Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux
(Gentoo)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 131 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2004-12-06 | CVE-2004-0634 | The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference. | Ethereal, Linux, Mandrake_linux, Enterprise_linux, Linux_advanced_workstation | N/A | ||
2004-12-06 | CVE-2004-0633 | The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow. | Ethereal, Linux, Mandrake_linux, Enterprise_linux, Linux_advanced_workstation | N/A | ||
2005-01-10 | CVE-2004-1106 | Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php. | Gallery, Linux | N/A | ||
2003-03-07 | CVE-2002-1337 | Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. | Linux, Alphaserver_sc, Hp\-Ux, Netbsd, Solaris, Sendmail, Sunos, Bsdos, Platform_sa | N/A | ||
2004-12-31 | CVE-2004-1901 | Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles. | Linux, Portage | 5.5 | ||
2004-08-06 | CVE-2004-0493 | The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters. | Http_server, Converged_communications_server, S8300, S8500, S8700, Linux, Http_server, Secure_linux | N/A | ||
2004-09-16 | CVE-2004-0809 | The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. | Http_server, Debian_linux, Linux, Hp\-Ux, Secure_web_server_for_tru64, Mandrake_linux, Enterprise_linux, Enterprise_linux_desktop, Secure_linux, Turbolinux_desktop, Turbolinux_home, Turbolinux_server | N/A | ||
2004-12-23 | CVE-2004-0834 | Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3. | Linux, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall, Speedtouch_usb_driver | N/A | ||
2008-02-29 | CVE-2008-1078 | expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1. | Linux, Rpath_linux | N/A | ||
2005-03-01 | CVE-2004-1027 | Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences. | Unarj, Debian_linux, Linux | N/A |