CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 13CVE-2000-0844 – GLIBC locale - Format Strings
https://notcve.org/view.php?id=CVE-2000-0844
14 Nov 2000 — Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. • https://www.exploit-db.com/exploits/249 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 5%CPEs: 20EXPL: 3CVE-2000-0733 – IRIX 5.2/5.3/6.x - TelnetD Environment Variable Format String
https://notcve.org/view.php?id=CVE-2000-0733
13 Oct 2000 — Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request. • https://www.exploit-db.com/exploits/20149 •
CVSS: 10.0EPSS: 5%CPEs: 8EXPL: 1CVE-2000-0245 – SGI IRIX 5.x/6.x - Objectserver
https://notcve.org/view.php?id=CVE-2000-0245
27 Mar 2000 — Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts. • https://www.exploit-db.com/exploits/19822 •
CVSS: 10.0EPSS: 3%CPEs: 32EXPL: 1CVE-2000-1220 – BSD / Linux - 'lpr' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2000-1220
08 Jan 2000 — The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file. • https://www.exploit-db.com/exploits/325 •
CVSS: 10.0EPSS: 12%CPEs: 31EXPL: 1CVE-2000-1221 – RedHat 6.1 / IRIX 6.5.18 - 'lpd' Command Execution
https://notcve.org/view.php?id=CVE-2000-1221
08 Jan 2000 — The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP. • https://www.exploit-db.com/exploits/19722 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-1999-1102
https://notcve.org/view.php?id=CVE-1999-1102
31 Dec 1999 — lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after invoking lpr 1000 times. • http://ciac.llnl.gov/ciac/bulletins/e-25.shtml •
CVSS: 7.5EPSS: 3%CPEs: 8EXPL: 1CVE-1999-0215 – SGI IRIX 3/4/5/6 / OpenLinux 1.0/1.1 - routed traceon
https://notcve.org/view.php?id=CVE-1999-0215
26 Oct 1998 — Routed allows attackers to append data to files. • https://www.exploit-db.com/exploits/20805 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-1999-1181
https://notcve.org/view.php?id=CVE-1999-1181
29 Sep 1998 — Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges. • ftp://patches.sgi.com/support/free/security/advisories/19980901-01-PX •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-1999-0329
https://notcve.org/view.php?id=CVE-1999-0329
01 Jun 1998 — SGI mediad program allows local users to gain root access. • ftp://patches.sgi.com/support/free/security/advisories/19980602-01-PX •
CVSS: 10.0EPSS: 80%CPEs: 76EXPL: 2CVE-1999-0009 – ISC BIND (Linux/BSD) - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-0009
08 Apr 1998 — Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. • https://www.exploit-db.com/exploits/19111 •