CVE-2001-1130 – SuSE 6.3/6.4/7.0 sdb - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2001-1130
Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file. • https://www.exploit-db.com/exploits/21075 http://www.novell.com/linux/security/advisories/2001_027_sdb_txt.html http://www.securityfocus.com/archive/1/201216 https://exchange.xforce.ibmcloud.com/vulnerabilities/7003 •
CVE-2001-0610 – SuSE 7.0 - KFM Insecure '.TMP' File Creation
https://notcve.org/view.php?id=CVE-2001-0610
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. • https://www.exploit-db.com/exploits/20781 http://archives.neohapsis.com/archives/bugtraq/2001-04/0336.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6428 •
CVE-2001-0388
https://notcve.org/view.php?id=CVE-2001-0388
time server daemon timed allows remote attackers to cause a denial of service via malformed packets. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:28.timed.asc http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-034.php3 http://www.novell.com/linux/security/advisories/2001_007_nkitserv.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6228 •
CVE-2001-0458
https://notcve.org/view.php?id=CVE-2001-0458
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands. • http://www.debian.org/security/2001/dsa-034 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-027.php3 http://www.novell.com/linux/security/advisories/2001_008_eperl.html http://www.securityfocus.com/bid/2464 https://exchange.xforce.ibmcloud.com/vulnerabilities/6198 •
CVE-2001-0193 – Debian 2.2 / Su.S.E 6.3/6.4/7.0 - man '-l' Format String
https://notcve.org/view.php?id=CVE-2001-0193
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. • https://www.exploit-db.com/exploits/20604 http://marc.info/?l=bugtraq&m=98096782126481&w=2 http://www.debian.org/security/2001/dsa-028 http://www.securityfocus.com/bid/2327 https://exchange.xforce.ibmcloud.com/vulnerabilities/6059 •