Product:

Secure_linux

(Trustix)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 66
Date Id Summary Products Score Patch Annotated
2004-07-27 CVE-2004-0594 The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete. Converged_communications_server, Debian_linux, Hp\-Ux, Openpkg, Php, Secure_linux N/A
2004-08-18 CVE-2004-0421 The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. Libpng, Openpkg, Enterprise_linux, Enterprise_linux_desktop, Libpng, Secure_linux N/A
2005-02-09 CVE-2004-0977 The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files. Mandrake_linux, Mandrake_linux_corporate_server, Postgresql, Enterprise_linux, Enterprise_linux_desktop, Secure_linux N/A
2002-03-15 CVE-2002-0083 Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Linux, Secure_linux, Immunix, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_single_network_firewall, Openssh, Openpkg, Linux, Suse_linux, Secure_linux 9.8
2005-02-09 CVE-2004-0940 Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. Http_server, Hp\-Ux, Openpkg, Slackware_linux, Suse_linux, Secure_linux 7.8
2004-08-06 CVE-2004-0493 The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters. Http_server, Converged_communications_server, S8300, S8500, S8700, Linux, Http_server, Secure_linux N/A
2004-09-16 CVE-2004-0809 The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. Http_server, Debian_linux, Linux, Hp\-Ux, Secure_web_server_for_tru64, Mandrake_linux, Enterprise_linux, Enterprise_linux_desktop, Secure_linux, Turbolinux_desktop, Turbolinux_home, Turbolinux_server N/A
2005-02-07 CVE-2005-0156 Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. Aix, Perl, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Propack, Suse_linux, Secure_linux, Ubuntu_linux N/A
2004-07-27 CVE-2004-0686 Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. Samba, Secure_linux N/A
2005-02-09 CVE-2004-0957 Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities. Openpkg, Mysql, Enterprise_linux, Enterprise_linux_desktop, Suse_linux, Secure_linux, Ubuntu_linux N/A