VYPR

Linux

by Rpath

CVEs (8)

  • CVE-2008-3138Jul 10, 2008
    risk 0.00cvss epss 0.02

    The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.

  • CVE-2008-3139Jul 10, 2008
    risk 0.00cvss epss 0.03

    The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.

  • CVE-2008-1078Feb 29, 2008
    risk 0.00cvss epss 0.01

    expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.

  • CVE-2007-5686Oct 28, 2007
    risk 0.00cvss epss 0.01

    initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents…

  • CVE-2007-1352Apr 6, 2007
    risk 0.00cvss epss 0.02

    Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

  • CVE-2007-1351Apr 6, 2007
    risk 0.00cvss epss 0.06

    Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

  • CVE-2007-0536Jan 27, 2007
    risk 0.00cvss epss 0.00

    The chroot helper in rMake for rPath Linux 1 does not drop supplemental groups, which causes packages to be installed with insecure permissions and might allow local users to gain privileges.

  • CVE-2006-6235Dec 7, 2006
    risk 0.00cvss epss 0.06

    A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.