Product:

Fedora_core

(Redhat)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 79
Date Id Summary Products Score Patch Annotated
2004-12-06 CVE-2004-0619 Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow. Fedora_core, Kernel, Linux N/A
2004-07-27 CVE-2004-0595 The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities. Converged_communications_server, Integrated_management, S8300, S8500, S8700, Php, Fedora_core, Secure_linux N/A
2004-08-06 CVE-2004-0587 Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service. Mandrake_linux, Mandrake_linux_corporate_server, Fedora_core, Suse_linux N/A
2004-08-06 CVE-2004-0557 Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields. Linux, Linux, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Sox N/A
2004-08-06 CVE-2004-0461 The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. Dns_one_appliance, Dhcpd, Mandrake_linux, Fedora_core, Suse_email_server, Suse_linux, Suse_linux_admin\-Cd_for_firewall, Suse_linux_connectivity_server, Suse_linux_database_server, Suse_linux_firewall_cd, Suse_linux_office_server N/A
2004-08-06 CVE-2004-0460 Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. Dns_one_appliance, Dhcpd, Mandrake_linux, Fedora_core, Suse_email_server, Suse_linux, Suse_linux_admin\-Cd_for_firewall, Suse_linux_connectivity_server, Suse_linux_database_server, Suse_linux_firewall_cd, Suse_linux_office_server N/A
2004-11-23 CVE-2004-0415 Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory. Linux_kernel, Fedora_core, Secure_linux N/A
2004-08-18 CVE-2004-0235 Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path"). Mailsweeper, F\-Secure_anti\-Virus, F\-Secure_for_firewalls, F\-Secure_internet_security, F\-Secure_personal_express, Internet_gatekeeper, Winrar, Fedora_core, Lha, Propack, Cgpmcafee, Lha, Winzip N/A
2004-08-18 CVE-2004-0234 Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive. Mailsweeper, F\-Secure_anti\-Virus, F\-Secure_for_firewalls, F\-Secure_internet_security, F\-Secure_personal_express, Internet_gatekeeper, Winrar, Fedora_core, Lha, Propack, Cgpmcafee, Lha, Winzip N/A