{ "version": "1", "package": [ { "name": "iputils", "layer": "meta", "version": "20240117", "products": [ { "product": "iputils", "cvesInRecord": "Yes" } ], "issue": [ { "id": "CVE-2000-1213", "summary": "ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.", "scorev2": "7.5", "scorev3": "0.0", "vector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "status": "Patched", "link": "https://nvd.nist.gov/vuln/detail/CVE-2000-1213", "detail": "fixed-version", "description": "Fixed in 2000-10-10, but the versioning of iputils breaks the version order." }, { "id": "CVE-2000-1214", "summary": "Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.", "scorev2": "4.6", "scorev3": "0.0", "vector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "status": "Patched", "link": "https://nvd.nist.gov/vuln/detail/CVE-2000-1214", "detail": "fixed-version", "description": "Fixed in 2000-10-10, but the versioning of iputils breaks the version order." }, { "id": "CVE-2010-2529", "summary": "Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and 20100214 on Mandriva Linux allows remote attackers to cause a denial of service (hang) via a crafted echo response.", "scorev2": "5.0", "scorev3": "0.0", "vector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "status": "Patched", "link": "https://nvd.nist.gov/vuln/detail/CVE-2010-2529" } ] } ] }