VYPR

Propack

by Sgi

CVEs (54)

  • CVE-2004-0504Aug 18, 2004
    risk 0.00cvss epss 0.03

    Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients.

  • CVE-2004-0505Aug 18, 2004
    risk 0.00cvss epss 0.03

    The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors.

  • CVE-2004-0232Aug 18, 2004
    risk 0.00cvss epss 0.03

    Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

  • CVE-2004-0235Aug 18, 2004
    risk 0.00cvss epss 0.04

    Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").

  • CVE-2004-0226Aug 18, 2004
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

  • CVE-2004-0417Aug 6, 2004
    risk 0.00cvss epss 0.03

    Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.

  • CVE-2004-0414Aug 6, 2004
    risk 0.00cvss epss 0.04

    CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.

  • CVE-2004-0418Aug 6, 2004
    risk 0.00cvss epss 0.06

    serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.

  • CVE-2004-0107Apr 15, 2004
    risk 0.00cvss epss 0.00

    The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.

  • CVE-2004-0148Apr 15, 2004
    risk 0.00cvss epss 0.00

    wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.

  • CVE-2004-0111Apr 15, 2004
    risk 0.00cvss epss 0.02

    gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.

  • CVE-2004-0108Apr 15, 2004
    risk 0.00cvss epss 0.00

    The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.

  • CVE-2003-0991Mar 3, 2004
    risk 0.00cvss epss 0.02

    Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.

  • CVE-2003-0859Dec 15, 2003
    risk 0.00cvss epss 0.00

    The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.

Page 3 of 3