Page 2 of 25 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. • http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01 http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3 http://www.redhat.com/support/errata/RHSA-2001-097.html http://www.securityfocus.com/archive/1/197727 https://exchange.xforce.ibmcloud.com/vulnerabilities/6862 •

CVSS: 2.1EPSS: 0%CPEs: 8EXPL: 0

sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000390 http://marc.info/?l=bugtraq&m=98477491130367&w=2 http://www.debian.org/security/2001/dsa-038 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-030.php3 http://www.novell.com/linux/security/advisories/2001_016_sgmltool_txt.html http://www.redhat.com/support/errata/RHSA-2001-027.html http://www.securityfocus.com/bid/2506 http://www.securityfocus.com/bid/2683 https://exchange.xforce.ibmcloud.com/ •

CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0

Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. • http://archives.neohapsis.com/archives/bugtraq/2001-03/0246.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000385 http://marc.info/?l=bugtraq&m=98473109630421&w=2 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-031.php3 http://www.osvdb.org/5615 http://www.redhat.com/support/errata/RHSA-2001-029.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6235 •

CVSS: 2.1EPSS: 0%CPEs: 13EXPL: 2

glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. • https://www.exploit-db.com/exploits/258 https://www.exploit-db.com/exploits/317 http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html http://www.redhat.com/support/errata/RHSA-2001-001.html http://www.securityfocus.com/bid/2181 https://exchange.xforce.ibmcloud.com/vulnerabilities/5907 •

CVSS: 1.2EPSS: 0%CPEs: 15EXPL: 0

inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. • http://marc.info/?l=bugtraq&m=97916374410647&w=2 http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3 http://www.securityfocus.com/bid/2190 https://exchange.xforce.ibmcloud.com/vulnerabilities/5916 •