CVE-2001-0554 – Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0554
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. • https://www.exploit-db.com/exploits/21018 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt http://archives.neohapsis.com/archives/hp/2001-q4/0014.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2001-1180
https://notcve.org/view.php?id=CVE-2001-1180
FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:42.signal.v1.1.asc http://archives.neohapsis.com/archives/bugtraq/2001-07/0179.html http://ciac.llnl.gov/ciac/bulletins/l-111.shtml http://www.kb.cert.org/vuls/id/943633 http://www.osvdb.org/1897 http://www.securityfocus.com/bid/3007 https://exchange.xforce.ibmcloud.com/vulnerabilities/6829 •
CVE-2001-0439
https://notcve.org/view.php?id=CVE-2001-0439
licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. • http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000389 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3 http://www.osvdb.org/5641 http://www.redhat.com/support/errata/RHSA-2001-022.html http://www.redhat.com/support/errata/RHSA-2001-023.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6261 •
CVE-2001-0469
https://notcve.org/view.php?id=CVE-2001-0469
rwho daemon rwhod in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service via malformed packets with a short length. • http://archives.neohapsis.com/archives/freebsd/2001-03/0163.html http://www.securityfocus.com/bid/2473 https://exchange.xforce.ibmcloud.com/vulnerabilities/6229 •
CVE-2001-0371
https://notcve.org/view.php?id=CVE-2001-0371
Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information. • http://archives.neohapsis.com/archives/freebsd/2001-03/0403.html http://www.osvdb.org/5682 https://exchange.xforce.ibmcloud.com/vulnerabilities/6268 •