Caldera: >> Openlinux Eserver >> 2.3 Security Vulnerabilities
telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option.
CVSS Score
7.5
EPSS Score
0.003
Published
2001-08-31
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVSS Score
1.2
EPSS Score
0.001
Published
2001-03-12
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
CVSS Score
7.2
EPSS Score
0.002
Published
2001-01-09
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
CVSS Score
10.0
EPSS Score
0.835
Published
2000-12-19
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVSS Score
10.0
EPSS Score
0.009
Published
2000-11-14
BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.
CVSS Score
5.0
EPSS Score
0.12
Published
2000-07-04
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
CVSS Score
2.1
EPSS Score
0.002
Published
1999-11-23