Page 2 of 13 results (0.007 seconds)

CVSS: 1.2EPSS: 0%CPEs: 10EXPL: 0

squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. • http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html http://marc.info/?l=bugtraq&m=97916374410647&w=2 http://www.debian.org/security/2001/dsa-019 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-003.php3 http://www.securityfocus.com/bid/2184 https://exchange.xforce.ibmcloud.com/vulnerabilities/5921 •

CVSS: 1.2EPSS: 0%CPEs: 10EXPL: 0

sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. • http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01 http://marc.info/?l=bugtraq&m=97916374410647&w=2 http://www.kb.cert.org/vuls/id/579928 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3 http://www.redhat.com/support/errata/RHSA-2001-116.html http://www.securityfocus.com/bid/2191 https://exchange.xforce.ibmcloud.com/vulnerabilities/5914 https://access.redhat.com/security/cve/CVE-2001-0117 https://bugzilla.redhat.com/show_bug&# •

CVSS: 10.0EPSS: 95%CPEs: 7EXPL: 5

Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands. • https://www.exploit-db.com/exploits/227 https://www.exploit-db.com/exploits/230 https://www.exploit-db.com/exploits/226 https://www.exploit-db.com/exploits/16842 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt http://www.cert.org/advisories/CA-2000-22.html http://www.redhat.com/support/errata/RH •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 3

dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. • https://www.exploit-db.com/exploits/206 https://www.exploit-db.com/exploits/193 http://archives.neohapsis.com/archives/bugtraq/2000-10/0438.html http://www.securityfocus.com/bid/1871 https://exchange.xforce.ibmcloud.com/vulnerabilities/5437 •

CVSS: 7.2EPSS: 0%CPEs: 10EXPL: 0

Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050 http://marc.info/?l=bugtraq&m=97726239017741&w=2 http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html http://www.osvdb.org/5824 http://www.redhat.com/support/errata/RHSA-2000-061.html http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000 •