National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:conectiva:linux:4.1
There are 11 matching records.
Vuln ID Summary CVSS Severity
CVE-2001-0439

licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

Published: July 02, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0440

Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.

Published: July 02, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH
CVE-2001-0170

glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.

Published: March 26, 2001; 12:00:00 AM -05:00
V2: 2.1 LOW
CVE-2000-1134

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

Published: January 09, 2001; 12:00:00 AM -05:00
V2: 7.2 HIGH
CVE-2000-0844

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Published: November 14, 2000; 12:00:00 AM -05:00
V2: 10.0 HIGH
CVE-2000-0701

The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.

Published: October 20, 2000; 12:00:00 AM -04:00
V2: 4.6 MEDIUM
CVE-2000-0747

The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it.

Published: October 20, 2000; 12:00:00 AM -04:00
V2: 10.0 HIGH
CVE-2000-0667

Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service.

Published: July 27, 2000; 12:00:00 AM -04:00
V2: 3.6 LOW
CVE-2000-0668

pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.

Published: July 27, 2000; 12:00:00 AM -04:00
V2: 5.0 MEDIUM
CVE-2000-0633

Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.

Published: July 18, 2000; 12:00:00 AM -04:00
V2: 2.1 LOW
CVE-2000-0666

rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.

Published: July 16, 2000; 12:00:00 AM -04:00
V2: 10.0 HIGH