| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress. |
| Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory. |
| sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort. |
| Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable. |
| Buffer overflows in Red Hat net-tools package. |
| Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable. |
| Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. |
| Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. |
| Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths. |
| Red Hat pump DHCP client allows remote attackers to gain root access in some configurations. |
| Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname. |
| ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. |
| Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file. |
| Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals. |
| A Unix account has a default, null, blank, or missing password. |
| Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others. |
| Buffer overflow in INN inews program. |
| Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables. |
| The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. |
| Bash treats any character with a value of 255 as a command separator. |
