Vendor CVEs
Red Hat
All CVEs
3,692 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-0090 | 0.00 | — | 0.00 | May 2, 2005 | A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service (crash). | |||
| CVE-2005-0077 | 0.00 | — | 0.00 | May 2, 2005 | The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. | |||
| CVE-2005-0087 | 0.00 | — | 0.00 | Apr 27, 2005 | The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library. | |||
| CVE-2005-0085 | 0.00 | — | 0.02 | Apr 27, 2005 | Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. | |||
| CVE-2005-0206 | 0.00 | — | 0.03 | Apr 27, 2005 | The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. | |||
| CVE-2005-0754 | 0.00 | — | 0.03 | Apr 22, 2005 | Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code. | |||
| CVE-2004-1009 | 0.00 | — | 0.03 | Apr 14, 2005 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. | |||
| CVE-2004-1004 | 0.00 | — | 0.02 | Apr 14, 2005 | Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. | |||
| CVE-2004-1176 | 0.00 | — | 0.03 | Apr 14, 2005 | Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||
| CVE-2004-1091 | 0.00 | — | 0.02 | Apr 14, 2005 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. | |||
| CVE-2004-0812 | 0.00 | — | 0.00 | Apr 14, 2005 | Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code. | |||
| CVE-2004-1005 | 0.00 | — | 0.02 | Apr 14, 2005 | Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. | |||
| CVE-2004-1093 | 0.00 | — | 0.02 | Apr 14, 2005 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." | |||
| CVE-2004-1237 | 0.00 | — | 0.00 | Apr 14, 2005 | Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors. | |||
| CVE-2005-0003 | 0.00 | — | 0.01 | Apr 14, 2005 | The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF… | |||
| CVE-2004-1090 | 0.00 | — | 0.02 | Apr 14, 2005 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." | |||
| CVE-2004-1174 | 0.00 | — | 0.01 | Apr 14, 2005 | direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." | |||
| CVE-2004-1092 | 0.00 | — | 0.02 | Apr 14, 2005 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. | |||
| CVE-2004-1175 | 0.00 | — | 0.02 | Apr 14, 2005 | fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. | |||
| CVE-2005-0384 | 0.00 | — | 0.04 | Mar 15, 2005 | Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client. | |||
| CVE-2005-0473 | 0.00 | — | 0.03 | Mar 14, 2005 | The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. | |||
| CVE-2005-0472 | 0.00 | — | 0.05 | Mar 14, 2005 | Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. | |||
| CVE-2005-0398 | 0.00 | — | 0.02 | Mar 14, 2005 | The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets. | |||
| CVE-2005-0667 | 0.00 | — | 0.03 | Mar 7, 2005 | Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message. | |||
| CVE-2005-0605 | 0.00 | — | 0.05 | Mar 2, 2005 | scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. | |||
| CVE-2004-0986 | 0.00 | — | 0.02 | Mar 1, 2005 | Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers. | |||
| CVE-2005-0092 | 0.00 | — | 0.00 | Feb 19, 2005 | Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to cause a denial of service (crash). | |||
| CVE-2004-0961 | 0.00 | — | 0.03 | Feb 9, 2005 | Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes. | |||
| CVE-2004-0968 | 0.00 | — | 0.00 | Feb 9, 2005 | The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files. | |||
| CVE-2004-0974 | 0.00 | — | 0.00 | Feb 9, 2005 | The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | |||
| CVE-2004-0960 | 0.00 | — | 0.03 | Feb 9, 2005 | FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument. | |||
| CVE-2004-0957 | 0.00 | — | 0.02 | Feb 9, 2005 | Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities. | |||
| CVE-2004-0977 | 0.00 | — | 0.00 | Feb 9, 2005 | The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files. | |||
| CVE-2004-0930 | 0.00 | — | 0.05 | Jan 27, 2005 | The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters. | |||
| CVE-2004-0886 | 0.00 | — | 0.05 | Jan 27, 2005 | Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. | |||
| CVE-2004-0889 | 0.00 | — | 0.06 | Jan 27, 2005 | Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. | |||
| CVE-2004-1184 | 0.00 | — | 0.01 | Jan 21, 2005 | The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters. | |||
| CVE-2004-1057 | 0.00 | — | 0.00 | Jan 21, 2005 | Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages. | |||
| CVE-2004-1014 | 0.00 | — | 0.02 | Jan 10, 2005 | statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated. | |||
| CVE-2004-1025 | 0.00 | — | 0.05 | Jan 10, 2005 | Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files. | |||
| CVE-2004-1013 | 0.00 | — | 0.06 | Jan 10, 2005 | The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an… | |||
| CVE-2004-1270 | 0.00 | — | 0.00 | Jan 10, 2005 | lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user… | |||
| CVE-2004-1068 | 0.00 | — | 0.00 | Jan 10, 2005 | A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition. | |||
| CVE-2004-1011 | 0.00 | — | 0.06 | Jan 10, 2005 | Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015. | |||
| CVE-2004-1071 | 0.00 | — | 0.01 | Jan 10, 2005 | The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. | |||
| CVE-2004-1171 | 0.00 | — | 0.00 | Jan 10, 2005 | KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could… | |||
| CVE-2004-0949 | 0.00 | — | 0.03 | Jan 10, 2005 | The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to… | |||
| CVE-2004-0883 | 0.00 | — | 0.04 | Jan 10, 2005 | Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read… | |||
| CVE-2004-1026 | 0.00 | — | 0.05 | Jan 10, 2005 | Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files. | |||
| CVE-2004-1015 | 0.00 | — | 0.05 | Jan 10, 2005 | Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011. |
- CVE-2005-0090May 2, 2005risk 0.00cvss —epss 0.00
A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service (crash).
- CVE-2005-0077May 2, 2005risk 0.00cvss —epss 0.00
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
- CVE-2005-0087Apr 27, 2005risk 0.00cvss —epss 0.00
The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library.
- CVE-2005-0085Apr 27, 2005risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
- CVE-2005-0206Apr 27, 2005risk 0.00cvss —epss 0.03
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
- CVE-2005-0754Apr 22, 2005risk 0.00cvss —epss 0.03
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.
- CVE-2004-1009Apr 14, 2005risk 0.00cvss —epss 0.03
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.
- CVE-2004-1004Apr 14, 2005risk 0.00cvss —epss 0.02
Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
- CVE-2004-1176Apr 14, 2005risk 0.00cvss —epss 0.03
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
- CVE-2004-1091Apr 14, 2005risk 0.00cvss —epss 0.02
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.
- CVE-2004-0812Apr 14, 2005risk 0.00cvss —epss 0.00
Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code.
- CVE-2004-1005Apr 14, 2005risk 0.00cvss —epss 0.02
Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
- CVE-2004-1093Apr 14, 2005risk 0.00cvss —epss 0.02
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."
- CVE-2004-1237Apr 14, 2005risk 0.00cvss —epss 0.00
Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.
- CVE-2005-0003Apr 14, 2005risk 0.00cvss —epss 0.01
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF…
- CVE-2004-1090Apr 14, 2005risk 0.00cvss —epss 0.02
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."
- CVE-2004-1174Apr 14, 2005risk 0.00cvss —epss 0.01
direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."
- CVE-2004-1092Apr 14, 2005risk 0.00cvss —epss 0.02
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.
- CVE-2004-1175Apr 14, 2005risk 0.00cvss —epss 0.02
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
- CVE-2005-0384Mar 15, 2005risk 0.00cvss —epss 0.04
Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client.
- CVE-2005-0473Mar 14, 2005risk 0.00cvss —epss 0.03
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
- CVE-2005-0472Mar 14, 2005risk 0.00cvss —epss 0.05
Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
- CVE-2005-0398Mar 14, 2005risk 0.00cvss —epss 0.02
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
- CVE-2005-0667Mar 7, 2005risk 0.00cvss —epss 0.03
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.
- CVE-2005-0605Mar 2, 2005risk 0.00cvss —epss 0.05
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
- CVE-2004-0986Mar 1, 2005risk 0.00cvss —epss 0.02
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
- CVE-2005-0092Feb 19, 2005risk 0.00cvss —epss 0.00
Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to cause a denial of service (crash).
- CVE-2004-0961Feb 9, 2005risk 0.00cvss —epss 0.03
Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes.
- CVE-2004-0968Feb 9, 2005risk 0.00cvss —epss 0.00
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.
- CVE-2004-0974Feb 9, 2005risk 0.00cvss —epss 0.00
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
- CVE-2004-0960Feb 9, 2005risk 0.00cvss —epss 0.03
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.
- CVE-2004-0957Feb 9, 2005risk 0.00cvss —epss 0.02
Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.
- CVE-2004-0977Feb 9, 2005risk 0.00cvss —epss 0.00
The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.
- CVE-2004-0930Jan 27, 2005risk 0.00cvss —epss 0.05
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
- CVE-2004-0886Jan 27, 2005risk 0.00cvss —epss 0.05
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
- CVE-2004-0889Jan 27, 2005risk 0.00cvss —epss 0.06
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
- CVE-2004-1184Jan 21, 2005risk 0.00cvss —epss 0.01
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
- CVE-2004-1057Jan 21, 2005risk 0.00cvss —epss 0.00
Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages.
- CVE-2004-1014Jan 10, 2005risk 0.00cvss —epss 0.02
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
- CVE-2004-1025Jan 10, 2005risk 0.00cvss —epss 0.05
Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
- CVE-2004-1013Jan 10, 2005risk 0.00cvss —epss 0.06
The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an…
- CVE-2004-1270Jan 10, 2005risk 0.00cvss —epss 0.00
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user…
- CVE-2004-1068Jan 10, 2005risk 0.00cvss —epss 0.00
A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition.
- CVE-2004-1011Jan 10, 2005risk 0.00cvss —epss 0.06
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
- CVE-2004-1071Jan 10, 2005risk 0.00cvss —epss 0.01
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
- CVE-2004-1171Jan 10, 2005risk 0.00cvss —epss 0.00
KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could…
- CVE-2004-0949Jan 10, 2005risk 0.00cvss —epss 0.03
The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to…
- CVE-2004-0883Jan 10, 2005risk 0.00cvss —epss 0.04
Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read…
- CVE-2004-1026Jan 10, 2005risk 0.00cvss —epss 0.05
Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
- CVE-2004-1015Jan 10, 2005risk 0.00cvss —epss 0.05
Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.
Page 70 of 74