Filtered by vendor Gnu Subscriptions
Total 1074 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2002-0435 2 Gnu, Redhat 3 Fileutils, Enterprise Linux, Linux 2024-11-21 N/A
Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system.
CVE-2002-0399 2 Gnu, Redhat 3 Tar, Enterprise Linux, Linux 2024-11-21 N/A
Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267.
CVE-2002-0389 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2024-11-21 N/A
Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives.
CVE-2002-0388 2 Gnu, Redhat 5 Mailman, Enterprise Linux, Linux and 2 more 2024-11-21 N/A
Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries.
CVE-2002-0204 1 Gnu 1 Chess 2024-11-21 N/A
Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command.
CVE-2002-0178 2 Gnu, Redhat 3 Sharutils, Enterprise Linux, Linux 2024-11-21 N/A
uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands.
CVE-2002-0062 5 Debian, Freebsd, Gnu and 2 more 5 Debian Linux, Freebsd, Ncurses and 2 more 2024-11-21 N/A
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."
CVE-2002-0044 3 Debian, Gnu, Redhat 3 Debian Linux, Enscript, Linux 2024-11-21 N/A
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
CVE-2002-0003 2 Gnu, Redhat 2 Groff, Linux 2024-11-21 N/A
Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system.
CVE-2001-1593 1 Gnu 1 A2ps 2024-11-21 N/A
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file.
CVE-2001-1377 12 Freeradius, Gnu, Icradius and 9 more 12 Freeradius, Radius, Icradius and 9 more 2024-11-21 N/A
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.
CVE-2001-1376 13 Ascend, Freeradius, Gnu and 10 more 13 Radius, Freeradius, Radius and 10 more 2024-11-21 N/A
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.
CVE-2001-1301 2 Gnu, Xemacs 2 Emacs, Xemacs 2024-11-21 N/A
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.
CVE-2001-1267 2 Gnu, Redhat 3 Tar, Enterprise Linux, Linux 2024-11-21 N/A
Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot).
CVE-2001-1228 1 Gnu 1 Gzip 2024-11-21 N/A
Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server.
CVE-2001-1132 1 Gnu 1 Mailman 2024-11-21 N/A
Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication.
CVE-2001-1036 2 Gnu, Slackware 2 Findutils, Slackware Linux 2024-11-21 N/A
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.
CVE-2001-1022 3 Gnu, Jgroff, Redhat 3 Groff, Jgroff, Linux 2024-11-21 N/A
Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command.
CVE-2001-0884 2 Gnu, Redhat 4 Mailman, Linux, Powertools and 1 more 2024-11-21 N/A
Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.
CVE-2001-0522 2 Gnu, Redhat 2 Privacy Guard, Linux 2024-11-21 N/A
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file.