The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4.
Max CVSS
6.5
EPSS Score
0.11%
Published
2017-12-11
Updated
2017-12-27
Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.
Max CVSS
6.4
EPSS Score
0.66%
Published
1999-08-19
Updated
2008-09-09
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.
Max CVSS
6.4
EPSS Score
0.61%
Published
1999-12-31
Updated
2017-10-10
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
Max CVSS
6.2
EPSS Score
0.04%
Published
2000-10-20
Updated
2022-08-17
initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files.
Max CVSS
6.2
EPSS Score
0.04%
Published
2001-09-26
Updated
2008-09-10
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
Max CVSS
6.2
EPSS Score
0.36%
Published
2002-08-12
Updated
2016-10-18
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
Max CVSS
6.2
EPSS Score
0.04%
Published
2005-04-14
Updated
2017-10-11
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
Max CVSS
6.2
EPSS Score
0.04%
Published
2007-07-15
Updated
2018-10-16
Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions.
Max CVSS
6.0
EPSS Score
0.47%
Published
2007-09-25
Updated
2017-07-29
9 vulnerabilities found