VYPR

Enterprise Linux Server

by Red Hat

CVEs (1,623)

  • CVE-2005-0403Sep 1, 2005
    risk 0.00cvss epss 0.00

    init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that…

  • CVE-2005-1760Jun 13, 2005
    risk 0.00cvss epss 0.02

    sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.

  • CVE-2005-0757May 18, 2005
    risk 0.00cvss epss 0.00

    The xattr file system code, as backported in Red Hat Enterprise Linux 3 on 64-bit systems, does not properly handle certain offsets, which allows local users to cause a denial of service (system crash) via certain actions on an ext3 file system with extended attributes enabled.

  • CVE-2005-1194May 4, 2005
    risk 0.00cvss epss 0.01

    Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.

  • CVE-2005-0090May 2, 2005
    risk 0.00cvss epss 0.00

    A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service (crash).

  • CVE-2005-0988May 2, 2005
    risk 0.00cvss epss 0.01

    Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is…

  • CVE-2005-0207May 2, 2005
    risk 0.00cvss epss 0.00

    Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.

  • CVE-2005-0337May 2, 2005
    risk 0.00cvss epss 0.03

    Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.

  • CVE-2005-0001May 2, 2005
    risk 0.00cvss epss 0.01

    Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and…

  • CVE-2005-0078May 2, 2005
    risk 0.00cvss epss 0.00

    The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.

  • CVE-2005-0086May 2, 2005
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file, as demonstrated using the UTF-8 locale.

  • CVE-2005-0077May 2, 2005
    risk 0.00cvss epss 0.00

    The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.

  • CVE-2005-0091May 2, 2005
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls.

  • CVE-2005-1038May 2, 2005
    risk 0.00cvss epss 0.01

    crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235.

  • CVE-2005-0087Apr 27, 2005
    risk 0.00cvss epss 0.00

    The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library.

  • CVE-2005-0206Apr 27, 2005
    risk 0.00cvss epss 0.03

    The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

  • CVE-2004-1090Apr 14, 2005
    risk 0.00cvss epss 0.02

    Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."

  • CVE-2004-1174Apr 14, 2005
    risk 0.00cvss epss 0.01

    direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."

  • CVE-2004-1237Apr 14, 2005
    risk 0.00cvss epss 0.00

    Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.

  • CVE-2004-1176Apr 14, 2005
    risk 0.00cvss epss 0.03

    Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

Page 78 of 82