Suse: >> Suse Linux Security Vulnerabilities
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.002
Published
2001-12-21
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.
CVSS Score
6.4
EPSS Score
0.025
Published
2001-12-06
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
CVSS Score
5.0
EPSS Score
0.006
Published
2001-12-06
Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow remote attackers to execute arbitrary commands by not opening files securely.
CVSS Score
5.1
EPSS Score
0.008
Published
2001-11-22
Linux kernel before 2.4.11pre3 in multiple Linux distributions allows local users to cause a denial of service (crash) by starting the core vmlinux kernel, possibly related to poor error checking during ELF loading.
CVSS Score
2.1
EPSS Score
0.001
Published
2001-11-21
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
CVSS Score
7.5
EPSS Score
0.254
Published
2001-10-18
Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.
CVSS Score
4.6
EPSS Score
0.003
Published
2001-09-20
Vulnerability in screen before 3.9.10, related to a multi-attach error, allows local users to gain root privileges when there is a subdirectory under /tmp/screens/.
CVSS Score
7.2
EPSS Score
0.001
Published
2001-09-05
Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and possibly other operating systems, allows local users to gain privileges via a long first command line argument.
CVSS Score
7.2
EPSS Score
0.001
Published
2001-08-14
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp.
CVSS Score
4.6
EPSS Score
0.001
Published
2001-08-02