[CLOSE] OSVDB ID : 1163 - Disclosed: 1999-12-09

Description:

(Description Provided by CVE) : The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.

[CLOSE] OSVDB ID : 39213 - Disclosed: 2007-02-22

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 11497 - Disclosed: 1998-12-23

Description:

(Description Provided by CVE) : Linux PAM modules allow local users to gain root access using temporary files.

[CLOSE] OSVDB ID : 1478 - Disclosed: 2000-07-27

Description:

(Description Provided by CVE) : pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.

[CLOSE] OSVDB ID : 19789 - Disclosed: 2004-05-17

Description:

(Description Provided by CVE) : Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.

[CLOSE] OSVDB ID : 19790 - Disclosed: 2004-05-17

Description:

(Description Provided by CVE) : Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.

[CLOSE] OSVDB ID : 19791 - Disclosed: 2004-05-17

Description:

(Description Provided by CVE) : passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM.

[CLOSE] OSVDB ID : 5857 - Disclosed: 1995-12-22

Description:

pop3d contains a flaw that allows a malicious user to access arbitrary mail files. The issue is triggered due to the usage of mktmp() in order to create temporary files in /tmp. A local attacker can use this to read the mail currently being processed by the pop3d daemon. This flaw may lead to a loss of confidentiality.

[CLOSE] OSVDB ID : 26322 - Disclosed: 2006-05-22

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 31373 - Disclosed: 2006-12-21

Description:

(Description Provided by CVE) : Unspecified vulnerability in the "alignment check exception handling" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors.

[CLOSE] OSVDB ID : 31372 - Disclosed: 2006-12-21

Description:

(Description Provided by CVE) : Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed.

[CLOSE] OSVDB ID : 1053 - Disclosed: 1999-08-23

Description:

(Description Provided by CVE) : The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users.

[CLOSE] OSVDB ID : 13686 - Disclosed: 2000-06-07

Description:

(Description Provided by CVE) : Buffer overflow in restore program 0.4b17 and earlier in dump package allows local users to execute arbitrary commands via a long tape name.

[CLOSE] OSVDB ID : 12964 - Disclosed: 1995-04-01

Description:

(Description Provided by CVE) : rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter.

[CLOSE] OSVDB ID : 65991 - Disclosed: 2010-07-01

Description:

(Description Provided by CVE) : Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.

[CLOSE] OSVDB ID : 74916 - Disclosed: 2011-03-09

Description:

(Description Provided by CVE) : Double free vulnerability in the iscsi_rx_handler function (usr/iscsi/iscsid.c) in the tgt daemon (tgtd) in Linux SCSI target framework (tgt) before 1.0.14, aka scsi-target-utils, allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown vectors related to a buffer overflow during iscsi login. NOTE: some of these details are obtained from third party information.

[CLOSE] OSVDB ID : 63418 - Disclosed: 2010-03-24

Description:

(Description Provided by CVE) : Multiple format string vulnerabilities in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) 1.0.3, 0.9.5, and earlier and (2) iSCSI Enterprise Target (aka iscsitarget) 0.4.16 allow remote attackers to cause a denial of service (tgtd daemon crash) or possibly have unspecified other impact via vectors that involve the isns_attr_query and qry_rsp_handle functions, and are related to (a) client appearance and (b) client disappearance messages.

[CLOSE] OSVDB ID : 34267 - Disclosed: 2007-03-18

Description:

(Description Provided by CVE) : The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat.

[CLOSE] OSVDB ID : 12604 - Disclosed: 2004-12-23

Description:

(Description Provided by CVE) : The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.

[CLOSE] OSVDB ID : 1231 - Disclosed: 2000-02-24

Description:

(Description Provided by CVE) : setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file.

[CLOSE] OSVDB ID : 13528 - Disclosed: 1998-06-30

Description:

(Description Provided by CVE) : Linux 2.0.34 does not properly prevent users from sending SIGIO signals to arbitrary processes, which allows local users to cause a denial of service by sending SIGIO to processes that do not catch it.

[CLOSE] OSVDB ID : 6199 - Disclosed: 2003-05-19

Description:

A local overflow exists in slocate for Linux. The product fails to handle input of over 536870912 bytes resulting in a integer overflow. With a specially crafted request, an attacker can cause privilege escalation resulting in a loss of confidentiality and integrity.

[CLOSE] OSVDB ID : 19186 - Disclosed: 2003-12-09

Description:

(Description Provided by CVE) : Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash).

[CLOSE] OSVDB ID : 1729 - Disclosed: 2001-01-14

Description:

(Description Provided by CVE) : Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument.

[CLOSE] OSVDB ID : 19063 - Disclosed: 1995-12-03

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 10364 - Disclosed: 2001-01-14

Description:

(Description Provided by CVE) : Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands.

[CLOSE] OSVDB ID : 19065 - Disclosed: 1995-12-03

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 19062 - Disclosed: 1995-12-03

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 11501 - Disclosed: 1995-12-03

Description:

(Description Provided by CVE) : Buffer overflow in Linux splitvt command gives root access to local users.

[CLOSE] OSVDB ID : 19064 - Disclosed: 1995-12-03

Description:

Unknown / Incomplete