CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2001-0872
https://notcve.org/view.php?id=CVE-2001-0872
21 Dec 2001 — OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. OpenSSH 3.0.1 y anteriores con UseLogin activado no limpia variables de entorno críticas como LD_PRELOAD, lo que permite a usuario locales ganar privilegios de root. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-042.1.txt •
CVSS: 9.8EPSS: 2%CPEs: 9EXPL: 0CVE-2001-0869
https://notcve.org/view.php?id=CVE-2001-0869
21 Dec 2001 — Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands. Vulnerabilidad de cadena de formato en la función de retrollamada (callback) en common.c en la librería Cyrus SASL (cyrus-sasl) podría permitr a atacantes remotos ejecutar comandos de su elección. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2001-0886
https://notcve.org/view.php?id=CVE-2001-0886
21 Dec 2001 — Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. Desbordamiento de buffer en la función glob de glibc para Red Hat Linux 6.2 a 7.2, y otros sistemas operativos, permite a atacantes causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrarios mediante un patrón de glob que acaba en una llave "{" • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000447 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0859
https://notcve.org/view.php?id=CVE-2001-0859
06 Dec 2001 — 2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions. • http://online.securityfocus.com/advisories/3725 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2001-0787 – LPRng 3.6.x - Failure To Drop Supplementary Groups
https://notcve.org/view.php?id=CVE-2001-0787
18 Oct 2001 — LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges. LPRng en Red Hat Linux 7.0 y 7.1 no libera miembros en grupos suplementarios cuando se bajan los privilegios, lo que podría permitir a un usuario local elevar sus privilegios. • https://www.exploit-db.com/exploits/20923 •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 1CVE-2001-0736 – University of Washington Pico 3.x/4.x - File Overwrite
https://notcve.org/view.php?id=CVE-2001-0736
12 Oct 2001 — Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. • https://www.exploit-db.com/exploits/20493 •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1383
https://notcve.org/view.php?id=CVE-2001-1383
26 Sep 2001 — initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files. • http://rhn.redhat.com/errata/RHSA-2001-110.html •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 2CVE-2001-0641 – Immunix OS 6.2/7.0 / RedHat 5.2/6.2/7.0 / SuSE Linux 6.x/7.0/7.1 - 'Man -S' Heap Overflow
https://notcve.org/view.php?id=CVE-2001-0641
20 Sep 2001 — Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option. • https://www.exploit-db.com/exploits/20843 •
CVSS: 9.8EPSS: 4%CPEs: 3EXPL: 1CVE-2001-1002 – RedHat 6.2/7.0/7.1 Lpd - Remote Command Execution via DVI Printfilter Configuration Error
https://notcve.org/view.php?id=CVE-2001-1002
31 Aug 2001 — The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands. • https://www.exploit-db.com/exploits/21095 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0635
https://notcve.org/view.php?id=CVE-2001-0635
14 Aug 2001 — Red Hat Linux 7.1 sets insecure permissions on swap files created during installation, which can allow a local attacker to gain additional privileges by reading sensitive information from the swap file, such as passwords. • http://www.osvdb.org/5564 •