Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*
There are 60 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2000-0196

Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.

Published: February 28, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2000-0093

An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5.

Published: January 21, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-1220

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.

Published: January 08, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-1221

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.

Published: January 08, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0894

Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.

Published: January 04, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-0052

Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.

Published: January 04, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0017

Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.

Published: December 21, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-0997

wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.

Published: December 20, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2000-0357

ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.

Published: December 03, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2000-0358

ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program.

Published: December 03, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2000-0531

Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.

Published: November 23, 1999; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2000-0356

Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts.

Published: October 13, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-1999-1346

PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file.

Published: October 07, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-1999-1347

Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm.

Published: October 07, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2000-0118

The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.

Published: June 09, 1999; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-1999-0798

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

Published: December 04, 1998; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-1999-1288

Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.

Published: November 19, 1998; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-1999-0037

Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.

Published: May 21, 1997; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-1999-0297

Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.

Published: December 12, 1996; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0508

rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.

Published: December 19, 1994; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM