Filtered by vendor Redhat
Subscriptions
Filtered by product Linux
Subscriptions
Total
700 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0036 | 2 Kth, Redhat | 2 Kth Kerberos, Linux | 2025-04-03 | N/A |
| KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket file. | ||||
| CVE-2000-0052 | 3 Mandrakesoft, Redhat, Turbolinux | 3 Mandrake Linux, Linux, Turbolinux | 2025-04-03 | N/A |
| Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. | ||||
| CVE-2002-0004 | 8 Caldera, Debian, Freebsd and 5 more | 9 Openlinux Server, Openlinux Workstation, Debian Linux and 6 more | 2025-04-03 | N/A |
| Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | ||||
| CVE-2002-0006 | 2 Redhat, Xchat | 2 Linux, Xchat | 2025-04-03 | N/A |
| XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set. | ||||
| CVE-2002-0012 | 2 Redhat, Snmp | 3 Linux, Powertools, Snmp | 2025-04-03 | N/A |
| Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | ||||
| CVE-2002-0013 | 2 Redhat, Snmp | 3 Linux, Powertools, Snmp | 2025-04-03 | N/A |
| Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | ||||
| CVE-2002-0014 | 2 Redhat, University Of Washington | 2 Linux, Pine | 2025-04-03 | N/A |
| URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&). | ||||
| CVE-2002-0036 | 2 Mit, Redhat | 3 Kerberos 5, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value. | ||||
| CVE-2002-0043 | 2 Redhat, Todd Miller | 3 Linux, Powertools, Sudo | 2025-04-03 | N/A |
| sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked. | ||||
| CVE-2002-0044 | 3 Debian, Gnu, Redhat | 3 Debian Linux, Enscript, Linux | 2025-04-03 | N/A |
| GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files. | ||||
| CVE-2002-0045 | 2 Openldap, Redhat | 2 Openldap, Linux | 2025-04-03 | N/A |
| slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs. | ||||
| CVE-2002-0046 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2025-04-03 | N/A |
| Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of fragmented ICMP packets that generate an ICMP TTL Exceeded response, which includes portions of the memory in the response packet. | ||||
| CVE-2002-0047 | 2 Olaf Titz, Redhat | 2 Cipe, Linux | 2025-04-03 | N/A |
| CIPE VPN package before 1.3.0-3 allows remote attackers to cause a denial of service (crash) via a short malformed packet. | ||||
| CVE-2002-0048 | 2 Andrew Tridgell, Redhat | 2 Rsync, Linux | 2025-04-03 | N/A |
| Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server. | ||||
| CVE-2002-0059 | 2 Redhat, Zlib | 3 Linux, Powertools, Zlib | 2025-04-03 | 9.8 Critical |
| The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data. | ||||
| CVE-2002-0060 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2025-04-03 | N/A |
| IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions. | ||||
| CVE-2002-0062 | 5 Debian, Freebsd, Gnu and 2 more | 5 Debian Linux, Freebsd, Ncurses and 2 more | 2025-04-03 | N/A |
| Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." | ||||
| CVE-2002-0067 | 2 Redhat, Squid | 2 Linux, Squid | 2025-04-03 | N/A |
| Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. | ||||
| CVE-2002-0068 | 2 Redhat, Squid | 2 Linux, Squid | 2025-04-03 | N/A |
| Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters. | ||||
| CVE-2001-1400 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2025-04-03 | N/A |
| Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock). | ||||