CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2001-1091
https://notcve.org/view.php?id=CVE-2001-1091
23 Aug 2001 — The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-014.txt.asc •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2001-1145
https://notcve.org/view.php?id=CVE-2001-1145
17 Aug 2001 — fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:40.fts.v1.1.asc •
CVSS: 10.0EPSS: 27%CPEs: 87EXPL: 3CVE-2001-0554 – Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0554
14 Aug 2001 — Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. The Netkit telnetd implementation shipped with Debian Linux appears to be lacking the AYT vulnerability patch. This exposes the platform to a remote root problem discovered by scut of TESO back in 2001. • https://www.exploit-db.com/exploits/21018 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2001-0993
https://notcve.org/view.php?id=CVE-2001-0993
24 Jul 2001 — sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length. • http://archives.neohapsis.com/archives/netbsd/2001-q3/0102.html •
CVSS: 7.5EPSS: 8%CPEs: 29EXPL: 2CVE-2001-1244 – HP-UX 11 / Linux Kernel 2.4 / Windows 2000/NT 4.0 / IRIX 6.5 - Small TCP MSS Denial of Service
https://notcve.org/view.php?id=CVE-2001-1244
07 Jul 2001 — Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. • https://www.exploit-db.com/exploits/20997 •
CVSS: 10.0EPSS: 35%CPEs: 51EXPL: 4CVE-2001-0247 – FreeBSD 4.2-stable - FTPd 'glob()' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0247
24 May 2001 — Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. • https://www.exploit-db.com/exploits/20732 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0268
https://notcve.org/view.php?id=CVE-2001-0268
03 May 2001 — The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. • http://archives.neohapsis.com/archives/bugtraq/2001-02/0353.html •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2000-0315
https://notcve.org/view.php?id=CVE-2000-0315
12 Mar 2001 — traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks. • ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2000-0314
https://notcve.org/view.php?id=CVE-2000-0314
12 Mar 2001 — traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. • ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2001-0033
https://notcve.org/view.php?id=CVE-2001-0033
16 Feb 2001 — KTH Kerberos IV allows local users to change the configuration of a Kerberos server running at an elevated privilege by specifying an alternate directory using with the KRBCONFDIR environmental variable, which allows the user to gain additional privileges. • http://archives.neohapsis.com/archives/bugtraq/2000-12/0093.html •