Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Secure_linux
(Trustix)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 66 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-01-10 | CVE-2004-0949 | The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times. | Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Secure_linux, Ubuntu_linux | N/A | ||
| 2005-02-09 | CVE-2004-0941 | Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990. | Gdlib, Secure_linux | N/A | ||
| 2005-01-27 | CVE-2004-0918 | The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. | Linux, Openpkg, Fedora_core, Squid, Secure_linux, Ubuntu_linux | N/A | ||
| 2005-01-27 | CVE-2004-0886 | Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. | Mac_os_x, Mac_os_x_server, Kde, Libtiff, Mandrake_linux, Pdf_library, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Secure_linux, Wxgtk2 | N/A | ||
| 2005-01-10 | CVE-2004-0883 | Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a... | Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Secure_linux, Ubuntu_linux | N/A | ||
| 2004-12-23 | CVE-2004-0803 | Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. | Mac_os_x, Mac_os_x_server, Kde, Libtiff, Mandrake_linux, Pdf_library, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Secure_linux, Wxgtk2 | N/A | ||
| 2004-09-16 | CVE-2004-0801 | Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands. | Linux, Foomatic\-Filters, Java_desktop_system, Secure_linux | N/A | ||
| 2004-12-23 | CVE-2004-0685 | Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage. | Linux_kernel, Enterprise_linux, Enterprise_linux_desktop, Secure_linux | N/A | ||
| 2004-07-27 | CVE-2004-0600 | Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. | Samba, Secure_linux | N/A | ||
| 2004-07-27 | CVE-2004-0595 | The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities. | Converged_communications_server, Integrated_management, S8300, S8500, S8700, Php, Fedora_core, Secure_linux | N/A |