Shodan
Vulnerabilities
Vulnerable Software
Gnu:  Security Vulnerabilities
CVE-2000-0947
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.
CVSS Score
10.0
EPSS Score
0.009
Published
2000-12-19
CVE-2000-0959
glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack.
CVSS Score
1.2
EPSS Score
0.001
Published
2000-12-19
CVE-2000-0963
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
CVSS Score
7.2
EPSS Score
0.002
Published
2000-12-19
CVE-2000-0974
GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection.
CVSS Score
7.5
EPSS Score
0.018
Published
2000-12-19
CVE-2000-0824
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
CVSS Score
7.2
EPSS Score
0.003
Published
2000-11-14
CVE-2000-0861
Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion.
CVSS Score
7.2
EPSS Score
0.001
Published
2000-11-14
CVE-2000-1219
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows.
CVSS Score
7.5
EPSS Score
0.006
Published
2000-11-01
CVE-2000-0701
The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.
CVSS Score
4.6
EPSS Score
0.001
Published
2000-10-20
CVE-2000-0786
GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions.
CVSS Score
4.6
EPSS Score
0.001
Published
2000-10-20
CVE-2000-0335
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results.
CVSS Score
7.5
EPSS Score
0.011
Published
2000-05-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved