Redhat Linux vulnerabilities

CVE-2000-0289 [MEDIUM] CVE-2000-0289: IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal int IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.

CVE-2000-0229 [HIGH] CVE-2000-0229: gpm-root in the gpm package does not properly drop privileges, which allows local users to gain priv gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.

CVE-2000-0230 [HIGH] CVE-2000-0230: Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script an Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.

CVE-2000-0184 [LOW] CVE-2000-0184: Linux printtool sets the permissions of printer configuration files to be world-readable, which allo Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.

CVE-2000-0196 [HIGH] CVE-2000-0196: Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via m Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.

CVE-2000-0186 [HIGH] CVE-2000-0186: Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain pr Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.

CVE-2000-0170 [HIGH] CVE-2000-0170: Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER e Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.

CVE-2000-0219 [HIGH] CWE-264 CVE-2000-0219: Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the pass Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt.

CVE-2000-0093 [CRITICAL] CVE-2000-0093: An installation of Red Hat uses DES password encryption with crypt() for the initial password, inste An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5.

CVE-2000-1220 [CRITICAL] CVE-2000-1220: The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local us The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.

CVE-2000-1221 [CRITICAL] CVE-2000-1221: The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates b The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.

CVE-2000-0052 [HIGH] CVE-2000-0052: Red Hat userhelper program in the usermode package allows local users to gain root access via PAM an Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.

CVE-1999-1329 [HIGH] CVE-1999-1329: Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges. Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.

CVE-1999-1333 [HIGH] CVE-1999-1333: automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote a automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.

CVE-1999-1327 [HIGH] CVE-1999-1327: Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privil Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable.

CVE-1999-1328 [HIGH] CVE-1999-1328: linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files a linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.

CVE-1999-1330 [MEDIUM] CVE-1999-1330: The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attacke The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.

CVE-1999-1335 [MEDIUM] CVE-1999-1335: snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remot snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.

CVE-1999-1331 [LOW] CVE-1999-1331: netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface.

CVE-1999-1332 [LOW] CVE-1999-1332: gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.