CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Suse : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
851 CVE-2000-1040 DoS 2000-12-11 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service.
852 CVE-2000-1016 +Info 2000-12-11 2017-10-10
5.0
None Remote Low Not required Partial None None
The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc directory, which allows remote attackers to read package documentation and obtain system configuration information via an HTTP request for the /doc/packages URL.
853 CVE-2000-0869 2000-11-14 2017-10-10
5.0
None Remote Low Not required Partial None None
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.
854 CVE-2000-0868 2000-11-14 2017-10-10
5.0
None Remote Low Not required Partial None None
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.
855 CVE-2000-0844 264 Exec Code 2000-11-14 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
856 CVE-2000-0800 +Priv 2000-10-20 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.
857 CVE-2000-0666 +Priv 2000-07-16 2018-05-03
10.0
None Remote Low Not required Complete Complete Complete
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
858 CVE-2000-0614 2000-07-10 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded compressed attachments which specify absolute path names for the decompressed output.
859 CVE-2000-0491 DoS Exec Code Overflow 2000-05-24 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.
860 CVE-2000-0438 Exec Code Overflow 2000-05-22 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.
861 CVE-2000-0433 +Priv 2000-05-02 2008-09-10
4.6
None Local Low Not required Partial Partial Partial
The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles.
862 CVE-2000-0363 +Priv 1999-10-22 2008-09-10
6.2
None Local High Not required Complete Complete Complete
Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory.
863 CVE-2000-0362 Overflow +Priv 1999-10-22 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges.
864 CVE-2000-0361 1999-12-14 2008-09-10
2.1
None Local Low Not required Partial None None
The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information.
865 CVE-2000-0355 1999-08-21 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files.
866 CVE-2000-0340 Exec Code Overflow 2000-04-29 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable.
867 CVE-2000-0293 2000-05-02 2008-09-10
2.1
None Local Low Not required None Partial None
aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory.
868 CVE-2000-0233 +Priv Bypass 2000-03-15 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges.
869 CVE-2000-0231 +Priv 2000-03-16 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges.
870 CVE-2000-0229 +Priv 2000-03-22 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
871 CVE-2000-0218 Overflow +Priv 2000-02-03 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname.
872 CVE-1999-1495 1999-02-18 2017-12-19
2.1
None Local Low Not required None None Partial
xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file.
873 CVE-1999-1182 Overflow +Priv 1997-07-17 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
874 CVE-1999-0906 Overflow 1999-09-23 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in sccw allows local users to gain root access via the HOME environmental variable.
875 CVE-1999-0831 DoS 1999-11-19 2008-09-09
5.0
None Remote Low Not required None None Partial
Denial of service in Linux syslogd via a large number of connections.
876 CVE-1999-0804 DoS 1999-06-01 2008-09-09
5.0
None Remote Low Not required None None Partial
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
877 CVE-1999-0768 Overflow 1999-08-25 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.
878 CVE-1999-0746 DoS 1999-08-16 2008-09-09
5.0
None Remote Low Not required None None Partial
A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.
879 CVE-1999-0462 1999-03-17 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk.
880 CVE-1999-0434 DoS +Priv 1999-03-30 2008-09-09
7.5
None Remote Low Not required Partial Partial Partial
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
881 CVE-1999-0433 DoS +Priv 1999-03-21 2008-09-09
4.6
None Local Low Not required Partial Partial Partial
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
882 CVE-1999-0426 1999-03-01 2008-09-09
10.0
None Remote Low Not required Complete Complete Complete
The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.
883 CVE-1999-0409 Overflow 1999-03-04 2008-09-09
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access.
884 CVE-1999-0405 Overflow 1999-02-18 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
A buffer overflow in lsof allows local users to obtain root privilege.
885 CVE-1999-0390 Overflow 1999-01-04 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Dosemu Slang library in Linux.
886 CVE-1999-0363 Overflow 1999-02-02 2008-09-09
7.2
None Local Low Not required Complete Complete Complete
SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise.
887 CVE-1999-0234 1996-10-08 2008-09-09
4.6
None Local Low Not required Partial Partial Partial
Bash treats any character with a value of 255 as a command separator.
Total number of vulnerabilities : 883   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.