CVE-2001-0279 – Sudo 1.5/1.6 - Heap Corruption
https://notcve.org/view.php?id=CVE-2001-0279
Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges. • https://www.exploit-db.com/exploits/20901 http://archives.neohapsis.com/archives/bugtraq/2001-02/0414.html http://archives.neohapsis.com/archives/bugtraq/2001-02/0427.html http://archives.neohapsis.com/archives/bugtraq/2001-02/0437.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000381 http://www.debian.org/security/2001/dsa-031 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-024.php3 http://www.redhat.com/support/errata/RHSA-2001-018.html http: •
CVE-2001-0169 – GLIBC 2.1.3 - 'LD_PRELOAD' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2001-0169
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib. • https://www.exploit-db.com/exploits/290 http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt http://www.debian.org/security/2001/dsa-039 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2 http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html http://www.redhat.com/support/errata/RHSA-2001-002.html http://www.securityfocus.com/archive •
CVE-2001-0178
https://notcve.org/view.php?id=CVE-2001-0178
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. • http://www.calderasystems.com/support/security/advisories/CSSA-2001-005.0.txt http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-018.php3?dis=7.2 http://www.novell.com/linux/security/advisories/2001_002_kdesu_txt.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5995 •
CVE-2001-0117
https://notcve.org/view.php?id=CVE-2001-0117
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. • http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01 http://marc.info/?l=bugtraq&m=97916374410647&w=2 http://www.kb.cert.org/vuls/id/579928 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3 http://www.redhat.com/support/errata/RHSA-2001-116.html http://www.securityfocus.com/bid/2191 https://exchange.xforce.ibmcloud.com/vulnerabilities/5914 https://access.redhat.com/security/cve/CVE-2001-0117 https://bugzilla.redhat.com/show_bug •
CVE-2001-0138
https://notcve.org/view.php?id=CVE-2001-0138
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. • http://marc.info/?l=bugtraq&m=97916374410647&w=2 http://www.debian.org/security/2001/dsa-016 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3 http://www.securityfocus.com/bid/2189 https://exchange.xforce.ibmcloud.com/vulnerabilities/5915 •