sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.
CVSS Score
7.2
EPSS Score
0.001
Published
1997-10-06
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
CVSS Score
7.2
EPSS Score
0.001
Published
1997-07-17
Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.
CVSS Score
7.2
EPSS Score
0.003
Published
1997-05-29
Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.
CVSS Score
7.5
EPSS Score
0.008
Published
1997-05-21
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
CVSS Score
7.2
EPSS Score
0.002
Published
1997-02-20
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
CVSS Score
7.2
EPSS Score
0.001
Published
1996-12-12
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
CVSS Score
9.8
EPSS Score
0.016
Published
1996-12-04
Page 4