Product:

Secure_linux

(Trustix)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 66
Date Id Summary Products Score Patch Annotated
2005-01-10 CVE-2004-1012 The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux N/A
2005-01-10 CVE-2004-1011 Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015. Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux N/A
2005-03-01 CVE-2004-0990 Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941. Gdlib, Linux, Openpkg, Suse_linux, Secure_linux N/A
2005-03-01 CVE-2004-0989 Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. Fedora_core, Secure_linux, Ubuntu_linux, Libxml, Libxml2, Command_line_xml_toolkit N/A
2005-01-10 CVE-2004-0949 The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times. Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Secure_linux, Ubuntu_linux N/A
2005-02-09 CVE-2004-0941 Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990. Gdlib, Secure_linux N/A
2005-01-27 CVE-2004-0918 The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. Linux, Openpkg, Fedora_core, Squid, Secure_linux, Ubuntu_linux N/A
2005-01-27 CVE-2004-0886 Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. Mac_os_x, Mac_os_x_server, Kde, Libtiff, Mandrake_linux, Pdf_library, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Secure_linux, Wxgtk2 N/A
2005-01-10 CVE-2004-0883 Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a... Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Secure_linux, Ubuntu_linux N/A
2004-12-23 CVE-2004-0803 Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. Mac_os_x, Mac_os_x_server, Kde, Libtiff, Mandrake_linux, Pdf_library, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Secure_linux, Wxgtk2 N/A