CVE Daily
← All tags

Tag: Privilege Escalation

All CVEs associated with "Privilege Escalation". Page 64/66 • 7822 CVEs.

Subscribe CVEs: RSS for “Privilege Escalation”  ·  RSS (High+Critical only)

About “Privilege Escalation”

A curated feed of “Privilege Escalation”-related CVEs appears below. We currently track 7822 CVEs for this tag (all time). In the last 365 days, 1227 were published. Average CVSS is 7.7 (all time; 7.9 over 365d), and 84% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-269 - Improper Privilege Management, CWE-266 - Incorrect Privilege Assignment, CWE-862 - Missing Authorization.

In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2003-05-05
High

CVE-2003-0173

xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
2003-04-11
Critical

CVE-2002-1440

The Gateway GS-400 server has a default root password of "0001n" that can not be changed via the administrative interface, which can allow attackers to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
2003-04-02
High

CVE-2002-1492

Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2002-1512

xbru in BRU Workstation 17.0 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the xbru_dscheck.dd temporary file.

CVSS: 6.2 CWE: N/A View on NVD
High

CVE-2003-0091

Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0092

Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.

CVSS: 7.2 CWE: N/A View on NVD
2003-03-31
High

CVE-2003-0127

The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the k…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0144

Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via lo…

CVSS: 7.2 CWE: N/A View on NVD
2003-03-28
High

CVE-2003-1074

Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
2003-03-24
Critical

CVE-2003-0150

MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql…

CVSS: 9.0 CWE: N/A View on NVD
2003-03-03
High

CVE-2002-1472

Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that poi…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0088

TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debu…

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2003-0098

Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2003-0101

miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic auth…

CVSS: 10.0 CWE: N/A View on NVD
2003-02-19
High

CVE-2002-1160

The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth f…

CVSS: 7.2 CWE: N/A View on NVD
2002-12-31
Medium

CVE-2002-2180

The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via a…

CVSS: 6.8 CWE: N/A View on NVD
2002-11-29
High

CVE-2002-1285

runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments.

CVSS: 7.2 CWE: N/A View on NVD
2002-11-12
High

CVE-2002-1250

Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net command line argument.

CVSS: 7.2 CWE: N/A View on NVD
2002-10-29
High

CVE-2002-1590

The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when installed using Solaris 8 Update 1/01 or later, install files with wor…

CVSS: 7.2 CWE: CWE-264 View on NVD
2002-10-04
High

CVE-2002-0905

Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0991

Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-1013

Buffer overflow in traffic_manager for Inktomi Traffic Server 4.0.18 through 5.2.2, Traffic Edge 1.1.2 and 1.5.0, and Media-IXT 3.0.4 allows local users to gain root privileges via a long -path argum…

CVSS: 7.2 CWE: N/A View on NVD
2002-09-05
High

CVE-2002-0851

Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name comma…

CVSS: 7.2 CWE: N/A View on NVD
2002-08-12
Critical

CVE-2002-0427

Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2002-0517

Buffer overflow in X11 library (libX11) on Caldera Open UNIX 8.0.0, UnixWare 7.1.1, and possibly other operating systems, allows local users to gain root privileges via a long -xrm argument to progra…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0766

OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1,…

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2002-0796

Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2002-0797

Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2002-0816

Buffer overflow in su in Tru64 Unix 5.x allows local users to gain root privileges via a long username and argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0817

Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0827

Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824.

CVSS: 7.2 CWE: N/A View on NVD
2002-08-01
High

CVE-2002-1616

Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc.

CVSS: 7.2 CWE: N/A View on NVD
2002-07-26
High

CVE-2002-0442

Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
2002-07-03
Critical

CVE-2002-0359

xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root pri…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2002-0542

mail in OpenBSD 2.9 and 3.0 processes a tilde (~) escape character in a message even when it is not in interactive mode, which could allow local users to gain root privileges via calls to mail in cro…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0631

Unknown vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 allows local users to write arbitrary files and gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
2002-06-25
High

CVE-2002-0327

Buffer overflow in Century Software TERM allows local users to gain root privileges via a long tty argument to the callin program.

CVSS: 7.2 CWE: N/A View on NVD
2002-06-18
High

CVE-2002-0357

Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
2002-05-31
Medium

CVE-2002-0293

FTP service in Alcatel OmniPCX 4400 allows the "halt" user to gain root privileges by modifying root's .profile file.

CVSS: 6.2 CWE: N/A View on NVD
Critical

CVE-2002-0311

Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for (1) in scoadminreg.cgi…

CVSS: 10.0 CWE: N/A View on NVD
2002-05-29
High

CVE-2002-0174

nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0356

Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files.

CVSS: 7.2 CWE: N/A View on NVD
2002-05-16
High

CVE-2002-0173

Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0184

Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, w…

CVSS: 7.8 CWE: CWE-131 - Incorrect Calculation of Buffer Size View on NVD
2002-05-01
High

CVE-1999-1570

Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.

CVSS: 7.2 CWE: N/A View on NVD
2002-04-04
High

CVE-2002-0151

Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.

CVSS: 7.2 CWE: N/A View on NVD
2002-04-03
High

CVE-2002-0165

LogWatch 2.5 allows local users to gain root privileges via a symlink attack, a different vulnerability than CVE-2002-0162.

CVSS: 7.2 CWE: N/A View on NVD
2002-04-02
High

CVE-2002-0158

Buffer overflow in Xsun on Solaris 2.6 through 8 allows local users to gain root privileges via a long -co (color database) command line argument.

CVSS: 7.2 CWE: N/A View on NVD
2002-03-15
High

CVE-2002-0084

Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0086

Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0088

Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0089

Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.

CVSS: 7.2 CWE: N/A View on NVD
2002-01-31
High

CVE-2001-0891

Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-0043

sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changi…

CVSS: 7.2 CWE: N/A View on NVD
2001-12-27
High

CVE-2001-1203

Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
2001-12-21
High

CVE-2001-0872

OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
2001-12-06
Critical

CVE-2001-0671

Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2001-0801

lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2001-0817

Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to modify arbitrary files and gain root privileges via a certain print request.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2001-0855

Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable.

CVSS: 7.2 CWE: N/A View on NVD
2001-11-30
High

CVE-2001-0912

Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root…

CVSS: 7.2 CWE: N/A View on NVD
2001-11-21
High

CVE-2001-0915

Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2001-0916

Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via a long check argument of a shell definition.

CVSS: 7.2 CWE: N/A View on NVD
2001-10-30
High

CVE-2001-0652

Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable.

CVSS: 7.2 CWE: N/A View on NVD
2001-10-18
High

CVE-2001-0739

Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2001-0782

KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2001-0905

Race condition in signal handling of procmail 3.20 and earlier, when running setuid, allows local users to cause a denial of service or gain root privileges by sending a signal while a signal handlin…

CVSS: 6.2 CWE: N/A View on NVD
High

CVE-2001-1384

ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, su…

CVSS: 7.2 CWE: N/A View on NVD
2001-10-17
High

CVE-2001-1447

NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications…

CVSS: 7.2 CWE: N/A View on NVD
2001-10-16
High

CVE-2001-1015

Buffer overflow in Snes9x 1.37, when installed setuid root, allows local users to gain root privileges via a long command line argument.

CVSS: 7.2 CWE: N/A View on NVD
2001-09-20
High

CVE-2001-0506

Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes (SSI) directive for a long filename, which triggers the overflow when the direc…

CVSS: 7.2 CWE: N/A View on NVD
2001-09-05
High

CVE-2001-1012

Vulnerability in screen before 3.9.10, related to a multi-attach error, allows local users to gain root privileges when there is a subdirectory under /tmp/screens/.

CVSS: 7.2 CWE: N/A View on NVD
2001-08-31
High

CVE-2001-0976

Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earlier, as used by HP-UX Workload Manager (WLM), allows local users to gain root privileges via modified libraries or environment var…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2001-1063

Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain root privileges via a long -S (scheme) command line argument.

CVSS: 7.2 CWE: N/A View on NVD
2001-08-14
High

CVE-2001-0533

Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows local users to gain root privileges via a long LANG environmental variable.

CVSS: 7.2 CWE: N/A View on NVD
2001-07-23
High

CVE-2001-0989

Buffer overflows in Pileup before 1.2 allows local users to gain root privileges via (1) long command line arguments, or (2) a long callsign.

CVSS: 7.2 CWE: N/A View on NVD
2001-07-21
Critical

CVE-2001-0353

Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine.

CVSS: 10.0 CWE: N/A View on NVD
2001-07-19
High

CVE-2001-1374

expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.

CVSS: 7.2 CWE: N/A View on NVD
2001-06-27
Critical

CVE-2001-0241

Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2001-0459

Buffer overflows in ascdc Afterstep while running setuid allows local users to gain root privileges via a long (1) -d option, (2) -m option, or (3) -f option.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2001-0468

Buffer overflow in FTPFS allows local users to gain root privileges via a long user name.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2001-0470

Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long program name.

CVSS: 7.2 CWE: N/A View on NVD
2001-06-21
Critical

CVE-2001-1078

Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FRO…

CVSS: 10.0 CWE: N/A View on NVD
2001-06-11
High

CVE-2001-1329

Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2001-1330

Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument.

CVSS: 7.2 CWE: N/A View on NVD
2001-06-02
High

CVE-2001-0220

Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2001-0221

Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
2001-05-03
High

CVE-2001-0268

The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2001-0279

Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
2001-03-26
High

CVE-2001-0176

The setuid doroot program in Voyant Sonata 3.x executes arbitrary command line arguments, which allows local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
2001-03-12
Critical

CVE-2000-0308

Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2000-0312

cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function.

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2000-0348

A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2001-0015

Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2001-0110

Buffer overflow in jaZip Zip/Jaz drive manager allows local users to gain root privileges via a long DISPLAY environmental variable.

CVSS: 7.2 CWE: N/A View on NVD
2001-02-16
Critical

CVE-2001-0032

Format string vulnerability in ssldump possibly allows remote attackers to cause a denial of service and possibly gain root privileges via malicious format string specifiers in a URL.

CVSS: 10.0 CWE: N/A View on NVD
2001-02-12
Critical

CVE-2001-0010

Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2001-0011

Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2001-0013

Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2001-0053

One-byte buffer overflow in replydirname function in BSD-based ftpd allows remote attackers to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2001-0061

procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2001-0087

itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it po…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2001-0093

Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2001-0094

Buffer overflow in kdc_reply_cipher of libkrb (Kerberos 4 authentication library) in NetBSD 1.5 and FreeBSD 4.2 and earlier, as used in Kerberised applications such as telnetd and login, allows local…

CVSS: 7.2 CWE: N/A View on NVD
2000-12-20
High

CVE-1999-0307

Buffer overflow in HP-UX cstm program allows local users to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
2000-12-19
Medium

CVE-2000-0901

Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbell_msg initialization variable.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2000-0993

Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2000-0994

Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2000-0995

Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2000-0996

Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2000-0997

Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges.

CVSS: 7.2 CWE: N/A View on NVD
2000-12-11
High

CVE-2000-0998

Format string vulnerability in top program allows local attackers to gain root privileges via the "kill" or "renice" function.

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2000-0999

Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2000-1011

Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable.

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2000-1041

Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2000-1042

Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2000-1043

Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog(…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2000-1044

Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2000-1073

csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a…

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2000-1074

csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse lib…

CVSS: 10.0 CWE: N/A View on NVD