
CVE-2000-0170 – RedHat 6.1 - 'man' Local Overflow / Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2000-0170
26 Feb 2000 — Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable. • https://www.exploit-db.com/exploits/255 •

CVE-2000-1220 – BSD / Linux - 'lpr' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2000-1220
08 Jan 2000 — The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file. • https://www.exploit-db.com/exploits/325 •

CVE-1999-0872
https://notcve.org/view.php?id=CVE-1999-0872
25 Aug 1999 — Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file. • http://www.securityfocus.com/bid/611 •

CVE-1999-0769 – Caldera OpenLinux 2.2 / Debian 2.1/2.2 / RedHat 6.0 - Vixie Cron MAILTO Sendmail
https://notcve.org/view.php?id=CVE-1999-0769
25 Aug 1999 — Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. • https://www.exploit-db.com/exploits/19474 •

CVE-2000-0118 – RedHat Linux 5.2 i386/6.0 - No Logging
https://notcve.org/view.php?id=CVE-2000-0118
09 Jun 1999 — The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. • https://www.exploit-db.com/exploits/19255 •

CVE-1999-0390
https://notcve.org/view.php?id=CVE-1999-0390
04 Jan 1999 — Buffer overflow in Dosemu Slang library in Linux. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-006.1.txt •

CVE-1999-0002 – RedHat Linux 5.1 / Caldera OpenLinux Standard 1.2 - Mountd
https://notcve.org/view.php?id=CVE-1999-0002
12 Oct 1998 — Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems. • https://www.exploit-db.com/exploits/19096 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVE-1999-0009 – ISC BIND (Linux/BSD) - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-0009
08 Apr 1998 — Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. • https://www.exploit-db.com/exploits/19111 •

CVE-1999-0192 – RedHat Linux 6.0 / Slackware Linux 4.0 - Termcap 'tgetent()' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-0192
18 Oct 1997 — Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. • https://www.exploit-db.com/exploits/19464 •

CVE-1999-1182
https://notcve.org/view.php?id=CVE-1999-1182
17 Jul 1997 — Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. • http://marc.info/?l=bugtraq&m=87602661419318&w=2 •