Suse: >> Suse Linux >> 7.0 Security Vulnerabilities
Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.
CVSS Score
7.5
EPSS Score
0.015
Published
2002-08-12
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVSS Score
9.8
EPSS Score
0.016
Published
2002-03-15
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."
CVSS Score
7.2
EPSS Score
0.002
Published
2002-03-08
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
CVSS Score
7.2
EPSS Score
0.003
Published
2002-02-27
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.
CVSS Score
7.5
EPSS Score
0.024
Published
2001-12-21
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.002
Published
2001-12-21
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.
CVSS Score
6.4
EPSS Score
0.025
Published
2001-12-06
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
CVSS Score
5.0
EPSS Score
0.006
Published
2001-12-06
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
CVSS Score
7.5
EPSS Score
0.254
Published
2001-10-18
Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.
CVSS Score
4.6
EPSS Score
0.003
Published
2001-09-20