CVSS: 9.8EPSS: 4%CPEs: 6EXPL: 1CVE-2001-1130 – SuSE 6.3/6.4/7.0 sdb - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2001-1130
02 Aug 2001 — Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file. • https://www.exploit-db.com/exploits/21075 •
CVSS: 10.0EPSS: 1%CPEs: 12EXPL: 0CVE-2001-0388
https://notcve.org/view.php?id=CVE-2001-0388
27 Jun 2001 — time server daemon timed allows remote attackers to cause a denial of service via malformed packets. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:28.timed.asc •
CVSS: 8.4EPSS: 1%CPEs: 9EXPL: 0CVE-2001-0458
https://notcve.org/view.php?id=CVE-2001-0458
24 May 2001 — Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands. • http://www.debian.org/security/2001/dsa-034 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 2CVE-2001-0193 – Debian 2.2 / Su.S.E 6.3/6.4/7.0 - man '-l' Format String
https://notcve.org/view.php?id=CVE-2001-0193
03 May 2001 — Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. • https://www.exploit-db.com/exploits/20604 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2001-0178
https://notcve.org/view.php?id=CVE-2001-0178
26 Mar 2001 — kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. • http://www.calderasystems.com/support/security/advisories/CSSA-2001-005.0.txt •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 4CVE-2001-0109 – SuSE 6.x/7.0 - MkDir Error Handling rctab Race Condition
https://notcve.org/view.php?id=CVE-2001-0109
12 Mar 2001 — rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file. • https://www.exploit-db.com/exploits/20554 •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1CVE-2000-1107
https://notcve.org/view.php?id=CVE-2000-1107
09 Jan 2001 — in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash. • http://archives.neohapsis.com/archives/bugtraq/2000-11/0387.html •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2000-1040
https://notcve.org/view.php?id=CVE-2000-1040
11 Dec 2000 — Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service. • http://archives.neohapsis.com/archives/bugtraq/2000-10/0356.html •
CVSS: 5.3EPSS: 4%CPEs: 2EXPL: 2CVE-2000-1016 – SuSE Linux 6.3/6.4 - Installed Package Disclosure
https://notcve.org/view.php?id=CVE-2000-1016
11 Dec 2000 — The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL. • https://www.exploit-db.com/exploits/20236 •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2000-1044
https://notcve.org/view.php?id=CVE-2000-1044
11 Dec 2000 — Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges. • http://archives.neohapsis.com/archives/linux/suse/2000-q4/0262.html •