Trustix: >> Secure Linux >> 1.2 Security Vulnerabilities
The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-12-11
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVSS Score
9.8
EPSS Score
0.016
Published
2002-03-15
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
CVSS Score
7.5
EPSS Score
0.002
Published
2001-07-18
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
CVSS Score
2.1
EPSS Score
0.001
Published
2001-03-26
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
CVSS Score
1.2
EPSS Score
0.001
Published
2001-03-12
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVSS Score
1.2
EPSS Score
0.001
Published
2001-03-12