CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2CVE-2001-0529
https://notcve.org/view.php?id=CVE-2001-0529
14 Aug 2001 — OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a local attacker to delete any file named 'cookies' via a symlink attack. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-010.txt.asc •
CVSS: 10.0EPSS: 6%CPEs: 87EXPL: 3CVE-2001-0554 – Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0554
14 Aug 2001 — Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. • https://www.exploit-db.com/exploits/21018 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.1EPSS: 1%CPEs: 9EXPL: 1CVE-2001-0572
https://notcve.org/view.php?id=CVE-2001-0572
27 Jul 2001 — The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands. • http://archives.neohapsis.com/archives/bugtraq/2001-03/0225.html •
CVSS: 7.5EPSS: 0%CPEs: 29EXPL: 2CVE-2001-1244 – HP-UX 11 / Linux Kernel 2.4 / Windows 2000/NT 4.0 / IRIX 6.5 - Small TCP MSS Denial of Service
https://notcve.org/view.php?id=CVE-2001-1244
07 Jul 2001 — Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. • https://www.exploit-db.com/exploits/20997 •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2001-0361
https://notcve.org/view.php?id=CVE-2001-0361
27 Jun 2001 — Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:24.ssh.asc • CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0378
https://notcve.org/view.php?id=CVE-2001-0378
27 Jun 2001 — readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files. • ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/024_readline.patch •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2001-1459
https://notcve.org/view.php?id=CVE-2001-1459
19 Jun 2001 — OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d. • http://marc.info/?l=bugtraq&m=99324968918628&w=2 •
CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 1CVE-2001-0402 – IPFilter 3.x - Fragment Rule Bypass
https://notcve.org/view.php?id=CVE-2001-0402
18 Jun 2001 — IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port. • https://www.exploit-db.com/exploits/20730 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2001-1047
https://notcve.org/view.php?id=CVE-2001-1047
02 Jun 2001 — Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork. • http://seclists.org/bugtraq/2001/Jun/0020.html •
CVSS: 10.0EPSS: 43%CPEs: 51EXPL: 4CVE-2001-0247 – FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x - FTPd 'glob()' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0247
24 May 2001 — Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. • https://www.exploit-db.com/exploits/20731 •