xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-02-18
Updated
2017-12-19
aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory.
Max CVSS
2.1
EPSS Score
0.04%
Published
2000-05-02
Updated
2008-09-10
The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-12-14
Updated
2008-09-10
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-03-26
Updated
2017-10-10
Linux kernel before 2.4.11pre3 in multiple Linux distributions allows local users to cause a denial of service (crash) by starting the core vmlinux kernel, possibly related to poor error checking during ELF loading.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-11-21
Updated
2017-10-10
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."
Max CVSS
2.1
EPSS Score
0.04%
Published
2003-12-31
Updated
2008-09-05
The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-02-17
Updated
2016-10-18
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-06
Updated
2017-10-11
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-08-06
Updated
2017-10-11
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
Max CVSS
2.1
EPSS Score
0.05%
Published
2004-08-06
Updated
2017-10-11
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-08-06
Updated
2017-10-11
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-01-10
Updated
2017-10-11
SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-01-10
Updated
2017-10-11
Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-04-14
Updated
2017-10-11
YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-07-11
Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-bug created by fvwm-bug, (2) /tmp/wmmenu created by wm-oldmenu2new, (3) /tmp/rates created by x11perfcomp, (4) /tmp/xf86debug.1.log created by xf86debug, (5) /tmp/.winpopup-new created by winpopup-send.sh, or (6) /tmp/initrd created by lvmcreate_initrd.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-31
Updated
2017-07-11
resmgr in SUSE CORE 9 does not properly identify terminal names, which allows local users to spoof terminals and login types.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-31
Updated
2008-09-05
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-02-07
Updated
2018-08-13
Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.
Max CVSS
2.1
EPSS Score
0.06%
Published
2005-05-02
Updated
2017-10-11
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.
Max CVSS
2.1
EPSS Score
0.11%
Published
2005-08-05
Updated
2023-02-13
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).
Max CVSS
2.1
EPSS Score
0.05%
Published
2005-08-05
Updated
2023-02-13
StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-10-05
Updated
2008-09-05
StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-10-05
Updated
2008-09-05
resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, allows local users to bypass access control rules for USB devices via "alternate syntax for specifying USB devices."
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-12-31
Updated
2008-09-05
resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-12-31
Updated
2008-09-05
26 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!