CVSS: 9.8EPSS: 4%CPEs: 6EXPL: 1CVE-2001-1130 – SuSE 6.3/6.4/7.0 sdb - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2001-1130
02 Aug 2001 — Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file. • https://www.exploit-db.com/exploits/21075 •
CVSS: 10.0EPSS: 1%CPEs: 12EXPL: 0CVE-2001-0388
https://notcve.org/view.php?id=CVE-2001-0388
27 Jun 2001 — time server daemon timed allows remote attackers to cause a denial of service via malformed packets. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:28.timed.asc •
CVSS: 8.4EPSS: 1%CPEs: 9EXPL: 0CVE-2001-0458
https://notcve.org/view.php?id=CVE-2001-0458
24 May 2001 — Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands. • http://www.debian.org/security/2001/dsa-034 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2001-0178
https://notcve.org/view.php?id=CVE-2001-0178
26 Mar 2001 — kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. • http://www.calderasystems.com/support/security/advisories/CSSA-2001-005.0.txt •
CVSS: 7.2EPSS: 0%CPEs: 22EXPL: 3CVE-2000-1134 – UUCP - File Creation/Overwriting Symlinks
https://notcve.org/view.php?id=CVE-2000-1134
19 Dec 2000 — Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. • https://www.exploit-db.com/exploits/217 •
CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 13CVE-2000-0844 – Immunix OS 6.2 - LC glibc format string
https://notcve.org/view.php?id=CVE-2000-0844
14 Nov 2000 — Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. • https://www.exploit-db.com/exploits/20187 • CWE-264: Permissions, Privileges, and Access Controls •