| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program. |
| Sendmail 8.6.9 allows remote attackers to execute root commands, using ident. |
| Denial of service in Sendmail 8.6.11 and 8.6.12. |
| MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. |
| Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command. |
| Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570. |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
| The SunView (SunTools) selection_svc facility allows remote users to read files. |
| buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters. |
| Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. |
| rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file. |
| Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server. |
| libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. |
| Denial of service by sending forged ICMP unreachable packets. |
| Routed allows attackers to append data to files. |
| Denial of service of inetd on Linux through SYN and RST packets. |
| Malicious option settings in UDP packets could force a reboot in SunOS 4.1.3 systems. |
| Livingston portmaster machines could be rebooted via a series of commands. |
| cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files. |
| Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of service via a malformed control word. |
