Ubuntu_linux - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Ubuntu_linux
(Ubuntu)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	64

Date	Id	Summary	Products	Score	Patch	Annotated
2005-03-01	CVE-2004-1051	sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.	Debian_linux, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall, Sudo, Secure_linux, Ubuntu_linux	N/A
2005-01-10	CVE-2004-1019	The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.	Openpkg, Php, Secure_linux, Ubuntu_linux	N/A
2005-01-10	CVE-2004-1016	The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition.	Linux_kernel, Ubuntu_linux	N/A
2005-01-10	CVE-2004-1015	Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.	Cyrus_imap_server, Fedora_core, Ubuntu_linux	N/A
2005-01-10	CVE-2004-1013	The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.	Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux	N/A
2005-01-10	CVE-2004-1012	The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.	Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux	N/A
2005-01-10	CVE-2004-1011	Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.	Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux	N/A
2005-03-01	CVE-2004-1007	The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory address.	Email_filter, Ubuntu_linux	N/A
2005-03-01	CVE-2004-0989	Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.	Fedora_core, Secure_linux, Ubuntu_linux, Libxml, Libxml2, Command_line_xml_toolkit	N/A
2005-03-01	CVE-2004-0983	The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.	Linux, Mandrake_linux, Mandrake_linux_corporate_server, Ubuntu_linux, Ruby	N/A