VYPR

Linux

by File Project

CVEs (135)

  • CVE-2004-0500Sep 28, 2004
    risk 0.00cvss epss 0.05

    Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

  • CVE-2004-0232Aug 18, 2004
    risk 0.00cvss epss 0.03

    Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

  • CVE-2004-0229Aug 18, 2004
    risk 0.00cvss epss 0.00

    The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with unknown impact.

  • CVE-2004-0226Aug 18, 2004
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

  • CVE-2004-0231Aug 18, 2004
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."

  • CVE-2004-0419Aug 18, 2004
    risk 0.00cvss epss 0.02

    XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.

  • CVE-2004-0414Aug 6, 2004
    risk 0.00cvss epss 0.04

    CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.

  • CVE-2004-0417Aug 6, 2004
    risk 0.00cvss epss 0.03

    Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.

  • CVE-2004-0667Aug 6, 2004
    risk 0.00cvss epss 0.00

    Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges.

  • CVE-2004-0495Aug 6, 2004
    risk 0.00cvss epss 0.00

    Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.

  • CVE-2004-0649Aug 6, 2004
    risk 0.00cvss epss 0.05

    Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code.

  • CVE-2004-0418Aug 6, 2004
    risk 0.00cvss epss 0.06

    serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.

  • CVE-2004-0535Aug 6, 2004
    risk 0.00cvss epss 0.00

    The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

  • CVE-2004-0700Jul 27, 2004
    risk 0.00cvss epss 0.06

    Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by…

  • CVE-2004-0224Apr 15, 2004
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."

Page 7 of 7