Conectiva

conectiva

63 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Linux

linux

63 CVEs

CVEs (63)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2003-0468 2Conectiva Wietse Venema 2Linux Postfix Apr 16, 2026 Aug 27, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed...Show more Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.Show less
CVE-2002-0083 9Conectiva EngardelinuxImmunix+6 more 11Immunix LinuxLinux+8 more Apr 16, 2026 Mar 15, 2002 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVE-2001-0834 4Conectiva DebianHtdig+1 more 4Debian Linux HtdigLinux+1 more Apr 16, 2026 Dec 6, 2001 N/A· v4 N/A· v3 6.4 MEDIUM· v2 htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) b...Show more htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.Show less
CVE-2001-0690 4Conectiva DebianRedhat+1 more 4Debian Linux EximLinux+1 more Apr 16, 2026 Sep 20, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
CVE-2001-1375 2Conectiva Redhat 2Linux Linux Apr 16, 2026 Jul 19, 2001 N/A· v4 N/A· v3 4.6 MEDIUM· v2 tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-c...Show more tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory.Show less
CVE-2001-1374 3Conectiva Don LibesRedhat 3Expect LinuxLinux Apr 16, 2026 Jul 19, 2001 N/A· v4 N/A· v3 7.2 HIGH· v2 expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.
CVE-2001-0440 3Conectiva LicqMandrakesoft 3Licq LinuxMandrake Linux Apr 16, 2026 Jul 2, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.
CVE-2001-0439 5Conectiva FreebsdLicq+2 more 6Freebsd LicqLinux+3 more Apr 16, 2026 Jul 2, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
CVE-2001-0473 5Conectiva ImmunixMandrakesoft+2 more 5Immunix LinuxLinux+2 more Apr 16, 2026 Jun 27, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
CVE-2001-0178 4Caldera ConectivaMandrakesoft+1 more 5Linux Mandrake LinuxMandrake Linux Corporate Server+2 more Apr 16, 2026 Mar 26, 2001 N/A· v4 N/A· v3 2.1 LOW· v2 kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
CVE-2001-0170 4Conectiva DebianImmunix+1 more 4Debian Linux ImmunixLinux+1 more Apr 16, 2026 Mar 26, 2001 N/A· v4 N/A· v3 2.1 LOW· v2 glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
CVE-2001-0136 4Conectiva DebianMandrakesoft+1 more 4Debian Linux LinuxMandrake Linux+1 more Apr 16, 2026 Mar 12, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
CVE-2001-0128 6Conectiva DebianFreebsd+3 more 7Debian Linux FreebsdLinux+4 more Apr 16, 2026 Mar 12, 2001 N/A· v4 N/A· v3 7.2 HIGH· v2 Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
CVE-2000-1134 7Caldera ConectivaHp+4 more 9Hp Ux ImmunixLinux+6 more Apr 16, 2026 Jan 9, 2001 N/A· v4 N/A· v3 7.2 HIGH· v2 Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to over...Show more Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.Show less
CVE-2000-1095 5Conectiva ImmunixMandrakesoft+2 more 5Immunix LinuxLinux+2 more Apr 16, 2026 Jan 9, 2001 N/A· v4 N/A· v3 7.2 HIGH· v2 modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
CVE-2000-0844 13Caldera ConectivaDebian+10 more 16Aix Debian LinuxImmunix+13 more Apr 16, 2026 Nov 14, 2000 N/A· v4 N/A· v3 10.0 HIGH· v2 Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
CVE-2000-0747 1Conectiva 1Linux Apr 16, 2026 Oct 20, 2000 N/A· v4 N/A· v3 10.0 HIGH· v2 The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it.
CVE-2000-0715 2Conectiva Kirk Bauer 2Diskcheck Linux Apr 16, 2026 Oct 20, 2000 N/A· v4 N/A· v3 2.1 LOW· v2 DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file.
CVE-2000-0701 3Conectiva GnuRedhat 3Linux LinuxMailman Apr 16, 2026 Oct 20, 2000 N/A· v4 N/A· v3 4.6 MEDIUM· v2 The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.
CVE-2000-0668 3Conectiva Michael K. JohnsonRedhat 3Linux LinuxPam Console Apr 16, 2026 Jul 27, 2000 N/A· v4 N/A· v3 5.0 MEDIUM· v2 pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.

Previous 1 234 Next