CVE-2001-0554 – Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0554
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. • https://www.exploit-db.com/exploits/21018 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt http://archives.neohapsis.com/archives/hp/2001-q4/0014.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2000-1222
https://notcve.org/view.php?id=CVE-2000-1222
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program. • http://www.kb.cert.org/vuls/id/17566 https://exchange.xforce.ibmcloud.com/vulnerabilities/6432 •
CVE-2000-0844 – Immunix OS 6.2 - LC glibc format string
https://notcve.org/view.php?id=CVE-2000-0844
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. • https://www.exploit-db.com/exploits/20187 https://www.exploit-db.com/exploits/209 https://www.exploit-db.com/exploits/215 https://www.exploit-db.com/exploits/249 https://www.exploit-db.com/exploits/20185 https://www.exploit-db.com/exploits/210 https://www.exploit-db.com/exploits/20188 https://www.exploit-db.com/exploits/20186 https://www.exploit-db.com/exploits/197 https://www.exploit-db.com/exploits/20189 https://www.exploit-db.com/exploits/20190 ftp: • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2000-0441
https://notcve.org/view.php?id=CVE-2000-0441
Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. • http://archives.neohapsis.com/archives/bugtraq/2000-05/0275.html http://www.securityfocus.com/bid/1241 •
CVE-1999-1117 – IBM AIX 4.2.1 - 'lquerypv' File Read
https://notcve.org/view.php?id=CVE-1999-1117
lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter. • https://www.exploit-db.com/exploits/19345 http://ciac.llnl.gov/ciac/bulletins/h-13.shtml http://marc.info/?l=bugtraq&m=87602167420195&w=2 http://marc.info/?l=bugtraq&m=87602167420196&w=2 http://marc.info/?l=bugtraq&w=2&r=1&s=lquerypv&q=b http://www.securityfocus.com/bid/455 https://exchange.xforce.ibmcloud.com/vulnerabilities/1752 •