Download
| Alert*
CVE-1999-0303
Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. CVE-1999-0369 The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access. CVE-1999-0339 Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. CVE-1999-0022 Local user gains root privileges via buffer overflow in rdist, via expstr() function. CVE-1999-0055 Buffer overflows in Sun libnsl allow root access. CVE-1999-0132 Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root access. CVE-1999-0165 NFS cache poisoning. CVE-1999-0003 Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd). CVE-1999-0674 The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. CVE-1999-1137 The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone. CVE-2000-0118 The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. CVE-2000-0844 Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. CVE-2000-0471 Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname. CVE-2001-0554 Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. CVE-2001-1583 lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220. CVE-2001-0797 Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. |