Filtered by vendor Gnu
Subscriptions
Total
1082 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2000-0824 | 1 Gnu | 1 Glibc | 2024-11-20 | N/A |
| The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH. | ||||
| CVE-2000-0803 | 1 Gnu | 1 Groff | 2024-11-20 | N/A |
| GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff. | ||||
| CVE-2000-0786 | 1 Gnu | 1 Userv | 2024-11-20 | N/A |
| GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions. | ||||
| CVE-2000-0701 | 3 Conectiva, Gnu, Redhat | 3 Linux, Mailman, Linux | 2024-11-20 | N/A |
| The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges. | ||||
| CVE-2000-0335 | 2 Gnu, Isc | 2 Glibc, Bind | 2024-11-20 | N/A |
| The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. | ||||
| CVE-2000-0271 | 1 Gnu | 1 Emacs | 2024-11-20 | N/A |
| read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords. | ||||
| CVE-2000-0270 | 1 Gnu | 1 Emacs | 2024-11-20 | N/A |
| The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack. | ||||
| CVE-2000-0269 | 1 Gnu | 1 Emacs | 2024-11-20 | N/A |
| Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess. | ||||
| CVE-2000-0151 | 1 Gnu | 1 Make | 2024-11-20 | N/A |
| GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands. | ||||
| CVE-1999-1383 | 2 Gnu, Tcsh | 2 Bash, Tcsh | 2024-11-20 | N/A |
| (1) bash before 1.14.7, and (2) tcsh 6.05 allow local users to gain privileges via directory names that contain shell metacharacters (` back-tick), which can cause the commands enclosed in the directory name to be executed when the shell expands filenames using the \w option in the PS1 variable. | ||||
| CVE-1999-1165 | 1 Gnu | 1 Fingerd | 2024-11-20 | N/A |
| GNU fingerd 1.37 does not properly drop privileges before accessing user information, which could allow local users to (1) gain root privileges via a malicious program in the .fingerrc file, or (2) read arbitrary files via symbolic links from .plan, .forward, or .project files. | ||||
| CVE-1999-0719 | 1 Gnu | 1 Gnumeric | 2024-11-20 | N/A |
| The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. | ||||
| CVE-1999-0612 | 2 Gnu, Microsoft | 4 Finger Service, Fingerd, Windows 2000 and 1 more | 2024-11-20 | N/A |
| A version of finger is running that exposes valid user information to any entity on the network. | ||||
| CVE-1999-0491 | 1 Gnu | 1 Bash | 2024-11-20 | N/A |
| The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute. | ||||
| CVE-1999-0402 | 1 Gnu | 1 Wget | 2024-11-20 | N/A |
| wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. | ||||
| CVE-1999-0216 | 3 Gnu, Hp, Linux | 3 Inet, Hp-ux, Linux Kernel | 2024-11-20 | N/A |
| Denial of service of inetd on Linux through SYN and RST packets. | ||||
| CVE-1999-0199 | 1 Gnu | 1 Glibc | 2024-11-20 | 9.8 Critical |
| manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to access a dangling pointer in an application whose developer was unaware of a documentation update from 1999. | ||||
| CVE-1999-0150 | 1 Gnu | 1 Fingerd | 2024-11-20 | N/A |
| The Perl fingerd program allows arbitrary command execution from remote users. | ||||
| CVE-1999-0041 | 5 Cray, Gnu, Ibm and 2 more | 6 Unicos, Unicos Max, Libc and 3 more | 2024-11-20 | N/A |
| Buffer overflow in NLS (Natural Language Service). | ||||
| CVE-1999-0035 | 2 Gnu, Sgi | 2 Inet, Irix | 2024-11-20 | N/A |
| Race condition in signal handling routine in ftpd, allowing read/write arbitrary files. | ||||