Page 27 of 154 results (0.003 seconds)

CVSS: 4.6EPSS: 0%CPEs: 7EXPL: 0

The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles. • http://www.novell.com/linux/security/advisories/suse_security_announce_47.html •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 2

Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable. • https://www.exploit-db.com/exploits/19883 http://www.securityfocus.com/bid/1155 http://www.securityfocus.com/templates/archive.pike?list=1&msg=00042902575201.09597%40wintermute-pub http://www.suse.com/us/support/download/updates/axp_63.html •

CVSS: 2.1EPSS: 0%CPEs: 8EXPL: 1

aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory. • https://www.exploit-db.com/exploits/19867 http://www.securityfocus.com/bid/1130 •

CVSS: 7.2EPSS: 0%CPEs: 14EXPL: 1

gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. • https://www.exploit-db.com/exploits/19816 http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html http://www.novell.com/linux/security/advisories/suse_security_announce_45.html http://www.redhat.com/support/errata/RHSA-2000-009.html http://www.redhat.com/support/errata/RHSA-2000-045.html http://www.securityfocus.com/bid/1069 •

CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 1

Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges. • https://www.exploit-db.com/exploits/19813 http://archives.neohapsis.com/archives/bugtraq/2000-03/0162.html http://www.securityfocus.com/bid/1061 •