Product:

Linux

(Gentoo)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 131
Date Id Summary Products Score Patch Annotated
2004-08-06 CVE-2004-0535 The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. Linux, Secure_community, Secure_linux, Linux, Linux_kernel, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall, Suse_email_server, Suse_linux, Suse_linux_admin\-Cd_for_firewall, Suse_linux_connectivity_server, Suse_linux_database_server, Suse_linux_firewall_cd, Suse_linux_firewall_live\-Cd, Suse_linux_office_server, Suse_office_server N/A
2004-09-28 CVE-2004-0500 Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call. Linux, Mandrake_linux, Gaim N/A
2004-12-06 CVE-2004-0497 Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. Linux, Linux, Linux_kernel, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall, Enterprise_linux, Suse_linux, Secure_linux N/A
2004-12-06 CVE-2004-0496 Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. Linux, Linux_kernel, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall, Solaris, Sunos, Suse_email_server, Suse_linux, Suse_linux_connectivity_server, Suse_linux_database_server, Suse_linux_firewall, Suse_linux_office_server N/A
2004-08-06 CVE-2004-0495 Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. Converged_communications_server, Intuity_audix, Modular_messaging_message_storage_server, S8300, S8500, S8700, Linux, Linux, Linux_kernel, Enterprise_linux, Suse_email_server, Suse_linux, Suse_linux_admin\-Cd_for_firewall, Suse_linux_connectivity_server, Suse_linux_database_server, Suse_linux_firewall_cd, Suse_linux_office_server, Suse_office_server N/A
2004-12-06 CVE-2004-0456 Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header. Debian_linux, Linux, Pavuk N/A
2004-08-18 CVE-2004-0432 ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions. Linux, Proftpd, Secure_linux N/A
2004-08-18 CVE-2004-0419 XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions. Linux, X11r6, Xdm N/A
2004-08-06 CVE-2004-0418 serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. Cvs, Linux, Openbsd, Openpkg, Propack N/A
2004-08-06 CVE-2004-0417 Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space. Cvs, Linux, Openbsd, Openpkg, Propack N/A