| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The securelevels implementation in NetBSD 2.1 and earlier, and Linux 2.6.15 and earlier, allows local users to bypass time setting restrictions and set the clock backwards by setting the clock ahead to the maximum unixtime value (19 Jan 2038), which then wraps around to the minimum value (13 Dec 1901), which can then be set ahead to the desired time, aka "settimeofday() time wrap." |
| Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
| The suidperl and sperl program do not give up root privileges when changing UIDs back to the original users, allowing root access. |
| NFS cache poisoning. |
| Denial of service in syslog by sending it a large number of superfluous messages. |
| Linux implementations of TFTP would allow access to files outside the restricted directory. |
| Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. |
| Denial of service of inetd on Linux through SYN and RST packets. |
| Some configurations of NIS+ in Linux allowed attackers to log in as the user "+". |
| Nestea variation of teardrop IP fragmentation denial of service. |
| Buffer overflow in Linux su command gives root access to local users. |
| super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access. |
| Denial of service in Linux 2.2.0 running the ldd command on a core file. |
| A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. |
| In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection. |
| Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service. |
| Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port. |
| Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service. |
| Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. |
| The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users. |
