Vulnerabilites related to caldera - openlinux_eserver
Vulnerability from fkie_nvd
Published
1999-11-23 05:00
Modified
2024-11-20 23:32
Severity ?
Summary
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23B38FCC-2C86-4E84-860B-EBAE0FA123B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A63714ED-A697-4AC3-AF13-3B028F9A87EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*",
"matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets."
}
],
"id": "CVE-2000-0531",
"lastModified": "2024-11-20T23:32:42.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-11-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-045.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1377"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-07-04 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux_desktop | 2.3 | |
| caldera | openlinux_ebuilder | 2.3 | |
| caldera | openlinux_edesktop | 2.4 | |
| caldera | openlinux_eserver | 2.3 | |
| freebsd | freebsd | 3.5 | |
| freebsd | freebsd | 4.0 | |
| mandrakesoft | mandrake_linux | 2007 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_desktop:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "39CEEC92-B7FE-4E41-9966-DDA9EDF943C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:caldera:openlinux_ebuilder:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B1F951-6F13-4FFF-84F7-0E65A689DB64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "47E02BE6-4800-4940-B269-385B66AC5077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters."
}
],
"id": "CVE-2000-0594",
"lastModified": "2024-11-20T23:32:51.337",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-07-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0026.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0098.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0105.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/freebsd/2000-07/0042.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0018.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-022.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-042.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1436"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0098.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0105.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/freebsd/2000-07/0042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-022.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4897"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2024-11-20 23:33
Severity ?
Summary
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02719FF-924A-4E96-AE1D-5994A8D4275E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*",
"matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*",
"matchCriteriaId": "772E3C7E-9947-414F-8642-18653BB048E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*",
"matchCriteriaId": "8D51EC29-8836-4F87-ABF8-FF7530DECBB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*",
"matchCriteriaId": "518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E55C28A7-CD21-47CD-AA50-E8B2D89A18E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C00FC9-AD97-4226-A0EA-7DB14AA592DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44C6203A-D05B-47B1-8BC2-BA021EBAFDEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3BA7775-30F2-4CA0-BA6E-70ED12A48D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FB038A89-1CA6-4313-B7CE-56C894945FFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3BC86F-5718-4232-BFFF-6244A7C09B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6118CC1-6E51-4E1B-8F58-43B337515222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D3B348-270F-4209-B31A-2B40F5E4A601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91D7C561-4D23-430B-A7D8-137E52B08FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55919E74-09E7-44BA-9941-D1B69BB1692F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45F3C5D8-8BC3-44EB-917A-D0BA051D3D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A9C005-4392-4C95-9B92-98EEC73EFE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0297F56-5F41-48FD-AB47-36E3BD2AB7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1370216-93EB-400F-9AA6-CB2DC316DAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84523B48-218B-45F4-9C04-2C103612DCB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF1A678-FEF1-4549-8EDC-518444CFC57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "981A0654-C17D-48BB-A8B3-A728CB159C33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA8956D-F533-42BA-A06B-7CDB0A267B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A0AA1204-D181-4E1C-B795-159FC57E86A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "24740C11-59D0-4071-97BD-8BF7084FC1FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
}
],
"id": "CVE-2000-0844",
"lastModified": "2024-11-20T23:33:24.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-11-14T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2000/20000902"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1634"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2000/20000902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2024-11-20 23:34
Severity ?
Summary
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| immunix | immunix | 6.2 | |
| conectiva | linux | 4.0 | |
| conectiva | linux | 4.0es | |
| conectiva | linux | 4.1 | |
| conectiva | linux | 4.2 | |
| conectiva | linux | 5.0 | |
| conectiva | linux | 5.1 | |
| caldera | openlinux | * | |
| caldera | openlinux_edesktop | 2.4 | |
| caldera | openlinux_eserver | 2.3 | |
| hp | hp-ux | 11.11 | |
| mandrakesoft | mandrake_linux | 6.0 | |
| mandrakesoft | mandrake_linux | 6.1 | |
| mandrakesoft | mandrake_linux | 7.0 | |
| mandrakesoft | mandrake_linux | 7.1 | |
| mandrakesoft | mandrake_linux | 7.2 | |
| redhat | linux | 5.2 | |
| redhat | linux | 6.0 | |
| redhat | linux | 6.1 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2e | |
| suse | suse_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*",
"matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2e:*:*:*:*:*:*:*",
"matchCriteriaId": "24EEDE00-6F40-4A9A-BF74-6BE6CEAE39E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing \u003c\u003c redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack."
}
],
"id": "CVE-2000-1134",
"lastModified": "2024-11-20T23:34:05.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-01-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2000/20001111a"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/10277"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-117.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-121.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/146657"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1926"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2006"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2000/20001111a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/10277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-117.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/146657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-03-26 05:00
Modified
2024-11-20 23:34
Severity ?
Summary
Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux_desktop | 2.3 | |
| caldera | openlinux_edesktop | 2.4 | |
| caldera | openlinux_eserver | 2.3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_desktop:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "39CEEC92-B7FE-4E41-9966-DDA9EDF943C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D11E0075-50CD-4A16-9A89-56DEF5263BCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands."
}
],
"id": "CVE-2001-0181",
"lastModified": "2024-11-20T23:34:47.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-03-26T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-003.0.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2215"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-003.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5953"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-12-19 05:00
Modified
2024-11-20 23:33
Severity ?
Summary
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux_ebuilder | 3.0 | |
| caldera | openlinux | * | |
| caldera | openlinux_edesktop | 2.4 | |
| caldera | openlinux_eserver | 2.3 | |
| redhat | linux | 7.0 | |
| trustix | secure_linux | 1.0 | |
| trustix | secure_linux | 1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02719FF-924A-4E96-AE1D-5994A8D4275E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF1A678-FEF1-4549-8EDC-518444CFC57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands."
}
],
"id": "CVE-2000-0917",
"lastModified": "2024-11-20T23:33:34.643",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-12-19T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-22.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-065.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1712"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-22.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-065.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-12-21 05:00
Modified
2024-11-20 23:36
Severity ?
Summary
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux_workstation | 3.1 | |
| redhat | linux_powertools | 6.2 | |
| caldera | openlinux_eserver | 3.1 | |
| redhat | linux | 7.0 | |
| redhat | linux | 7.2 | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.1 | |
| suse | suse_linux | 7.2 | |
| suse | suse_linux | 7.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_workstation:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41DE44-C3A1-4CC9-ACA7-4EC171D68910",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:linux_powertools:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5AE3BF4-237D-4D84-9753-512A642141A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BA1B334D-F259-4DD8-838C-17446476820F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands."
},
{
"lang": "es",
"value": "Vulnerabilidad de cadena de formato en la funci\u00f3n de retrollamada (callback) en common.c en la librer\u00eda Cyrus SASL (cyrus-sasl) podr\u00eda permitr a atacantes remotos ejecutar comandos de su elecci\u00f3n."
}
],
"id": "CVE-2001-0869",
"lastModified": "2024-11-20T23:36:19.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-12-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000444"
},
{
"source": "cve@mitre.org",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3"
},
{
"source": "cve@mitre.org",
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-150.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-151.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/3498"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-150.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-151.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/3498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7443"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2024-11-20 23:34
Severity ?
Summary
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux_desktop | 2.3 | |
| immunix | immunix | 7.0_beta | |
| caldera | openlinux_edesktop | 2.4 | |
| caldera | openlinux_eserver | 2.3 | |
| debian | debian_linux | 2.2 | |
| debian | debian_linux | 2.2 | |
| debian | debian_linux | 2.2 | |
| debian | debian_linux | 2.2 | |
| debian | debian_linux | 2.2 | |
| mandrakesoft | mandrake_linux | 6.0 | |
| mandrakesoft | mandrake_linux | 6.1 | |
| mandrakesoft | mandrake_linux | 7.0 | |
| mandrakesoft | mandrake_linux | 7.1 | |
| mandrakesoft | mandrake_linux | 7.2 | |
| redhat | linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_desktop:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "39CEEC92-B7FE-4E41-9966-DDA9EDF943C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*",
"matchCriteriaId": "E040A866-0D2C-40E1-B1FB-DB600B389E27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*",
"matchCriteriaId": "D71083B4-1736-4501-8DE8-BC24AC1447AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations."
}
],
"id": "CVE-2001-0139",
"lastModified": "2024-11-20T23:34:41.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-03-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2190"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-12-06 05:00
Modified
2024-11-20 23:36
Severity ?
Summary
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux_server | 3.1 | |
| caldera | openlinux_workstation | 3.1 | |
| caldera | openlinux | 2.3 | |
| caldera | openlinux_edesktop | 2.4 | |
| caldera | openlinux_eserver | 2.3.1 | |
| linux | linux_kernel | 2.0 | |
| linux | linux_kernel | 2.2.0 | |
| linux | linux_kernel | 2.4.0 | |
| suse | suse_linux | 6.3 | |
| suse | suse_linux | 6.4 | |
| suse | suse_linux | 7.0 | |
| suse | suse_linux | 7.1 | |
| suse | suse_linux | 7.2 | |
| suse | suse_linux | 7.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A218B67-B87B-4A5E-B9EF-EF39ADEAD9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:caldera:openlinux_workstation:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41DE44-C3A1-4CC9-ACA7-4EC171D68910",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23B38FCC-2C86-4E84-860B-EBAE0FA123B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D11E0075-50CD-4A16-9A89-56DEF5263BCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96A6EE7E-C79C-4B25-AFF0-C6638CB3C99A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "146F7A77-A950-4CAD-BDA9-C239696F569D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie."
}
],
"id": "CVE-2001-0851",
"lastModified": "2024-11-20T23:36:17.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-12-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000432"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1683.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2001-142.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1683.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2001-142.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7461"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-31 04:00
Modified
2024-11-20 23:34
Severity ?
Summary
telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux_edesktop | 2.3 | |
| caldera | openlinux_eserver | 2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F7AE75-0E35-4D41-9949-30FDE0425CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option."
}
],
"id": "CVE-2000-1195",
"lastModified": "2024-11-20T23:34:13.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-08-31T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2000-008.0.txt"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2000-008.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4225"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2001-0139
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
EPSS score ?
Summary
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=97916374410647&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/5916 | vdb-entry, x_refsource_XF | |
| http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.securityfocus.com/bid/2190 | vdb-entry, x_refsource_BID | |
| http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt | vendor-advisory, x_refsource_CALDERA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:55.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20010110 Immunix OS Security update for lots of temp file problems",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
},
{
"name": "linux-inn-symlink(5916)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916"
},
{
"name": "MDKSA-2001:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3"
},
{
"name": "2190",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2190"
},
{
"name": "CSSA-2001-001.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20010110 Immunix OS Security update for lots of temp file problems",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
},
{
"name": "linux-inn-symlink(5916)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916"
},
{
"name": "MDKSA-2001:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3"
},
{
"name": "2190",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2190"
},
{
"name": "CSSA-2001-001.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010110 Immunix OS Security update for lots of temp file problems",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2"
},
{
"name": "linux-inn-symlink(5916)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916"
},
{
"name": "MDKSA-2001:010",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3"
},
{
"name": "2190",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2190"
},
{
"name": "CSSA-2001-001.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0139",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2001-02-06T00:00:00",
"dateUpdated": "2024-08-08T04:06:55.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0917
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
EPSS score ?
Summary
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
References
| ▼ | URL | Tags |
|---|---|---|
| ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc | vendor-advisory, x_refsource_FREEBSD | |
| http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://www.cert.org/advisories/CA-2000-22.html | third-party-advisory, x_refsource_CERT | |
| http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.redhat.com/support/errata/RHSA-2000-065.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/5287 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/1712 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:31.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-00:56",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc"
},
{
"name": "CSSA-2000-033.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt"
},
{
"name": "CA-2000-22",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2000-22.html"
},
{
"name": "20000925 Format strings: bug #2: LPRng",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html"
},
{
"name": "RHSA-2000:065",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-065.html"
},
{
"name": "lprng-format-string(5287)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287"
},
{
"name": "1712",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1712"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-00:56",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc"
},
{
"name": "CSSA-2000-033.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt"
},
{
"name": "CA-2000-22",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2000-22.html"
},
{
"name": "20000925 Format strings: bug #2: LPRng",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html"
},
{
"name": "RHSA-2000:065",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-065.html"
},
{
"name": "lprng-format-string(5287)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287"
},
{
"name": "1712",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1712"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-00:56",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc"
},
{
"name": "CSSA-2000-033.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt"
},
{
"name": "CA-2000-22",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2000-22.html"
},
{
"name": "20000925 Format strings: bug #2: LPRng",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html"
},
{
"name": "RHSA-2000:065",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-065.html"
},
{
"name": "lprng-format-string(5287)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287"
},
{
"name": "1712",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1712"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0917",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-11-24T00:00:00",
"dateUpdated": "2024-08-08T05:37:31.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-0869
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 04:37
Severity ?
EPSS score ?
Summary
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2001-150.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://www.redhat.com/support/errata/RHSA-2001-151.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/3498 | vdb-entry, x_refsource_BID | |
| http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3 | vendor-advisory, x_refsource_SUSE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/7443 | vdb-entry, x_refsource_XF | |
| ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc | vendor-advisory, x_refsource_FREEBSD | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000444 | vendor-advisory, x_refsource_CONECTIVA | |
| http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018 | vendor-advisory, x_refsource_MANDRAKE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:06.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2001:150",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-150.html"
},
{
"name": "CSSA-2001-040.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt"
},
{
"name": "RHSA-2001:151",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-151.html"
},
{
"name": "3498",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3498"
},
{
"name": "SuSE-SA:2001:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3"
},
{
"name": "cyrus-sasl-format-string(7443)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7443"
},
{
"name": "FreeBSD-SA-02:15",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc"
},
{
"name": "CLA-2001:444",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000444"
},
{
"name": "MDKSA-2002:018",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-16T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2001:150",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-150.html"
},
{
"name": "CSSA-2001-040.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt"
},
{
"name": "RHSA-2001:151",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-151.html"
},
{
"name": "3498",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3498"
},
{
"name": "SuSE-SA:2001:042",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3"
},
{
"name": "cyrus-sasl-format-string(7443)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7443"
},
{
"name": "FreeBSD-SA-02:15",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc"
},
{
"name": "CLA-2001:444",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000444"
},
{
"name": "MDKSA-2002:018",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0869",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2001:150",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-150.html"
},
{
"name": "CSSA-2001-040.0",
"refsource": "CALDERA",
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt"
},
{
"name": "RHSA-2001:151",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-151.html"
},
{
"name": "3498",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3498"
},
{
"name": "SuSE-SA:2001:042",
"refsource": "SUSE",
"url": "http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3"
},
{
"name": "cyrus-sasl-format-string(7443)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7443"
},
{
"name": "FreeBSD-SA-02:15",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc"
},
{
"name": "CLA-2001:444",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000444"
},
{
"name": "MDKSA-2002:018",
"refsource": "MANDRAKE",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0869",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2001-11-29T00:00:00",
"dateUpdated": "2024-08-08T04:37:06.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0844
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
EPSS score ?
Summary
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:30.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2000:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"name": "20000906 glibc locale security problem",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"name": "20000902 Conectiva Linux Security Announcement - glibc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"name": "SSRT0689U",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"name": "TLSA2000020-1",
"tags": [
"vendor-advisory",
"x_refsource_TURBO",
"x_transferred"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"name": "20000902 glibc: local root exploit",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2000/20000902"
},
{
"name": "20000904 UNIX locale format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"name": "IY13753",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"name": "1634",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1634"
},
{
"name": "CSSA-2000-030.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"name": "unix-locale-format-string(5176)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
},
{
"name": "20000901-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-09-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2000:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"name": "20000906 glibc locale security problem",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"name": "20000902 Conectiva Linux Security Announcement - glibc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"name": "SSRT0689U",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ"
],
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"name": "TLSA2000020-1",
"tags": [
"vendor-advisory",
"x_refsource_TURBO"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"name": "20000902 glibc: local root exploit",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2000/20000902"
},
{
"name": "20000904 UNIX locale format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"name": "IY13753",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"name": "1634",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1634"
},
{
"name": "CSSA-2000-030.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"name": "unix-locale-format-string(5176)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
},
{
"name": "20000901-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0844",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2000:057",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"name": "20000906 glibc locale security problem",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"name": "20000902 Conectiva Linux Security Announcement - glibc",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"name": "SSRT0689U",
"refsource": "COMPAQ",
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"name": "TLSA2000020-1",
"refsource": "TURBO",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"name": "20000902 glibc: local root exploit",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2000/20000902"
},
{
"name": "20000904 UNIX locale format string vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"name": "IY13753",
"refsource": "AIXAPAR",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"name": "1634",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1634"
},
{
"name": "CSSA-2000-030.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"name": "unix-locale-format-string(5176)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
},
{
"name": "20000901-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0844",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-10-18T00:00:00",
"dateUpdated": "2024-08-08T05:37:30.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-1134
Vulnerability from cvelistv5
Published
2000-12-19 05:00
Modified
2024-08-08 05:45
Severity ?
EPSS score ?
Summary
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:45:37.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20001111a",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2000/20001111a"
},
{
"name": "1926",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1926"
},
{
"name": "CLA-2000:350",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350"
},
{
"name": "oval:org.mitre.oval:def:4047",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047"
},
{
"name": "SSRT1-41U",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html"
},
{
"name": "2006",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2006"
},
{
"name": "MDKSA-2000-069",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3"
},
{
"name": "CSSA-2000-042.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt"
},
{
"name": "RHSA-2000:117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-117.html"
},
{
"name": "VU#10277",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/10277"
},
{
"name": "20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2"
},
{
"name": "FreeBSD-SA-00:76",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc"
},
{
"name": "20001028 tcsh: unsafe tempfile in \u003c\u003c redirects",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html"
},
{
"name": "MDKSA-2000:075",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3"
},
{
"name": "CSSA-2000-043.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt"
},
{
"name": "20011103-02-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P"
},
{
"name": "20001128 /bin/sh creates insecure tmp files",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/146657"
},
{
"name": "CLSA-2000:354",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354"
},
{
"name": "RHSA-2000:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-121.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-10-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing \u003c\u003c redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20001111a",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2000/20001111a"
},
{
"name": "1926",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1926"
},
{
"name": "CLA-2000:350",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350"
},
{
"name": "oval:org.mitre.oval:def:4047",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047"
},
{
"name": "SSRT1-41U",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ"
],
"url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html"
},
{
"name": "2006",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2006"
},
{
"name": "MDKSA-2000-069",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3"
},
{
"name": "CSSA-2000-042.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt"
},
{
"name": "RHSA-2000:117",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-117.html"
},
{
"name": "VU#10277",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/10277"
},
{
"name": "20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2"
},
{
"name": "FreeBSD-SA-00:76",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc"
},
{
"name": "20001028 tcsh: unsafe tempfile in \u003c\u003c redirects",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html"
},
{
"name": "MDKSA-2000:075",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3"
},
{
"name": "CSSA-2000-043.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt"
},
{
"name": "20011103-02-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P"
},
{
"name": "20001128 /bin/sh creates insecure tmp files",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/146657"
},
{
"name": "CLSA-2000:354",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354"
},
{
"name": "RHSA-2000:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-121.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing \u003c\u003c redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20001111a",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2000/20001111a"
},
{
"name": "1926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1926"
},
{
"name": "CLA-2000:350",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350"
},
{
"name": "oval:org.mitre.oval:def:4047",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047"
},
{
"name": "SSRT1-41U",
"refsource": "COMPAQ",
"url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html"
},
{
"name": "2006",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2006"
},
{
"name": "MDKSA-2000-069",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3"
},
{
"name": "CSSA-2000-042.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt"
},
{
"name": "RHSA-2000:117",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-117.html"
},
{
"name": "VU#10277",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/10277"
},
{
"name": "20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2"
},
{
"name": "FreeBSD-SA-00:76",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc"
},
{
"name": "20001028 tcsh: unsafe tempfile in \u003c\u003c redirects",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html"
},
{
"name": "MDKSA-2000:075",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3"
},
{
"name": "CSSA-2000-043.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt"
},
{
"name": "20011103-02-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P"
},
{
"name": "20001128 /bin/sh creates insecure tmp files",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/146657"
},
{
"name": "CLSA-2000:354",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354"
},
{
"name": "RHSA-2000:121",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-121.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-1134",
"datePublished": "2000-12-19T05:00:00",
"dateReserved": "2000-12-14T00:00:00",
"dateUpdated": "2024-08-08T05:45:37.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0594
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:21
Severity ?
EPSS score ?
Summary
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/freebsd/2000-07/0042.html | vendor-advisory, x_refsource_FREEBSD | |
| http://archives.neohapsis.com/archives/bugtraq/2000-07/0105.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.redhat.com/support/errata/RHSA-2000-042.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.calderasystems.com/support/security/advisories/CSSA-2000-022.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://www.securityfocus.com/bid/1436 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/4897 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2000-07/0026.html | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/bugtraq/2000-07/0098.html | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0018.html | mailing-list, x_refsource_VULN-DEV |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-00:32",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2000-07/0042.html"
},
{
"name": "20000707 BitchX update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0105.html"
},
{
"name": "RHSA-2000:042",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-042.html"
},
{
"name": "CSSA-2000-022.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-022.0.txt"
},
{
"name": "1436",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1436"
},
{
"name": "irc-bitchx-invite-dos(4897)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4897"
},
{
"name": "20000704 BitchX exploit possibly waiting to happen, certain DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0026.html"
},
{
"name": "20000707 CONECTIVA LINUX SECURITY ANNOUNCEMENT - BitchX",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0098.html"
},
{
"name": "20000704 BitchX /ignore bug",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-00:32",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://archives.neohapsis.com/archives/freebsd/2000-07/0042.html"
},
{
"name": "20000707 BitchX update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0105.html"
},
{
"name": "RHSA-2000:042",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-042.html"
},
{
"name": "CSSA-2000-022.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-022.0.txt"
},
{
"name": "1436",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1436"
},
{
"name": "irc-bitchx-invite-dos(4897)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4897"
},
{
"name": "20000704 BitchX exploit possibly waiting to happen, certain DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0026.html"
},
{
"name": "20000707 CONECTIVA LINUX SECURITY ANNOUNCEMENT - BitchX",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0098.html"
},
{
"name": "20000704 BitchX /ignore bug",
"tags": [
"mailing-list",
"x_refsource_VULN-DEV"
],
"url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0594",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-00:32",
"refsource": "FREEBSD",
"url": "http://archives.neohapsis.com/archives/freebsd/2000-07/0042.html"
},
{
"name": "20000707 BitchX update",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0105.html"
},
{
"name": "RHSA-2000:042",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-042.html"
},
{
"name": "CSSA-2000-022.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-022.0.txt"
},
{
"name": "1436",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1436"
},
{
"name": "irc-bitchx-invite-dos(4897)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4897"
},
{
"name": "20000704 BitchX exploit possibly waiting to happen, certain DoS",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0026.html"
},
{
"name": "20000707 CONECTIVA LINUX SECURITY ANNOUNCEMENT - BitchX",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0098.html"
},
{
"name": "20000704 BitchX /ignore bug",
"refsource": "VULN-DEV",
"url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0594",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-07-19T00:00:00",
"dateUpdated": "2024-08-08T05:21:31.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0531
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:21
Severity ?
EPSS score ?
Summary
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/1377 | vdb-entry, x_refsource_BID | |
| http://www.redhat.com/support/errata/RHSA-2000-045.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/5010 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000620 Bug in gpm",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl"
},
{
"name": "1377",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1377"
},
{
"name": "RHSA-2000:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-045.html"
},
{
"name": "linux-gpm-gpmctl-dos(5010)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010"
},
{
"name": "20000728 MDKSA:2000-025 gpm update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000620 Bug in gpm",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl"
},
{
"name": "1377",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1377"
},
{
"name": "RHSA-2000:045",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-045.html"
},
{
"name": "linux-gpm-gpmctl-dos(5010)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010"
},
{
"name": "20000728 MDKSA:2000-025 gpm update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0531",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000620 Bug in gpm",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000@apollo.aci.com.pl"
},
{
"name": "1377",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1377"
},
{
"name": "RHSA-2000:045",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-045.html"
},
{
"name": "linux-gpm-gpmctl-dos(5010)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010"
},
{
"name": "20000728 MDKSA:2000-025 gpm update",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0531",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-07-11T00:00:00",
"dateUpdated": "2024-08-08T05:21:31.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-0851
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:37
Severity ?
EPSS score ?
Summary
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3 | vendor-advisory, x_refsource_MANDRAKE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/7461 | vdb-entry, x_refsource_XF | |
| http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html | vendor-advisory, x_refsource_SUSE | |
| http://www.redhat.com/support/errata/RHSA-2001-142.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.linuxsecurity.com/advisories/other_advisory-1683.html | vendor-advisory, x_refsource_ENGARDE | |
| http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000432 | vendor-advisory, x_refsource_CONECTIVA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:06.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2001:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3"
},
{
"name": "linux-syncookie-bypass-filter(7461)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7461"
},
{
"name": "SuSE-SA:2001:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html"
},
{
"name": "RHSA-2001:142",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-142.html"
},
{
"name": "ESA-20011106-01",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1683.html"
},
{
"name": "CSSA-2001-38.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt"
},
{
"name": "CLA-2001:432",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000432"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-26T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2001:082",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3"
},
{
"name": "linux-syncookie-bypass-filter(7461)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7461"
},
{
"name": "SuSE-SA:2001:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html"
},
{
"name": "RHSA-2001:142",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-142.html"
},
{
"name": "ESA-20011106-01",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1683.html"
},
{
"name": "CSSA-2001-38.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt"
},
{
"name": "CLA-2001:432",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000432"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2001:082",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3"
},
{
"name": "linux-syncookie-bypass-filter(7461)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7461"
},
{
"name": "SuSE-SA:2001:039",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html"
},
{
"name": "RHSA-2001:142",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-142.html"
},
{
"name": "ESA-20011106-01",
"refsource": "ENGARDE",
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1683.html"
},
{
"name": "CSSA-2001-38.0",
"refsource": "CALDERA",
"url": "http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt"
},
{
"name": "CLA-2001:432",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000432"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0851",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-11-22T00:00:00",
"dateUpdated": "2024-08-08T04:37:06.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-1195
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 05:45
Severity ?
EPSS score ?
Summary
telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/4225 | vdb-entry, x_refsource_XF | |
| http://www.caldera.com/support/security/advisories/CSSA-2000-008.0.txt | vendor-advisory, x_refsource_CALDERA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:45:37.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "telnetd-login-bypass(4225)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4225"
},
{
"name": "CSSA-2000-008.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2000-008.0.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "telnetd-login-bypass(4225)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4225"
},
{
"name": "CSSA-2000-008.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.caldera.com/support/security/advisories/CSSA-2000-008.0.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "telnetd-login-bypass(4225)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4225"
},
{
"name": "CSSA-2000-008.0",
"refsource": "CALDERA",
"url": "http://www.caldera.com/support/security/advisories/CSSA-2000-008.0.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-1195",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-08T05:45:37.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-0181
Vulnerability from cvelistv5
Published
2001-03-09 05:00
Modified
2024-08-08 04:14
Severity ?
EPSS score ?
Summary
Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/5953 | vdb-entry, x_refsource_XF | |
| http://www.calderasystems.com/support/security/advisories/CSSA-2001-003.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://www.securityfocus.com/bid/2215 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:14:06.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "dhcp-format-string(5953)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5953"
},
{
"name": "CSSA-2001-003.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-003.0.txt"
},
{
"name": "2215",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2215"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "dhcp-format-string(5953)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5953"
},
{
"name": "CSSA-2001-003.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-003.0.txt"
},
{
"name": "2215",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2215"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0181",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "dhcp-format-string(5953)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5953"
},
{
"name": "CSSA-2001-003.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-003.0.txt"
},
{
"name": "2215",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2215"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0181",
"datePublished": "2001-03-09T05:00:00",
"dateReserved": "2001-03-08T00:00:00",
"dateUpdated": "2024-08-08T04:14:06.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}