Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora_core
(Redhat)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 79 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2005-01-10 | CVE-2004-1073 | The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality. | Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Secure_linux, Turbolinux_server | N/A | ||
2005-01-10 | CVE-2004-1072 | The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code. | Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Secure_linux, Turbolinux_server | N/A | ||
2005-01-10 | CVE-2004-1071 | The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. | Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Secure_linux, Turbolinux_server | N/A | ||
2005-01-10 | CVE-2004-1070 | The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code. | Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Secure_linux, Turbolinux_server | N/A | ||
2005-01-10 | CVE-2004-1067 | Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username. | Cyrus_imap_server, Fedora_core, Ubuntu_linux | N/A | ||
2005-01-10 | CVE-2004-1015 | Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011. | Cyrus_imap_server, Fedora_core, Ubuntu_linux | N/A | ||
2005-01-10 | CVE-2004-1013 | The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption. | Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux | N/A | ||
2005-01-10 | CVE-2004-1012 | The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. | Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux | N/A | ||
2005-01-10 | CVE-2004-1011 | Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015. | Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux | N/A | ||
2005-03-01 | CVE-2004-0989 | Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. | Fedora_core, Secure_linux, Ubuntu_linux, Libxml, Libxml2, Command_line_xml_toolkit | N/A |