Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2001-0554

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-09 Mar, 2002 | 05:00
Updated At-08 Aug, 2024 | 04:21
Rejected At-
Credits

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:09 Mar, 2002 | 05:00
Updated At:08 Aug, 2024 | 04:21
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413
vendor-advisory
x_refsource_CONECTIVA
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3
vendor-advisory
x_refsource_MANDRAKE
http://www.ciac.org/ciac/bulletins/l-131.shtml
third-party-advisory
government-resource
x_refsource_CIAC
http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml
vendor-advisory
x_refsource_COMPAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/6875
vdb-entry
x_refsource_XF
http://www.osvdb.org/809
vdb-entry
x_refsource_OSVDB
http://online.securityfocus.com/advisories/3476
vendor-advisory
x_refsource_IBM
http://online.securityfocus.com/archive/1/199496
mailing-list
x_refsource_BUGTRAQ
http://online.securityfocus.com/archive/1/203000
mailing-list
x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/3064
vdb-entry
x_refsource_BID
http://www.redhat.com/support/errata/RHSA-2001-100.html
vendor-advisory
x_refsource_REDHAT
http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html
vendor-advisory
x_refsource_SUSE
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt
vendor-advisory
x_refsource_CALDERA
http://www.redhat.com/support/errata/RHSA-2001-099.html
vendor-advisory
x_refsource_REDHAT
http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml
vendor-advisory
x_refsource_CISCO
http://archives.neohapsis.com/archives/hp/2001-q4/0014.html
vendor-advisory
x_refsource_HP
http://www.debian.org/security/2001/dsa-075
vendor-advisory
x_refsource_DEBIAN
http://www.securityfocus.com/archive/1/197804
mailing-list
x_refsource_BUGTRAQ
http://www.cert.org/advisories/CA-2001-21.html
third-party-advisory
x_refsource_CERT
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc
vendor-advisory
x_refsource_FREEBSD
http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt
vendor-advisory
x_refsource_CALDERA
http://www.debian.org/security/2001/dsa-070
vendor-advisory
x_refsource_DEBIAN
http://online.securityfocus.com/archive/1/199541
mailing-list
x_refsource_BUGTRAQ
ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P
vendor-advisory
x_refsource_SGI
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc
vendor-advisory
x_refsource_NETBSD
Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413
Resource:
vendor-advisory
x_refsource_CONECTIVA
Hyperlink: http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3
Resource:
vendor-advisory
x_refsource_MANDRAKE
Hyperlink: http://www.ciac.org/ciac/bulletins/l-131.shtml
Resource:
third-party-advisory
government-resource
x_refsource_CIAC
Hyperlink: http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml
Resource:
vendor-advisory
x_refsource_COMPAQ
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/6875
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.osvdb.org/809
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://online.securityfocus.com/advisories/3476
Resource:
vendor-advisory
x_refsource_IBM
Hyperlink: http://online.securityfocus.com/archive/1/199496
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://online.securityfocus.com/archive/1/203000
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.securityfocus.com/bid/3064
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.redhat.com/support/errata/RHSA-2001-100.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt
Resource:
vendor-advisory
x_refsource_CALDERA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2001-099.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml
Resource:
vendor-advisory
x_refsource_CISCO
Hyperlink: http://archives.neohapsis.com/archives/hp/2001-q4/0014.html
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.debian.org/security/2001/dsa-075
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.securityfocus.com/archive/1/197804
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.cert.org/advisories/CA-2001-21.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc
Resource:
vendor-advisory
x_refsource_FREEBSD
Hyperlink: http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt
Resource:
vendor-advisory
x_refsource_CALDERA
Hyperlink: http://www.debian.org/security/2001/dsa-070
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://online.securityfocus.com/archive/1/199541
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P
Resource:
vendor-advisory
x_refsource_SGI
Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc
Resource:
vendor-advisory
x_refsource_NETBSD
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413
vendor-advisory
x_refsource_CONECTIVA
x_transferred
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3
vendor-advisory
x_refsource_MANDRAKE
x_transferred
http://www.ciac.org/ciac/bulletins/l-131.shtml
third-party-advisory
government-resource
x_refsource_CIAC
x_transferred
http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml
vendor-advisory
x_refsource_COMPAQ
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/6875
vdb-entry
x_refsource_XF
x_transferred
http://www.osvdb.org/809
vdb-entry
x_refsource_OSVDB
x_transferred
http://online.securityfocus.com/advisories/3476
vendor-advisory
x_refsource_IBM
x_transferred
http://online.securityfocus.com/archive/1/199496
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://online.securityfocus.com/archive/1/203000
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.securityfocus.com/bid/3064
vdb-entry
x_refsource_BID
x_transferred
http://www.redhat.com/support/errata/RHSA-2001-100.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html
vendor-advisory
x_refsource_SUSE
x_transferred
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt
vendor-advisory
x_refsource_CALDERA
x_transferred
http://www.redhat.com/support/errata/RHSA-2001-099.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml
vendor-advisory
x_refsource_CISCO
x_transferred
http://archives.neohapsis.com/archives/hp/2001-q4/0014.html
vendor-advisory
x_refsource_HP
x_transferred
http://www.debian.org/security/2001/dsa-075
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.securityfocus.com/archive/1/197804
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.cert.org/advisories/CA-2001-21.html
third-party-advisory
x_refsource_CERT
x_transferred
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc
vendor-advisory
x_refsource_FREEBSD
x_transferred
http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt
vendor-advisory
x_refsource_CALDERA
x_transferred
http://www.debian.org/security/2001/dsa-070
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://online.securityfocus.com/archive/1/199541
mailing-list
x_refsource_BUGTRAQ
x_transferred
ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P
vendor-advisory
x_refsource_SGI
x_transferred
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc
vendor-advisory
x_refsource_NETBSD
x_transferred
Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413
Resource:
vendor-advisory
x_refsource_CONECTIVA
x_transferred
Hyperlink: http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3
Resource:
vendor-advisory
x_refsource_MANDRAKE
x_transferred
Hyperlink: http://www.ciac.org/ciac/bulletins/l-131.shtml
Resource:
third-party-advisory
government-resource
x_refsource_CIAC
x_transferred
Hyperlink: http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml
Resource:
vendor-advisory
x_refsource_COMPAQ
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/6875
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.osvdb.org/809
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://online.securityfocus.com/advisories/3476
Resource:
vendor-advisory
x_refsource_IBM
x_transferred
Hyperlink: http://online.securityfocus.com/archive/1/199496
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://online.securityfocus.com/archive/1/203000
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.securityfocus.com/bid/3064
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2001-100.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt
Resource:
vendor-advisory
x_refsource_CALDERA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2001-099.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/hp/2001-q4/0014.html
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.debian.org/security/2001/dsa-075
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/197804
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.cert.org/advisories/CA-2001-21.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc
Resource:
vendor-advisory
x_refsource_FREEBSD
x_transferred
Hyperlink: http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt
Resource:
vendor-advisory
x_refsource_CALDERA
x_transferred
Hyperlink: http://www.debian.org/security/2001/dsa-070
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://online.securityfocus.com/archive/1/199541
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P
Resource:
vendor-advisory
x_refsource_SGI
x_transferred
Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc
Resource:
vendor-advisory
x_refsource_NETBSD
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:14 Aug, 2001 | 04:00
Updated At:03 Apr, 2025 | 01:03

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
MIT (Massachusetts Institute of Technology)
mit
>>kerberos>>1.0
cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.1
cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.1.1
cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.2
cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.2.1
cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*
MIT (Massachusetts Institute of Technology)
mit
>>kerberos_5>>1.2.2
cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*
netkit
netkit
>>linux_netkit>>0.10
cpe:2.3:a:netkit:linux_netkit:0.10:*:*:*:*:*:*:*
netkit
netkit
>>linux_netkit>>0.11
cpe:2.3:a:netkit:linux_netkit:0.11:*:*:*:*:*:*:*
netkit
netkit
>>linux_netkit>>0.12
cpe:2.3:a:netkit:linux_netkit:0.12:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5
cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.0
cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.0.1
cpe:2.3:o:freebsd:freebsd:2.0.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.0.5
cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.1
cpe:2.3:o:freebsd:freebsd:2.1:stable:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.1.0
cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.1.5
cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.1.6
cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.1.6.1
cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.1.7
cpe:2.3:o:freebsd:freebsd:2.1.7:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.1.7.1
cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2
cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2
cpe:2.3:o:freebsd:freebsd:2.2:current:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.1
cpe:2.3:o:freebsd:freebsd:2.2.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.2
cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.3
cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.4
cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.5
cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.6
cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.7
cpe:2.3:o:freebsd:freebsd:2.2.7:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>2.2.8
cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.0
cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.0
cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.1
cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.2
cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.3
cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.4
cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.5
cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.5
cpe:2.3:o:freebsd:freebsd:3.5:stable:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.5.1
cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.5.1
cpe:2.3:o:freebsd:freebsd:3.5.1:release:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>3.5.1
cpe:2.3:o:freebsd:freebsd:3.5.1:stable:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.0
cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.0
cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.0
cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.1
cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.1.1
cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.2
cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>4.3
cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.3
cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.3.1
cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarynvd@nist.gov
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asccve@mitre.org
Broken Link
Patch
Vendor Advisory
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asccve@mitre.org
Broken Link
ftp://patches.sgi.com/support/free/security/advisories/20010801-01-Pcve@mitre.org
Broken Link
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txtcve@mitre.org
Broken Link
http://archives.neohapsis.com/archives/hp/2001-q4/0014.htmlcve@mitre.org
Broken Link
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413cve@mitre.org
Broken Link
http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtmlcve@mitre.org
Broken Link
http://online.securityfocus.com/advisories/3476cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
http://online.securityfocus.com/archive/1/199496cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
http://online.securityfocus.com/archive/1/199541cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
http://online.securityfocus.com/archive/1/203000cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txtcve@mitre.org
Broken Link
http://www.cert.org/advisories/CA-2001-21.htmlcve@mitre.org
Patch
Third Party Advisory
US Government Resource
http://www.ciac.org/ciac/bulletins/l-131.shtmlcve@mitre.org
Broken Link
http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtmlcve@mitre.org
Third Party Advisory
http://www.debian.org/security/2001/dsa-070cve@mitre.org
Third Party Advisory
http://www.debian.org/security/2001/dsa-075cve@mitre.org
Third Party Advisory
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3cve@mitre.org
Broken Link
http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.htmlcve@mitre.org
Broken Link
http://www.osvdb.org/809cve@mitre.org
Broken Link
http://www.redhat.com/support/errata/RHSA-2001-099.htmlcve@mitre.org
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2001-100.htmlcve@mitre.org
Third Party Advisory
http://www.securityfocus.com/archive/1/197804cve@mitre.org
Exploit
Third Party Advisory
VDB Entry
Vendor Advisory
http://www.securityfocus.com/bid/3064cve@mitre.org
Exploit
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6875cve@mitre.org
Third Party Advisory
VDB Entry
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.ascaf854a3a-2127-422b-91ae-364da2661108
Broken Link
Patch
Vendor Advisory
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.ascaf854a3a-2127-422b-91ae-364da2661108
Broken Link
ftp://patches.sgi.com/support/free/security/advisories/20010801-01-Paf854a3a-2127-422b-91ae-364da2661108
Broken Link
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txtaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://archives.neohapsis.com/archives/hp/2001-q4/0014.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://online.securityfocus.com/advisories/3476af854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
http://online.securityfocus.com/archive/1/199496af854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
http://online.securityfocus.com/archive/1/199541af854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
http://online.securityfocus.com/archive/1/203000af854a3a-2127-422b-91ae-364da2661108
Broken Link
Third Party Advisory
VDB Entry
http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txtaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.cert.org/advisories/CA-2001-21.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
US Government Resource
http://www.ciac.org/ciac/bulletins/l-131.shtmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2001/dsa-070af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2001/dsa-075af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.htmlaf854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.osvdb.org/809af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.redhat.com/support/errata/RHSA-2001-099.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2001-100.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/archive/1/197804af854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
VDB Entry
Vendor Advisory
http://www.securityfocus.com/bid/3064af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6875af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
Hyperlink: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc
Source: cve@mitre.org
Resource:
Broken Link
Patch
Vendor Advisory
Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://archives.neohapsis.com/archives/hp/2001-q4/0014.html
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://online.securityfocus.com/advisories/3476
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://online.securityfocus.com/archive/1/199496
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://online.securityfocus.com/archive/1/199541
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://online.securityfocus.com/archive/1/203000
Source: cve@mitre.org
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.cert.org/advisories/CA-2001-21.html
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
US Government Resource
Hyperlink: http://www.ciac.org/ciac/bulletins/l-131.shtml
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2001/dsa-070
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2001/dsa-075
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.osvdb.org/809
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.redhat.com/support/errata/RHSA-2001-099.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2001-100.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/archive/1/197804
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
VDB Entry
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/3064
Source: cve@mitre.org
Resource:
Exploit
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/6875
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Patch
Vendor Advisory
Hyperlink: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://archives.neohapsis.com/archives/hp/2001-q4/0014.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://ftp.support.compaq.com/patches/.new/html/SSRT0745U.shtml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://online.securityfocus.com/advisories/3476
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://online.securityfocus.com/archive/1/199496
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://online.securityfocus.com/archive/1/199541
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://online.securityfocus.com/archive/1/203000
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Third Party Advisory
VDB Entry
Hyperlink: http://www.calderasystems.com/support/security/advisories/CSSA-2001-030.0.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.cert.org/advisories/CA-2001-21.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
US Government Resource
Hyperlink: http://www.ciac.org/ciac/bulletins/l-131.shtml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2001/dsa-070
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2001/dsa-075
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-068.php3
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.novell.com/linux/security/advisories/2001_029_nkitb_txt.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.osvdb.org/809
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.redhat.com/support/errata/RHSA-2001-099.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2001-100.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/archive/1/197804
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory
VDB Entry
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/3064
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Third Party Advisory
VDB Entry
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/6875
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

1024Records found
CVE-2011-4862
Matching Score-10
Assigner-FreeBSD
ShareView Details
Matching Score-10
Assigner-FreeBSD
CVSS Score-10||HIGH
EPSS-92.58% / 99.73%
||
7 Day CHG~0.00%
Published-25 Dec, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.

Action-Not Available
Vendor-heimdal_projectn/aSUSEDebian GNU/LinuxGNUFedora ProjectMIT (Massachusetts Institute of Technology)openSUSEFreeBSD Foundation
Product-fedorafreebsddebian_linuxopensuselinux_enterprise_software_development_kitlinux_enterprise_serverinetutilskrb5-appllinux_enterprise_desktopheimdaln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-23621
Matching Score-10
Assigner-Exodus Intelligence
ShareView Details
Matching Score-10
Assigner-Exodus Intelligence
CVSS Score-10||CRITICAL
EPSS-0.94% / 75.30%
||
7 Day CHG~0.00%
Published-25 Jan, 2024 | 23:36
Updated-03 Jun, 2025 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Merge Healthcare eFilm Workstation License Server Buffer Overflow

A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution.

Action-Not Available
Vendor-IBM Corporation
Product-merge_efilm_workstationeFilm Workstation
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-1999-0046
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.53% / 87.19%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow of rlogin program using TERM environmental variable.

Action-Not Available
Vendor-digitalbsdinextn/aNetBSDIBM CorporationDebian GNU/LinuxOracle CorporationFreeBSD FoundationSun Microsystems (Oracle Corporation)HP Inc.
Product-bsd_osnetbsdhp-uxaixsolarisultrixsunosdebian_linuxfreebsdnextstepn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-25577
Matching Score-10
Assigner-FreeBSD
ShareView Details
Matching Score-10
Assigner-FreeBSD
CVSS Score-9.8||CRITICAL
EPSS-0.58% / 67.90%
||
7 Day CHG~0.00%
Published-29 Mar, 2021 | 19:53
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 rtsold(8) does not verify that the RDNSS option does not extend past the end of the received packet before processing its contents. While the kernel currently ignores such malformed packets, it passes them to userspace programs. Any programs expecting the kernel to do validation may be vulnerable to an overflow.

Action-Not Available
Vendor-n/aFreeBSD Foundation
Product-freebsdFreeBSD
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-25583
Matching Score-10
Assigner-FreeBSD
ShareView Details
Matching Score-10
Assigner-FreeBSD
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 63.98%
||
7 Day CHG~0.00%
Published-29 Mar, 2021 | 19:53
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 when processing a DNSSL option, rtsold(8) decodes domain name labels per an encoding specified in RFC 1035 in which the first octet of each label contains the label's length. rtsold(8) did not validate label lengths correctly and could overflow the destination buffer.

Action-Not Available
Vendor-n/aFreeBSD Foundation
Product-freebsdFreeBSD
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-10188
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-11.18% / 93.22%
||
7 Day CHG~0.00%
Published-06 Mar, 2020 | 14:07
Updated-04 Aug, 2024 | 10:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.

Action-Not Available
Vendor-netkit_telnet_projectn/aJuniper Networks, Inc.Debian GNU/LinuxArista Networks, Inc.Fedora ProjectOracle Corporation
Product-debian_linuxnetkit_telnetfedorajunoseoscommunications_performance_intelligence_centern/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2002-1337
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-51.02% / 97.78%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

Action-Not Available
Vendor-sendmailwindrivern/aNetBSDGentoo Foundation, Inc.Oracle CorporationSun Microsystems (Oracle Corporation)HP Inc.
Product-sendmailplatform_sanetbsdhp-uxsolarisalphaserver_scsunoslinuxbsdosn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2002-0746
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.56% / 67.41%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2002-0797
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.29% / 89.62%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-2002-0745
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.61% / 68.73%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in uucp in AIX 4.3.3.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2002-0033
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-55.47% / 97.98%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-2002-0639
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-30.29% / 96.52%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2002-0083
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.08% / 88.08%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

Action-Not Available
Vendor-trustixconectivaimmunixopenpkgengardelinuxn/aSUSEOpenBSDRed Hat, Inc.Mandriva (Mandrakesoft)
Product-opensshmandrake_linux_corporate_serveropenpkgimmunixsuse_linuxmandrake_single_network_firewalllinuxsecure_linuxmandrake_linuxn/a
CWE ID-CWE-193
Off-by-one Error
CVE-2002-0640
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-61.12% / 98.24%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CVE-2016-1659
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.8||CRITICAL
EPSS-2.37% / 84.31%
||
7 Day CHG~0.00%
Published-18 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.75 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

Action-Not Available
Vendor-n/aopenSUSESUSEGoogle LLCDebian GNU/LinuxCanonical Ltd.
Product-leapubuntu_linuxchromedebian_linuxlinux_enterprisen/a
CVE-2011-0914
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-11.11% / 93.19%
||
7 Day CHG~0.00%
Published-08 Feb, 2011 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_dominon/a
CVE-2002-0744
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.61% / 68.73%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2002-0742
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.61% / 68.73%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in pioout on AIX 4.3.3.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2001-1583
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-59.81% / 98.18%
||
7 Day CHG~0.00%
Published-23 Sep, 2007 | 23:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sunosn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2001-0969
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.43% / 61.77%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts.

Action-Not Available
Vendor-n/aFreeBSD Foundation
Product-freebsdn/a
CVE-2011-2681
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.33% / 79.15%
||
7 Day CHG~0.00%
Published-07 Jul, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 does not properly handle exceptions, which has unspecified impact and remote attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-rational_doors_web_accessn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2001-0671
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.64% / 89.99%
||
7 Day CHG~0.00%
Published-22 Nov, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2001-0552
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.35% / 86.79%
||
7 Day CHG~0.00%
Published-29 Aug, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.

Action-Not Available
Vendor-n/aIBM CorporationHP Inc.
Product-openview_network_node_managertivoli_netviewn/a
CVE-2011-2680
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.33% / 79.15%
||
7 Day CHG~0.00%
Published-07 Jul, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 has unknown impact and remote attack vectors related to the "server error response."

Action-Not Available
Vendor-n/aIBM Corporation
Product-rational_doors_web_accessn/a
CVE-2011-3521
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-5.86% / 90.20%
||
7 Day CHG~0.00%
Published-19 Oct, 2011 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE, 7, 6 Update 27 and earlier, and 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deserialization.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2001-0797
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-88.62% / 99.48%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

Action-Not Available
Vendor-scon/aIBM CorporationSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)HP Inc.
Product-hp-uxaixsolarisopenserveririxsunosn/a
CVE-2011-3135
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.52% / 65.66%
||
7 Day CHG~0.00%
Published-12 Aug, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Runtime in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 has unknown impact and attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-tivoli_federated_identity_manager_business_gatewaytivoli_federated_identity_managern/a
CVE-2001-0799
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.23% / 83.86%
||
7 Day CHG~0.00%
Published-22 Nov, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2016-2385
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-23.95% / 95.81%
||
7 Day CHG~0.00%
Published-11 Apr, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio (formerly OpenSER and SER) before 4.3.5 allows remote attackers to cause a denial of service (memory corruption and process crash) or possibly execute arbitrary code via a large SIP packet.

Action-Not Available
Vendor-kamailion/aDebian GNU/Linux
Product-debian_linuxkamailion/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2001-0800
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-78.03% / 98.97%
||
7 Day CHG~0.00%
Published-22 Nov, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2000-0677
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-7.65% / 91.51%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable.

Action-Not Available
Vendor-n/aIBM Corporation
Product-net.datan/a
CVE-2000-1221
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-12.18% / 93.57%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.Silicon Graphics, Inc.
Product-linuxdebian_linuxirixn/a
CVE-2001-0388
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.99% / 75.96%
||
7 Day CHG~0.00%
Published-18 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

time server daemon timed allows remote attackers to cause a denial of service via malformed packets.

Action-Not Available
Vendor-n/aFreeBSD FoundationSUSEMandriva (Mandrakesoft)
Product-suse_linuxfreebsdmandrake_linuxn/a
CVE-2001-0284
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.37% / 79.42%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option.

Action-Not Available
Vendor-n/aOpenBSD
Product-openbsdn/a
CVE-2001-0144
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-63.98% / 98.35%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.

Action-Not Available
Vendor-sshn/aOpenBSD
Product-sshopensshn/a
CVE-2001-0353
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.48% / 80.16%
||
7 Day CHG~0.00%
Published-18 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-2011-2767
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-9.8||CRITICAL
EPSS-4.88% / 89.16%
||
7 Day CHG~0.00%
Published-26 Aug, 2018 | 16:00
Updated-06 Aug, 2024 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes.

Action-Not Available
Vendor-n/aCanonical Ltd.The Apache Software FoundationDebian GNU/LinuxRed Hat, Inc.
Product-mod_perlubuntu_linuxenterprise_linux_serverdebian_linuxenterprise_linux_workstationenterprise_linuxenterprise_linux_desktopmod_perl 2.0 through 2.0.10
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2000-1220
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.13% / 86.33%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.Red Hat, Inc.
Product-linuxirixn/a
CVE-2000-1076
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.51% / 65.56%
||
7 Day CHG~0.00%
Published-29 Nov, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server.

Action-Not Available
Vendor-n/aNetscape (Yahoo Inc.)Sun Microsystems (Oracle Corporation)
Product-iplanet_certificate_management_systemdirectory_servern/a
CVE-2000-0848
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-8.47% / 91.98%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_application_servern/a
CVE-2001-0233
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-14.82% / 94.25%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field.

Action-Not Available
Vendor-matthew_smithn/aDebian GNU/LinuxRed Hat, Inc.
Product-linuxmicqdebian_linuxn/a
CVE-2011-1559
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.51% / 65.21%
||
7 Day CHG~0.00%
Published-05 Apr, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the IBM Web Interface for Content Management (aka WEBi) 1.0.4 before FP3 has unknown impact and attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-webin/a
CVE-2000-0844
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.89% / 74.60%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Action-Not Available
Vendor-trustixconectivaimmunixturbolinuxn/aMandriva (Mandrakesoft)SlackwareDebian GNU/LinuxRed Hat, Inc.SUSEIBM CorporationSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)The MITRE Corporation (Caldera)
Product-openlinux_eserversecure_linuxaixsolaristurbolinuxirixopenlinux_ebuilderimmunixdebian_linuxsunossuse_linuxlinuxslackware_linuxopenlinuxmandrake_linuxn/a
CVE-2000-0733
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.61% / 89.96%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2000-0697
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-15.92% / 94.49%
||
7 Day CHG~0.00%
Published-21 Sep, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solaris_answerbook2n/a
CVE-2011-2456
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-10||HIGH
EPSS-5.06% / 89.37%
||
7 Day CHG~0.00%
Published-11 Nov, 2011 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aMicrosoft CorporationLinux Kernel Organization, IncGoogle LLCSun Microsystems (Oracle Corporation)Apple Inc.Adobe Inc.
Product-linux_kernelwindowssolarisandroidflash_playeradobe_airmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-2453
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-10||HIGH
EPSS-1.77% / 81.88%
||
7 Day CHG~0.00%
Published-11 Nov, 2011 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.

Action-Not Available
Vendor-n/aMicrosoft CorporationLinux Kernel Organization, IncGoogle LLCSun Microsystems (Oracle Corporation)Apple Inc.Adobe Inc.
Product-linux_kernelwindowssolarisandroidflash_playeradobe_airmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2000-0798
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.17% / 77.75%
||
7 Day CHG~0.00%
Published-21 Sep, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2001-0236
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-77.74% / 98.96%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-2001-0247
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-35.17% / 96.91%
||
7 Day CHG~0.00%
Published-24 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

Action-Not Available
Vendor-n/aNetBSDMIT (Massachusetts Institute of Technology)Silicon Graphics, Inc.OpenBSDFreeBSD Foundation
Product-netbsdopenbsdirixfreebsdkerberos_5n/a
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 20
  • 21
  • Next
Details not found