CVE-2001-1244 – HP-UX 11 / Linux Kernel 2.4 / Windows 2000/NT 4.0 / IRIX 6.5 - Small TCP MSS Denial of Service
https://notcve.org/view.php?id=CVE-2001-1244
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process. • https://www.exploit-db.com/exploits/20997 http://www.securityfocus.com/archive/1/195457 http://www.securityfocus.com/bid/2997 https://exchange.xforce.ibmcloud.com/vulnerabilities/6824 •
CVE-2001-0488
https://notcve.org/view.php?id=CVE-2001-0488
pcltotiff in HP-UX 10.x has unnecessary set group id permissions, which allows local users to cause a denial of service. • http://www.osvdb.org/2188 http://www.securityfocus.com/bid/2646 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0104-149 https://exchange.xforce.ibmcloud.com/vulnerabilities/6447 •
CVE-2001-0379
https://notcve.org/view.php?id=CVE-2001-0379
Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights. • http://archives.neohapsis.com/archives/hp/2001-q1/0101.html http://www.kb.cert.org/vuls/id/249224 http://www.osvdb.org/5681 https://exchange.xforce.ibmcloud.com/vulnerabilities/6282 •
CVE-2001-1256
https://notcve.org/view.php?id=CVE-2001-1256
kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable files via a symlink attack on the (1) /tmp/.kmmodreg_lock and (2) /tmp/kmpath.tmp temporary files. • http://ciac.llnl.gov/ciac/bulletins/l-093.shtml http://online.securityfocus.com/advisories/3354 http://www.kb.cert.org/vuls/id/127435 http://www.kb.cert.org/vuls/id/TJSL-4Z5Q92 http://www.securityfocus.com/archive/1/188568 http://www.securityfocus.com/bid/2821 https://exchange.xforce.ibmcloud.com/vulnerabilities/6656 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5628 •
CVE-2001-0248
https://notcve.org/view.php?id=CVE-2001-0248
Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. • http://www.cert.org/advisories/CA-2001-07.html http://www.nai.com/research/covert/advisories/048.asp http://www.securityfocus.com/bid/2552 https://exchange.xforce.ibmcloud.com/vulnerabilities/6332 • CWE-131: Incorrect Calculation of Buffer Size •