MidnightBSD

Advisories for conectiva

CVE-2000-0633 LOW

Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.2
conectiva linux 5.0
conectiva linux 4.0es
conectiva linux 5.1
mandrakesoft mandrake_linux 7.1
redhat linux 6.2e
conectiva linux 4.1
conectiva linux 4.0
redhat linux 6.0
conectiva linux 4.2
redhat linux 6.1
CVE-2000-0666 HIGH

rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.2
conectiva linux 5.0
conectiva linux 4.0es
conectiva linux 5.1
suse suse_linux 6.3
debian debian_linux 2.3
conectiva linux 4.1
suse suse_linux 6.4
redhat linux 6.0
trustix secure_linux 1.1
debian debian_linux 2.2
conectiva linux 4.0
trustix secure_linux 1.0
conectiva linux 4.2
redhat linux 6.1
suse suse_linux 7.0
CVE-2000-0667 LOW

Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
conectiva linux 5.0
conectiva linux 4.0es
conectiva linux 5.1
conectiva linux 4.1
conectiva linux 4.0
conectiva linux 4.2
CVE-2000-0668 MEDIUM

pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.2
conectiva linux 5.0
conectiva linux 4.0es
conectiva linux 5.1
michael_k._johnson pam_console 0.72_unpatched
conectiva linux 4.1
conectiva linux 4.0
michael_k._johnson pam_console 0.66
redhat linux 6.0
conectiva linux 4.2
redhat linux 6.1
CVE-2000-0701 MEDIUM

The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux *
conectiva linux 5.0
conectiva linux 5.1
conectiva linux 4.1
gnu mailman 2.0
conectiva linux 4.2
CVE-2000-0715 LOW

DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file.

CVSS 2.0

Severity: LOW

Problem Type: CWE-59,

Products Affected

Vendor Product Version
conectiva linux 5.0
conectiva linux 5.1
kirk_bauer diskcheck 3.1.1
CVE-2000-0747 HIGH

The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
conectiva linux 5.0
conectiva linux 4.1
conectiva linux 4.2
CVE-2000-0844 HIGH

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
turbolinux turbolinux 6.0
mandrakesoft mandrake_linux 7.0
conectiva linux 4.0es
sun sunos 5.3
sun sunos 5.4
suse suse_linux 6.3
debian debian_linux 2.3
sun sunos 5.8
redhat linux 5.1
sgi irix 6.5.3f
suse suse_linux 6.4
sgi irix 6.5.3
debian debian_linux 2.1
ibm aix 4.1.3
sgi irix 6.5.7
ibm aix 4.3.1
sgi irix 6.5.4
turbolinux turbolinux 6.0.2
suse suse_linux 6.2
sun sunos 5.7
sgi irix 6.5.1
mandrakesoft mandrake_linux 7.1
sgi irix 6.5
sun sunos 5.1
conectiva linux 5.1
conectiva linux 4.1
ibm aix 4.3.2
sun sunos 5.5.1
sgi irix 6.5.6
sgi irix 6.5.3m
trustix secure_linux 1.1
ibm aix 4.0
debian debian_linux 2.2
caldera openlinux_eserver 2.3
trustix secure_linux 1.0
ibm aix 4.2
sun sunos 5.5
turbolinux turbolinux 6.0.1
turbolinux turbolinux 6.0.3
sgi irix 6.2
turbolinux turbolinux 6.0.4
redhat linux 5.0
ibm aix 4.1.5
sun sunos 5.2
immunix immunix 6.2
sun sunos 5.0
slackware slackware_linux 7.1
ibm aix 3.2
slackware slackware_linux 7.0
ibm aix 3.2.4
ibm aix 4.1.4
redhat linux 5.2
caldera openlinux_ebuilder 3.0
sgi irix 6.3
redhat linux 6.2
conectiva linux 5.0
redhat linux 6.0
sgi irix 6.5.8
ibm aix 4.1.2
ibm aix 3.2.5
ibm aix 4.1.1
ibm aix 4.2.1
sun solaris 2.6
ibm aix 4.3
sgi irix 6.4
ibm aix 4.1
caldera openlinux *
suse suse_linux 6.1
conectiva linux 4.0
sgi irix 6.5.2m
conectiva linux 4.2
redhat linux 6.1
debian debian_linux 2.0
suse suse_linux 7.0
CVE-2000-1095 HIGH

modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 7.0
conectiva linux 5.1
suse suse_linux 6.4
immunix immunix 6.2
mandrakesoft mandrake_linux 7.2
suse suse_linux 7.0
immunix immunix 7.0_beta
CVE-2000-1134 HIGH

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
conectiva linux 5.0
conectiva linux 4.0es
conectiva linux 5.1
mandrakesoft mandrake_linux 6.0
redhat linux 6.2e
conectiva linux 4.1
immunix immunix 6.2
redhat linux 6.0
hp hp-ux 11.11
mandrakesoft mandrake_linux 7.2
caldera openlinux_eserver 2.3
caldera openlinux *
caldera openlinux_edesktop 2.4
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
redhat linux 5.2
conectiva linux 4.0
conectiva linux 4.2
redhat linux 6.1
suse suse_linux 7.0
CVE-2001-0128 HIGH

Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.2
conectiva linux 5.0
redhat linux_powertools 6.1
conectiva linux 5.1
redhat linux_powertools 6.2
mandrakesoft mandrake_linux 7.2
debian debian_linux 2.2
conectiva linux 6.0
redhat linux 7.0
zope zope *
mandrakesoft mandrake_linux 7.1
freebsd freebsd 6.2
conectiva linux 4.2
redhat linux 6.1
redhat linux_powertools 7.0
CVE-2001-0136 MEDIUM

Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-401,

Products Affected

Vendor Product Version
conectiva linux *
mandrakesoft mandrake_linux 7.2
debian debian_linux 2.2
proftpd proftpd 1.2.0
CVE-2001-0170 LOW

glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
conectiva linux 5.0
conectiva linux 4.0es
conectiva linux 5.1
debian debian_linux 2.3
conectiva linux ecommerce
conectiva linux 4.1
conectiva linux graficas
immunix immunix 7.0_beta
conectiva linux 6.0
redhat linux 7.0
conectiva linux 4.0
conectiva linux 4.2
CVE-2001-0178 LOW

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 7.0
suse suse_linux 6.3
suse suse_linux 6.4
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
conectiva linux 6.0
caldera openlinux_edesktop 2.4
suse suse_linux 6.2
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
suse suse_linux 6.1
suse suse_linux 6.0
suse suse_linux 7.0
CVE-2001-0439 HIGH

licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
conectiva linux 5.0
conectiva linux 4.0es
conectiva linux 4.1
freebsd freebsd 4.2
freebsd freebsd 3.5.1
mandrakesoft mandrake_linux 7.2
licq licq *
mandrakesoft mandrake_linux_corporate_server 1.0.1
redhat linux 7.0
mandrakesoft mandrake_linux 7.1
conectiva linux 4.0
conectiva linux 4.2
CVE-2001-0440 HIGH

Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
conectiva linux 5.0
conectiva linux 4.0es
conectiva linux 5.1
conectiva linux ecommerce
conectiva linux 4.1
mandrakesoft mandrake_linux 7.2
licq licq *
conectiva linux 6.0
conectiva linux prg_graficos
mandrakesoft mandrake_linux 7.1
conectiva linux 4.0
conectiva linux 4.2
CVE-2001-0473 HIGH

Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
conectiva linux *
mandrakesoft mandrake_linux 6.0
immunix immunix 6.2
redhat linux 6.0
mandrakesoft mandrake_linux 7.2
immunix immunix 7.0_beta
mutt mutt *
redhat linux 7.0
immunix immunix 7.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
redhat linux 5.2
redhat linux 6.1
CVE-2001-0690 HIGH

Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux *
university_of_cambridge exim *
conectiva linux *
debian debian_linux 4.0
CVE-2001-0834 MEDIUM

htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
conectiva linux 5.0
suse suse_linux 7.3
conectiva linux 5.1
suse suse_linux 6.3
suse suse_linux 6.4
debian debian_linux 2.2
conectiva linux 6.0
conectiva linux 7.0
suse suse_linux 7.1
htdig htdig *
suse suse_linux 7.0
suse suse_linux 7.2
CVE-2001-1374 HIGH

expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
don_libes expect 5.7
don_libes expect 5.23
don_libes expect 5.24
don_libes expect 5.11
don_libes expect 5.12
don_libes expect 5.17
don_libes expect 5.20
don_libes expect 5.25
don_libes expect 5.15
don_libes expect 5.21
don_libes expect 5.30
don_libes expect 5.4
don_libes expect 5.27
don_libes expect 5.31
don_libes expect 2
conectiva linux 6.0
don_libes expect 5.8
conectiva linux 7.0
don_libes expect 4
don_libes expect 5.26
don_libes expect 5.14
don_libes expect 5.22
don_libes expect 5.2
don_libes expect 5.19
don_libes expect 5.28
don_libes expect 0
don_libes expect 5.0
don_libes expect 5.6
don_libes expect 5.13
don_libes expect 5.16
don_libes expect 5.18
don_libes expect 1
don_libes expect 5.1
don_libes expect 5.9
redhat linux 7.0
don_libes expect 5.29
don_libes expect 3
don_libes expect 5.3
don_libes expect 5.5
don_libes expect 5.10
CVE-2001-1375 MEDIUM

tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
conectiva linux 6.0
redhat linux 7.0
conectiva linux 7.0
CVE-2002-0083 HIGH

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-193,

Products Affected

Vendor Product Version
mandrakesoft mandrake_single_network_firewall 7.2
suse suse_linux 6.4
trustix secure_linux 1.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
conectiva linux 6.0
trustix secure_linux 1.5
conectiva linux 7.0
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 8.1
openpkg openpkg 1.0
conectiva linux 5.0
suse suse_linux 7.3
conectiva linux 5.1
conectiva linux ecommerce
openbsd openssh *
conectiva linux graficas
trustix secure_linux 1.1
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux 8.0
redhat linux 7.0
engardelinux secure_linux 1.0.1
immunix immunix 7.0
suse suse_linux 7.1
redhat linux 7.1
redhat linux 7.2
suse suse_linux 7.0
suse suse_linux 7.2
CVE-2003-0468 MEDIUM

Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wietse_venema postfix 1999-12-31
wietse_venema postfix 2000-02-28
wietse_venema postfix 1.1.11
conectiva linux 7.0
wietse_venema postfix 1.0.21
wietse_venema postfix 1999-09-06
wietse_venema postfix 2001-11-15
conectiva linux 8.0
CVE-2003-0540 MEDIUM

The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wietse_venema postfix 1999-12-31
wietse_venema postfix 2000-02-28
wietse_venema postfix 1.1.11
conectiva linux 7.0
wietse_venema postfix 1.0.21
wietse_venema postfix 1999-09-06
wietse_venema postfix 2001-11-15
conectiva linux 8.0
wietse_venema postfix 1.1.12
CVE-2003-0780 HIGH

Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
oracle mysql 4.0.6
oracle mysql 3.23.4
oracle mysql 3.23
oracle mysql 3.23.10
oracle mysql 3.23.8
oracle mysql 3.23.3
oracle mysql 4.0.3
oracle mysql 3.23.54a
oracle mysql 4.0.12
oracle mysql 4.0.0
conectiva linux 9.0
oracle mysql 4.0.10
oracle mysql 3.23.2
oracle mysql 3.23.22
oracle mysql 4.0.11
oracle mysql 3.23.47
oracle mysql 3.23.43
oracle mysql 3.23.55
oracle mysql 4.0.2
oracle mysql 4.0.7
oracle mysql 3.23.28
oracle mysql 4.0.1
oracle mysql 3.23.53a
oracle mysql 3.23.26
oracle mysql 3.23.9
oracle mysql 3.23.40
oracle mysql 3.23.29
mysql mysql 4.1.0
oracle mysql 3.23.52
oracle mysql 3.23.32
oracle mysql 3.23.42
oracle mysql 4.1.0
oracle mysql 3.23.37
oracle mysql 3.23.54
oracle mysql 3.23.48
oracle mysql 3.23.53
oracle mysql 3.23.5
oracle mysql 3.23.45
oracle mysql 3.23.24
oracle mysql 3.23.41
oracle mysql 4.0.9
oracle mysql 3.23.33
oracle mysql 3.23.34
oracle mysql 3.23.50
oracle mysql 3.23.56
conectiva linux 7.0
oracle mysql 3.23.39
oracle mysql 3.23.51
oracle mysql 3.23.25
oracle mysql 3.23.36
oracle mysql 3.23.23
oracle mysql 4.0.14
oracle mysql 3.23.27
oracle mysql 4.0.4
oracle mysql 4.0.8
oracle mysql 4.0.5a
oracle mysql 4.0.13
oracle mysql 3.23.31
oracle mysql 3.23.44
conectiva linux 8.0
oracle mysql 3.23.46
oracle mysql 3.23.49
oracle mysql 3.23.30
oracle mysql 4.0.5
oracle mysql 3.23.38
CVE-2004-0495 HIGH

Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.19
suse suse_linux_connectivity_server *
suse suse_linux 8
linux linux_kernel 2.4.21
avaya s8500 r2.0.0
avaya s8700 r2.0.1
suse suse_office_server *
suse suse_linux_firewall_cd *
linux linux_kernel 2.6.3
linux linux_kernel 2.6.6
gentoo linux 1.4
linux linux_kernel 2.6.7
avaya s8700 r2.0.0
suse suse_linux 8.1
avaya modular_messaging_message_storage_server s3400
linux linux_kernel 2.4.22
redhat enterprise_linux 2.1
linux linux_kernel 2.4.26
linux linux_kernel 2.4.18
avaya intuity_audix *
avaya s8300 r2.0.1
conectiva linux 9.0
suse suse_linux_database_server *
linux linux_kernel 2.6.5
avaya converged_communications_server 2.0
suse suse_linux 9.0
linux linux_kernel 2.6.0
suse suse_linux 8.0
linux linux_kernel 2.6.1
suse suse_linux 8.2
linux linux_kernel 2.4.24
suse suse_linux_admin-cd_for_firewall *
suse suse_linux 7
linux linux_kernel 2.4.25
conectiva linux 8.0
linux linux_kernel 2.6.2
avaya s8300 r2.0.0
linux linux_kernel 2.6.4
suse suse_linux_office_server *
suse suse_email_server 3.1
avaya s8500 r2.0.1
suse suse_email_server iii
suse suse_linux 9.1
linux linux_kernel 2.4.23
redhat enterprise_linux 3.0
CVE-2004-0497 LOW

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
suse suse_linux 8.0
mandrakesoft mandrake_linux 9.1
linux linux_kernel 2.0
suse suse_linux 8.2
trustix secure_linux 2
mandrakesoft mandrake_linux 10.0
gentoo linux *
mandrakesoft mandrake_linux_corporate_server 2.1
trustix secure_linux 2.1
trustix secure_linux 2.0
mandrakesoft mandrake_multi_network_firewall 8.2
suse suse_linux 8.1
redhat enterprise_linux 2.1
conectiva linux 10
mandrakesoft mandrake_linux 9.2
suse suse_linux 9.1
redhat enterprise_linux 3.0
CVE-2004-0535 LOW

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.19
linux linux_kernel 2.4.27
linux linux_kernel 2.4.5
engardelinux secure_linux 1.5
linux linux_kernel 2.4.21
linux linux_kernel 2.4.8
linux linux_kernel 2.4.15
linux linux_kernel 2.4.10
linux linux_kernel 2.4.11
mandrakesoft mandrake_multi_network_firewall 8.2
suse suse_linux 8.1
linux linux_kernel 2.4.1
linux linux_kernel 2.4.20
linux linux_kernel 2.4.26
linux linux_kernel 2.4.18
linux linux_kernel 2.4.23_ow2
conectiva linux 9.0
suse suse_linux_database_server *
linux linux_kernel 2.4.4
suse suse_linux_firewall_live-cd *
linux linux_kernel 2.4.7
mandrakesoft mandrake_linux 9.1
suse suse_linux 8.2
linux linux_kernel 2.4.24
suse suse_linux 7
linux linux_kernel 2.4.2
linux linux_kernel 2.4.25
linux linux_kernel 2.4.9
linux linux_kernel 2.4.16
linux linux_kernel 2.4.13
suse suse_email_server iii
suse suse_linux 9.1
linux linux_kernel 2.4.3
linux linux_kernel 2.4.23
suse suse_linux_connectivity_server *
suse suse_linux 8
linux linux_kernel 2.4.12
linux linux_kernel 2.4.24_ow1
suse suse_office_server *
mandrakesoft mandrake_linux 10.0
linux linux_kernel 2.4.14
suse suse_linux_firewall_cd *
gentoo linux 1.4
linux linux_kernel 2.4.22
mandrakesoft mandrake_linux 9.2
linux linux_kernel 2.4.6
engardelinux secure_community 2.0
suse suse_linux 9.0
suse suse_linux 8.0
linux linux_kernel 2.4.0
suse suse_linux_admin-cd_for_firewall *
mandrakesoft mandrake_linux_corporate_server 2.1
linux linux_kernel 2.4.17
conectiva linux 8.0
suse suse_linux_office_server *
suse suse_email_server 3.1
CVE-2004-0554 LOW

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.19
suse suse_linux_connectivity_server *
suse suse_linux 8
linux linux_kernel 2.4.21
avaya s8500 r2.0.0
avaya s8700 r2.0.1
suse suse_office_server *
suse suse_linux_firewall_cd *
linux linux_kernel 2.6.3
linux linux_kernel 2.6.6
gentoo linux 1.4
linux linux_kernel 2.6.7
avaya s8700 r2.0.0
suse suse_linux 8.1
avaya modular_messaging_message_storage_server s3400
linux linux_kernel 2.4.22
redhat enterprise_linux 2.1
linux linux_kernel 2.4.26
linux linux_kernel 2.4.18
avaya intuity_audix *
avaya s8300 r2.0.1
conectiva linux 9.0
suse suse_linux_database_server *
linux linux_kernel 2.6.5
avaya converged_communications_server 2.0
suse suse_linux 9.0
linux linux_kernel 2.6.0
suse suse_linux 8.0
linux linux_kernel 2.6.1
suse suse_linux 8.2
linux linux_kernel 2.4.24
suse suse_linux_admin-cd_for_firewall *
suse suse_linux 7
linux linux_kernel 2.4.25
conectiva linux 8.0
linux linux_kernel 2.6.2
avaya s8300 r2.0.0
linux linux_kernel 2.6.4
suse suse_linux_office_server *
suse suse_email_server 3.1
avaya s8500 r2.0.1
suse suse_email_server iii
suse suse_linux 9.1
linux linux_kernel 2.4.23
redhat enterprise_linux 3.0
CVE-2004-0557 HIGH

Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gentoo linux 1.4
redhat fedora_core core_2.0
redhat fedora_core core_1.0
sox sox 12.17.2
sox sox 12.17.4
conectiva linux 10.0
redhat enterprise_linux_desktop 3.0
conectiva linux 9.0
sox sox 12.17.3
redhat enterprise_linux 3.0
conectiva linux 8.0
CVE-2004-0626 MEDIUM

The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
linux linux_kernel 2.6.0
suse suse_linux 8.0
suse suse_linux 8.1
suse suse_linux 8.2
conectiva linux 10
gentoo linux *
suse suse_linux 9.1
CVE-2004-0801 HIGH

Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
conectiva linux 10.0
linuxprinting.org foomatic-filters 3.1
conectiva linux 9.0
sun java_desktop_system 2003
trustix secure_linux 2.1
sun java_desktop_system 2.0
trustix secure_linux 2.0
linuxprinting.org foomatic-filters 3.0.2
linuxprinting.org foomatic-filters 3.0
linuxprinting.org foomatic-filters 3.0.1
CVE-2004-0802 MEDIUM

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat fedora_core core_1.0
enlightenment imlib2 1.1
redhat fedora_core core_2.0
suse suse_linux 8.1
turbolinux turbolinux_workstation 8.0
redhat enterprise_linux 2.1
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
conectiva linux 9.0
imagemagick imagemagick 5.3.3
enlightenment imlib 1.9.4
sun java_desktop_system 2.0
turbolinux turbolinux_workstation 7.0
imagemagick imagemagick 5.5.6.0_2003-04-09
suse suse_linux 8.2
enlightenment imlib2 1.0.4
enlightenment imlib 1.9.3
enlightenment imlib 1.9.10
enlightenment imlib 1.9.11
enlightenment imlib 1.9.5
sun java_desktop_system 2003
imagemagick imagemagick 5.4.7
enlightenment imlib2 1.0.2
enlightenment imlib 1.9.7
turbolinux turbolinux_server 8.0
imagemagick imagemagick 5.4.4.5
enlightenment imlib 1.9.6
enlightenment imlib 1.9.9
suse suse_linux 9.1
enlightenment imlib 1.9.12
imagemagick imagemagick 5.4.8
turbolinux turbolinux_desktop 10.0
enlightenment imlib2 1.0
imagemagick imagemagick 5.4.3
mandrakesoft mandrake_linux 10.0
imagemagick imagemagick 5.5.7
enlightenment imlib 1.9.1
imagemagick imagemagick 5.5.3.2.1.2.0
enlightenment imlib 1.9.8
redhat fedora_core core_3.0
mandrakesoft mandrake_linux 9.2
redhat enterprise_linux_desktop 3.0
enlightenment imlib 1.9.14
enlightenment imlib 1.9
enlightenment imlib 1.9.2
imagemagick imagemagick 6.0.2
enlightenment imlib2 1.0.1
turbolinux turbolinux_server 7.0
suse suse_linux 9.2
suse suse_linux 9.0
suse suse_linux 8.0
enlightenment imlib2 1.0.5
enlightenment imlib2 1.1.1
mandrakesoft mandrake_linux_corporate_server 2.1
enlightenment imlib 1.9.13
imagemagick imagemagick 5.4.8.2.1.1.0
ubuntu ubuntu_linux 4.1
enlightenment imlib2 1.0.3
redhat enterprise_linux 3.0
CVE-2004-0807 MEDIUM

Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
suse suse_linux 8
samba samba 3.0.1
suse suse_linux 8.2
sgi samba 3.0
sgi samba 3.0.1
mandrakesoft mandrake_linux 10.0
sgi samba 3.0.5
samba samba 3.0.0
samba samba 3.0.2
sgi samba 3.0.3
sgi samba 3.0.2
suse suse_linux 8.1
samba samba 3.0.5
sgi samba 3.0.6
conectiva linux 10.0
samba samba 3.0.6
samba samba 3.0.2a
conectiva linux 9.0
samba samba 3.0.3
sgi samba 3.0.4
suse suse_linux 9.1
samba samba 3.0.4
CVE-2004-0817 HIGH

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat fedora_core core_1.0
enlightenment imlib2 1.1
redhat fedora_core core_2.0
suse suse_linux 8.1
turbolinux turbolinux_workstation 8.0
redhat enterprise_linux 2.1
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
conectiva linux 9.0
imagemagick imagemagick 5.3.3
enlightenment imlib 1.9.4
sun java_desktop_system 2.0
turbolinux turbolinux_workstation 7.0
imagemagick imagemagick 5.5.6.0_2003-04-09
suse suse_linux 8.2
enlightenment imlib2 1.0.4
enlightenment imlib 1.9.3
enlightenment imlib 1.9.10
enlightenment imlib 1.9.11
enlightenment imlib 1.9.5
sun java_desktop_system 2003
imagemagick imagemagick 5.4.7
enlightenment imlib2 1.0.2
enlightenment imlib 1.9.7
turbolinux turbolinux_server 8.0
imagemagick imagemagick 5.4.4.5
enlightenment imlib 1.9.6
enlightenment imlib 1.9.9
suse suse_linux 9.1
enlightenment imlib 1.9.12
imagemagick imagemagick 5.4.8
turbolinux turbolinux_desktop 10.0
enlightenment imlib2 1.0
imagemagick imagemagick 5.4.3
mandrakesoft mandrake_linux 10.0
imagemagick imagemagick 5.5.7
enlightenment imlib 1.9.1
imagemagick imagemagick 5.5.3.2.1.2.0
enlightenment imlib 1.9.8
redhat fedora_core core_3.0
mandrakesoft mandrake_linux 9.2
redhat enterprise_linux_desktop 3.0
enlightenment imlib 1.9.14
enlightenment imlib 1.9
enlightenment imlib 1.9.2
imagemagick imagemagick 6.0.2
enlightenment imlib2 1.0.1
turbolinux turbolinux_server 7.0
suse suse_linux 9.2
suse suse_linux 9.0
suse suse_linux 8.0
enlightenment imlib2 1.0.5
enlightenment imlib2 1.1.1
mandrakesoft mandrake_linux_corporate_server 2.1
enlightenment imlib 1.9.13
imagemagick imagemagick 5.4.8.2.1.1.0
ubuntu ubuntu_linux 4.1
enlightenment imlib2 1.0.3
redhat enterprise_linux 3.0
CVE-2004-0827 HIGH

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat fedora_core core_1.0
turbolinux turbolinux workstation_8.0
enlightenment imlib2 1.1
redhat fedora_core core_2.0
suse suse_linux 8.1
redhat enterprise_linux 2.1
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
conectiva linux 9.0
imagemagick imagemagick 5.3.3
enlightenment imlib 1.9.4
sun java_desktop_system 2.0
turbolinux turbolinux workstation_7.0
imagemagick imagemagick 5.5.6.0_2003-04-09
turbolinux turbolinux server_8.0
suse suse_linux 8.2
enlightenment imlib2 1.0.4
enlightenment imlib 1.9.3
enlightenment imlib 1.9.10
enlightenment imlib 1.9.11
enlightenment imlib 1.9.5
sun java_desktop_system 2003
imagemagick imagemagick 5.4.7
enlightenment imlib2 1.0.2
enlightenment imlib 1.9.7
imagemagick imagemagick 5.4.4.5
turbolinux turbolinux server_7.0
enlightenment imlib 1.9.6
enlightenment imlib 1.9.9
suse suse_linux 9.1
enlightenment imlib 1.9.12
imagemagick imagemagick 5.4.8
enlightenment imlib2 1.0
imagemagick imagemagick 5.4.3
mandrakesoft mandrake_linux 10.0
imagemagick imagemagick 5.5.7
enlightenment imlib 1.9.1
imagemagick imagemagick 5.5.3.2.1.2.0
enlightenment imlib 1.9.8
redhat fedora_core core_3.0
mandrakesoft mandrake_linux 9.2
redhat enterprise_linux_desktop 3.0
enlightenment imlib 1.9.14
enlightenment imlib 1.9
enlightenment imlib 1.9.2
imagemagick imagemagick 6.0.2
enlightenment imlib2 1.0.1
suse suse_linux 9.2
suse suse_linux 9.0
suse suse_linux 8.0
enlightenment imlib2 1.0.5
enlightenment imlib2 1.1.1
mandrakesoft mandrake_linux_corporate_server 2.1
enlightenment imlib 1.9.13
imagemagick imagemagick 5.4.8.2.1.1.0
ubuntu ubuntu_linux 4.1
turbolinux turbolinux desktop_10.0
enlightenment imlib2 1.0.3
redhat enterprise_linux 3.0
CVE-2004-0882 HIGH

Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
samba samba 3.0.1
samba samba 3.0.0
samba samba 3.0.2
ubuntu ubuntu_linux 4.1
redhat fedora_core core_2.0
samba samba 3.0.5
redhat fedora_core core_3.0
redhat enterprise_linux 2.1
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
samba samba 3.0.6
redhat enterprise_linux_desktop 3.0
samba samba 3.0.2a
samba samba 3.0.3
samba samba 3.0.7
redhat enterprise_linux 3.0
samba samba 3.0.4
CVE-2004-0884 HIGH

The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
cyrus sasl 2.1.15
cyrus sasl 2.1.11
cyrus sasl 1.5.28
cyrus sasl 1.5.27
cyrus sasl 2.1.12
cyrus sasl 2.1.13
cyrus sasl 2.1.17
cyrus sasl 2.1.9
conectiva linux 10.0
cyrus sasl 2.1.18
cyrus sasl 2.1.16
cyrus sasl 1.5.24
conectiva linux 9.0
cyrus sasl 2.1.10
cyrus sasl 2.1.14
cyrus sasl 2.1.18_r1
CVE-2004-0902 HIGH

Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
suse suse_linux 8
redhat fedora_core core_1.0
mozilla thunderbird 0.7
suse suse_linux 8.2
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.1
mozilla mozilla 1.7
suse suse_linux 8.1
redhat linux 9.0
redhat enterprise_linux 2.1
suse suse_linux 1.0
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
mozilla mozilla 1.7.1
redhat enterprise_linux_desktop 3.0
redhat linux 7.3
conectiva linux 9.0
mozilla mozilla 1.7.2
suse suse_linux 9.1
redhat enterprise_linux 3.0
mozilla thunderbird 0.7.3
CVE-2004-0903 HIGH

Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
suse suse_linux 8
redhat fedora_core core_1.0
mozilla thunderbird 0.7
suse suse_linux 8.2
mozilla thunderbird 0.7.2
mozilla thunderbird 0.7.1
mozilla mozilla 1.7
suse suse_linux 8.1
redhat linux 9.0
redhat enterprise_linux 2.1
suse suse_linux 1.0
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
mozilla mozilla 1.7.1
redhat enterprise_linux_desktop 3.0
redhat linux 7.3
conectiva linux 9.0
mozilla mozilla 1.7.2
suse suse_linux 9.1
redhat enterprise_linux 3.0
mozilla thunderbird 0.7.3
CVE-2004-0904 HIGH

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat fedora_core core_1.0
mozilla thunderbird 0.7
mozilla firefox 0.9
mozilla thunderbird 0.7.2
mozilla firefox 0.9.3
netscape navigator 7.0.2
mozilla firefox 0.9.1
mozilla mozilla 1.7
netscape navigator 7.2
redhat enterprise_linux 2.1
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
mozilla firefox 0.9.2
mozilla mozilla 1.7.1
redhat enterprise_linux_desktop 3.0
redhat linux 7.3
conectiva linux 9.0
mozilla mozilla 1.7.2
mozilla thunderbird 0.7.3
mozilla thunderbird 0.6
netscape navigator 7.0
mozilla firefox 0.8
mozilla thunderbird 0.7.1
netscape navigator 7.1
redhat linux 9.0
redhat enterprise_linux 3.0
CVE-2004-0905 MEDIUM

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8
redhat fedora_core core_1.0
mozilla firefox 0.9
mozilla mozilla 1.2
mozilla firefox 0.9.3
mozilla mozilla 1.4.2
netscape navigator 7.0.2
mozilla firefox 0.9.1
mozilla mozilla 1.7
netscape navigator 7.2
suse suse_linux 8.1
redhat enterprise_linux 2.1
suse suse_linux 1.0
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
mozilla firefox 0.9.2
mozilla mozilla 1.7.1
redhat enterprise_linux_desktop 3.0
redhat linux 7.3
conectiva linux 9.0
mozilla mozilla 1.7.2
mozilla mozilla 1.5
suse suse_linux 9.0
mozilla mozilla 1.3.1
suse suse_linux 8.2
mozilla mozilla 1.4.1
netscape navigator 7.0
mozilla firefox 0.8
mozilla mozilla 1.2.1
mozilla mozilla 1.0
mozilla mozilla 1.4
netscape navigator 7.1
mozilla mozilla 1.0.1
mozilla mozilla 1.1
redhat linux 9.0
mozilla mozilla 1.6
mozilla mozilla 1.3
mozilla mozilla 1.0.2
suse suse_linux 9.1
redhat enterprise_linux 3.0
CVE-2004-0930 MEDIUM

The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sgi samba 3.0
sgi samba 3.0.1
gentoo linux *
sgi samba 3.0.5
samba samba 3.0.0
redhat fedora_core core_2.0
sgi samba 3.0.3
sgi samba 3.0.2
samba samba 3.0.5
redhat fedora_core core_3.0
sgi samba 3.0.6
redhat enterprise_linux 2.1
sgi samba 3.0.7
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
samba samba 3.0.6
redhat enterprise_linux_desktop 3.0
samba samba 3.0.3
samba samba 3.0.7
sgi samba 3.0.4
redhat enterprise_linux 3.0
samba samba 3.0.4
CVE-2004-1011 HIGH

Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
carnegie_mellon_university cyrus_imap_server 2.2.4
carnegie_mellon_university cyrus_imap_server 2.2.6
carnegie_mellon_university cyrus_imap_server 2.2.7
trustix secure_linux 2.2
carnegie_mellon_university cyrus_imap_server 2.2.8
trustix secure_linux 2.1
trustix secure_linux 2.0
ubuntu ubuntu_linux 4.1
openpkg openpkg current
carnegie_mellon_university cyrus_imap_server 2.2.0_alpha
redhat fedora_core core_2.0
redhat fedora_core core_3.0
conectiva linux 10.0
carnegie_mellon_university cyrus_imap_server 2.2.1_beta
carnegie_mellon_university cyrus_imap_server 2.2.3
carnegie_mellon_university cyrus_imap_server 2.2.5
carnegie_mellon_university cyrus_imap_server 2.1.7
conectiva linux 9.0
carnegie_mellon_university cyrus_imap_server 2.2.2_beta
carnegie_mellon_university cyrus_imap_server 2.1.10
carnegie_mellon_university cyrus_imap_server 2.1.9
carnegie_mellon_university cyrus_imap_server 2.1.16
CVE-2004-1012 HIGH

The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
carnegie_mellon_university cyrus_imap_server 2.2.4
carnegie_mellon_university cyrus_imap_server 2.2.6
carnegie_mellon_university cyrus_imap_server 2.2.7
trustix secure_linux 2.2
carnegie_mellon_university cyrus_imap_server 2.2.8
trustix secure_linux 2.1
trustix secure_linux 2.0
ubuntu ubuntu_linux 4.1
openpkg openpkg current
carnegie_mellon_university cyrus_imap_server 2.2.0_alpha
redhat fedora_core core_2.0
redhat fedora_core core_3.0
conectiva linux 10.0
carnegie_mellon_university cyrus_imap_server 2.2.1_beta
carnegie_mellon_university cyrus_imap_server 2.2.3
carnegie_mellon_university cyrus_imap_server 2.2.5
carnegie_mellon_university cyrus_imap_server 2.1.7
conectiva linux 9.0
carnegie_mellon_university cyrus_imap_server 2.2.2_beta
carnegie_mellon_university cyrus_imap_server 2.1.10
carnegie_mellon_university cyrus_imap_server 2.1.9
carnegie_mellon_university cyrus_imap_server 2.1.16
CVE-2004-1013 HIGH

The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
carnegie_mellon_university cyrus_imap_server 2.2.4
carnegie_mellon_university cyrus_imap_server 2.2.6
carnegie_mellon_university cyrus_imap_server 2.2.7
trustix secure_linux 2.2
carnegie_mellon_university cyrus_imap_server 2.2.8
trustix secure_linux 2.1
trustix secure_linux 2.0
ubuntu ubuntu_linux 4.1
openpkg openpkg current
carnegie_mellon_university cyrus_imap_server 2.2.0_alpha
redhat fedora_core core_2.0
redhat fedora_core core_3.0
conectiva linux 10.0
carnegie_mellon_university cyrus_imap_server 2.2.1_beta
carnegie_mellon_university cyrus_imap_server 2.2.3
carnegie_mellon_university cyrus_imap_server 2.2.5
carnegie_mellon_university cyrus_imap_server 2.1.7
conectiva linux 9.0
carnegie_mellon_university cyrus_imap_server 2.2.2_beta
carnegie_mellon_university cyrus_imap_server 2.1.10
carnegie_mellon_university cyrus_imap_server 2.1.9
carnegie_mellon_university cyrus_imap_server 2.1.16
CVE-2004-1029 HIGH

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
sun jdk 1.4.2
hp java_sdk-rte 1.4
sun jre 1.4.2
sun jdk 1.4.0_4
sun jdk 1.4
sun jre 1.3.1_03
sun jdk 1.3.1_04
sun jre 1.3.1_02
conectiva linux 10.0
sun jre 1.4.0_03
sun jdk 1.3.1_07
sun jre 1.3.1_07
sun jre 1.3.1_09
sun jre 1.4.0_02
symantec gateway_security_5400 2.0.1
sun jdk 1.4.1
sun jdk 1.4.2_02
sun jdk 1.3.1_05
sun jdk 1.4.2_05
hp hp-ux 11.22
sun jre 1.3.0
sun jdk 1.3.1_06
sun jdk 1.4.2_01
sun jdk 1.4.2_03
sun jdk 1.4.1_01
sun jdk 1.3.1_03
sun jre 1.4.0_01
symantec gateway_security_5400 2.0
sun jdk 1.4.1_02
sun jre 1.4.1_02
hp hp-ux 11.11
hp java_sdk-rte 1.3
sun jre 1.4.1_01
sun jre 1.3.1_05
sun jre 1.3.1_06
sun jdk 1.4.0_01
hp hp-ux 11.23
sun jdk 1.4.0_03
sun jdk 1.3.1_02
sun jre 1.4.1
sun jre 1.3.1
sun jdk 1.3.1_01
gentoo linux *
sun jdk 1.3.1_01a
sun jre 1.4.0_04
sun jre 1.4
sun jdk 1.4.0_02
symantec enterprise_firewall 8.0
hp hp-ux 11.00
sun jdk 1.4.1_03
sun jdk 1.4.2_04
sun jre 1.4.1_07
CVE-2004-1139 MEDIUM

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.4
suse suse_linux 8.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.3
redhat enterprise_linux 2.1
ethereal_group ethereal 0.10.7
debian debian_linux 3.0
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
redhat enterprise_linux_desktop 3.0
ethereal_group ethereal 0.9.11
conectiva linux 9.0
altlinux alt_linux 2.3
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.3
suse suse_linux 9.2
sgi propack 3.0
suse suse_linux 9.0
suse suse_linux 8.0
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.9
suse suse_linux 8.2
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9
suse suse_linux 9.1
redhat enterprise_linux 3.0
CVE-2004-1142 MEDIUM

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.4
suse suse_linux 8.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.3
redhat enterprise_linux 2.1
ethereal_group ethereal 0.10.7
debian debian_linux 3.0
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
redhat enterprise_linux_desktop 3.0
ethereal_group ethereal 0.9.11
conectiva linux 9.0
altlinux alt_linux 2.3
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.3
suse suse_linux 9.2
sgi propack 3.0
suse suse_linux 9.0
suse suse_linux 8.0
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.9
suse suse_linux 8.2
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9
suse suse_linux 9.1
redhat enterprise_linux 3.0
CVE-2004-1145 MEDIUM

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.8
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.4
suse suse_linux 8.1
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.3
redhat enterprise_linux 2.1
ethereal_group ethereal 0.10.7
debian debian_linux 3.0
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
redhat enterprise_linux_desktop 3.0
ethereal_group ethereal 0.9.11
conectiva linux 9.0
altlinux alt_linux 2.3
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.3
suse suse_linux 9.2
sgi propack 3.0
suse suse_linux 9.0
suse suse_linux 8.0
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9.6
ethereal_group ethereal 0.9.9
suse suse_linux 8.2
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.2
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9
suse suse_linux 9.1
redhat enterprise_linux 3.0
CVE-2004-1235 MEDIUM

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.19
linux linux_kernel 2.4.27
redhat fedora_core core_1.0
linux linux_kernel 2.4.5
linux linux_kernel 2.4.21
avaya s8500 r2.0.0
linux linux_kernel 2.4.8
linux linux_kernel 2.4.15
linux linux_kernel 2.4.10
linux linux_kernel 2.4.11
redhat fedora_core core_2.0
mandrakesoft mandrake_multi_network_firewall 8.2
suse suse_linux 8.1
linux linux_kernel 2.4.1
linux linux_kernel 2.4.20
linux linux_kernel 2.4.26
linux linux_kernel 2.6.9
suse suse_linux 1.0
conectiva linux 10.0
linux linux_kernel 2.4.18
avaya intuity_audix *
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.4.4
avaya converged_communications_server 2.0
linux linux_kernel 2.6.0
linux linux_kernel 2.4.7
suse suse_linux 8.2
avaya modular_messaging_message_storage_server 1.1
linux linux_kernel 2.4.24
linux linux_kernel 2.4.2
linux linux_kernel 2.4.25
linux linux_kernel 2.4.9
linux linux_kernel 2.4.16
avaya s8300 r2.0.0
linux linux_kernel 2.4.13
linux linux_kernel 2.6.4
linux linux_kernel 2.4.28
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.1
linux linux_kernel 2.4.3
linux linux_kernel 2.4.23
suse suse_linux 8
redhat enterprise_linux_desktop 4.0
linux linux_kernel 2.4.12
linux linux_kernel 2.4.24_ow1
avaya s8700 r2.0.1
avaya mn100 *
redhat enterprise_linux 4.0
mandrakesoft mandrake_linux 10.0
linux linux_kernel 2.4.14
linux linux_kernel 2.6.3
linux linux_kernel 2.6.6
linux linux_kernel 2.6.7
avaya s8700 r2.0.0
linux linux_kernel 2.4.22
redhat fedora_core core_3.0
mandrakesoft mandrake_linux 9.2
linux linux_kernel 2.4.6
redhat enterprise_linux_desktop 3.0
avaya s8300 r2.0.1
redhat linux 7.3
linux linux_kernel 2.6_test9_cvs
avaya modular_messaging_message_storage_server 2.0
linux linux_kernel 2.6.5
suse suse_linux 9.2
suse suse_linux 9.0
linux linux_kernel 2.4.0
linux linux_kernel 2.6.1
avaya s8710 r2.0.0
mandrakesoft mandrake_linux_corporate_server 3.0
mandrakesoft mandrake_linux_corporate_server 2.1
linux linux_kernel 2.4.17
linux linux_kernel 2.6.10
avaya s8710 r2.0.1
ubuntu ubuntu_linux 4.1
linux linux_kernel 2.6.2
redhat linux 9.0
linux linux_kernel 2.4.29
linux linux_kernel 2.6.8
avaya s8500 r2.0.1
redhat enterprise_linux 3.0
avaya network_routing *
CVE-2004-1307 HIGH

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
libtiff libtiff 3.4
apple mac_os_x_server 10.3.6
apple mac_os_x_server 10.3.7
sun sunos 5.8
sun solaris 8.0
apple mac_os_x_server 10.3.4
sco unixware 7.1.4
libtiff libtiff 3.6.1
apple mac_os_x 10.3.4
f5 icontrol_service_manager 1.3.4
sun sunos 5.7
conectiva linux 10.0
apple mac_os_x 10.3.9
avaya intuity_audix_lx *
conectiva linux 9.0
avaya interactive_response 1.3
sun solaris 10.0
libtiff libtiff 3.5.5
libtiff libtiff 3.5.2
f5 icontrol_service_manager 1.3.5
sun solaris 9.0
avaya modular_messaging_message_storage_server 1.1
f5 icontrol_service_manager 1.3.6
f5 icontrol_service_manager 1.3
avaya cvlan *
libtiff libtiff 3.5.1
apple mac_os_x_server 10.3.3
avaya interactive_response *
sun solaris 7.0
apple mac_os_x_server 10.3.8
mandrakesoft mandrake_linux 10.1
apple mac_os_x_server 10.3.9
apple mac_os_x 10.3.7
apple mac_os_x_server 10.3
avaya call_management_system_server 11.0
apple mac_os_x_server 10.3.5
apple mac_os_x 10.3
apple mac_os_x 10.3.8
apple mac_os_x_server 10.3.2
avaya mn100 *
apple mac_os_x 10.3.2
mandrakesoft mandrake_linux 10.0
apple mac_os_x 10.3.5
avaya call_management_system_server 9.0
apple mac_os_x 10.3.6
apple mac_os_x 10.3.3
avaya interactive_response 1.2.1
libtiff libtiff 3.6.0
avaya modular_messaging_message_storage_server 2.0
sgi propack 3.0
apple mac_os_x_server 10.3.1
avaya call_management_system_server 12.0
libtiff libtiff 3.5.3
avaya call_management_system_server 13.0
libtiff libtiff 3.5.4
avaya integrated_management *
gentoo linux *
mandrakesoft mandrake_linux_corporate_server 3.0
libtiff libtiff 3.7.0
apple mac_os_x 10.3.1
avaya call_management_system_server 8.0
libtiff libtiff 3.5.7
CVE-2004-1337 HIGH

The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gnu realtime_linux_security_module 0.8.7
conectiva linux 10.0
ubuntu ubuntu_linux 4.1
CVE-2005-0207 LOW

Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.5.23
linux linux_kernel 2.4.21
linux linux_kernel 2.4.8
linux linux_kernel 2.5.66
linux linux_kernel 2.5.4
linux linux_kernel 2.5.15
linux linux_kernel 2.5.27
linux linux_kernel 2.5.16
linux linux_kernel 2.5.52
linux linux_kernel 2.4.11
linux linux_kernel 2.5.53
linux linux_kernel 2.5.12
linux linux_kernel 2.4.1
suse suse_linux 1.0
conectiva linux 10.0
linux linux_kernel 2.5.35
linux linux_kernel 2.4.18
linux linux_kernel 2.5.42
linux linux_kernel 2.6.0
linux linux_kernel 2.4.7
linux linux_kernel 2.4.24
linux linux_kernel 2.5.21
linux linux_kernel 2.5.11
linux linux_kernel 2.5.22
linux linux_kernel 2.5.69
linux linux_kernel 2.4.2
linux linux_kernel 2.4.25
linux linux_kernel 2.5.30
linux linux_kernel 2.4.9
linux linux_kernel 2.4.28
linux linux_kernel 2.5.40
linux linux_kernel 2.5.26
suse suse_linux 8
linux linux_kernel 2.5.8
linux linux_kernel 2.4.14
linux linux_kernel 2.5.6
linux linux_kernel 2.5.9
linux linux_kernel 2.5.32
linux linux_kernel 2.6.3
linux linux_kernel 2.5.59
linux linux_kernel 2.6.6
linux linux_kernel 2.5.56
linux linux_kernel 2.4.22
linux linux_kernel 2.5.0
linux linux_kernel 2.5.24
linux linux_kernel 2.6_test9_cvs
linux linux_kernel 2.5.39
linux linux_kernel 2.5.54
suse suse_linux 9.2
suse suse_linux 9.0
linux linux_kernel 2.5.7
linux linux_kernel 2.5.29
linux linux_kernel 2.5.55
linux linux_kernel 2.4.17
linux linux_kernel 2.5.33
linux linux_kernel 2.5.47
linux linux_kernel 2.5.57
linux linux_kernel 2.5.18
linux linux_kernel 2.6.8
linux linux_kernel 2.5.48
linux linux_kernel 2.4.19
linux linux_kernel 2.4.27
linux linux_kernel 2.4.5
linux linux_kernel 2.5.38
linux linux_kernel 2.5.49
linux linux_kernel 2.4.15
linux linux_kernel 2.5.60
linux linux_kernel 2.4.10
suse suse_linux 8.1
linux linux_kernel 2.4.20
linux linux_kernel 2.4.26
linux linux_kernel 2.6.9
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.4.4
linux linux_kernel 2.5.36
linux linux_kernel 2.5.20
suse suse_linux 8.2
linux linux_kernel 2.5.58
linux linux_kernel 2.5.1
linux linux_kernel 2.4.16
linux linux_kernel 2.4.13
linux linux_kernel 2.5.5
linux linux_kernel 2.6.4
linux linux_kernel 2.5.14
linux linux_kernel 2.5.45
linux linux_kernel 2.5.13
linux linux_kernel 2.5.25
suse suse_linux 9.1
linux linux_kernel 2.4.3
linux linux_kernel 2.4.23
linux linux_kernel 2.5.63
linux linux_kernel 2.5.64
linux linux_kernel 2.5.50
redhat enterprise_linux_desktop 4.0
linux linux_kernel 2.4.12
linux linux_kernel 2.4.24_ow1
redhat enterprise_linux 4.0
linux linux_kernel 2.5.2
linux linux_kernel 2.5.3
linux linux_kernel 2.5.51
linux linux_kernel 2.5.28
linux linux_kernel 2.5.31
linux linux_kernel 2.6.7
linux linux_kernel 2.5.10
linux linux_kernel 2.5.17
linux linux_kernel 2.5.65
linux linux_kernel 2.4.6
linux linux_kernel 2.5.37
linux linux_kernel 2.6.5
linux linux_kernel 2.5.67
linux linux_kernel 2.4.0
linux linux_kernel 2.5.61
linux linux_kernel 2.6.1
linux linux_kernel 2.5.46
linux linux_kernel 2.5.19
linux linux_kernel 2.5.44
linux linux_kernel 2.5.41
linux linux_kernel 2.6.10
linux linux_kernel 2.5.34
linux linux_kernel 2.6.2
linux linux_kernel 2.4.29
linux linux_kernel 2.5.62
linux linux_kernel 2.5.43
linux linux_kernel 2.5.68
CVE-2005-0373 HIGH

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
apple mac_os_x 10.2.8
apple mac_os_x_server 10.1.5
apple mac_os_x_server 10.3.6
redhat fedora_core core_1.0
apple mac_os_x_server 10.3.7
apple mac_os_x 10.2
apple mac_os_x_server 10.3.4
apple mac_os_x_server 10.2.8
apple mac_os_x 10.2.1
apple mac_os_x 10.3.4
apple mac_os_x 10.0.2
apple mac_os_x_server 10.1.2
apple mac_os_x_server 10.2.6
cyrus sasl 2.1.12
openpkg openpkg 2.2
suse suse_linux 8.1
suse suse_linux 1.0
conectiva linux 10.0
apple mac_os_x 10.0.3
conectiva linux 9.0
apple mac_os_x 10.2.3
apple mac_os_x_server 10.1.1
apple mac_os_x_server 10.2.5
suse suse_linux 8.2
cyrus sasl 2.1.11
apple mac_os_x 10.2.5
cyrus sasl 1.5.28
apple mac_os_x_server 10.3.3
suse suse_cvsup 16.1h_36.i586
apple mac_os_x 10.1.1
apple mac_os_x 10.2.6
apple mac_os_x 10.1.4
apple mac_os_x_server 10.2
apple mac_os_x_server 10.3.8
apple mac_os_x 10.3.7
apple mac_os_x 10.0.1
suse suse_linux 9.1
apple mac_os_x_server 10.3
cyrus sasl 2.1.18_r1
apple mac_os_x_server 10.3.5
apple mac_os_x 10.2.2
apple mac_os_x 10.3
apple mac_os_x 10.3.8
cyrus sasl 2.1.15
apple mac_os_x_server 10.1.4
apple mac_os_x_server 10.3.2
apple mac_os_x 10.2.7
apple mac_os_x_server 10.2.1
apple mac_os_x 10.3.2
apple mac_os_x 10.3.5
apple mac_os_x_server 10.2.2
apple mac_os_x_server 10.2.3
apple mac_os_x 10.3.6
apple mac_os_x 10.3.3
cyrus sasl 2.1.13
apple mac_os_x 10.0
cyrus sasl 2.1.18
apple mac_os_x 10.1
openpkg openpkg 2.1
cyrus sasl 2.1.14
suse suse_linux 9.2
apple mac_os_x 10.1.2
suse suse_linux 9.0
suse suse_linux 8.0
apple mac_os_x_server 10.3.1
apple mac_os_x 10.2.4
cyrus sasl 1.5.27
apple mac_os_x 10.1.3
apple mac_os_x_server 10.1.3
apple mac_os_x_server 10.2.4
apple mac_os_x 10.1.5
cyrus sasl 2.1.17
cyrus sasl 2.1.9
apple mac_os_x 10.3.1
cyrus sasl 2.1.16
cyrus sasl 1.5.24
cyrus sasl 2.1.10
apple mac_os_x 10.0.4
apple mac_os_x_server 10.0
apple mac_os_x_server 10.2.7
apple mac_os_x_server 10.1
CVE-2005-0699 HIGH

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.10.9
redhat enterprise_linux_desktop 4.0
redhat enterprise_linux 4.0
altlinux alt_linux compact_2.3
altlinux alt_linux junior_2.3
ethereal_group ethereal 0.10.5
ethereal_group ethereal 0.10.6
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.3
redhat enterprise_linux 2.1
ethereal_group ethereal 0.10.7
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
redhat enterprise_linux_desktop 3.0
conectiva linux 9.0
ethereal_group ethereal 0.10.8
redhat enterprise_linux 3.0
CVE-2005-0736 LOW

Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.6.0
redhat enterprise_linux_desktop 4.0
linux linux_kernel 2.6.1
redhat enterprise_linux 4.0
linux linux_kernel 2.6.10
linux linux_kernel 2.6.3
linux linux_kernel 2.6.6
redhat fedora_core core_2.0
linux linux_kernel 2.6.7
linux linux_kernel 2.6.2
redhat fedora_core core_3.0
linux linux_kernel 2.6.4
linux linux_kernel 2.6.9
conectiva linux 10.0
linux linux_kernel 2.6.8
linux linux_kernel 2.6.5
linux linux_kernel 2.6.11
CVE-2005-0750 HIGH

The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.19
linux linux_kernel 2.4.27
redhat fedora_core core_1.0
redhat enterprise_linux_desktop 4.0
linux linux_kernel 2.4.12
linux linux_kernel 2.4.21
redhat enterprise_linux 4.0
linux linux_kernel 2.4.8
linux linux_kernel 2.4.14
suse suse_linux 9.3
linux linux_kernel 2.4.15
linux linux_kernel 2.6.3
linux linux_kernel 2.4.10
linux linux_kernel 2.4.11
linux linux_kernel 2.6.6
redhat fedora_core core_2.0
linux linux_kernel 2.6.7
linux linux_kernel 2.4.22
redhat fedora_core core_3.0
linux linux_kernel 2.4.20
linux linux_kernel 2.4.26
linux linux_kernel 2.6.9
suse suse_linux 1.0
conectiva linux 10.0
linux linux_kernel 2.4.6
linux linux_kernel 2.4.18
redhat linux 7.3
linux linux_kernel 2.6.5
linux linux_kernel 2.6.11
linux linux_kernel 2.6.0
linux linux_kernel 2.4.7
linux linux_kernel 2.6.1
linux linux_kernel 2.4.24
linux linux_kernel 2.4.17
linux linux_kernel 2.6.10
linux linux_kernel 2.4.25
ubuntu ubuntu_linux 4.1
linux linux_kernel 2.4.9
linux linux_kernel 2.6.2
linux linux_kernel 2.4.16
redhat linux 9.0
linux linux_kernel 2.4.13
linux linux_kernel 2.4.29
linux linux_kernel 2.6.4
linux linux_kernel 2.4.28
linux linux_kernel 2.6.8
linux linux_kernel 2.4.23
CVE-2005-0754 HIGH

Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde kde 3.2.3
kde kde 3.3.2
kde kde 3.2.2
gentoo linux *
kde kde 3.2
kde quanta 3.1
ubuntu ubuntu_linux 4.1
kde kde 3.3
redhat fedora_core core_3.0
kde kde 3.4
conectiva linux 10.0
kde kde 3.3.1
ubuntu ubuntu_linux 5.04
conectiva linux 9.0
kde kde 3.2.1
CVE-2005-1043 MEDIUM

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
php php 4.3.6
suse suse_linux 6.3
suse suse_linux 6.4
suse suse_linux 5.1
suse suse_linux 4.4.1
apple mac_os_x 10.4.1
suse suse_linux 5.2
suse suse_linux 8.1
suse suse_linux 6.2
php php 4.3.0
suse suse_linux 1.0
php php 4.3.2
conectiva linux 10.0
apple mac_os_x 10.3.9
conectiva linux 9.0
suse suse_linux 7.3
suse suse_linux 8.2
php php 4.3.9
peachtree peachtree_linux release_1
suse suse_linux 2.0
apple mac_os_x_server 10.3.9
suse suse_linux 6.0
suse suse_linux 9.1
php php 4.3.3
suse suse_linux 7.2
suse suse_linux 4.0
apple mac_os_x 10.4
suse suse_linux 4.2
suse suse_linux 9.3
suse suse_linux 5.0
php php 4.3.4
php php 4.3.7
suse suse_linux 4.3
php php 4.3.10
suse suse_linux 9.2
sgi propack 3.0
suse suse_linux 9.0
suse suse_linux 8.0
suse suse_linux 5.3
apple mac_os_x_server 10.4.1
php php 4.3.1
php php 4.3.8
suse suse_linux 4.4
apple mac_os_x_server 10.4
suse suse_linux 6.1
suse suse_linux 7.1
suse suse_linux 7.0
php php 4.3.5
suse suse_linux 3.0
CVE-2005-3624 MEDIUM

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
tetex tetex 3.0
redhat fedora_core core_1.0
slackware slackware_linux 9.0
slackware slackware_linux 10.0
kde koffice 1.4.1
trustix secure_linux 2.2
tetex tetex 2.0.1
sco openserver 6.0
tetex tetex 2.0.2
turbolinux turbolinux_server 10.0_x86
easy_software_products cups 1.1.23_rc1
turbolinux turbolinux_multimedia *
trustix secure_linux 2.0
redhat fedora_core core_2.0
kde kdegraphics 3.2
turbolinux turbolinux_workstation 8.0
mandrakesoft mandrake_linux 10.2
redhat enterprise_linux 2.1
suse suse_linux 1.0
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
ubuntu ubuntu_linux 5.04
easy_software_products cups 1.1.23
turbolinux turbolinux fuji
turbolinux turbolinux_home *
kde koffice 1.4
kde kpdf 3.4.3
suse suse_linux 10.0
turbolinux turbolinux_server 8.0
mandrakesoft mandrake_linux 10.1
tetex tetex 1.0.7
tetex tetex 2.0
slackware slackware_linux 10.1
trustix secure_linux 3.0
turbolinux turbolinux_personal *
suse suse_linux 9.1
turbolinux turbolinux 10
turbolinux turbolinux_desktop 10.0
redhat enterprise_linux_desktop 4.0
kde koffice 1.4.2
redhat enterprise_linux 4.0
redhat fedora_core core_4.0
suse suse_linux 9.3
kde kword 1.4.2
debian debian_linux 3.1
mandrakesoft mandrake_linux 2006
slackware slackware_linux 10.2
redhat fedora_core core_3.0
debian debian_linux 3.0
redhat enterprise_linux_desktop 3.0
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
poppler poppler 0.4.2
redhat linux 7.3
slackware slackware_linux 9.1
easy_software_products cups 1.1.22
kde kdegraphics 3.4.3
libextractor libextractor *
suse suse_linux 9.2
sgi propack 3.0
suse suse_linux 9.0
xpdf xpdf 3.0
kde kpdf 3.2
gentoo linux *
mandrakesoft mandrake_linux_corporate_server 3.0
mandrakesoft mandrake_linux_corporate_server 2.1
ubuntu ubuntu_linux 4.1
redhat linux 9.0
ubuntu ubuntu_linux 5.10
sco openserver 5.0.7
turbolinux turbolinux_server 10.0
easy_software_products cups 1.1.22_rc1
redhat enterprise_linux 3.0
turbolinux turbolinux_appliance_server 1.0_hosting_edition
CVE-2005-3625 HIGH

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
tetex tetex 3.0
redhat fedora_core core_1.0
slackware slackware_linux 9.0
slackware slackware_linux 10.0
kde koffice 1.4.1
trustix secure_linux 2.2
tetex tetex 2.0.1
sco openserver 6.0
tetex tetex 2.0.2
turbolinux turbolinux_server 10.0_x86
easy_software_products cups 1.1.23_rc1
turbolinux turbolinux_multimedia *
trustix secure_linux 2.0
redhat fedora_core core_2.0
kde kdegraphics 3.2
turbolinux turbolinux_workstation 8.0
mandrakesoft mandrake_linux 10.2
redhat enterprise_linux 2.1
suse suse_linux 1.0
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
ubuntu ubuntu_linux 5.04
easy_software_products cups 1.1.23
turbolinux turbolinux fuji
turbolinux turbolinux_home *
kde koffice 1.4
kde kpdf 3.4.3
suse suse_linux 10.0
turbolinux turbolinux_server 8.0
mandrakesoft mandrake_linux 10.1
tetex tetex 1.0.7
tetex tetex 2.0
slackware slackware_linux 10.1
trustix secure_linux 3.0
turbolinux turbolinux_personal *
suse suse_linux 9.1
turbolinux turbolinux 10
turbolinux turbolinux_desktop 10.0
redhat enterprise_linux_desktop 4.0
kde koffice 1.4.2
redhat enterprise_linux 4.0
redhat fedora_core core_4.0
suse suse_linux 9.3
kde kword 1.4.2
debian debian_linux 3.1
mandrakesoft mandrake_linux 2006
slackware slackware_linux 10.2
redhat fedora_core core_3.0
debian debian_linux 3.0
redhat enterprise_linux_desktop 3.0
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
poppler poppler 0.4.2
redhat linux 7.3
slackware slackware_linux 9.1
easy_software_products cups 1.1.22
kde kdegraphics 3.4.3
libextractor libextractor *
suse suse_linux 9.2
sgi propack 3.0
suse suse_linux 9.0
xpdf xpdf 3.0
kde kpdf 3.2
gentoo linux *
mandrakesoft mandrake_linux_corporate_server 3.0
mandrakesoft mandrake_linux_corporate_server 2.1
ubuntu ubuntu_linux 4.1
redhat linux 9.0
ubuntu ubuntu_linux 5.10
sco openserver 5.0.7
turbolinux turbolinux_server 10.0
easy_software_products cups 1.1.22_rc1
redhat enterprise_linux 3.0
turbolinux turbolinux_appliance_server 1.0_hosting_edition
CVE-2005-3626 MEDIUM

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
tetex tetex 3.0
redhat fedora_core core_1.0
slackware slackware_linux 9.0
slackware slackware_linux 10.0
kde koffice 1.4.1
trustix secure_linux 2.2
tetex tetex 2.0.1
sco openserver 6.0
tetex tetex 2.0.2
turbolinux turbolinux_server 10.0_x86
easy_software_products cups 1.1.23_rc1
turbolinux turbolinux_multimedia *
trustix secure_linux 2.0
redhat fedora_core core_2.0
kde kdegraphics 3.2
turbolinux turbolinux_workstation 8.0
mandrakesoft mandrake_linux 10.2
redhat enterprise_linux 2.1
suse suse_linux 1.0
conectiva linux 10.0
redhat linux_advanced_workstation 2.1
ubuntu ubuntu_linux 5.04
easy_software_products cups 1.1.23
turbolinux turbolinux fuji
turbolinux turbolinux_home *
kde koffice 1.4
kde kpdf 3.4.3
suse suse_linux 10.0
turbolinux turbolinux_server 8.0
mandrakesoft mandrake_linux 10.1
tetex tetex 1.0.7
tetex tetex 2.0
slackware slackware_linux 10.1
trustix secure_linux 3.0
turbolinux turbolinux_personal *
suse suse_linux 9.1
turbolinux turbolinux 10
turbolinux turbolinux_desktop 10.0
redhat enterprise_linux_desktop 4.0
kde koffice 1.4.2
redhat enterprise_linux 4.0
redhat fedora_core core_4.0
suse suse_linux 9.3
kde kword 1.4.2
debian debian_linux 3.1
mandrakesoft mandrake_linux 2006
slackware slackware_linux 10.2
redhat fedora_core core_3.0
debian debian_linux 3.0
redhat enterprise_linux_desktop 3.0
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
poppler poppler 0.4.2
redhat linux 7.3
slackware slackware_linux 9.1
easy_software_products cups 1.1.22
kde kdegraphics 3.4.3
libextractor libextractor *
suse suse_linux 9.2
sgi propack 3.0
suse suse_linux 9.0
xpdf xpdf 3.0
kde kpdf 3.2
gentoo linux *
mandrakesoft mandrake_linux_corporate_server 3.0
mandrakesoft mandrake_linux_corporate_server 2.1
ubuntu ubuntu_linux 4.1
redhat linux 9.0
ubuntu ubuntu_linux 5.10
sco openserver 5.0.7
turbolinux turbolinux_server 10.0
easy_software_products cups 1.1.22_rc1
redhat enterprise_linux 3.0
turbolinux turbolinux_appliance_server 1.0_hosting_edition