Sign in Get started

← All vendors

Vendor

Tarantella

Sign in to watch

Products

2

CVEs

8

Across products

28

Status

Private

Products

2

Tarantella Enterprise
26 CVEs
Secure Global Desktop
2 CVEs

Recent CVEs

8

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2004-0079	Hig	0.49	7.5	0.02		Nov 23, 2004	The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVE-2002-0296		0.03	—	0.00		May 31, 2002	The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file.
CVE-2002-0211		0.03	—	0.00		May 16, 2002	Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed.
CVE-2001-0805		0.03	—	0.04		Dec 6, 2001	Directory traversal vulnerability in ttawebtop.cgi in Tarantella Enterprise 3.00 and 3.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the pg parameter.
CVE-2005-0486		0.00	—	0.00		Mar 30, 2005	Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple users have the same username, reveals sensitive information during authentication, which allows remote attackers to identify valid usernames and the authentication scheme.
CVE-2004-0081		0.00	—	0.02		Nov 23, 2004	OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
CVE-2004-0112		0.00	—	0.01		Nov 23, 2004	The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVE-2002-0203		0.00	—	0.00		May 16, 2002	ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter.