Filtered by vendor Gnu
Subscriptions
Total
1074 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2002-0435 | 2 Gnu, Redhat | 3 Fileutils, Enterprise Linux, Linux | 2024-11-21 | N/A |
Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system. | ||||
CVE-2002-0399 | 2 Gnu, Redhat | 3 Tar, Enterprise Linux, Linux | 2024-11-21 | N/A |
Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267. | ||||
CVE-2002-0389 | 2 Gnu, Redhat | 2 Mailman, Enterprise Linux | 2024-11-21 | N/A |
Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives. | ||||
CVE-2002-0388 | 2 Gnu, Redhat | 5 Mailman, Enterprise Linux, Linux and 2 more | 2024-11-21 | N/A |
Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries. | ||||
CVE-2002-0204 | 1 Gnu | 1 Chess | 2024-11-21 | N/A |
Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command. | ||||
CVE-2002-0178 | 2 Gnu, Redhat | 3 Sharutils, Enterprise Linux, Linux | 2024-11-21 | N/A |
uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands. | ||||
CVE-2002-0062 | 5 Debian, Freebsd, Gnu and 2 more | 5 Debian Linux, Freebsd, Ncurses and 2 more | 2024-11-21 | N/A |
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." | ||||
CVE-2002-0044 | 3 Debian, Gnu, Redhat | 3 Debian Linux, Enscript, Linux | 2024-11-21 | N/A |
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files. | ||||
CVE-2002-0003 | 2 Gnu, Redhat | 2 Groff, Linux | 2024-11-21 | N/A |
Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system. | ||||
CVE-2001-1593 | 1 Gnu | 1 A2ps | 2024-11-21 | N/A |
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file. | ||||
CVE-2001-1377 | 12 Freeradius, Gnu, Icradius and 9 more | 12 Freeradius, Radius, Icradius and 9 more | 2024-11-21 | N/A |
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2. | ||||
CVE-2001-1376 | 13 Ascend, Freeradius, Gnu and 10 more | 13 Radius, Freeradius, Radius and 10 more | 2024-11-21 | N/A |
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data. | ||||
CVE-2001-1301 | 2 Gnu, Xemacs | 2 Emacs, Xemacs | 2024-11-21 | N/A |
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. | ||||
CVE-2001-1267 | 2 Gnu, Redhat | 3 Tar, Enterprise Linux, Linux | 2024-11-21 | N/A |
Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot). | ||||
CVE-2001-1228 | 1 Gnu | 1 Gzip | 2024-11-21 | N/A |
Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server. | ||||
CVE-2001-1132 | 1 Gnu | 1 Mailman | 2024-11-21 | N/A |
Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication. | ||||
CVE-2001-1036 | 2 Gnu, Slackware | 2 Findutils, Slackware Linux | 2024-11-21 | N/A |
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory. | ||||
CVE-2001-1022 | 3 Gnu, Jgroff, Redhat | 3 Groff, Jgroff, Linux | 2024-11-21 | N/A |
Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command. | ||||
CVE-2001-0884 | 2 Gnu, Redhat | 4 Mailman, Linux, Powertools and 1 more | 2024-11-21 | N/A |
Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users. | ||||
CVE-2001-0522 | 2 Gnu, Redhat | 2 Privacy Guard, Linux | 2024-11-21 | N/A |
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. |