CVSS: 7.2EPSS: 0%CPEs: 22EXPL: 3CVE-2000-1134 – UUCP - File Creation/Overwriting Symlinks
https://notcve.org/view.php?id=CVE-2000-1134
19 Dec 2000 — Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. • https://www.exploit-db.com/exploits/217 •
CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 13CVE-2000-0844 – Immunix OS 6.2 - LC glibc format string
https://notcve.org/view.php?id=CVE-2000-0844
14 Nov 2000 — Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. • https://www.exploit-db.com/exploits/20187 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 7%CPEs: 12EXPL: 2CVE-2000-0869 – Apache 1.3.12 - WebDAV Directory Listings
https://notcve.org/view.php?id=CVE-2000-0869
14 Nov 2000 — The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method. • https://www.exploit-db.com/exploits/20210 •
CVSS: 10.0EPSS: 1%CPEs: 9EXPL: 0CVE-2000-0800
https://notcve.org/view.php?id=CVE-2000-0800
21 Sep 2000 — String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges. • http://www.novell.com/linux/security/advisories/suse_security_announce_58.html •
CVSS: 10.0EPSS: 34%CPEs: 32EXPL: 5CVE-2000-0666 – Conectiva 4.x/5.x / Debian 2.x / RedHat 6.x / S.u.S.E 6.x/7.0 / Trustix 1.x - rpc.statd Remote Format String
https://notcve.org/view.php?id=CVE-2000-0666
16 Jul 2000 — rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. • https://www.exploit-db.com/exploits/20075 •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 3CVE-2000-0438 – S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-0438
22 May 2000 — Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter. • https://www.exploit-db.com/exploits/19952 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2000-0433
https://notcve.org/view.php?id=CVE-2000-0433
02 May 2000 — The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles. • http://www.novell.com/linux/security/advisories/suse_security_announce_47.html •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2000-0293 – SuSE Linux 6.x - Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2000-0293
26 Apr 2000 — aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory. • https://www.exploit-db.com/exploits/19867 •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 1CVE-2000-0229 – gpm 1.18.1/1.19 / Debian 2.x / RedHat 6.x / S.u.S.E 5.3/6.x - gpm Setgid
https://notcve.org/view.php?id=CVE-2000-0229
22 Mar 2000 — gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. • https://www.exploit-db.com/exploits/19816 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2000-0231 – Halloween Linux 4.0 / SuSE Linux 6.0/6.1/6.2/6.3 - 'kreatecd' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2000-0231
16 Mar 2000 — Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges. • https://www.exploit-db.com/exploits/19813 •