U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 50 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2000-0607

Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.

Published: June 21, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0706

Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.

Published: April 27, 2000; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2000-0186

Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.

Published: February 28, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0196

Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.

Published: February 28, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2000-0170

Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.

Published: February 26, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-1220

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.

Published: January 08, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-1221

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.

Published: January 08, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0894

Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.

Published: January 04, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-0017

Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.

Published: December 21, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0997

wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.

Published: December 20, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-1999-0986

The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.

Published: December 08, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-1999-0832

Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.

Published: November 09, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-1346

PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file.

Published: October 07, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-1999-1347

Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm.

Published: October 07, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-1999-0704

Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.

Published: September 16, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-1999-0768

Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.

Published: August 25, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-1999-0769

Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.

Published: August 25, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0872

Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.

Published: August 25, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0740

Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.

Published: August 19, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-1999-0710

The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.

Published: July 25, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH