Linux
by File Project
CVEs (135)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-1030 | 0.00 | — | 0.00 | Mar 1, 2005 | fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message. | |||
| CVE-2004-0983 | 0.00 | — | 0.02 | Mar 1, 2005 | The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. | |||
| CVE-2004-1034 | 0.00 | — | 0.06 | Mar 1, 2005 | Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media… | |||
| CVE-2004-1036 | 0.00 | — | 0.03 | Mar 1, 2005 | Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and earlier, and 1.5.1-cvs before 23rd October 2004, allows remote attackers to execute arbitrary web script or HTML. | |||
| CVE-2004-1033 | 0.00 | — | 0.00 | Mar 1, 2005 | Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable. | |||
| CVE-2004-1052 | 0.00 | — | 0.04 | Mar 1, 2005 | Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters. | |||
| CVE-2004-1031 | 0.00 | — | 0.00 | Mar 1, 2005 | fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but… | |||
| CVE-2004-1055 | 0.00 | — | 0.01 | Mar 1, 2005 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message… | |||
| CVE-2005-0535 | 0.00 | — | 0.02 | Feb 22, 2005 | Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users. | |||
| CVE-2004-0981 | 0.00 | — | 0.06 | Feb 9, 2005 | Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file. | |||
| CVE-2004-0975 | 0.00 | — | 0.00 | Feb 9, 2005 | The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. | |||
| CVE-2004-0969 | 0.00 | — | 0.00 | Feb 9, 2005 | The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | |||
| CVE-2004-0972 | 0.00 | — | 0.00 | Feb 9, 2005 | The lvmcreate_initrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | |||
| CVE-2004-0980 | 0.00 | — | 0.04 | Feb 9, 2005 | Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code. | |||
| CVE-2004-0881 | 0.00 | — | 0.00 | Jan 27, 2005 | getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir. | |||
| CVE-2004-0930 | 0.00 | — | 0.05 | Jan 27, 2005 | The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters. | |||
| CVE-2004-0880 | 0.00 | — | 0.00 | Jan 27, 2005 | getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file. | |||
| CVE-2004-0889 | 0.00 | — | 0.06 | Jan 27, 2005 | Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. | |||
| CVE-2004-1110 | 0.00 | — | 0.00 | Jan 10, 2005 | The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file. | |||
| CVE-2004-1115 | 0.00 | — | 0.00 | Jan 10, 2005 | The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. |
- CVE-2004-1030Mar 1, 2005risk 0.00cvss —epss 0.00
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.
- CVE-2004-0983Mar 1, 2005risk 0.00cvss —epss 0.02
The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.
- CVE-2004-1034Mar 1, 2005risk 0.00cvss —epss 0.06
Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media…
- CVE-2004-1036Mar 1, 2005risk 0.00cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and earlier, and 1.5.1-cvs before 23rd October 2004, allows remote attackers to execute arbitrary web script or HTML.
- CVE-2004-1033Mar 1, 2005risk 0.00cvss —epss 0.00
Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.
- CVE-2004-1052Mar 1, 2005risk 0.00cvss —epss 0.04
Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
- CVE-2004-1031Mar 1, 2005risk 0.00cvss —epss 0.00
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but…
- CVE-2004-1055Mar 1, 2005risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message…
- CVE-2005-0535Feb 22, 2005risk 0.00cvss —epss 0.02
Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users.
- CVE-2004-0981Feb 9, 2005risk 0.00cvss —epss 0.06
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
- CVE-2004-0975Feb 9, 2005risk 0.00cvss —epss 0.00
The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.
- CVE-2004-0969Feb 9, 2005risk 0.00cvss —epss 0.00
The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
- CVE-2004-0972Feb 9, 2005risk 0.00cvss —epss 0.00
The lvmcreate_initrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
- CVE-2004-0980Feb 9, 2005risk 0.00cvss —epss 0.04
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
- CVE-2004-0881Jan 27, 2005risk 0.00cvss —epss 0.00
getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.
- CVE-2004-0930Jan 27, 2005risk 0.00cvss —epss 0.05
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
- CVE-2004-0880Jan 27, 2005risk 0.00cvss —epss 0.00
getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file.
- CVE-2004-0889Jan 27, 2005risk 0.00cvss —epss 0.06
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
- CVE-2004-1110Jan 10, 2005risk 0.00cvss —epss 0.00
The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file.
- CVE-2004-1115Jan 10, 2005risk 0.00cvss —epss 0.00
The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.
Page 5 of 7