Page 2 of 37 results (0.003 seconds)

CVSS: 7.1EPSS: 0%CPEs: 93EXPL: 0

08 Jun 2004 — The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. El controlador e1000 del kernel de Linux 2.4.26 y anteriores no inicializa la memoria antes de usarla, lo que permite a usuarios locales leer porciones de la memoria del kernel. NOTA: Este problema ha sido originalmente descrito incorrectamente por otra... • ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc •

CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 0

02 Jul 2001 — licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. • http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html •

CVSS: 9.8EPSS: 11%CPEs: 12EXPL: 1

02 Jul 2001 — Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands. • https://www.exploit-db.com/exploits/20646 •

CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 2

26 Mar 2001 — glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. • https://www.exploit-db.com/exploits/258 •

CVSS: 7.2EPSS: 0%CPEs: 22EXPL: 3

19 Dec 2000 — Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. • https://www.exploit-db.com/exploits/217 •

CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 13

14 Nov 2000 — Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. • https://www.exploit-db.com/exploits/20187 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.0EPSS: 4%CPEs: 17EXPL: 2

27 Jul 2000 — pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled. • https://www.exploit-db.com/exploits/20105 •

CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 2

27 Jul 2000 — Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service. • http://archives.neohapsis.com/archives/bugtraq/2000-07/0273.html •

CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0

18 Jul 2000 — Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system. • http://archives.neohapsis.com/archives/bugtraq/2000-07/0251.html •

CVSS: 10.0EPSS: 34%CPEs: 32EXPL: 5

16 Jul 2000 — rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. • https://www.exploit-db.com/exploits/20075 •