CVE-2001-1175

vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing.

Publication date: Mon, 01 Apr 2002 11:00:00 +0000

Cyber News related to CVE-2001-1175

CVE-2021-47146 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago

CVE-2001-1175 - vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing. ...
6 years ago

CVE-2001-1492 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-1460. Reason: This candidate is a refinement duplicate of CVE-2001-1460. Notes: All CVE users should reference CVE-2001-1460 instead of this candidate. All references and ...
54 years ago Tenable.com

CVE-2001-1121 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-1084. Reason: This candidate is a duplicate of CVE-2001-1084. Notes: All CVE users should reference CVE-2001-1084 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com

CVE-2001-1167 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-0976. Reason: This candidate is a duplicate of CVE-2001-0976. Notes: CVE-2001-0976 should be used instead of this candidate. All references and descriptions in this candidate ...
54 years ago Tenable.com

CVE-2019-1177 - An elevation of privilege vulnerability exists in the way that the rpcss.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1178, ...
3 years ago

CVE-2019-1178 - An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, ...
3 years ago

CVE-2019-1174 - An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1175, CVE-2019-1177, ...
3 years ago

CVE-2019-1186 - An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, ...
3 years ago

CVE-2019-1184 - An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, ...
3 years ago

CVE-2020-1051 - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1174, CVE-2020-1175, ...
2 years ago

CVE-2020-1175 - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1174, ...
2 years ago

CVE-2020-1174 - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1175, ...
2 years ago

CVE-2020-1176 - A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1174, ...
2 years ago

CVE-2008-1175 - Cross-site scripting (XSS) vulnerability in AuthentiX 6.3b1 Trial allows remote attackers to inject arbitrary web script or HTML via the username parameter to aspAdmin/deleteUser.asp, a different vector than CVE-2008-1174. NOTE: the provenance of ...
15 years ago

CVE-2022-1433 - An issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Missing invalidation of Markdown caching causes potential ...
2 years ago

CVE-2000-1175 - Buffer overflow in Koules 1.4 allows local users to execute arbitrary commands via a long command line argument. ...
15 years ago

CVE-2009-1175 - Cross-site scripting (XSS) vulnerability in apps/web/vs_diag.cgi in the DAAP extension in Banshee 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the server parameter, which is not properly handled in an error message. ...
15 years ago

CVE-2007-1175 - Cross-site scripting (XSS) vulnerability in an admin feature in WebAPP before 20070209 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
13 years ago

CVE-2012-1175 - Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SWF file, which triggers a heap-based buffer ...
11 years ago

CVE-2016-1175 - Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users. ...
8 years ago

CVE-2002-1175 - The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts ...
7 years ago

CVE-2003-1175 - Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 allows remote attackers to inject arbitrary web script or HTML via the vo parameter. ...
6 years ago

CVE-2004-1175 - fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. ...
6 years ago

CVE-2017-1175 - IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM ...
6 years ago

Latest Cyber News

CVE-2024-39475 - 2 minutes ago
CVE-2024-5860 - 32 minutes ago
CVE-2024-5541 - 33 minutes ago
CVE-2024-4094 - 43 minutes ago
CVE-2024-3276 - 45 minutes ago
CVE-2024-0845 - 52 minutes ago
CVE-2024-1634 - 53 minutes ago
CVE-2024-4375 - 54 minutes ago
CVE-2024-6525 - 1 hour ago
CVE-2024-6524 - 1 hour ago
CVE-2024-6523 - 1 hour ago
CVE-2024-6298 - 1 hour ago
CVE-2024-6209 - 1 hour ago
CVE-2024-39477 - 1 hour ago
CVE-2024-39474 - 1 hour ago
CVE-2024-39473 - 1 hour ago
CVE-2024-39485 - 1 hour ago
CVE-2024-39483 - 1 hour ago
CVE-2024-39481 - 1 hour ago
CVE-2024-39480 - 1 hour ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 6 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-6524 - 1 hour ago
CVE-2024-6525 - 1 hour ago
CVE-2024-6523 - 1 hour ago
CVE-2024-6298 - 1 hour ago
CVE-2024-6209 - 1 hour ago
CVE-2024-39477 - 1 hour ago
CVE-2024-39474 - 1 hour ago
CVE-2024-39473 - 1 hour ago
CVE-2024-39485 - 1 hour ago
CVE-2024-39483 - 1 hour ago
CVE-2024-39481 - 1 hour ago
CVE-2024-39480 - 1 hour ago
CVE-2024-39479 - 1 hour ago
CVE-2024-39478 - 1 hour ago
CVE-2024-39476 - 1 hour ago
CVE-2024-39475 - 2 minutes ago
CVE-2024-39472 - 1 hour ago
CVE-2024-27397 - 6 hours ago
CVE-2024-39484 - 1 hour ago
CVE-2024-39482 - 1 hour ago