Vendor CVEs
Red Hat
All CVEs
3,692 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-1026 | 0.00 | — | 0.05 | Jan 10, 2005 | Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files. | |||
| CVE-2004-1015 | 0.00 | — | 0.05 | Jan 10, 2005 | Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011. | |||
| CVE-2004-1070 | 0.00 | — | 0.01 | Jan 10, 2005 | The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid… | |||
| CVE-2004-1072 | 0.00 | — | 0.01 | Jan 10, 2005 | The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to… | |||
| CVE-2004-1012 | 0.00 | — | 0.06 | Jan 10, 2005 | The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to… | |||
| CVE-2004-1269 | 0.00 | — | 0.09 | Jan 10, 2005 | lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail. | |||
| CVE-2004-1158 | 0.00 | — | 0.03 | Jan 10, 2005 | Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a… | |||
| CVE-2004-2392 | 0.00 | — | 0.02 | Dec 31, 2004 | libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs. | |||
| CVE-2004-0491 | 0.00 | — | 0.00 | Dec 31, 2004 | The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit. | |||
| CVE-2004-0802 | 0.00 | — | 0.03 | Dec 31, 2004 | Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. | |||
| CVE-2004-0817 | 0.00 | — | 0.05 | Dec 31, 2004 | Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. | |||
| CVE-2004-0685 | 0.00 | — | 0.00 | Dec 23, 2004 | Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage. | |||
| CVE-2004-1139 | 0.00 | — | 0.02 | Dec 15, 2004 | Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). | |||
| CVE-2004-1145 | 0.00 | — | 0.04 | Dec 15, 2004 | Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read… | |||
| CVE-2004-1142 | 0.00 | — | 0.02 | Dec 15, 2004 | Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. | |||
| CVE-2004-0634 | 0.00 | — | 0.05 | Dec 6, 2004 | The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference. | |||
| CVE-2004-0619 | 0.00 | — | 0.00 | Dec 6, 2004 | Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow. | |||
| CVE-2004-0607 | 0.00 | — | 0.05 | Dec 6, 2004 | The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication. | |||
| CVE-2004-0635 | 0.00 | — | 0.05 | Dec 6, 2004 | The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read. | |||
| CVE-2004-0494 | 0.00 | — | 0.02 | Nov 23, 2004 | Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI. | |||
| CVE-2004-0750 | 0.00 | — | 0.01 | Oct 20, 2004 | Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied. | |||
| CVE-2004-1613 | 0.00 | — | 0.02 | Oct 18, 2004 | Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated… | |||
| CVE-2005-0373 | 0.00 | — | 0.04 | Oct 7, 2004 | Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. | |||
| CVE-2004-0643 | 0.00 | — | 0.01 | Sep 28, 2004 | Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code. | |||
| CVE-2004-0827 | 0.00 | — | 0.06 | Sep 16, 2004 | Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. | |||
| CVE-2004-0905 | 0.00 | — | 0.03 | Sep 14, 2004 | Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | |||
| CVE-2004-0235 | 0.00 | — | 0.04 | Aug 18, 2004 | Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path"). | |||
| CVE-2004-0421 | 0.00 | — | 0.04 | Aug 18, 2004 | The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. | |||
| CVE-2004-0587 | 0.00 | — | 0.00 | Aug 6, 2004 | Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service. | |||
| CVE-2004-0495 | 0.00 | — | 0.00 | Aug 6, 2004 | Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. | |||
| CVE-2004-0488 | 0.00 | — | 0.38 | Jul 7, 2004 | Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. | |||
| CVE-2004-0107 | 0.00 | — | 0.00 | Apr 15, 2004 | The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108. | |||
| CVE-2004-0108 | 0.00 | — | 0.00 | Apr 15, 2004 | The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107. | |||
| CVE-2004-0111 | 0.00 | — | 0.02 | Apr 15, 2004 | gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file. | |||
| CVE-2003-0989 | 0.00 | — | 0.05 | Feb 17, 2004 | tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057. | |||
| CVE-2003-0700 | 0.00 | — | 0.02 | Feb 17, 2004 | The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699. | |||
| CVE-2003-1295 | 0.00 | — | 0.00 | Dec 31, 2003 | Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." | |||
| CVE-2003-0900 | 0.00 | — | 0.01 | Dec 31, 2003 | Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers. | |||
| CVE-2003-0857 | 0.00 | — | 0.00 | Dec 31, 2003 | The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | |||
| CVE-2003-0986 | 0.00 | — | 0.00 | Dec 31, 2003 | Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service. | |||
| CVE-2003-0859 | 0.00 | — | 0.00 | Dec 15, 2003 | The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | |||
| CVE-2003-0688 | 0.00 | — | 0.03 | Oct 20, 2003 | The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect… | |||
| CVE-2003-0689 | 0.00 | — | 0.02 | Oct 20, 2003 | The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow. | |||
| CVE-2003-0551 | 0.00 | — | 0.02 | Aug 27, 2003 | The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service. | |||
| CVE-2003-0546 | 0.00 | — | 0.01 | Aug 27, 2003 | up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised. | |||
| CVE-2003-0699 | 0.00 | — | 0.02 | Aug 27, 2003 | The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700. | |||
| CVE-2003-0464 | 0.00 | — | 0.00 | Aug 27, 2003 | The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd. | |||
| CVE-2003-0550 | 0.00 | — | 0.02 | Aug 27, 2003 | The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology. | |||
| CVE-2003-0552 | 0.00 | — | 0.03 | Aug 27, 2003 | Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target. | |||
| CVE-2003-0548 | 0.00 | — | 0.01 | Aug 27, 2003 | The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549. |
- CVE-2004-1026Jan 10, 2005risk 0.00cvss —epss 0.05
Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
- CVE-2004-1015Jan 10, 2005risk 0.00cvss —epss 0.05
Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.
- CVE-2004-1070Jan 10, 2005risk 0.00cvss —epss 0.01
The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid…
- CVE-2004-1072Jan 10, 2005risk 0.00cvss —epss 0.01
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to…
- CVE-2004-1012Jan 10, 2005risk 0.00cvss —epss 0.06
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to…
- CVE-2004-1269Jan 10, 2005risk 0.00cvss —epss 0.09
lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.
- CVE-2004-1158Jan 10, 2005risk 0.00cvss —epss 0.03
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a…
- CVE-2004-2392Dec 31, 2004risk 0.00cvss —epss 0.02
libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.
- CVE-2004-0491Dec 31, 2004risk 0.00cvss —epss 0.00
The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit.
- CVE-2004-0802Dec 31, 2004risk 0.00cvss —epss 0.03
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
- CVE-2004-0817Dec 31, 2004risk 0.00cvss —epss 0.05
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
- CVE-2004-0685Dec 23, 2004risk 0.00cvss —epss 0.00
Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.
- CVE-2004-1139Dec 15, 2004risk 0.00cvss —epss 0.02
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
- CVE-2004-1145Dec 15, 2004risk 0.00cvss —epss 0.04
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read…
- CVE-2004-1142Dec 15, 2004risk 0.00cvss —epss 0.02
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
- CVE-2004-0634Dec 6, 2004risk 0.00cvss —epss 0.05
The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.
- CVE-2004-0619Dec 6, 2004risk 0.00cvss —epss 0.00
Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.
- CVE-2004-0607Dec 6, 2004risk 0.00cvss —epss 0.05
The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication.
- CVE-2004-0635Dec 6, 2004risk 0.00cvss —epss 0.05
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.
- CVE-2004-0494Nov 23, 2004risk 0.00cvss —epss 0.02
Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI.
- CVE-2004-0750Oct 20, 2004risk 0.00cvss —epss 0.01
Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied.
- CVE-2004-1613Oct 18, 2004risk 0.00cvss —epss 0.02
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated…
- CVE-2005-0373Oct 7, 2004risk 0.00cvss —epss 0.04
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
- CVE-2004-0643Sep 28, 2004risk 0.00cvss —epss 0.01
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
- CVE-2004-0827Sep 16, 2004risk 0.00cvss —epss 0.06
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
- CVE-2004-0905Sep 14, 2004risk 0.00cvss —epss 0.03
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
- CVE-2004-0235Aug 18, 2004risk 0.00cvss —epss 0.04
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
- CVE-2004-0421Aug 18, 2004risk 0.00cvss —epss 0.04
The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
- CVE-2004-0587Aug 6, 2004risk 0.00cvss —epss 0.00
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
- CVE-2004-0495Aug 6, 2004risk 0.00cvss —epss 0.00
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
- CVE-2004-0488Jul 7, 2004risk 0.00cvss —epss 0.38
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.
- CVE-2004-0107Apr 15, 2004risk 0.00cvss —epss 0.00
The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.
- CVE-2004-0108Apr 15, 2004risk 0.00cvss —epss 0.00
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.
- CVE-2004-0111Apr 15, 2004risk 0.00cvss —epss 0.02
gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
- CVE-2003-0989Feb 17, 2004risk 0.00cvss —epss 0.05
tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
- CVE-2003-0700Feb 17, 2004risk 0.00cvss —epss 0.02
The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699.
- CVE-2003-1295Dec 31, 2003risk 0.00cvss —epss 0.00
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."
- CVE-2003-0900Dec 31, 2003risk 0.00cvss —epss 0.01
Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers.
- CVE-2003-0857Dec 31, 2003risk 0.00cvss —epss 0.00
The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
- CVE-2003-0986Dec 31, 2003risk 0.00cvss —epss 0.00
Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service.
- CVE-2003-0859Dec 15, 2003risk 0.00cvss —epss 0.00
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
- CVE-2003-0688Oct 20, 2003risk 0.00cvss —epss 0.03
The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect…
- CVE-2003-0689Oct 20, 2003risk 0.00cvss —epss 0.02
The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.
- CVE-2003-0551Aug 27, 2003risk 0.00cvss —epss 0.02
The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service.
- CVE-2003-0546Aug 27, 2003risk 0.00cvss —epss 0.01
up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.
- CVE-2003-0699Aug 27, 2003risk 0.00cvss —epss 0.02
The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700.
- CVE-2003-0464Aug 27, 2003risk 0.00cvss —epss 0.00
The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd.
- CVE-2003-0550Aug 27, 2003risk 0.00cvss —epss 0.02
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.
- CVE-2003-0552Aug 27, 2003risk 0.00cvss —epss 0.03
Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.
- CVE-2003-0548Aug 27, 2003risk 0.00cvss —epss 0.01
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549.
Page 71 of 74