LAYER: meta
PACKAGE NAME: iputils
PACKAGE VERSION: 20240117
CVE: CVE-2000-1213
CVE STATUS: Patched
CVE DETAIL: fixed-version
CVE DESCRIPTION: Fixed in 2000-10-10, but the versioning of iputils breaks the version order.
CVE SUMMARY: ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.
CVSS v2 BASE SCORE: 7.5
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2000-1213

LAYER: meta
PACKAGE NAME: iputils
PACKAGE VERSION: 20240117
CVE: CVE-2000-1214
CVE STATUS: Patched
CVE DETAIL: fixed-version
CVE DESCRIPTION: Fixed in 2000-10-10, but the versioning of iputils breaks the version order.
CVE SUMMARY: Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.
CVSS v2 BASE SCORE: 4.6
CVSS v3 BASE SCORE: 0.0
VECTOR: LOCAL
VECTORSTRING: AV:L/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2000-1214

LAYER: meta
PACKAGE NAME: iputils
PACKAGE VERSION: 20240117
CVE: CVE-2010-2529
CVE STATUS: Patched
CVE SUMMARY: Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and 20100214 on Mandriva Linux allows remote attackers to cause a denial of service (hang) via a crafted echo response.
CVSS v2 BASE SCORE: 5.0
CVSS v3 BASE SCORE: 0.0
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2010-2529