Page 9 of 59 results (0.007 seconds)

CVSS: 4.6EPSS: 0%CPEs: 14EXPL: 1

XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. • https://www.exploit-db.com/exploits/19257 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password. • http://www.osvdb.org/981 http://www.securityfocus.com/bid/338 •

CVSS: 10.0EPSS: 8%CPEs: 17EXPL: 2

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. • https://www.exploit-db.com/exploits/19086 https://www.exploit-db.com/exploits/19087 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368 •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users. • http://marc.info/?l=bugtraq&m=91540043023167&w=2 http://www.securityfocus.com/bid/211 •

CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 1

login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server. • https://www.exploit-db.com/exploits/19122 http://marc.info/?l=bugtraq&m=90221104525951&w=2 http://www.securityfocus.com/bid/155 •