Product:

Linux

(Gentoo)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 131
Date Id Summary Products Score Patch Annotated
2004-10-20 CVE-2004-0746 Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. Linux, Kde, Konqueror, Mandrake_linux, Suse_linux N/A
2004-07-27 CVE-2004-0700 Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. Linux, Mod_ssl N/A
2004-08-06 CVE-2004-0649 Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code. Linux, L2tpd N/A
2004-12-06 CVE-2004-0626 The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type. Linux, Linux, Linux_kernel, Suse_linux N/A
2004-12-06 CVE-2004-0608 The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f and earlier, Unreal II XMP 7710 and earlier, Unreal Tournament 451b and earlier, Unreal Tournament 2003 2225 and earlier, Unreal Tournament 2004 before 3236, Wheel of Time 333b and earlier, and X-com Enforcer, allows remote attackers to execute... Devastation, Tnn_outdoors_pro_hunter, Unreal_engine, Unreal_tournament, Unreal_tournament_2003, Unreal_tournament_2004, Linux, Tacticalops, X\-Com_enforcer, Deusex, Nerf_arena_blast, Mobile_forces, Wheel_of_time, Postal_2 N/A
2004-12-06 CVE-2004-0604 The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a denial of service (crash), possibly via an empty search query, which triggers a NULL dereference. Linux, Gift\-Fasttrack N/A
2004-12-06 CVE-2004-0565 Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit. Linux, Linux_kernel, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall, Secure_linux N/A
2004-08-06 CVE-2004-0557 Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields. Linux, Linux, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Sox N/A
2004-08-06 CVE-2004-0554 Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. Converged_communications_server, Intuity_audix, Modular_messaging_message_storage_server, S8300, S8500, S8700, Linux, Linux, Linux_kernel, Enterprise_linux, Suse_email_server, Suse_linux, Suse_linux_admin\-Cd_for_firewall, Suse_linux_connectivity_server, Suse_linux_database_server, Suse_linux_firewall_cd, Suse_linux_office_server, Suse_office_server N/A
2004-08-06 CVE-2004-0548 Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option. Linux, Aspell N/A