Filtered by vendor Redhat
Subscriptions
Filtered by product Linux
Subscriptions
Total
703 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0036 | 2 Mit, Redhat | 3 Kerberos 5, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value. | ||||
| CVE-2001-0117 | 4 Immunix, Mandrakesoft, Redhat and 1 more | 5 Immunix, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2025-04-03 | N/A |
| sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. | ||||
| CVE-2002-0043 | 2 Redhat, Todd Miller | 3 Linux, Powertools, Sudo | 2025-04-03 | N/A |
| sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked. | ||||
| CVE-2002-0045 | 2 Openldap, Redhat | 2 Openldap, Linux | 2025-04-03 | N/A |
| slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs. | ||||
| CVE-2002-0048 | 2 Andrew Tridgell, Redhat | 2 Rsync, Linux | 2025-04-03 | N/A |
| Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server. | ||||
| CVE-2002-0060 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2025-04-03 | N/A |
| IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions. | ||||
| CVE-2002-0062 | 5 Debian, Freebsd, Gnu and 2 more | 5 Debian Linux, Freebsd, Ncurses and 2 more | 2025-04-03 | N/A |
| Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." | ||||
| CVE-2002-0067 | 2 Redhat, Squid | 2 Linux, Squid | 2025-04-03 | N/A |
| Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. | ||||
| CVE-2002-0080 | 2 Redhat, Samba | 2 Linux, Rsync | 2025-04-03 | N/A |
| rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. | ||||
| CVE-2002-0082 | 3 Apache-ssl, Mod Ssl, Redhat | 5 Apache-ssl, Mod Ssl, Linux and 2 more | 2025-04-03 | N/A |
| The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session. | ||||
| CVE-2001-0142 | 5 Immunix, Mandrakesoft, National Science Foundation and 2 more | 5 Immunix, Mandrake Linux, Squid Web Proxy and 2 more | 2025-04-03 | N/A |
| squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. | ||||
| CVE-2001-0169 | 4 Mandrakesoft, Redhat, Trustix and 1 more | 5 Mandrake Linux, Mandrake Linux Corporate Server, Linux and 2 more | 2025-04-03 | N/A |
| When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib. | ||||
| CVE-2001-0170 | 4 Conectiva, Debian, Immunix and 1 more | 4 Linux, Debian Linux, Immunix and 1 more | 2025-04-03 | N/A |
| glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. | ||||
| CVE-1999-0043 | 6 Bsdi, Caldera, Isc and 3 more | 7 Bsd Os, Openlinux, Inn and 4 more | 2025-04-03 | 9.8 Critical |
| Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. | ||||
| CVE-2001-0279 | 3 Debian, Mandrakesoft, Redhat | 5 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server and 2 more | 2025-04-03 | N/A |
| Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges. | ||||
| CVE-2001-0316 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2025-04-03 | N/A |
| Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call. | ||||
| CVE-2001-0381 | 2 Pgp, Redhat | 2 Openpgp, Linux | 2025-04-03 | N/A |
| The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key. | ||||
| CVE-2001-0405 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2025-04-03 | N/A |
| ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall. | ||||
| CVE-2002-0163 | 2 Redhat, Squid | 2 Linux, Squid | 2025-04-03 | N/A |
| Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses. | ||||
| CVE-2002-0169 | 1 Redhat | 3 Docbook Stylesheets, Docbook Utils, Linux | 2025-04-03 | N/A |
| The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is installed with an insecure option enabled, which could allow users to overwrite files outside of the current directory from an untrusted document by using a full pathname as an element identifier. | ||||