System vulnerabilities

Showing 9001 - 9022 of 9K CVEs

  1. CVE-1999-0782 Published Nov 18, 1998

    KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.

  2. CVE-1999-0781 Published Nov 18, 1998

    KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables.

  3. CVE-1999-0780 Published Nov 18, 1998

    KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file.

  4. CVE-1999-1441 Published Jun 30, 1998

    Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it.

  5. CVE-1999-1442 Published Jun 22, 1998

    Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments.

  6. CVE-1999-0257 Published Apr 1, 1998

    Nestea variation of teardrop IP fragmentation denial of service.

  7. CVE-1999-0330 Published Mar 1, 1998

    Linux bdash game has a buffer overflow that allows local users to gain root access.

  8. CVE-1999-0513 Published Jan 5, 1998

    ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service.

  9. CVE-1999-0216 Published Nov 1, 1997

    Denial of service of inetd on Linux through SYN and RST packets.

  10. CVE-1999-0061 Published Oct 2, 1997

    File creation and deletion, and remote execution, in the BSD line printer daemon (lpd).

  11. CVE-1999-0183 Published Sep 1, 1997

    Linux implementations of TFTP would allow access to files outside the restricted directory.

  12. CVE-1999-1225 Published Aug 24, 1997

    rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.

  13. CVE-1999-0524 Published Aug 1, 1997

    ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

  14. CVE-1999-0628 Published Jul 1, 1997

    The rwho/rwhod service is running, which exposes machine status and user information.

  15. CVE-1999-0195 Published Jul 1, 1997

    Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1.

  16. CVE-1999-0074 Published Jul 1, 1997

    Listening TCP ports are sequentially allocated, allowing spoofing attacks.

  17. CVE-1999-0165 Published Mar 1, 1997

    NFS cache poisoning.

  18. CVE-1999-0171 Published Jan 1, 1997

    Denial of service in syslog by sending it a large number of superfluous messages.

  19. CVE-1999-0128 Published Dec 18, 1996

    Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.

  20. CVE-1999-1572 Published Jul 16, 1996

    cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.

  21. CVE-1999-0138 Published Jun 26, 1996

    The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access.

  22. CVE-1999-0245 Published Sep 7, 1995

    Some configurations of NIS+ in Linux allowed attackers to log in as the user "+".