CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
651 CVE-2000-0963 Exec Code Overflow 2000-12-19 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
652 CVE-2000-0934 DoS 2000-12-19 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack.
653 CVE-2000-0867 +Priv 2000-11-14 2018-05-03
7.2
None Local Low Not required Complete Complete Complete
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
654 CVE-2000-0751 Exec Code 2000-10-20 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
655 CVE-2000-0750 Exec Code Overflow 2000-10-20 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.
656 CVE-2000-0607 Overflow +Priv 2000-06-21 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
657 CVE-2000-0606 Overflow +Priv 2000-06-21 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.
658 CVE-2000-0566 2000-07-03 2018-05-03
7.2
None Local Low Not required Complete Complete Complete
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
659 CVE-2000-0483 2000-06-15 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization.
660 CVE-2000-0392 Overflow +Priv 2000-05-16 2020-01-21
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.
661 CVE-2000-0378 2000-05-03 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in.
662 CVE-2000-0357 1999-12-03 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.
663 CVE-2000-0355 1999-08-21 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files.
664 CVE-2000-0230 Overflow +Priv 2000-03-13 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.
665 CVE-2000-0229 +Priv 2000-03-22 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
666 CVE-2000-0219 264 2000-02-23 2015-11-04
7.2
None Local Low Not required Complete Complete Complete
Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt.
667 CVE-2000-0196 Exec Code Overflow 2000-02-28 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.
668 CVE-2000-0186 Overflow +Priv 2000-02-28 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
669 CVE-2000-0170 Overflow +Priv 2000-02-26 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.
670 CVE-2000-0118 1999-06-09 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.
671 CVE-2000-0052 2000-01-04 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
672 CVE-1999-1491 Exec Code 1996-02-02 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program.
673 CVE-1999-1490 1998-05-28 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable.
674 CVE-1999-1346 1999-10-07 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file.
675 CVE-1999-1333 Exec Code 1999-12-31 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.
676 CVE-1999-1329 Overflow +Priv 1999-12-31 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.
677 CVE-1999-1328 1999-12-31 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.
678 CVE-1999-1327 Overflow +Priv 1999-12-31 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable.
679 CVE-1999-1186 +Priv 1996-01-02 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter.
680 CVE-1999-1182 Overflow +Priv 1997-07-17 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
681 CVE-1999-1095 1997-10-06 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.
682 CVE-1999-0997 Exec Code 1999-12-20 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
683 CVE-1999-0872 Overflow 1999-08-25 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
684 CVE-1999-0868 Exec Code 1997-02-20 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
685 CVE-1999-0769 1999-08-25 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
686 CVE-1999-0768 Overflow 1999-08-25 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.
687 CVE-1999-0748 Overflow 1999-06-24 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflows in Red Hat net-tools package.
688 CVE-1999-0710 1999-07-25 2018-05-03
7.5
None Remote Low Not required Partial Partial Partial
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
689 CVE-1999-0706 +Priv 2000-04-27 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.
690 CVE-1999-0705 Overflow 1999-09-01 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in INN inews program.
691 CVE-1999-0502 1998-03-01 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
A Unix account has a default, null, blank, or missing password.
692 CVE-1999-0434 DoS +Priv 1999-03-30 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
693 CVE-1999-0405 Overflow 1999-02-18 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
A buffer overflow in lsof allows local users to obtain root privilege.
694 CVE-1999-0390 Overflow 1999-01-04 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Dosemu Slang library in Linux.
695 CVE-1999-0318 Overflow 1997-03-01 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
696 CVE-1999-0297 Overflow 1996-12-12 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
697 CVE-1999-0131 DoS Overflow 1996-09-11 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
698 CVE-1999-0130 +Priv 1996-11-16 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Local users can start Sendmail in daemon mode and gain root privileges.
699 CVE-1999-0041 Overflow 1997-02-13 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in NLS (Natural Language Service).
700 CVE-1999-0037 Exec Code 1997-05-21 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.
Total number of vulnerabilities : 704   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 (This Page)15
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.