In essence, the vulnerability is as follows: when a user FTP\u0027s into a host to retrieve files, the connection is two way (i.e. when you log in and request a file, the server then opens a connection back to your host of origin to deliver your requested data). Most FTP servers support what is called \u0027active mode\u0027 which allows users to specify a number of parameters to the FTP daemon. One of these is the PORT command, which lets you specify *where* you would like the return data connection to be sent. Therefore, instead of opening a connection back to yourself to drop off your requested files or data, you can then open that connection back to another host. This is true with both retrieving and putting data. \nAttackers can exploit this in some instances to circumvent access control, export restrictions, etc. There is a vulnerability in the FTP server",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"db": "BID",
"id": "126"
},
{
"db": "VULHUB",
"id": "VHN-17"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-1999-0017",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006",
"trust": 0.7
},
{
"db": "BID",
"id": "126",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-17",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17"
},
{
"db": "BID",
"id": "126"
},
{
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"id": "VAR-199712-0008",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-17"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:16:24.502000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0017"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/cve-1999-0017"
},
{
"trust": 0.3,
"url": "ftp://ftp.cert.org/pub/tech_tips/ftp_port_attacks"
},
{
"trust": 0.3,
"url": "ftp://ftp.avian.org/random/ftp-attack"
},
{
"trust": 0.3,
"url": "http://www.cert.org/advisories/ca-1997-27.html"
},
{
"trust": 0.1,
"url": ""
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-17"
},
{
"db": "BID",
"id": "126"
},
{
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-17"
},
{
"db": "BID",
"id": "126"
},
{
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1997-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-17"
},
{
"date": "1995-07-12T00:00:00",
"db": "BID",
"id": "126"
},
{
"date": "1997-12-10T05:00:00",
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"date": "1997-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-09T00:00:00",
"db": "VULHUB",
"id": "VHN-17"
},
{
"date": "2007-12-18T20:05:00",
"db": "BID",
"id": "126"
},
{
"date": "2022-08-17T07:15:08.243000",
"db": "NVD",
"id": "CVE-1999-0017"
},
{
"date": "2022-08-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FTP Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199712-006"
}
],
"trust": 0.6
}
}
Vulnerability from fkie_nvd
Published
2000-05-24 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnome | gdm | 1.0 | |
| caldera | openlinux | * | |
| suse | suse_linux | 6.2 | |
| suse | suse_linux | 6.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnome:gdm:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D650E6-F568-4B7F-8913-3DC10E8F4201",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request."
}
],
"id": "CVE-2000-0491",
"lastModified": "2024-11-20T23:32:37.767",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-013.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0241.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0025.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_49.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1233"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1279"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-013.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0241.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_49.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1279"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1370"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-02-09 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proftpd_project | proftpd | 1.2_pre1 | |
| washington_university | wu-ftpd | 2.4.2_beta18 | |
| washington_university | wu-ftpd | 2.4.2_beta18_vr9 | |
| caldera | openlinux | 1.3 | |
| debian | debian_linux | 2.0 | |
| redhat | linux | 5.0 | |
| redhat | linux | 5.1 | |
| sco | openserver | 5.0 | |
| sco | openserver | 5.0.2 | |
| sco | openserver | 5.0.3 | |
| sco | openserver | 5.0.4 | |
| sco | openserver | 5.0.5 | |
| sco | unixware | 7.0 | |
| sco | unixware | 7.0.1 | |
| slackware | slackware_linux | 3.4 | |
| slackware | slackware_linux | 3.5 | |
| slackware | slackware_linux | 3.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proftpd_project:proftpd:1.2_pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1015CB-9A33-48D5-861A-A1FC0D8D0FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18:*:*:*:*:*:*:*",
"matchCriteriaId": "2D48DE48-5216-42AB-BEA8-EA490C5D4278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr9:*:*:*:*:*:*:*",
"matchCriteriaId": "4989799F-143A-45E5-A30C-9E3203649770",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EED21F27-4ADA-42AC-B28E-F849F47D4043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C19F7B3-9043-4E53-90DE-92A4387858A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0169CBF5-9301-42D2-A6DA-73393BD986D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6236FA51-E996-4E84-A8CC-2635A814CCC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "035FBF8B-EB91-4211-9979-8A9E913A54A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BA72B4-C4AF-41C6-92ED-30B286E00EF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17439B5B-0B66-490B-9B53-2C9D576C879F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EF9FD7BF-97E4-426D-881F-03C9D5B8895D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "125918E7-53BB-407A-8D95-5D95CDF39A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0BBA4F-C61A-4A8E-A7E2-CE0DF76DF592",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto."
}
],
"id": "CVE-1999-0368",
"lastModified": "2024-11-20T23:28:34.363",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-02-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-01-29 05:00
Modified
2024-11-20 23:32
Severity ?
Summary
The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A9DB15-1F04-4864-A8AD-FCCB35A63B2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C77FA7-C977-4223-B6AC-91B82C45129C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EED21F27-4ADA-42AC-B28E-F849F47D4043",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command."
},
{
"lang": "es",
"value": "La opci\u00f3n de depuraci\u00f3n en smail de Caldera Linux permite a atacantes remotos ejecutar comandos mediante metacaracteres de shell en la opci\u00f3n -D del comando rmail."
}
],
"id": "CVE-2000-0370",
"lastModified": "2024-11-20T23:32:20.983",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-01-29T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-001.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-001.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1268"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-08-22 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "86288A2E-B1BD-4DA9-BCCC-35AC44EEDD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23B38FCC-2C86-4E84-860B-EBAE0FA123B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, allows XDMCP connections from any host, which allows remote attackers to obtain sensitive information or bypass additional access restrictions."
}
],
"id": "CVE-2000-0374",
"lastModified": "2024-11-20T23:32:21.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-08-22T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-021.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:025"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1446"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-021.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4856"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-06-23 04:00
Modified
2024-11-20 23:29
Severity ?
Summary
The KDE klock program allows local users to unlock a session using malformed input.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EED21F27-4ADA-42AC-B28E-F849F47D4043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "86288A2E-B1BD-4DA9-BCCC-35AC44EEDD52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The KDE klock program allows local users to unlock a session using malformed input."
}
],
"id": "CVE-1999-0731",
"lastModified": "2024-11-20T23:29:20.357",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-06-23T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/489"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/KDE/kde1-kdebase/commit/04906bd5de2f220bf100b605dad37b4a1d9a91a6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/KDE/kde1-kdebase/commit/04906bd5de2f220bf100b605dad37b4a1d9a91a6"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-10-01 04:00
Modified
2024-11-20 23:29
Severity ?
Summary
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99235B00-0050-42BF-99EF-FCDD72D8627D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file."
}
],
"id": "CVE-1999-0879",
"lastModified": "2024-11-20T23:29:45.330",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-10-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0879"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-28 05:00
Modified
2024-11-20 23:40
Severity ?
Summary
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "86288A2E-B1BD-4DA9-BCCC-35AC44EEDD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23B38FCC-2C86-4E84-860B-EBAE0FA123B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A63714ED-A697-4AC3-AF13-3B028F9A87EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BA72B4-C4AF-41C6-92ED-30B286E00EF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC635C0-2B09-41F5-8160-365EC8642F89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments."
},
{
"lang": "es",
"value": "El procedimiento getdbm en ypxfrd permite a usuarios locales leer ficheros arbitrarios, y a atacantes remotos leer bases de datos fuera de /var/yp, mediante ataques de atravesamiento de directorios y de enlaces simb\u00f3licos en los argumentos de dominio y mapa."
}
],
"id": "CVE-2002-1199",
"lastModified": "2024-11-20T23:40:48.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-28T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103426842025029\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10329.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/538033"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5937"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103426842025029\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10329.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/538033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-04-05 04:00
Modified
2024-11-20 23:28
Severity ?
Summary
Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:procmail:procmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE4462E-5A4D-4DD3-A3B3-2C77EFA56A3E",
"versionEndIncluding": "3.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file."
}
],
"id": "CVE-1999-0439",
"lastModified": "2024-11-20T23:28:44.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-04-05T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0439"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-04-08 04:00
Modified
2024-11-20 23:27
Severity ?
Summary
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:data_general:dg_ux:5.4_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2EDB1993-75C9-4738-BDB3-E4433AC202FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:5.4_3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB15FBD9-B4F8-42EF-92C2-8D70A2385E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:5.4_4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA109D17-268F-4E8A-BBA9-0EAA6B46A705",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:data_general:dg_ux:5.4_4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "59EFCFC1-A15C-4B8D-BCCE-DB401A50D23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:4.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8257C916-6F4D-4B7E-8EED-B2789B3B35AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB79EDA4-9B2C-4C4C-A5DE-CB8C6EB00BDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF8869C-2446-48F3-A1CD-70AE44D74EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "199F4D8C-2FB9-4AF7-B7A3-339513665616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "41D0212C-EA41-4DF3-9A93-4559545BCD7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3567046C-FE3F-424D-A1B0-D7A43D00B79F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "40511481-CD42-4EB7-BE2A-7A78964B7D3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D926CDA1-AF2B-4DED-93AE-8F12091E0B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "536CB843-5FF6-4BC1-A6DA-92A8CB69D6D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B4722F-1FBA-4A73-BF85-5920B94F833D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "B7FD1CEC-9064-483C-A3C2-04E3C50EFBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05B1518A-9BBC-4CDB-8338-4DCC9A1A91D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C26983FB-6FD7-4938-8025-E535A6505ADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "52D01CD7-CE53-44D6-82C6-C72579BA089C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "73F04863-29CB-4E0C-838B-1C23E25C129C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.4t:*:*:*:*:*:*:*",
"matchCriteriaId": "79AA794C-C18F-48A4-ADCB-DC219DF259CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4B36C0-D3FF-4B33-B810-DB920062480B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5_iop:*:*:*:*:*:*:*",
"matchCriteriaId": "C03CED73-9451-4DE4-A00A-7EAB24424CC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5_ipr:*:*:*:*:*:*:*",
"matchCriteriaId": "29446761-8ACE-4E05-82C3-3FF77C1E2CCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "20B3C51E-DE28-4B50-B841-31CCFEA88A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5d:*:*:*:*:*:*:*",
"matchCriteriaId": "A67E6C0C-F5A4-4591-94B9-3D72221C0933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5e:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC66EB2-FFC7-4EF1-9591-A5C5E1E7C919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5f:*:*:*:*:*:*:*",
"matchCriteriaId": "85D02672-84E9-4036-8ED8-FE6EF4D7E275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5g:*:*:*:*:*:*:*",
"matchCriteriaId": "646483C9-6FFC-46FE-B9CD-40D733FABFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:4.0.5h:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B71C71-FA29-4B4C-831C-63AE2797BA2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D792E16B-A1AB-4BCE-9E6E-88C17D4F57CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "30F950B1-7D5F-4CA9-BBEF-E6DB1A28C156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "333103D5-71B8-4DC1-90F7-15F2841955D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A889C10-0637-4133-AFBD-533C8397BE89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E292DA15-91BF-4957-9C0F-A69518538BED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26144F94-63FD-4907-B548-09B68C2FC9B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26309EFA-0991-46B6-9818-F0FBB902D5F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "966C1A13-8007-408D-96BE-0DA3BB6CA401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD254562-D74A-4D7C-B846-E242D785B830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBFBCFEE-C24C-4D38-83F9-810E05D27901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3BA7775-30F2-4CA0-BA6E-70ED12A48D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FB038A89-1CA6-4313-B7CE-56C894945FFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3BC86F-5718-4232-BFFF-6244A7C09B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6118CC1-6E51-4E1B-8F58-43B337515222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D3B348-270F-4209-B31A-2B40F5E4A601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91D7C561-4D23-430B-A7D8-137E52B08FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:nec:asl_ux_4800:64:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1C22CE-FF69-44CF-82C3-EBFDA9E7EC0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:open_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD2701A-E930-4F4D-85F7-02F80135E34E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:open_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1530468C-EDEF-431D-9164-B0D670AF07D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "168248AC-E4F6-4C8F-9A21-0E6ABE029DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17439B5B-0B66-490B-9B53-2C9D576C879F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "200D8CB2-0D52-40A8-9CD9-6E4513605201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "54AF87E4-52A4-44CA-B48E-A5BB139E6410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "F66BAF35-A8B9-4E95-B270-444206FDD35B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases."
}
],
"id": "CVE-1999-0009",
"lastModified": "2024-11-20T23:27:35.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-04-08T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/134"
},
{
"source": "cve@mitre.org",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-07-12 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
Vulnerability in Caldera rmt command in the dump package 0.4b4 allows a local user to gain root privileges.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in Caldera rmt command in the dump package 0.4b4 allows a local user to gain root privileges."
}
],
"id": "CVE-2000-0372",
"lastModified": "2024-11-20T23:32:21.260",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-07-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-014.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7940"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-014.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2268"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-01-28 05:00
Modified
2024-11-20 23:27
Severity ?
Summary
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | 8.8.3 | |
| eric_allman | sendmail | 8.8.4 | |
| bsdi | bsd_os | 2.1 | |
| caldera | openlinux | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9D8484F8-8712-4B55-A163-BA492B4D0095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D15777E6-6951-4559-B19F-08CE6246BF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4."
}
],
"id": "CVE-1999-0047",
"lastModified": "2024-11-20T23:27:42.613",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-01-28T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/685"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-03-30 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/359 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/359 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux | 1.2 | |
| debian | debian_linux | 2.0 | |
| debian | debian_linux | 2.0 | |
| debian | debian_linux | 2.1 | |
| netbsd | netbsd | 1.3.3 | |
| redhat | linux | 5.1 | |
| suse | suse_linux | 5.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C77FA7-C977-4223-B6AC-91B82C45129C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.0:r5:*:*:*:*:*:*",
"matchCriteriaId": "D3067DBB-FBA1-48E9-9EC8-5A8D74B9F2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service."
}
],
"id": "CVE-1999-0434",
"lastModified": "2024-11-20T23:28:43.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-03-30T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/359"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-08-25 04:00
Modified
2024-11-20 23:29
Severity ?
Summary
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paul_vixie:vixie_cron:3.0_pl1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F45BCD-EBC1-4707-8C53-A25F373026A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "86288A2E-B1BD-4DA9-BCCC-35AC44EEDD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable."
}
],
"id": "CVE-1999-0769",
"lastModified": "2024-11-20T23:29:25.683",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-08-25T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/611"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-04-07 04:00
Modified
2024-11-20 23:27
Severity ?
Summary
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:university_of_washington:imap:4:*:*:*:*:*:*:*",
"matchCriteriaId": "C97FA8D5-1A78-4E3C-BEA8-0C37A9BBE8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:university_of_washington:pop:3:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8FE8B6-213B-48E5-8E62-B2F75AD8F589",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99235B00-0050-42BF-99EF-FCDD72D8627D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91D7C561-4D23-430B-A7D8-137E52B08FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5302613E-F0DD-4B46-884C-49A977FD4147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in University of Washington\u0027s implementation of IMAP and POP servers."
}
],
"id": "CVE-1999-0042",
"lastModified": "2024-11-20T23:27:41.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-04-07T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1996-12-04 05:00
Modified
2024-11-20 23:27
Severity ?
Summary
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:inn:1.4sec:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D0063D-01CE-49E2-A19A-FA861F3C40CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:inn:1.4sec2:*:*:*:*:*:*:*",
"matchCriteriaId": "967E86C5-3635-49FF-A98A-C9B2BC85A812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:inn:1.4unoff3:*:*:*:*:*:*:*",
"matchCriteriaId": "14DBB010-4064-4B46-834C-6FD5F1FE78FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:inn:1.4unoff4:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE0D317-4F02-4896-95FC-20B64EB3A91F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:inn:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9915A668-8E8C-4EC8-A72A-6937EC7D3496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:news_server:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A0FB9EFB-F5C3-447B-A1B7-DB762F93D8F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nec:goah_intrasv:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F6E390-A2CF-4F42-83EC-65B23EC644CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:goah_networksv:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11389E13-8EE5-4C33-9A6D-4B30849F0722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:goah_networksv:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C409173-AC55-493F-9B55-51A69D933F04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:goah_networksv:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC1F3C7-D016-44B4-843A-34538227668B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Command execution via shell metachars in INN daemon (innd) 1.5 using \"newgroup\" and \"rmgroup\" control messages, and others."
}
],
"id": "CVE-1999-0043",
"lastModified": "2024-11-20T23:27:41.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "1996-12-04T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-10-08 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23B38FCC-2C86-4E84-860B-EBAE0FA123B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service."
},
{
"lang": "es",
"value": "El servidor IDENT de Caldera Linux 2.3 crea m\u00faltiples hilos para cada petici\u00f3n IDENT, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2000-0369",
"lastModified": "2024-11-20T23:32:20.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-10-08T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-029.1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-029.1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1266"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-03-05 05:00
Modified
2024-11-20 23:31
Severity ?
Summary
The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows remote attackers to determine what packages are installed on the system.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23B38FCC-2C86-4E84-860B-EBAE0FA123B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows remote attackers to determine what packages are installed on the system."
}
],
"id": "CVE-2000-0192",
"lastModified": "2024-11-20T23:31:55.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-03-05T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0029.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1036"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-08-25 04:00
Modified
2024-11-20 23:29
Severity ?
Summary
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paul_vixie:vixie_cron:3.0_pl1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8F45BCD-EBC1-4707-8C53-A25F373026A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "86288A2E-B1BD-4DA9-BCCC-35AC44EEDD52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file."
}
],
"id": "CVE-1999-0872",
"lastModified": "2024-11-20T23:29:44.347",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-08-25T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/611"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/759"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-22 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux | 7.0 | |
| slackware | slackware_linux | 3.3 | |
| slackware | slackware_linux | 3.4 | |
| slackware | slackware_linux | 3.5 | |
| slackware | slackware_linux | 3.6 | |
| slackware | slackware_linux | 3.9 | |
| slackware | slackware_linux | 4.0 | |
| suse | suse_linux | 4.2 | |
| suse | suse_linux | 4.3 | |
| suse | suse_linux | 4.4 | |
| suse | suse_linux | 4.4.1 | |
| suse | suse_linux | 5.0 | |
| suse | suse_linux | 5.1 | |
| suse | suse_linux | 5.2 | |
| suse | suse_linux | 5.3 | |
| suse | suse_linux | 6.0 | |
| suse | suse_linux | 6.1 | |
| suse | suse_linux | 6.2 | |
| suse | suse_linux | 6.3 | |
| suse | suse_linux | 6.4 | |
| suse | suse_linux | 7.0 | |
| turbolinux | turbolinux | 6.0 | |
| turbolinux | turbolinux | 6.0.1 | |
| turbolinux | turbolinux | 6.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4C973D-1172-4D4C-AF96-9968ED317D36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06F2131E-F9F2-4E65-B95C-B52DB25C69F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "125918E7-53BB-407A-8D95-5D95CDF39A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0BBA4F-C61A-4A8E-A7E2-CE0DF76DF592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "15CB96AA-7CC1-4F01-8E9A-F85CD851594A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC3B1DD9-10B5-40FE-AE56-D068C41653DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "981A0654-C17D-48BB-A8B3-A728CB159C33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA8956D-F533-42BA-A06B-7CDB0A267B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in fdmount on Linux systems allows local users in the \"floppy\" group to execute arbitrary commands via a long mountpoint parameter."
}
],
"id": "CVE-2000-0438",
"lastModified": "2024-11-20T23:32:30.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-22T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1239"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-11-23 05:00
Modified
2024-11-20 23:32
Severity ?
Summary
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23B38FCC-2C86-4E84-860B-EBAE0FA123B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A63714ED-A697-4AC3-AF13-3B028F9A87EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*",
"matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets."
}
],
"id": "CVE-2000-0531",
"lastModified": "2024-11-20T23:32:42.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-11-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-045.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1377"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-04-27 04:00
Modified
2024-11-20 23:29
Severity ?
Summary
A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:coas:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2768B34B-979E-480C-ABEB-6D599305BFFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:caldera:coas:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A2FA5B-8B20-4324-9AA2-D6D689D9B08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:caldera:coas:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FB6C4E55-A3DA-48C2-A4F9-3D93759FAE54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "86288A2E-B1BD-4DA9-BCCC-35AC44EEDD52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable."
}
],
"id": "CVE-1999-0712",
"lastModified": "2024-11-20T23:29:17.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-04-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0712"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-11-19 05:00
Modified
2024-11-20 23:30
Severity ?
Summary
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:samba:samba:1.9.18:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3C20A1-F21D-41FF-8B87-B50E1AE8219E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8A9DB15-1F04-4864-A8AD-FCCB35A63B2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C77FA7-C977-4223-B6AC-91B82C45129C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EED21F27-4ADA-42AC-B28E-F849F47D4043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A03039A-881A-44C6-B69E-0BDC7914216F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program."
}
],
"id": "CVE-1999-1288",
"lastModified": "2024-11-20T23:30:45.497",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-11-19T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.caldera.com/support/security/advisories/SA-1998.35.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/11397"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.caldera.com/support/security/advisories/SA-1998.35.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/11397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1406"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-10-12 04:00
Modified
2024-11-20 23:27
Severity ?
Summary
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2F5E922C-239D-4F98-87ED-BB7998BE99C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C77FA7-C977-4223-B6AC-91B82C45129C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5302613E-F0DD-4B46-884C-49A977FD4147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "674066BB-2576-4AAE-B97F-A4470815F1AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "445EECD3-2DB9-43D1-B26F-0979A3C02D45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems."
}
],
"id": "CVE-1999-0002",
"lastModified": "2024-11-20T23:27:34.413",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-10-12T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/j-006.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/j-006.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/121"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-12-16 05:00
Modified
2024-11-20 23:27
Severity ?
Summary
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux | 2.0 | |
| hp | hp-ux | * | |
| microsoft | windows_95 | 0a | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| sun | sunos | 4.1.3u1 | |
| sun | sunos | 4.1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C724A3D-F6E5-4E0B-8201-ACC87CB9C94D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_95:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "8429C080-F550-4D03-A87A-4546273712AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5BDCBCB8-DAA3-465F-ADDE-9143B8251989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "B86E0671-ED68-4549-B3AC-FD8BD79B0860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.3u1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD1BA107-F2D3-4F13-82EC-4576C429E3C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1070749A-65E9-439A-A7CC-3CE529A5D5E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2."
}
],
"id": "CVE-1999-0104",
"lastModified": "2024-11-20T23:27:52.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-12-16T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/80175"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/80175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5743"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-07-03 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux | 2.3 | |
| caldera | openlinux | 2.4 | |
| mandrakesoft | mandrake_linux | 6.0 | |
| mandrakesoft | mandrake_linux | 6.1 | |
| mandrakesoft | mandrake_linux | 7.0 | |
| mandrakesoft | mandrake_linux | 7.1 | |
| redhat | linux | 5.2 | |
| redhat | linux | 5.2 | |
| redhat | linux | 5.2 | |
| redhat | linux | 6.0 | |
| redhat | linux | 6.0 | |
| redhat | linux | 6.0 | |
| redhat | linux | 6.1 | |
| redhat | linux | 6.1 | |
| redhat | linux | 6.1 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23B38FCC-2C86-4E84-860B-EBAE0FA123B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A63714ED-A697-4AC3-AF13-3B028F9A87EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "07396B95-E434-46C9-A345-27C9EA9BEA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "0775CE08-C5AD-4FF7-AEA9-537B1EAE3BDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*",
"matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "makewhatis in Linux man package allows local users to overwrite files via a symlink attack."
}
],
"id": "CVE-2000-0566",
"lastModified": "2024-11-20T23:32:47.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-07-03T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-021.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0390.html"
},
{
"source": "cve@mitre.org",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:015"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-041.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1434"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-021.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0390.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4900"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2024-11-20 23:34
Severity ?
Summary
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| immunix | immunix | 6.2 | |
| conectiva | linux | 4.0 | |
| conectiva | linux | 4.0es | |
| conectiva | linux | 4.1 | |
| conectiva | linux | 4.2 | |
| conectiva | linux | 5.0 | |
| conectiva | linux | 5.1 | |
| caldera | openlinux | * | |
| caldera | openlinux_edesktop | 2.4 | |
| caldera | openlinux_eserver | 2.3 | |
| hp | hp-ux | 11.11 | |
| mandrakesoft | mandrake_linux | 6.0 | |
| mandrakesoft | mandrake_linux | 6.1 | |
| mandrakesoft | mandrake_linux | 7.0 | |
| mandrakesoft | mandrake_linux | 7.1 | |
| mandrakesoft | mandrake_linux | 7.2 | |
| redhat | linux | 5.2 | |
| redhat | linux | 6.0 | |
| redhat | linux | 6.1 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2e | |
| suse | suse_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*",
"matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "24EEDE00-6F40-4A9A-BF74-6BE6CEAE39E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing \u003c\u003c redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack."
}
],
"id": "CVE-2000-1134",
"lastModified": "2024-11-20T23:34:05.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-01-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2000/20001111a"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/10277"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-117.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-121.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/146657"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1926"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2006"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2000/20001111a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/10277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-117.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/146657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-12-06 05:00
Modified
2024-11-20 23:36
Severity ?
Summary
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux_server | 3.1 | |
| caldera | openlinux_workstation | 3.1 | |
| caldera | openlinux | 2.3 | |
| caldera | openlinux_edesktop | 2.4 | |
| caldera | openlinux_eserver | 2.3.1 | |
| linux | linux_kernel | 2.0 | |
| linux | linux_kernel | 2.2.0 | |
| linux | linux_kernel | 2.4.0 | |
| suse | suse_linux | 6.3 | |
| suse | suse_linux | 6.4 | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.1 | |
| suse | suse_linux | 7.2 | |
| suse | suse_linux | 7.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A218B67-B87B-4A5E-B9EF-EF39ADEAD9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:caldera:openlinux_workstation:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41DE44-C3A1-4CC9-ACA7-4EC171D68910",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23B38FCC-2C86-4E84-860B-EBAE0FA123B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D11E0075-50CD-4A16-9A89-56DEF5263BCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96A6EE7E-C79C-4B25-AFF0-C6638CB3C99A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "146F7A77-A950-4CAD-BDA9-C239696F569D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie."
}
],
"id": "CVE-2001-0851",
"lastModified": "2024-11-20T23:36:17.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-12-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000432"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1683.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2001-142.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1683.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2001-142.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7461"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-07-21 04:00
Modified
2024-11-20 23:33
Severity ?
Summary
Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.kb.cert.org/vuls/id/22404 | Exploit, Patch, Third Party Advisory, US Government Resource | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/6644 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/22404 | Exploit, Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/6644 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:u_win:u_win:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57FF6FFA-1312-4200-8AC9-026A2E8FCC15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL."
}
],
"id": "CVE-2000-0892",
"lastModified": "2024-11-20T23:33:30.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2001-07-21T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/22404"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/22404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6644"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-12-19 05:00
Modified
2024-11-20 23:33
Severity ?
Summary
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux_ebuilder | 3.0 | |
| caldera | openlinux | * | |
| caldera | openlinux_edesktop | 2.4 | |
| caldera | openlinux_eserver | 2.3 | |
| redhat | linux | 7.0 | |
| trustix | secure_linux | 1.0 | |
| trustix | secure_linux | 1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02719FF-924A-4E96-AE1D-5994A8D4275E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF1A678-FEF1-4549-8EDC-518444CFC57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands."
}
],
"id": "CVE-2000-0917",
"lastModified": "2024-11-20T23:33:34.643",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-12-19T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-22.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-065.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1712"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-22.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-065.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-02-03 05:00
Modified
2024-11-20 23:31
Severity ?
Summary
Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux | 2.3 | |
| suse | suse_linux | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23B38FCC-2C86-4E84-860B-EBAE0FA123B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67527281-81FA-4068-9E0A-7B19FB6A208A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname."
}
],
"id": "CVE-2000-0218",
"lastModified": "2024-11-20T23:31:59.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-02-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/6980"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-002.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/6980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7004"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1996-10-08 04:00
Modified
2024-11-20 23:28
Severity ?
Summary
Bash treats any character with a value of 255 as a command separator.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:yggdrasil:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7467132F-CA92-462F-8E2C-E0EEBD956E7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "056B3397-81A9-4128-9F49-ECEBE1743EE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "445EECD3-2DB9-43D1-B26F-0979A3C02D45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bash treats any character with a value of 255 as a command separator."
}
],
"id": "CVE-1999-0234",
"lastModified": "2024-11-20T23:28:12.063",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1996-10-08T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-31 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A63714ED-A697-4AC3-AF13-3B028F9A87EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:kde:kde:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F472ECE0-821E-4A20-B6FC-CC4FC5D1BA36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files."
}
],
"id": "CVE-2000-0530",
"lastModified": "2024-11-20T23:32:42.850",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-31T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1291"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-015.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0387.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4583"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-10-01 04:00
Modified
2024-11-20 23:29
Severity ?
Summary
Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "99235B00-0050-42BF-99EF-FCDD72D8627D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly."
}
],
"id": "CVE-1999-0880",
"lastModified": "2024-11-20T23:29:45.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-10-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0880"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-12-06 05:00
Modified
2024-11-20 23:36
Severity ?
Summary
A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4636EA3B-CF25-4224-A0F2-A12576B355BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow."
}
],
"id": "CVE-2001-0850",
"lastModified": "2024-11-20T23:36:17.187",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-12-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-037.0.txt"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-037.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7427"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2024-11-20 23:33
Severity ?
Summary
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02719FF-924A-4E96-AE1D-5994A8D4275E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*",
"matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*",
"matchCriteriaId": "772E3C7E-9947-414F-8642-18653BB048E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*",
"matchCriteriaId": "8D51EC29-8836-4F87-ABF8-FF7530DECBB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*",
"matchCriteriaId": "518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E55C28A7-CD21-47CD-AA50-E8B2D89A18E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C00FC9-AD97-4226-A0EA-7DB14AA592DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44C6203A-D05B-47B1-8BC2-BA021EBAFDEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3BA7775-30F2-4CA0-BA6E-70ED12A48D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FB038A89-1CA6-4313-B7CE-56C894945FFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3BC86F-5718-4232-BFFF-6244A7C09B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6118CC1-6E51-4E1B-8F58-43B337515222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D3B348-270F-4209-B31A-2B40F5E4A601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91D7C561-4D23-430B-A7D8-137E52B08FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55919E74-09E7-44BA-9941-D1B69BB1692F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45F3C5D8-8BC3-44EB-917A-D0BA051D3D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A9C005-4392-4C95-9B92-98EEC73EFE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0297F56-5F41-48FD-AB47-36E3BD2AB7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1370216-93EB-400F-9AA6-CB2DC316DAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84523B48-218B-45F4-9C04-2C103612DCB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF1A678-FEF1-4549-8EDC-518444CFC57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "981A0654-C17D-48BB-A8B3-A728CB159C33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA8956D-F533-42BA-A06B-7CDB0A267B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A0AA1204-D181-4E1C-B795-159FC57E86A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "24740C11-59D0-4071-97BD-8BF7084FC1FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
}
],
"id": "CVE-2000-0844",
"lastModified": "2024-11-20T23:33:24.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-11-14T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2000/20000902"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1634"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2000/20000902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-12-10 05:00
Modified
2024-11-20 23:27
Severity ?
Summary
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | inet | 5.01 | |
| gnu | inet | 6.01 | |
| gnu | inet | 6.02 | |
| washington_university | wu-ftpd | 2.4 | |
| caldera | openlinux | 1.2 | |
| freebsd | freebsd | 1.0 | |
| freebsd | freebsd | 1.1 | |
| freebsd | freebsd | 1.2 | |
| freebsd | freebsd | 2.0 | |
| freebsd | freebsd | 2.1.0 | |
| freebsd | freebsd | 2.1.7 | |
| ibm | aix | 3.2 | |
| ibm | aix | 4.1 | |
| ibm | aix | 4.2 | |
| ibm | aix | 4.3 | |
| netbsd | netbsd | 1.0 | |
| netbsd | netbsd | 1.1 | |
| netbsd | netbsd | 1.2 | |
| netbsd | netbsd | 1.2.1 | |
| sco | open_desktop | 3.0 | |
| sco | openserver | 5.0.4 | |
| sco | unixware | 2.1 | |
| siemens | reliant_unix | * | |
| sun | sunos | 4.1.3u1 | |
| sun | sunos | 4.1.4 | |
| sun | sunos | 5.3 | |
| sun | sunos | 5.4 | |
| sun | sunos | 5.4 | |
| sun | sunos | 5.5 | |
| sun | sunos | 5.5 | |
| sun | sunos | 5.5.1 | |
| sun | sunos | 5.5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:inet:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "679EB37A-DC20-4EB0-BF1E-664BF53AC054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:inet:6.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF8F484-F5AA-4834-B976-764B2488F377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:inet:6.02:*:*:*:*:*:*:*",
"matchCriteriaId": "C692D0C5-BCF4-4C68-B7DF-EDCE4A55F1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A86BB4F6-210F-448A-A3CB-127BEB5BD0D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C77FA7-C977-4223-B6AC-91B82C45129C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44EFD22E-02C9-4B80-8934-A9AC8DD858CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B4D4A5-25EB-48FE-BDFD-A274CE802648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F3A037F1-98AD-47CC-8D83-B42666E1B61E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CF4F7002-A525-4A66-BE8B-E50ABBF144B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:open_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD2701A-E930-4F4D-85F7-02F80135E34E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "035FBF8B-EB91-4211-9979-8A9E913A54A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "168248AC-E4F6-4C8F-9A21-0E6ABE029DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:reliant_unix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2C5456-FF11-403E-B67E-5961278D812A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.3u1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD1BA107-F2D3-4F13-82EC-4576C429E3C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1070749A-65E9-439A-A7CC-3CE529A5D5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:x86:*:*:*:*:*",
"matchCriteriaId": "D1DEB967-BD3E-4CCF-B53F-3927454FA689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "1C89DF53-2038-487A-A08F-8D705B7BFB27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "C82E90A7-C5D7-4DFC-8FF5-4EFAF30C790B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce."
}
],
"id": "CVE-1999-0017",
"lastModified": "2024-11-20T23:27:37.323",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-12-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0017"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}