- EPSS 1.61%
- Veröffentlicht 12.01.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:56:10
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
CVE-2000-1095
- EPSS 1.11%
- Veröffentlicht 09.01.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:53:08
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
CVE-2000-1134
- EPSS 1.42%
- Veröffentlicht 09.01.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:53:13
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via...
- EPSS 1.97%
- Veröffentlicht 11.12.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:53:02
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
- EPSS 1.83%
- Veröffentlicht 11.12.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:53:02
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
CVE-2000-1059
- EPSS 0.41%
- Veröffentlicht 11.12.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:53:04
The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges.
- EPSS 15.35%
- Veröffentlicht 14.11.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:52:35
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVE-2000-0867
- EPSS 0.41%
- Veröffentlicht 14.11.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:52:38
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
- EPSS 9.45%
- Veröffentlicht 14.11.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:52:40
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
CVE-2000-0718
- EPSS 0.26%
- Veröffentlicht 20.10.2000 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:52:20
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.