CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2001-0138
https://notcve.org/view.php?id=CVE-2001-0138
12 Mar 2001 — privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. • http://marc.info/?l=bugtraq&m=97916374410647&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2001-0117
https://notcve.org/view.php?id=CVE-2001-0117
12 Mar 2001 — sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. • http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2001-0142
https://notcve.org/view.php?id=CVE-2001-0142
12 Mar 2001 — squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. • http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html •
CVSS: 7.2EPSS: 0%CPEs: 22EXPL: 3CVE-2000-1134 – UUCP - File Creation/Overwriting Symlinks
https://notcve.org/view.php?id=CVE-2000-1134
19 Dec 2000 — Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. • https://www.exploit-db.com/exploits/217 •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2000-1043
https://notcve.org/view.php?id=CVE-2000-1043
11 Dec 2000 — Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. • http://www.linux-mandrake.com/en/security/MDKSA-2000-064.php3?dis=7.1 •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2000-1042
https://notcve.org/view.php?id=CVE-2000-1042
11 Dec 2000 — Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. • http://www.linux-mandrake.com/en/security/MDKSA-2000-064.php3?dis=7.1 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2000-1059
https://notcve.org/view.php?id=CVE-2000-1059
11 Dec 2000 — The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges. • http://www.linux-mandrake.com/en/security/MDKSA-2000-052.php3 •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2000-0867
https://notcve.org/view.php?id=CVE-2000-0867
14 Nov 2000 — Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt •
CVSS: 7.5EPSS: 5%CPEs: 3EXPL: 2CVE-2000-0883 – Mandrake 6.1/7.0/7.1 - '/perl' HTTP Directory Disclosure
https://notcve.org/view.php?id=CVE-2000-0883
14 Nov 2000 — The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory. • https://www.exploit-db.com/exploits/20220 •
CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 13CVE-2000-0844 – Immunix OS 6.2 - LC glibc format string
https://notcve.org/view.php?id=CVE-2000-0844
14 Nov 2000 — Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. • https://www.exploit-db.com/exploits/20187 • CWE-264: Permissions, Privileges, and Access Controls •