gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.07%
Published
2001-03-12
Updated
2017-10-10
rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
1.2
EPSS Score
0.04%
Published
2001-03-12
Updated
2017-10-10
Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service.
Max CVSS
1.7
EPSS Score
0.04%
Published
2003-12-31
Updated
2017-10-11
The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem is mounted with the noacl option, checks permissions for the open system call via vfs_permission (mode bits) data rather than an NFS ACCESS call to the server, which allows local client processes to obtain a false success status from open calls that the server would deny, and possibly obtain sensitive information about file permissions on the server, as demonstrated in a root_squash environment. NOTE: it is uncertain whether any scenarios involving this issue cross privilege boundaries.
Max CVSS
1.9
EPSS Score
0.04%
Published
2007-09-18
Updated
2008-09-05
The ipv6_getsockopt_sticky function in the kernel in Red Hat Enterprise Linux (RHEL) Beta 5.1.0 allows local users to obtain sensitive information (kernel memory contents) via a negative value of the len parameter. NOTE: this issue has been disputed in a bug comment, stating that "len is ignored when copying header info to the user's buffer.
Max CVSS
1.9
EPSS Score
0.04%
Published
2007-09-18
Updated
2024-03-21
Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intrusion Detection Environment (AIDE) before 0.13.1 with a database that lacks checksum information, which allows context-dependent attackers to bypass file integrity checks and modify certain files.
Max CVSS
1.9
EPSS Score
0.06%
Published
2007-09-05
Updated
2017-09-29
Algorithmic complexity vulnerability in the MCS translation daemon in mcstrans 0.2.3 allows local users to cause a denial of service (temporary daemon outage) via a large range of compartments in sensitivity labels.
Max CVSS
1.9
EPSS Score
0.04%
Published
2007-11-10
Updated
2017-09-29
A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_delete files under /sys/class/scsi_host/, which allows local users to make arbitrary changes to SCSI host attributes by modifying these files.
Max CVSS
1.9
EPSS Score
0.04%
Published
2010-01-27
Updated
2023-02-13
The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memory via a crafted getsockopt system call, related to (1) the l2cap_sock_getsockopt_old function in net/bluetooth/l2cap_sock.c and (2) the rfcomm_sock_getsockopt_old function in net/bluetooth/rfcomm/sock.c.
Max CVSS
1.9
EPSS Score
0.04%
Published
2011-07-28
Updated
2023-02-13
The perf subsystem in the kernel package 2.6.32-122.el6.x86_64 in Red Hat Enterprise Linux (RHEL) 6 does not properly handle NMIs, which might allow local users to cause a denial of service (excessive log messages) via unspecified vectors.
Max CVSS
1.9
EPSS Score
0.04%
Published
2013-06-08
Updated
2023-02-13
The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly 2.0.8 and earlier, does not properly set the group (GID) permissions on core dump files for setuid programs when the sysctl fs.suid_dumpable option is set to 2, which allows local users to obtain sensitive information.
Max CVSS
1.9
EPSS Score
0.04%
Published
2012-07-03
Updated
2017-08-29
The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protection mechanism by leveraging a predictable base address for one of these libraries.
Max CVSS
1.9
EPSS Score
0.06%
Published
2013-03-01
Updated
2023-02-13
The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.
Max CVSS
1.2
EPSS Score
0.05%
Published
2012-06-13
Updated
2023-02-13
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.
Max CVSS
1.2
EPSS Score
0.17%
Published
2012-07-03
Updated
2017-09-19
net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability.
Max CVSS
1.9
EPSS Score
0.04%
Published
2013-03-15
Updated
2019-04-22
The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability.
Max CVSS
1.9
EPSS Score
0.04%
Published
2013-03-15
Updated
2019-04-22
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument.
Max CVSS
1.9
EPSS Score
0.09%
Published
2013-03-15
Updated
2019-04-22
43 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!