Product:

Linux

(Conectiva)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 63
Date Id Summary Products Score Patch Annotated
2005-03-27 CVE-2005-0750 The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. Linux, Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Suse_linux, Ubuntu_linux N/A
2004-10-07 CVE-2005-0373 Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. Mac_os_x, Mac_os_x_server, Linux, Sasl, Openpkg, Fedora_core, Suse_cvsup, Suse_linux N/A
2005-05-02 CVE-2005-0207 Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT. Linux, Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Suse_linux N/A
2004-12-23 CVE-2004-1337 The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges. Linux, Realtime_linux_security_module, Ubuntu_linux N/A
2004-12-21 CVE-2004-1307 Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. Mac_os_x, Mac_os_x_server, Call_management_system_server, Cvlan, Integrated_management, Interactive_response, Intuity_audix_lx, Mn100, Modular_messaging_message_storage_server, Linux, Icontrol_service_manager, Linux, Libtiff, Mandrake_linux, Mandrake_linux_corporate_server, Unixware, Propack, Solaris, Sunos N/A
2005-04-14 CVE-2004-1235 Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. Converged_communications_server, Intuity_audix, Mn100, Modular_messaging_message_storage_server, Network_routing, S8300, S8500, S8700, S8710, Linux, Linux_kernel, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Suse_linux, Ubuntu_linux N/A
2004-12-15 CVE-2004-1145 Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. Alt_linux, Linux, Debian_linux, Ethereal, Enterprise_linux, Enterprise_linux_desktop, Linux_advanced_workstation, Propack, Suse_linux N/A
2005-03-01 CVE-2004-1029 The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. Linux, Linux, Hp\-Ux, Java_sdk\-Rte, Jdk, Jre, Enterprise_firewall, Gateway_security_5400 N/A
2005-01-10 CVE-2004-1013 The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption. Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux N/A
2005-01-10 CVE-2004-1012 The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux N/A