Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
9.8CVSS
7.2AI Score
0.008EPSS
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
6.7AI Score
0.086EPSS
7.3AI Score
0.0004EPSS
7.1AI Score
0.0004EPSS
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
7.1AI Score
0.0004EPSS
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
7.1AI Score
0.003EPSS
Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
7.3AI Score
0.01EPSS
6.9AI Score
0.014EPSS
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.
7AI Score
0.011EPSS
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
6.2AI Score
0.065EPSS
Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.
7AI Score
0.007EPSS
7AI Score
0.005EPSS
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.
7.3AI Score
0.014EPSS
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
6.9AI Score
0.0004EPSS
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
7AI Score
0.002EPSS
Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.
7.3AI Score
0.007EPSS
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.
7.6AI Score
0.006EPSS
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
7.2AI Score
0.0004EPSS
Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.
6.8AI Score
0.011EPSS
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
6.7AI Score
0.0004EPSS
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
6.6AI Score
0.125EPSS
Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable.
7.2AI Score
0.0004EPSS
linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.
7AI Score
0.0004EPSS
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.
7.2AI Score
0.0004EPSS
The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.
7AI Score
0.001EPSS
netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface.
6.6AI Score
0.0004EPSS
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.
5.8AI Score
0.0004EPSS
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.
8AI Score
0.02EPSS
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.
6.9AI Score
0.006EPSS
PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file.
6.9AI Score
0.011EPSS
Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm.
6.9AI Score
0.0004EPSS
Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service.
6.7AI Score
0.001EPSS
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.
7AI Score
0.0004EPSS
RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.
7.6AI Score
0.005EPSS
Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.
7.2AI Score
0.045EPSS
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
6.9AI Score
0.0004EPSS
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
6.9AI Score
0.0004EPSS
An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5.
7.2AI Score
0.004EPSS
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.
6.9AI Score
0.0004EPSS
Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.
7.2AI Score
0.0004EPSS
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.
6.7AI Score
0.0004EPSS
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
7.3AI Score
0.0004EPSS
Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.
7.9AI Score
0.005EPSS
Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt.
6.7AI Score
0.0004EPSS
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
6.5AI Score
0.0004EPSS
Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.
7.2AI Score
0.0004EPSS
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.
7.5AI Score
0.013EPSS
The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request.
6.8AI Score
0.0004EPSS
X fontserver xfs allows local users to cause a denial of service via malformed input to the server.
6.6AI Score
0.0004EPSS
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
6.7AI Score
0.003EPSS