MidnightBSD

Advisories for mandrakesoft

CVE-1999-1008 HIGH

xsoldier program allows local users to gain root access via a long argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 3.3
mandrakesoft mandrake_linux 7.0
CVE-1999-1477 HIGH

Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
gnome gnome_libs 1.0.8
mandrakesoft mandrake_linux 6.0
CVE-1999-1572 LOW

cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 2.1.0
ubuntu ubuntu_linux 4.10
debian debian_linux 3.0
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 9.2
redhat enterprise_linux_desktop 4.0
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux cs2.1
mandrakesoft mandrake_linux cs3.0
redhat enterprise_linux 4.0
CVE-2000-0052 HIGH

Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.1
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
turbolinux turbolinux 4.2
turbolinux turbolinux 6.0.2
turbolinux turbolinux 4.4
turbolinux turbolinux 3.5b2
redhat linux 6.0
CVE-2000-0184 LOW

Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.1
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
CVE-2000-0186 HIGH

Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.1
mandrakesoft mandrake_linux 6.1
redhat linux 5.1
turbolinux turbolinux 4.2
turbolinux turbolinux 6.0.2
turbolinux turbolinux 4.4
redhat linux 5.2
redhat linux 6.0
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
freebsd freebsd 3.4
CVE-2000-0336 LOW

Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
openldap openldap 1.2.10
redhat linux 6.1
mandrakesoft mandrake_linux 6.1
turbolinux turbolinux 4.2
turbolinux turbolinux 6.0.2
turbolinux turbolinux 4.4
openldap openldap 1.2.7
openldap openldap 1.2.9
openldap openldap 1.2.8
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
CVE-2000-0454 HIGH

Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 7.0
CVE-2000-0508 MEDIUM

rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
debian debian_linux 2.2
redhat linux 6.1
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
debian debian_linux 2.1
redhat linux 6.0
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
CVE-2000-0566 HIGH

makewhatis in Linux man package allows local users to overwrite files via a symlink attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.1
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
redhat linux 5.2
redhat linux 6.0
caldera openlinux 2.3
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
caldera openlinux 2.4
CVE-2000-0594 MEDIUM

BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service via an invite to a channel whose name includes special formatting characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
caldera openlinux_desktop 2.3
caldera openlinux_ebuilder 2.3
caldera openlinux_edesktop 2.4
mandrakesoft mandrake_linux 2007
freebsd freebsd 4.0
caldera openlinux_eserver 2.3
freebsd freebsd 3.5
CVE-2000-0606 HIGH

Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 5.1
redhat linux 5.0
debian debian_linux 2.1
debian debian_linux 2.2
redhat linux 6.1
debian debian_linux 2.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
debian debian_linux 2.3
redhat linux 5.2
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
CVE-2000-0607 HIGH

Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 5.1
redhat linux 5.0
debian debian_linux 2.1
debian debian_linux 2.2
redhat linux 6.1
debian debian_linux 2.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
debian debian_linux 2.3
redhat linux 5.2
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
CVE-2000-0633 LOW

Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.1
conectiva linux 4.0es
mandrakesoft mandrake_linux 7.1
conectiva linux 5.0
conectiva linux 4.0
redhat linux 6.2e
conectiva linux 4.1
redhat linux 6.0
redhat linux 6.2
conectiva linux 4.2
conectiva linux 5.1
CVE-2000-0718 LOW

A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.0
CVE-2000-0844 HIGH

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
sgi irix 6.2
sgi irix 6.5
conectiva linux 5.0
conectiva linux 4.0
caldera openlinux *
sgi irix 6.5.8
sgi irix 6.5.3f
ibm aix 4.1.4
ibm aix 4.3.1
sun solaris 2.6
sun sunos 5.2
sgi irix 6.5.3
turbolinux turbolinux 6.0
debian debian_linux 2.0
sgi irix 6.5.3m
sgi irix 6.5.4
mandrakesoft mandrake_linux 7.1
ibm aix 4.2.1
ibm aix 3.2.5
sgi irix 6.5.7
redhat linux 6.0
immunix immunix 6.2
redhat linux 6.2
turbolinux turbolinux 6.0.4
sun sunos 5.5.1
trustix secure_linux 1.1
suse suse_linux 7.0
sgi irix 6.3
turbolinux turbolinux 6.0.3
suse suse_linux 6.4
ibm aix 4.1.3
ibm aix 4.2
ibm aix 4.3
sun sunos 5.4
turbolinux turbolinux 6.0.1
sun sunos 5.1
debian debian_linux 2.3
sgi irix 6.5.6
ibm aix 4.1
sun sunos 5.5
ibm aix 4.1.2
redhat linux 5.2
suse suse_linux 6.1
conectiva linux 5.1
ibm aix 3.2
slackware slackware_linux 7.0
trustix secure_linux 1.0
caldera openlinux_eserver 2.3
ibm aix 4.1.5
redhat linux 6.1
sun sunos 5.7
slackware slackware_linux 7.1
suse suse_linux 6.3
mandrakesoft mandrake_linux 7.0
ibm aix 4.3.2
sgi irix 6.5.1
ibm aix 3.2.4
ibm aix 4.1.1
redhat linux 5.1
turbolinux turbolinux 6.0.2
redhat linux 5.0
debian debian_linux 2.1
conectiva linux 4.1
suse suse_linux 6.2
sgi irix 6.5.2m
debian debian_linux 2.2
sgi irix 6.4
conectiva linux 4.0es
sun sunos 5.8
sun sunos 5.0
sun sunos 5.3
ibm aix 4.0
conectiva linux 4.2
caldera openlinux_ebuilder 3.0
CVE-2000-0867 HIGH

Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
trustix secure_linux 1.1
debian debian_linux 2.2
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
slackware slackware_linux *
mandrakesoft mandrake_linux 7.1
debian debian_linux 2.1
redhat linux 5.2
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
CVE-2000-0883 MEDIUM

The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.0
CVE-2000-1042 HIGH

Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.0
CVE-2000-1043 HIGH

Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.0
CVE-2000-1059 HIGH

The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.0
CVE-2000-1095 HIGH

modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.0
immunix immunix 7.0_beta
mandrakesoft mandrake_linux 7.2
suse suse_linux 6.4
redhat linux 7.0
immunix immunix 6.2
conectiva linux 5.1
CVE-2000-1134 HIGH

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
caldera openlinux_edesktop 2.4
suse suse_linux 7.0
conectiva linux 5.0
conectiva linux 4.0
redhat linux 6.2e
caldera openlinux *
conectiva linux 4.1
caldera openlinux_eserver 2.3
redhat linux 6.1
mandrakesoft mandrake_linux 6.0
conectiva linux 4.0es
mandrakesoft mandrake_linux 6.1
hp hp-ux 11.11
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
redhat linux 5.2
redhat linux 6.0
immunix immunix 6.2
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
conectiva linux 4.2
conectiva linux 5.1
CVE-2001-0108 MEDIUM

PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
php php 4.0.1
php php 4.0
mandrakesoft mandrake_linux 7.2
php php 4.0.4
php php 4.0.3
CVE-2001-0116 LOW

gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
immunix immunix 7.0_beta
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
redhat linux 7.0
mandrakesoft mandrake_linux 7.0
CVE-2001-0117 LOW

sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
trustix secure_linux 1.1
immunix immunix 7.0_beta
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
trustix secure_linux 1.2
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
redhat linux 7.0
mandrakesoft mandrake_linux 7.0
CVE-2001-0118 LOW

rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
immunix immunix 7.0_beta
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
redhat linux 7.0
mandrakesoft mandrake_linux 7.0
CVE-2001-0119 LOW

getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
immunix immunix 7.0_beta
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
redhat linux 7.0
mandrakesoft mandrake_linux 7.0
CVE-2001-0120 LOW

useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
immunix immunix 7.0_beta
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
redhat linux 7.0
mandrakesoft mandrake_linux 7.0
CVE-2001-0125 LOW

exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
debian debian_linux 2.2
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
exmh exmh *
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
mandrakesoft mandrake_linux 7.0
CVE-2001-0128 HIGH

Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux_powertools 6.2
conectiva linux 5.0
zope zope *
freebsd freebsd 6.2
redhat linux_powertools 7.0
debian debian_linux 2.2
redhat linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
redhat linux_powertools 6.1
conectiva linux 6.0
redhat linux 7.0
redhat linux 6.2
conectiva linux 4.2
conectiva linux 5.1
CVE-2001-0136 MEDIUM

Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-401,

Products Affected

Vendor Product Version
debian debian_linux 2.2
conectiva linux *
proftpd proftpd 1.2.0
mandrakesoft mandrake_linux 7.2
CVE-2001-0138 LOW

privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
debian debian_linux 2.2
immunix immunix 7.0_beta
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
redhat linux 7.0
mandrakesoft mandrake_linux 7.0
CVE-2001-0139 LOW

inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
caldera openlinux_desktop 2.3
debian debian_linux 2.2
caldera openlinux_edesktop 2.4
immunix immunix 7.0_beta
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
caldera openlinux_eserver 2.3
redhat linux 7.0
mandrakesoft mandrake_linux 7.0
CVE-2001-0140 LOW

arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
immunix immunix 7.0_beta
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
redhat linux 7.0
mandrakesoft mandrake_linux 7.0
CVE-2001-0142 LOW

squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
trustix secure_linux 1.1
national_science_foundation squid_web_proxy 2.3_stable4
immunix immunix 7.0_beta
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
trustix secure_linux 1.2
mandrakesoft mandrake_linux 7.2
redhat linux 7.0
mandrakesoft mandrake_linux 7.0
CVE-2001-0169 LOW

When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
trustix secure_linux 1.1
trustix secure_linux 1.2
turbolinux turbolinux 6.1
redhat linux 6.1
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
redhat linux 6.0
turbolinux turbolinux *
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
CVE-2001-0178 LOW

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
caldera openlinux_edesktop 2.4
suse suse_linux 7.0
suse suse_linux 6.4
suse suse_linux 6.2
suse suse_linux 6.0
mandrakesoft mandrake_linux 6.1
suse suse_linux 6.3
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
conectiva linux 6.0
mandrakesoft mandrake_linux 7.0
suse suse_linux 6.1
CVE-2001-0279 HIGH

Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
debian debian_linux 2.2
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
CVE-2001-0388 HIGH

time server daemon timed allows remote attackers to cause a denial of service via malformed packets.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.0
suse suse_linux 6.4
suse suse_linux 6.2
freebsd freebsd *
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
suse suse_linux 6.3
mandrakesoft mandrake_linux 7.1
suse suse_linux 7.1
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux 7.0
suse suse_linux 6.1
CVE-2001-0416 LOW

sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
immunix immunix 7.0_beta
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
debian sgml-tools 1.0.9.15
immunix immunix 7.0
immunix immunix 6.2
CVE-2001-0439 HIGH

licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
licq licq *
conectiva linux 5.0
conectiva linux 4.0
conectiva linux 4.1
freebsd freebsd 4.2
freebsd freebsd 3.5.1
conectiva linux 4.0es
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
redhat linux 7.0
conectiva linux 4.2
CVE-2001-0440 HIGH

Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
licq licq *
conectiva linux 5.0
conectiva linux 4.0
conectiva linux 4.1
conectiva linux ecommerce
conectiva linux 4.0es
conectiva linux prg_graficos
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
conectiva linux 6.0
conectiva linux 4.2
conectiva linux 5.1
CVE-2001-0441 HIGH

Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
debian debian_linux *
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
redhat linux 7.0
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
CVE-2001-0458 HIGH

Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
debian debian_linux 2.2
ralf_s._engelschall eperl 2.2.12
suse suse_linux 7.0
ralf_s._engelschall eperl 2.2.13
suse suse_linux 6.3
mandrakesoft mandrake_linux 7.1
suse suse_linux 7.1
mandrakesoft mandrake_linux 7.2
suse suse_linux 6.4
CVE-2001-0473 HIGH

Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat linux 6.1
immunix immunix 7.0_beta
mandrakesoft mandrake_linux 6.0
mandrakesoft mandrake_linux 6.1
conectiva linux *
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
mutt mutt *
redhat linux 5.2
immunix immunix 7.0
redhat linux 6.0
redhat linux 7.0
immunix immunix 6.2
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
CVE-2001-0474 LOW

Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/glxmemory file.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
brian_paul mesa *
mandrakesoft mandrake_linux 7.2
CVE-2001-0481 HIGH

Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 8.0
CVE-2001-0496 MEDIUM

kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 2007
redhat linux 7.1
CVE-2001-0736 LOW

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 8.0
engardelinux secure_linux 1.0.1
university_of_washington pine *
immunix immunix 7.0_beta
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
redhat linux 5.2
immunix immunix 7.0
redhat linux 7.0
immunix immunix 6.2
redhat linux 6.2
CVE-2001-0912 HIGH

Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 8.1
CVE-2001-0977 MEDIUM

slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
openldap openldap 1.1
openldap openldap 2.0.7
openldap openldap 1.2
openldap openldap 1.2.6
openldap openldap 1.1.3
openldap openldap 2.0.3
openldap openldap 1.2.8
openldap openldap 2.0.2
openldap openldap 1.2.12
openldap openldap 2.0.5
openldap openldap 2.0.4
openldap openldap 1.2.7
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux_corporate_server 1.0.1
openldap openldap 1.0.1
mandrakesoft mandrake_single_network_firewall 7.2
redhat linux 7.0
redhat linux 6.2
openldap openldap 1.2.11
openldap openldap 2.0
openldap openldap 1.2.2
openldap openldap 1.2.3
mandrakesoft mandrake_linux 8.0
openldap openldap 1.0.2
openldap openldap 1.1.2
openldap openldap 1.1.1
debian debian_linux 2.2
openldap openldap 1.2.10
openldap openldap 2.0.6
openldap openldap 1.1.4
mandrakesoft mandrake_linux 7.2
openldap openldap 1.2.9
openldap openldap 1.0
openldap openldap 1.0.3
openldap openldap 1.2.1
openldap openldap 1.2.4
redhat linux 7.1
openldap openldap 1.2.5
openldap openldap 2.0.1
CVE-2001-1030 HIGH

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
trustix secure_linux 1.1
mandrakesoft mandrake_linux 8.0
trustix secure_linux 1.2
squid squid_web_proxy 2.3stable3
trustix secure_linux 1.01
immunix immunix 7.0_beta
squid squid_web_proxy 2.3stable4
caldera openlinux_server 3.1
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
immunix immunix 7.0
mandrakesoft mandrake_single_network_firewall 7.2
redhat linux 7.0
immunix immunix 6.2
CVE-2001-1190 MEDIUM

The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 8.1
CVE-2001-1385 MEDIUM

The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
php php 4.0.1
php php 4.0
mandrakesoft mandrake_linux 7.2
php php 4.0.4
php php 4.0.3
CVE-2001-1449 HIGH

The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
apache http_server 1.3.17
mandrakesoft mandrake_linux 8.0
apache http_server 1.3.12
apache http_server 1.3.9
apache http_server 1.3.6
apache http_server 1.3.1
apache http_server 1.3.18
apache http_server 1.3.4
apache http_server 1.3.11
apache http_server 1.3
mandrakesoft mandrake_linux 7.3
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux_corporate_server 1.0.1
apache http_server 1.3.3
apache http_server 1.3.14
mandrakesoft mandrake_single_network_firewall 7.2
CVE-2002-0002 HIGH

Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
stunnel stunnel 3.21c
stunnel stunnel 3.8
stunnel stunnel 3.18
stunnel stunnel 3.21b
stunnel stunnel 3.11
stunnel stunnel 3.9
stunnel stunnel 3.15
stunnel stunnel 3.17
mandrakesoft mandrake_linux 8.1
stunnel stunnel 3.12
stunnel stunnel 3.24
stunnel stunnel 3.7
stunnel stunnel 3.22
stunnel stunnel 3.20
engardelinux secure_linux 1.0.1
stunnel stunnel 3.14
stunnel stunnel 3.19
stunnel stunnel 3.13
stunnel stunnel 3.21a
stunnel stunnel 3.4a
stunnel stunnel 3.16
redhat linux 7.2
stunnel stunnel 3.21
stunnel stunnel 3.3
stunnel stunnel 3.10
CVE-2002-0004 HIGH

Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
freebsd freebsd 4.1.1
suse suse_linux 7.0
slackware slackware_linux 8.0
mandrakesoft mandrake_linux 8.0
suse suse_linux 6.4
freebsd freebsd 4.4
slackware slackware_linux 7.0
freebsd freebsd 4.2
freebsd freebsd 4.3
debian debian_linux 2.2
suse suse_linux 7.2
slackware slackware_linux 7.1
netbsd netbsd 1.5.2
caldera openlinux_server 3.1
redhat linux 7.2
mandrakesoft mandrake_linux 8.1
suse suse_linux 7.1
redhat linux 7.0
redhat linux 7.1
redhat linux 6.2
suse suse_linux 7.3
caldera openlinux_workstation 3.1
CVE-2002-0083 HIGH

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-193,

Products Affected

Vendor Product Version
conectiva linux 5.0
openpkg openpkg 1.0
conectiva linux ecommerce
suse suse_linux 7.2
openbsd openssh *
conectiva linux graficas
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 8.1
suse suse_linux 7.1
conectiva linux 7.0
mandrakesoft mandrake_linux_corporate_server 1.0.1
immunix immunix 7.0
mandrakesoft mandrake_single_network_firewall 7.2
redhat linux 7.0
suse suse_linux 7.3
trustix secure_linux 1.1
suse suse_linux 7.0
mandrakesoft mandrake_linux 8.0
trustix secure_linux 1.2
suse suse_linux 6.4
engardelinux secure_linux 1.0.1
redhat linux 7.2
mandrakesoft mandrake_linux 7.2
conectiva linux 6.0
redhat linux 7.1
trustix secure_linux 1.5
conectiva linux 5.1
CVE-2002-0638 MEDIUM

setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 8.0
redhat linux 7.3
redhat linux 6.1
redhat linux 7.2
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 8.1
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
hp secure_os 1.0
mandrakesoft mandrake_single_network_firewall 7.2
redhat linux 6.0
redhat linux 7.0
redhat linux 7.1
mandrakesoft mandrake_linux 8.2
mandrakesoft mandrake_linux 7.0
redhat linux 6.2
CVE-2002-0836 HIGH

dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 8.0
mandrakesoft mandrake_linux 9.0
redhat linux 7.3
redhat linux 8.0
redhat linux 7.2
mandrakesoft mandrake_linux 8.1
mandrakesoft mandrake_linux 7.2
hp secure_os 1.0
redhat linux 7.0
redhat linux 7.1
mandrakesoft mandrake_linux 8.2
redhat linux 6.2
CVE-2002-1713 LOW

The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-276,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 8.2
CVE-2002-1814 MEDIUM

Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
slackware slackware_linux 8.0
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 8.0
mandrakesoft mandrake_linux 9.0
gnome bonobo *
redhat linux 7.0
redhat linux 7.1
redhat linux 6.2
CVE-2002-2001 LOW

jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 8.1
jmcce jmcce 1.3.8
CVE-2002-2185 MEDIUM

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
sgi irix 6.5.13
sgi irix 6.5
sgi irix 6.5.18m
redhat enterprise_linux_desktop 3.0
sgi irix 6.5.15f
sgi irix 6.5.2
sgi irix 6.5.8
suse suse_linux 7.2
sgi irix 6.5.3
sgi irix 6.5.15m
sgi irix 6.5.4
microsoft windows_98 *
sgi irix 6.5.11
mandrakesoft mandrake_linux 8.1
suse suse_linux 7.1
sgi irix 6.5.7
microsoft windows_xp *
redhat enterprise_linux 4.0
sgi irix 6.5.17f
redhat linux 7.0
mandrakesoft mandrake_linux 8.2
redhat linux 6.2
sgi irix 6.5.1
suse suse_linux 7.3
sgi irix 6.5.14m
sgi irix 6.5.10
suse suse_linux 7.0
sgi irix 6.5.16f
mandrakesoft mandrake_linux 8.0
sgi irix 6.5.14f
redhat enterprise_linux_desktop 4.0
suse suse_linux 6.4
redhat linux 7.3
sgi irix 6.5.16m
sgi irix 6.5.5
debian debian_linux 2.2
microsoft windows_98se *
sgi irix 6.5.12
sgi irix 6.5.17m
sgi irix 6.5.9
redhat linux 7.2
redhat linux_advanced_workstation 2.1
sgi irix 6.5.6
redhat linux 7.1
redhat enterprise_linux 3.0
sgi irix 6.5.18f
CVE-2003-0041 HIGH

Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
redhat linux 7.2
mandrakesoft mandrake_linux 8.1
mandrakesoft mandrake_linux 9.0
mandrakesoft mandrake_multi_network_firewall 8.2
redhat linux 7.3
redhat linux 8.0
redhat linux 7.0
redhat linux 7.1
mandrakesoft mandrake_linux 8.2
redhat linux 6.2
mit kerberos_ftp_client *
CVE-2003-0434 HIGH

Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux_corporate_server 2.1
xpdf xpdf 1.1
mandrakesoft mandrake_linux 9.0
adobe acrobat 5.0.6
redhat linux 7.3
redhat linux 8.0
redhat linux 7.2
redhat linux_advanced_workstation 2.1
redhat linux 7.1
redhat enterprise_linux 2.1
redhat linux 9.0
mandrakesoft mandrake_linux 9.1
CVE-2003-0462 LOW

A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.7
linux linux_kernel 2.4.16
linux linux_kernel 2.4.20
linux linux_kernel 2.4.10
linux linux_kernel 2.4.19
linux linux_kernel 2.4.6
linux linux_kernel 2.4.14
linux linux_kernel 2.4.3
linux linux_kernel 2.4.2
linux linux_kernel 2.4.4
linux linux_kernel 2.4.1
mandrakesoft mandrake_multi_network_firewall 8.2
mandrakesoft mandrake_linux 8.2
linux linux_kernel 2.4.9
linux linux_kernel 2.4.12
mandrakesoft mandrake_linux_corporate_server 2.1
linux linux_kernel 2.4.13
mandrakesoft mandrake_linux 9.0
linux linux_kernel 2.4.5
linux linux_kernel 2.4.8
linux linux_kernel 2.4.11
linux linux_kernel 2.4.15
linux linux_kernel 2.4.18
linux linux_kernel 2.4.21
linux linux_kernel 2.4.17
linux linux_kernel 2.4.0
CVE-2003-1020 MEDIUM

The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
irssi irssi 0.8.4
irssi irssi 0.8.5
mandrakesoft mandrake_linux 9.2
irssi irssi 0.8.6
irssi irssi 0.8.8
mandrakesoft mandrake_linux 9.1
irssi irssi 0.8.7
CVE-2004-0386 HIGH

Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mplayer mplayer 0.90
mplayer mplayer 0.91
gentoo linux 1.1a
mandrakesoft mandrake_linux 10.0
mplayer mplayer 1.0_pre3
mplayer mplayer 1.0_pre1
mplayer mplayer 0.90_rc
gentoo linux 1.4
gentoo linux 1.2
mplayer mplayer 0.90_pre
mandrakesoft mandrake_linux 9.2
gentoo linux 0.7
gentoo linux 0.5
mplayer mplayer 1.0_pre2
CVE-2004-0402 MEDIUM

Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 9.2
xpcd xpcd 2.08
CVE-2004-0460 HIGH

Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
infoblox dns_one_appliance 2.4.0.8
mandrakesoft mandrake_linux 10.0
redhat fedora_core core_2.0
mandrakesoft mandrake_linux 9.0
isc dhcpd 3.0.1
suse suse_linux_database_server *
suse suse_linux 9.0
suse suse_linux_office_server *
suse suse_linux 8.1
infoblox dns_one_appliance 2.3.1_r5
mandrakesoft mandrake_linux 9.2
suse suse_linux_connectivity_server *
suse suse_linux 7
suse suse_linux 9.1
suse suse_linux_firewall_cd *
suse suse_linux 8
suse suse_linux 8.2
suse suse_email_server iii
mandrakesoft mandrake_linux 9.1
infoblox dns_one_appliance 2.4.0.8a
suse suse_linux_admin-cd_for_firewall *
CVE-2004-0461 HIGH

The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
infoblox dns_one_appliance 2.4.0.8
mandrakesoft mandrake_linux 10.0
redhat fedora_core core_2.0
mandrakesoft mandrake_linux 9.0
isc dhcpd 3.0.1
suse suse_linux_database_server *
suse suse_linux 9.0
suse suse_linux_office_server *
suse suse_linux 8.1
infoblox dns_one_appliance 2.3.1_r5
mandrakesoft mandrake_linux 9.2
suse suse_linux_connectivity_server *
suse suse_linux 7
suse suse_linux 9.1
suse suse_linux_firewall_cd *
suse suse_linux 8
suse suse_linux 8.2
suse suse_email_server iii
mandrakesoft mandrake_linux 9.1
infoblox dns_one_appliance 2.4.0.8a
suse suse_linux_admin-cd_for_firewall *
CVE-2004-0496 HIGH

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
suse suse_linux_database_server *
suse suse_linux_office_server *
sun sunos 5.9
suse suse_email_server 3.1
suse suse_email_server 3
mandrakesoft mandrake_linux 9.2
sun sunos 5.8
suse suse_linux_connectivity_server *
suse suse_linux 7
sun solaris 9.0
mandrakesoft mandrake_multi_network_firewall 8.2
gentoo linux *
suse suse_linux_firewall *
linux linux_kernel 2.6.0
suse suse_linux 8
mandrakesoft mandrake_linux 9.1
CVE-2004-0497 LOW

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
conectiva linux 10
suse suse_linux 9.0
trustix secure_linux 2
suse suse_linux 8.1
linux linux_kernel 2.0
trustix secure_linux 2.0
mandrakesoft mandrake_linux 9.2
suse suse_linux 9.1
trustix secure_linux 2.1
mandrakesoft mandrake_multi_network_firewall 8.2
gentoo linux *
suse suse_linux 8.2
redhat enterprise_linux 2.1
redhat enterprise_linux 3.0
mandrakesoft mandrake_linux 9.1
CVE-2004-0500 HIGH

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 0.69
rob_flynn gaim 0.74
rob_flynn gaim 0.72
rob_flynn gaim 0.62
rob_flynn gaim 0.56
gentoo linux 1.4
rob_flynn gaim 0.53
rob_flynn gaim 0.54
mandrakesoft mandrake_linux 9.2
rob_flynn gaim 0.64
rob_flynn gaim 0.70
rob_flynn gaim 0.61
rob_flynn gaim 0.55
rob_flynn gaim 0.75
rob_flynn gaim 0.52
rob_flynn gaim 0.50
mandrakesoft mandrake_linux 10.0
rob_flynn gaim 0.10.3
rob_flynn gaim 0.59
rob_flynn gaim 0.59.1
rob_flynn gaim 0.66
rob_flynn gaim 0.67
rob_flynn gaim 0.71
rob_flynn gaim 0.57
rob_flynn gaim 0.73
rob_flynn gaim 0.68
rob_flynn gaim 0.63
rob_flynn gaim 0.51
rob_flynn gaim 0.10
rob_flynn gaim 0.58
rob_flynn gaim 0.65
rob_flynn gaim 0.60
CVE-2004-0535 LOW

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.23_ow2
engardelinux secure_linux 1.5
linux linux_kernel 2.4.25
linux linux_kernel 2.4.7
linux linux_kernel 2.4.10
linux linux_kernel 2.4.19
engardelinux secure_community 2.0
linux linux_kernel 2.4.6
linux linux_kernel 2.4.24_ow1
suse suse_linux 8.1
linux linux_kernel 2.4.14
linux linux_kernel 2.4.24
suse suse_office_server *
suse suse_email_server 3.1
mandrakesoft mandrake_linux 9.2
suse suse_linux 9.1
linux linux_kernel 2.4.1
mandrakesoft mandrake_multi_network_firewall 8.2
suse suse_email_server iii
conectiva linux 9.0
mandrakesoft mandrake_linux 9.1
suse suse_linux_admin-cd_for_firewall *
suse suse_linux_firewall_live-cd *
linux linux_kernel 2.4.12
linux linux_kernel 2.4.13
linux linux_kernel 2.4.5
linux linux_kernel 2.4.11
linux linux_kernel 2.4.27
suse suse_linux 9.0
linux linux_kernel 2.4.21
suse suse_linux_firewall_cd *
suse suse_linux 8.0
linux linux_kernel 2.4.16
linux linux_kernel 2.4.20
suse suse_linux_database_server *
conectiva linux 8.0
suse suse_linux_office_server *
linux linux_kernel 2.4.23
linux linux_kernel 2.4.3
gentoo linux 1.4
linux linux_kernel 2.4.2
linux linux_kernel 2.4.4
suse suse_linux_connectivity_server *
suse suse_linux 7
linux linux_kernel 2.4.26
linux linux_kernel 2.4.9
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
linux linux_kernel 2.4.8
linux linux_kernel 2.4.15
linux linux_kernel 2.4.18
linux linux_kernel 2.4.17
suse suse_linux 8
suse suse_linux 8.2
linux linux_kernel 2.4.22
linux linux_kernel 2.4.0
CVE-2004-0559 LOW

The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
webmin webmin 1.0.00
usermin usermin 1.040
webmin webmin 1.0.70
webmin webmin 1.0.20
webmin webmin 1.1.10
webmin webmin 1.1.40
usermin usermin 1.080
usermin usermin 1.030
webmin webmin 1.0.90
mandrakesoft mandrake_linux 9.2
usermin usermin 1.060
webmin webmin 1.1.30
usermin usermin 1.070
usermin usermin 1.051
usermin usermin 1.020
webmin webmin 1.1.00
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
usermin usermin 1.010
webmin webmin 1.0.80
webmin webmin 1.0.60
webmin webmin 1.1.50
usermin usermin 1.000
webmin webmin 1.0.50
webmin webmin 1.1.21
CVE-2004-0565 LOW

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
trustix secure_linux 2.0
mandrakesoft mandrake_linux 9.2
trustix secure_linux 2.1
mandrakesoft mandrake_multi_network_firewall 8.2
gentoo linux *
linux linux_kernel 2.4.0
mandrakesoft mandrake_linux 9.1
trustix secure_linux 2
CVE-2004-0581 MEDIUM

ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
gnu ksymoops 2.4.8
mandrakesoft mandrake_linux 9.2
gnu ksymoops 2.4.5
gnu ksymoops 2.4.9
mandrakesoft mandrake_linux 9.1
CVE-2004-0587 LOW

Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.1
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 9.2
redhat fedora_core core_1.0
suse suse_linux 8
suse suse_linux 9.0
CVE-2004-0633 MEDIUM

The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 9.2
redhat linux_advanced_workstation 2.1
ethereal_group ethereal 0.10.3
gentoo linux *
ethereal_group ethereal 0.10.4
redhat enterprise_linux 2.1
redhat enterprise_linux 3.0
CVE-2004-0634 MEDIUM

The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 9.2
redhat linux_advanced_workstation 2.1
ethereal_group ethereal 0.9.15
gentoo linux *
ethereal_group ethereal 0.10.4
redhat enterprise_linux 2.1
redhat enterprise_linux 3.0
CVE-2004-0635 MEDIUM

The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.8.16
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9.5
ethereal_group ethereal 0.9.8
ethereal_group ethereal 0.10
ethereal_group ethereal 0.10.3
ethereal_group ethereal 0.9
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.8.19
ethereal_group ethereal 0.8.15
ethereal_group ethereal 0.9.3
mandrakesoft mandrake_linux 9.2
ethereal_group ethereal 0.8.18
gentoo linux *
ethereal_group ethereal 0.9.16
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.8.17
ethereal_group ethereal 0.9.2
redhat enterprise_linux 2.1
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9.6
mandrakesoft mandrake_linux 10.0
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.9.13
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.9.11
redhat linux_advanced_workstation 2.1
ethereal_group ethereal 0.9.15
ethereal_group ethereal 0.10.2
redhat enterprise_linux 3.0
CVE-2004-0746 HIGH

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kde konqueror 3.2.1
mandrakesoft mandrake_linux 10.0
kde konqueror 3.0.5
kde konqueror 3.1.3
kde konqueror 3.2.3
suse suse_linux 9.0
kde konqueror 3.1.5
kde konqueror 3.0
suse suse_linux 8.1
kde kde 3.2
kde konqueror 3.0.3
kde konqueror 3.1.1
kde konqueror 3.0.5b
gentoo linux 1.4
kde konqueror 3.1
kde konqueror 3.1.2
mandrakesoft mandrake_linux 9.2
suse suse_linux 9.1
kde konqueror 3.0.1
kde kde 3.1.3
suse suse_linux 8
suse suse_linux 8.2
kde konqueror 3.0.2
CVE-2004-0802 MEDIUM

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat fedora_core core_3.0
turbolinux turbolinux_workstation 8.0
enlightenment imlib 1.9.13
imagemagick imagemagick 5.5.3.2.1.2.0
enlightenment imlib 1.9.6
redhat enterprise_linux_desktop 3.0
enlightenment imlib2 1.0.2
enlightenment imlib 1.9
imagemagick imagemagick 5.4.8
imagemagick imagemagick 5.5.6.0_2003-04-09
enlightenment imlib 1.9.1
sun java_desktop_system 2.0
enlightenment imlib 1.9.12
suse suse_linux 8.1
enlightenment imlib 1.9.2
enlightenment imlib2 1.0.4
enlightenment imlib 1.9.14
mandrakesoft mandrake_linux 9.2
suse suse_linux 9.1
redhat fedora_core core_1.0
enlightenment imlib2 1.0
enlightenment imlib2 1.0.5
conectiva linux 9.0
redhat enterprise_linux 2.1
imagemagick imagemagick 5.4.8.2.1.1.0
conectiva linux 10.0
suse suse_linux 9.0
enlightenment imlib2 1.0.3
enlightenment imlib 1.9.10
enlightenment imlib2 1.1.1
enlightenment imlib 1.9.11
redhat linux_advanced_workstation 2.1
suse suse_linux 9.2
redhat enterprise_linux 3.0
enlightenment imlib 1.9.9
imagemagick imagemagick 6.0.2
suse suse_linux 8.0
sun java_desktop_system 2003
turbolinux turbolinux_server 8.0
enlightenment imlib 1.9.5
ubuntu ubuntu_linux 4.1
turbolinux turbolinux_server 7.0
imagemagick imagemagick 5.4.4.5
turbolinux turbolinux_workstation 7.0
imagemagick imagemagick 5.4.3
imagemagick imagemagick 5.3.3
imagemagick imagemagick 5.4.7
enlightenment imlib2 1.0.1
mandrakesoft mandrake_linux_corporate_server 2.1
enlightenment imlib2 1.1
mandrakesoft mandrake_linux 10.0
redhat fedora_core core_2.0
enlightenment imlib 1.9.4
enlightenment imlib 1.9.7
enlightenment imlib 1.9.3
enlightenment imlib 1.9.8
imagemagick imagemagick 5.5.7
turbolinux turbolinux_desktop 10.0
suse suse_linux 8.2
CVE-2004-0803 HIGH

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
libtiff libtiff 3.6.1
libtiff libtiff 3.5.3
apple mac_os_x 10.3.1
kde kde 3.3.1
redhat enterprise_linux_desktop 3.0
apple mac_os_x_server 10.3.2
suse suse_linux 8.1
libtiff libtiff 3.5.5
apple mac_os_x 10.2.8
apple mac_os_x 10.2.1
apple mac_os_x_server 10.2.5
suse suse_linux 9.1
apple mac_os_x_server 10.2.2
apple mac_os_x_server 10.2.6
apple mac_os_x_server 10.3.1
redhat enterprise_linux 2.1
apple mac_os_x 10.2
wxgtk2 wxgtk2 2.5_.0
libtiff libtiff 3.5.1
apple mac_os_x_server 10.3.3
apple mac_os_x 10.2.4
apple mac_os_x 10.3.3
apple mac_os_x 10.2.2
suse suse_linux 9.0
apple mac_os_x 10.3.5
kde kde 3.2.1
apple mac_os_x 10.3.4
apple mac_os_x 10.2.3
kde kde 3.2
trustix secure_linux 2.0
kde kde 3.2.2
redhat linux_advanced_workstation 2.1
apple mac_os_x_server 10.2.8
apple mac_os_x 10.2.5
suse suse_linux 1.0
apple mac_os_x_server 10.3.5
redhat enterprise_linux 3.0
apple mac_os_x_server 10.3.6
apple mac_os_x 10.2.7
apple mac_os_x_server 10.2.7
apple mac_os_x 10.2.6
libtiff libtiff 3.6.0
apple mac_os_x 10.3
apple mac_os_x_server 10.3.4
apple mac_os_x_server 10.2.1
apple mac_os_x 10.3.2
libtiff libtiff 3.5.4
trustix secure_linux 2.1
pdflib pdf_library 5.0.2
kde kde 3.3
libtiff libtiff 3.5.2
libtiff libtiff 3.4
mandrakesoft mandrake_linux 10.0
redhat fedora_core core_2.0
kde kde 3.2.3
libtiff libtiff 3.5.7
apple mac_os_x_server 10.2.3
apple mac_os_x_server 10.2.4
apple mac_os_x_server 10.3
apple mac_os_x 10.3.6
suse suse_linux 8
suse suse_linux 8.2
trustix secure_linux 1.5
apple mac_os_x_server 10.2
CVE-2004-0805 HIGH

Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a certain (1) mp3 or (2) mp2 file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mpg123 mpg123 0.59r
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 9.2
mpg123 mpg123 0.59s
CVE-2004-0807 MEDIUM

Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
samba samba 3.0.4
sgi samba 3.0.1
mandrakesoft mandrake_linux 10.0
samba samba 3.0.3
samba samba 3.0.6
sgi samba 3.0.4
sgi samba 3.0
sgi samba 3.0.3
conectiva linux 10.0
suse suse_linux 9.0
samba samba 3.0.5
suse suse_linux 8.1
samba samba 3.0.1
samba samba 3.0.2a
sgi samba 3.0.6
sgi samba 3.0.2
samba samba 3.0.2
suse suse_linux 9.1
samba samba 3.0.0
suse suse_linux 8
suse suse_linux 8.2
conectiva linux 9.0
sgi samba 3.0.5
CVE-2004-0809 MEDIUM

The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
hp secure_web_server_for_tru64 5.9.1
hp hp-ux 11.22
redhat enterprise_linux_desktop 3.0
apache http_server *
gentoo linux 1.4
hp hp-ux 11.11
mandrakesoft mandrake_linux 9.2
trustix secure_linux 2.1
hp secure_web_server_for_tru64 5.8.1
hp secure_web_server_for_tru64 5.8.2
hp hp-ux 11.23
hp secure_web_server_for_tru64 5.1
debian debian_linux 3.0
hp secure_web_server_for_tru64 5.9.2
mandrakesoft mandrake_linux 10.0
hp secure_web_server_for_tru64 4.0_g
hp secure_web_server_for_tru64 6.3.0
hp secure_web_server_for_tru64 5.1_a
hp hp-ux 11.00
hp secure_web_server_for_tru64 5.0_a
turbolinux turbolinux_home *
trustix secure_linux 2.0
turbolinux turbolinux_server 10.0
turbolinux turbolinux_desktop 10.0
hp secure_web_server_for_tru64 4.0_f
redhat enterprise_linux 3.0
CVE-2004-0817 HIGH

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat fedora_core core_3.0
turbolinux turbolinux_workstation 8.0
enlightenment imlib 1.9.13
imagemagick imagemagick 5.5.3.2.1.2.0
enlightenment imlib 1.9.6
redhat enterprise_linux_desktop 3.0
enlightenment imlib2 1.0.2
enlightenment imlib 1.9
imagemagick imagemagick 5.4.8
imagemagick imagemagick 5.5.6.0_2003-04-09
enlightenment imlib 1.9.1
sun java_desktop_system 2.0
enlightenment imlib 1.9.12
suse suse_linux 8.1
enlightenment imlib 1.9.2
enlightenment imlib2 1.0.4
enlightenment imlib 1.9.14
mandrakesoft mandrake_linux 9.2
suse suse_linux 9.1
redhat fedora_core core_1.0
enlightenment imlib2 1.0
enlightenment imlib2 1.0.5
conectiva linux 9.0
redhat enterprise_linux 2.1
imagemagick imagemagick 5.4.8.2.1.1.0
conectiva linux 10.0
suse suse_linux 9.0
enlightenment imlib2 1.0.3
enlightenment imlib 1.9.10
enlightenment imlib2 1.1.1
enlightenment imlib 1.9.11
redhat linux_advanced_workstation 2.1
suse suse_linux 9.2
redhat enterprise_linux 3.0
enlightenment imlib 1.9.9
imagemagick imagemagick 6.0.2
suse suse_linux 8.0
sun java_desktop_system 2003
turbolinux turbolinux_server 8.0
enlightenment imlib 1.9.5
ubuntu ubuntu_linux 4.1
turbolinux turbolinux_server 7.0
imagemagick imagemagick 5.4.4.5
turbolinux turbolinux_workstation 7.0
imagemagick imagemagick 5.4.3
imagemagick imagemagick 5.3.3
imagemagick imagemagick 5.4.7
enlightenment imlib2 1.0.1
mandrakesoft mandrake_linux_corporate_server 2.1
enlightenment imlib2 1.1
mandrakesoft mandrake_linux 10.0
redhat fedora_core core_2.0
enlightenment imlib 1.9.4
enlightenment imlib 1.9.7
enlightenment imlib 1.9.3
enlightenment imlib 1.9.8
imagemagick imagemagick 5.5.7
turbolinux turbolinux_desktop 10.0
suse suse_linux 8.2
CVE-2004-0827 HIGH

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat fedora_core core_3.0
enlightenment imlib 1.9.13
imagemagick imagemagick 5.5.3.2.1.2.0
enlightenment imlib 1.9.6
redhat enterprise_linux_desktop 3.0
enlightenment imlib2 1.0.2
enlightenment imlib 1.9
imagemagick imagemagick 5.4.8
imagemagick imagemagick 5.5.6.0_2003-04-09
enlightenment imlib 1.9.1
sun java_desktop_system 2.0
enlightenment imlib 1.9.12
suse suse_linux 8.1
enlightenment imlib 1.9.2
enlightenment imlib2 1.0.4
enlightenment imlib 1.9.14
mandrakesoft mandrake_linux 9.2
suse suse_linux 9.1
redhat fedora_core core_1.0
turbolinux turbolinux server_7.0
enlightenment imlib2 1.0
enlightenment imlib2 1.0.5
conectiva linux 9.0
redhat enterprise_linux 2.1
imagemagick imagemagick 5.4.8.2.1.1.0
conectiva linux 10.0
suse suse_linux 9.0
enlightenment imlib2 1.0.3
enlightenment imlib 1.9.10
enlightenment imlib2 1.1.1
enlightenment imlib 1.9.11
redhat linux_advanced_workstation 2.1
suse suse_linux 9.2
redhat enterprise_linux 3.0
enlightenment imlib 1.9.9
imagemagick imagemagick 6.0.2
suse suse_linux 8.0
sun java_desktop_system 2003
enlightenment imlib 1.9.5
ubuntu ubuntu_linux 4.1
imagemagick imagemagick 5.4.4.5
turbolinux turbolinux workstation_8.0
imagemagick imagemagick 5.4.3
imagemagick imagemagick 5.3.3
imagemagick imagemagick 5.4.7
enlightenment imlib2 1.0.1
mandrakesoft mandrake_linux_corporate_server 2.1
enlightenment imlib2 1.1
mandrakesoft mandrake_linux 10.0
turbolinux turbolinux server_8.0
redhat fedora_core core_2.0
turbolinux turbolinux desktop_10.0
enlightenment imlib 1.9.4
turbolinux turbolinux workstation_7.0
enlightenment imlib 1.9.7
enlightenment imlib 1.9.3
enlightenment imlib 1.9.8
imagemagick imagemagick 5.5.7
suse suse_linux 8.2
CVE-2004-0834 HIGH

Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
speedtouch speedtouch_usb_driver 1.1
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 9.0
mandrakesoft mandrake_linux 10.1
gentoo linux 1.4
speedtouch speedtouch_usb_driver 1.2_beta1
speedtouch speedtouch_usb_driver 1.0
speedtouch speedtouch_usb_driver 1.2
mandrakesoft mandrake_linux 9.2
mandrakesoft mandrake_multi_network_firewall 8.2
speedtouch speedtouch_usb_driver 1.2_beta3
speedtouch speedtouch_usb_driver 1.3
speedtouch speedtouch_usb_driver 1.2_beta2
mandrakesoft mandrake_linux 8.2
mandrakesoft mandrake_linux 9.1
CVE-2004-0886 MEDIUM

Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
libtiff libtiff 3.6.1
libtiff libtiff 3.5.3
apple mac_os_x 10.3.1
kde kde 3.3.1
redhat enterprise_linux_desktop 3.0
apple mac_os_x_server 10.3.2
suse suse_linux 8.1
libtiff libtiff 3.5.5
apple mac_os_x 10.2.8
apple mac_os_x 10.2.1
apple mac_os_x_server 10.2.5
suse suse_linux 9.1
apple mac_os_x_server 10.2.2
apple mac_os_x_server 10.2.6
apple mac_os_x_server 10.3.1
redhat enterprise_linux 2.1
apple mac_os_x 10.2
wxgtk2 wxgtk2 2.5_.0
libtiff libtiff 3.5.1
apple mac_os_x_server 10.3.3
apple mac_os_x 10.2.4
apple mac_os_x 10.3.3
apple mac_os_x 10.2.2
suse suse_linux 9.0
apple mac_os_x 10.3.5
kde kde 3.2.1
apple mac_os_x 10.3.4
apple mac_os_x 10.2.3
kde kde 3.2
trustix secure_linux 2.0
kde kde 3.2.2
redhat linux_advanced_workstation 2.1
apple mac_os_x_server 10.2.8
apple mac_os_x 10.2.5
suse suse_linux 1.0
apple mac_os_x_server 10.3.5
redhat enterprise_linux 3.0
wxgtk2 wxgtk2 *
apple mac_os_x_server 10.3.6
apple mac_os_x 10.2.7
apple mac_os_x_server 10.2.7
apple mac_os_x 10.2.6
libtiff libtiff 3.6.0
apple mac_os_x 10.3
apple mac_os_x_server 10.3.4
apple mac_os_x_server 10.2.1
apple mac_os_x 10.3.2
libtiff libtiff 3.5.4
trustix secure_linux 2.1
pdflib pdf_library 5.0.2
kde kde 3.3
libtiff libtiff 3.5.2
libtiff libtiff 3.4
mandrakesoft mandrake_linux 10.0
redhat fedora_core core_2.0
kde kde 3.2.3
libtiff libtiff 3.5.7
apple mac_os_x_server 10.2.3
apple mac_os_x_server 10.2.4
apple mac_os_x_server 10.3
apple mac_os_x 10.3.6
suse suse_linux 8
suse suse_linux 8.2
trustix secure_linux 1.5
apple mac_os_x_server 10.2
CVE-2004-0932 HIGH

McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom inoculateit 6.0
rav_antivirus rav_antivirus_for_file_servers 1.0
sophos sophos_puremessage_anti-virus 4.6
broadcom etrust_secure_content_manager 1.1
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.4.6
broadcom etrust_ez_armor 2.4
ca etrust_antivirus 7.0_sp2
broadcom etrust_ez_antivirus 6.2
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.78d
eset_software nod32_antivirus 1.0.11
sophos sophos_anti-virus 3.80
broadcom etrust_intrusion_detection 1.4.5
gentoo linux 1.4
broadcom etrust_antivirus 7.1
sophos sophos_anti-virus 3.79
archive_zip archive_zip 1.13
rav_antivirus rav_antivirus_desktop 8.6
gentoo linux *
broadcom etrust_secure_content_manager 1.0
eset_software nod32_antivirus 1.0.13
sophos sophos_anti-virus 3.86
broadcom brightstor_arcserve_backup 11.1
mcafee antivirus_engine 4.3.20
broadcom etrust_ez_armor 2.0
sophos sophos_anti-virus 3.83
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.85
mandrakesoft mandrake_linux 10.1
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 3.0
sophos sophos_anti-virus 3.84
broadcom etrust_ez_antivirus 6.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.81
kaspersky_lab kaspersky_anti-virus 4.0
eset_software nod32_antivirus 1.0.12
suse suse_linux 9.2
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.78
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus 7.0
broadcom etrust_ez_armor 2.3
broadcom etrust_intrusion_detection 1.5
broadcom etrust_antivirus_gateway 7.0
CVE-2004-0933 HIGH

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom inoculateit 6.0
rav_antivirus rav_antivirus_for_file_servers 1.0
sophos sophos_puremessage_anti-virus 4.6
broadcom etrust_secure_content_manager 1.1
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.4.6
broadcom etrust_ez_armor 2.4
ca etrust_antivirus 7.0_sp2
broadcom etrust_ez_antivirus 6.2
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.78d
eset_software nod32_antivirus 1.0.11
sophos sophos_anti-virus 3.80
broadcom etrust_intrusion_detection 1.4.5
gentoo linux 1.4
broadcom etrust_antivirus 7.1
sophos sophos_anti-virus 3.79
archive_zip archive_zip 1.13
rav_antivirus rav_antivirus_desktop 8.6
gentoo linux *
broadcom etrust_secure_content_manager 1.0
eset_software nod32_antivirus 1.0.13
sophos sophos_anti-virus 3.86
broadcom brightstor_arcserve_backup 11.1
mcafee antivirus_engine 4.3.20
broadcom etrust_ez_armor 2.0
sophos sophos_anti-virus 3.83
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.85
mandrakesoft mandrake_linux 10.1
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 3.0
sophos sophos_anti-virus 3.84
broadcom etrust_ez_antivirus 6.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.81
kaspersky_lab kaspersky_anti-virus 4.0
eset_software nod32_antivirus 1.0.12
suse suse_linux 9.2
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.78
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus 7.0
broadcom etrust_ez_armor 2.3
broadcom etrust_intrusion_detection 1.5
broadcom etrust_antivirus_gateway 7.0
CVE-2004-0934 HIGH

Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom inoculateit 6.0
rav_antivirus rav_antivirus_for_file_servers 1.0
sophos sophos_puremessage_anti-virus 4.6
broadcom etrust_secure_content_manager 1.1
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.4.6
broadcom etrust_ez_armor 2.4
ca etrust_antivirus 7.0_sp2
broadcom etrust_ez_antivirus 6.2
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.78d
eset_software nod32_antivirus 1.0.11
sophos sophos_anti-virus 3.80
broadcom etrust_intrusion_detection 1.4.5
gentoo linux 1.4
broadcom etrust_antivirus 7.1
sophos sophos_anti-virus 3.79
archive_zip archive_zip 1.13
rav_antivirus rav_antivirus_desktop 8.6
gentoo linux *
broadcom etrust_secure_content_manager 1.0
eset_software nod32_antivirus 1.0.13
sophos sophos_anti-virus 3.86
broadcom brightstor_arcserve_backup 11.1
mcafee antivirus_engine 4.3.20
broadcom etrust_ez_armor 2.0
sophos sophos_anti-virus 3.83
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.85
mandrakesoft mandrake_linux 10.1
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 3.0
sophos sophos_anti-virus 3.84
broadcom etrust_ez_antivirus 6.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.81
kaspersky_lab kaspersky_anti-virus 4.0
eset_software nod32_antivirus 1.0.12
suse suse_linux 9.2
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.78
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus 7.0
broadcom etrust_ez_armor 2.3
broadcom etrust_intrusion_detection 1.5
broadcom etrust_antivirus_gateway 7.0
CVE-2004-0935 HIGH

Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom inoculateit 6.0
rav_antivirus rav_antivirus_for_file_servers 1.0
sophos sophos_puremessage_anti-virus 4.6
broadcom etrust_secure_content_manager 1.1
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.4.6
broadcom etrust_ez_armor 2.4
ca etrust_antivirus 7.0_sp2
broadcom etrust_ez_antivirus 6.2
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.78d
eset_software nod32_antivirus 1.0.11
sophos sophos_anti-virus 3.80
broadcom etrust_intrusion_detection 1.4.5
gentoo linux 1.4
broadcom etrust_antivirus 7.1
sophos sophos_anti-virus 3.79
archive_zip archive_zip 1.13
rav_antivirus rav_antivirus_desktop 8.6
gentoo linux *
broadcom etrust_secure_content_manager 1.0
eset_software nod32_antivirus 1.0.13
sophos sophos_anti-virus 3.86
broadcom brightstor_arcserve_backup 11.1
mcafee antivirus_engine 4.3.20
broadcom etrust_ez_armor 2.0
sophos sophos_anti-virus 3.83
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.85
mandrakesoft mandrake_linux 10.1
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 3.0
sophos sophos_anti-virus 3.84
broadcom etrust_ez_antivirus 6.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.81
kaspersky_lab kaspersky_anti-virus 4.0
eset_software nod32_antivirus 1.0.12
suse suse_linux 9.2
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.78
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus 7.0
broadcom etrust_ez_armor 2.3
broadcom etrust_intrusion_detection 1.5
broadcom etrust_antivirus_gateway 7.0
CVE-2004-0936 HIGH

RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom inoculateit 6.0
rav_antivirus rav_antivirus_for_file_servers 1.0
sophos sophos_puremessage_anti-virus 4.6
broadcom etrust_secure_content_manager 1.1
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.4.6
broadcom etrust_ez_armor 2.4
ca etrust_antivirus 7.0_sp2
broadcom etrust_ez_antivirus 6.2
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.78d
eset_software nod32_antivirus 1.0.11
sophos sophos_anti-virus 3.80
broadcom etrust_intrusion_detection 1.4.5
gentoo linux 1.4
broadcom etrust_antivirus 7.1
sophos sophos_anti-virus 3.79
archive_zip archive_zip 1.13
rav_antivirus rav_antivirus_desktop 8.6
gentoo linux *
broadcom etrust_secure_content_manager 1.0
eset_software nod32_antivirus 1.0.13
sophos sophos_anti-virus 3.86
broadcom brightstor_arcserve_backup 11.1
mcafee antivirus_engine 4.3.20
broadcom etrust_ez_armor 2.0
sophos sophos_anti-virus 3.83
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.85
mandrakesoft mandrake_linux 10.1
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 3.0
sophos sophos_anti-virus 3.84
broadcom etrust_ez_antivirus 6.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.81
kaspersky_lab kaspersky_anti-virus 4.0
eset_software nod32_antivirus 1.0.12
suse suse_linux 9.2
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.78
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus 7.0
broadcom etrust_ez_armor 2.3
broadcom etrust_intrusion_detection 1.5
broadcom etrust_antivirus_gateway 7.0
CVE-2004-0937 HIGH

Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom inoculateit 6.0
rav_antivirus rav_antivirus_for_file_servers 1.0
sophos sophos_puremessage_anti-virus 4.6
broadcom etrust_secure_content_manager 1.1
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.4.6
broadcom etrust_ez_armor 2.4
ca etrust_antivirus 7.0_sp2
broadcom etrust_ez_antivirus 6.2
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.78d
eset_software nod32_antivirus 1.0.11
sophos sophos_anti-virus 3.80
broadcom etrust_intrusion_detection 1.4.5
gentoo linux 1.4
broadcom etrust_antivirus 7.1
sophos sophos_anti-virus 3.79
archive_zip archive_zip 1.13
rav_antivirus rav_antivirus_desktop 8.6
gentoo linux *
broadcom etrust_secure_content_manager 1.0
eset_software nod32_antivirus 1.0.13
sophos sophos_anti-virus 3.86
broadcom brightstor_arcserve_backup 11.1
mcafee antivirus_engine 4.3.20
broadcom etrust_ez_armor 2.0
sophos sophos_anti-virus 3.83
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.85
mandrakesoft mandrake_linux 10.1
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 3.0
sophos sophos_anti-virus 3.84
broadcom etrust_ez_antivirus 6.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.81
kaspersky_lab kaspersky_anti-virus 4.0
eset_software nod32_antivirus 1.0.12
suse suse_linux 9.2
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.78
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus 7.0
broadcom etrust_ez_armor 2.3
broadcom etrust_intrusion_detection 1.5
broadcom etrust_antivirus_gateway 7.0
CVE-2004-0974 LOW

The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat fedora_core core_3.0
netatalk open_source_apple_file_share_protocol_suite 1.6.1
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
redhat fedora_core core_2.0
mandrakesoft mandrake_linux 9.2
mandrakesoft mandrake_linux 10.1
netatalk open_source_apple_file_share_protocol_suite 1.6.4
netatalk open_source_apple_file_share_protocol_suite 1.5_pre6
CVE-2004-0975 LOW

The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
openssl openssl 0.9.6h
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
openssl openssl 0.9.6a
openssl openssl 0.9.6f
openssl openssl 0.9.6e
mandrakesoft mandrake_linux 10.1
openssl openssl 0.9.6k
openssl openssl 0.9.6
openssl openssl 0.9.6i
openssl openssl 0.9.6l
openssl openssl 0.9.7d
mandrakesoft mandrake_linux 9.2
openssl openssl 0.9.6m
openssl openssl 0.9.6j
openssl openssl 0.9.7c
mandrakesoft mandrake_multi_network_firewall 8.2
gentoo linux *
openssl openssl 0.9.6g
openssl openssl 0.9.6c
openssl openssl 0.9.6d
openssl openssl 0.9.6b
CVE-2004-0977 LOW

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
postgresql postgresql *
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
trustix secure_linux 2.0
mandrakesoft mandrake_linux 9.2
redhat enterprise_linux_desktop 3.0
trustix secure_linux 2.1
mandrakesoft mandrake_linux 10.1
redhat enterprise_linux 3.0
CVE-2004-0983 MEDIUM

The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
yukihiro_matsumoto ruby 1.6.7
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 10.1
yukihiro_matsumoto ruby 1.8.2_pre2
ubuntu ubuntu_linux 4.1
yukihiro_matsumoto ruby 1.6
yukihiro_matsumoto ruby 1.8.2_pre1
yukihiro_matsumoto ruby 1.8
mandrakesoft mandrake_linux 9.2
gentoo linux *
yukihiro_matsumoto ruby 1.8.1
CVE-2004-1014 MEDIUM

statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
debian debian_linux 3.0
nfs nfs-utils 1.0.6
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 9.2
redhat enterprise_linux_desktop 3.0
mandrakesoft mandrake_linux 10.1
redhat enterprise_linux 3.0
CVE-2004-1051 HIGH

sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
todd_miller sudo 1.5.7
todd_miller sudo 1.6.1
todd_miller sudo 1.6.6
ubuntu ubuntu_linux 4.1
todd_miller sudo 1.6.2
todd_miller sudo 1.6.3_p5
todd_miller sudo 1.6.5_p1
todd_miller sudo 1.6.3_p1
todd_miller sudo 1.6.3_p3
todd_miller sudo 1.5.9
mandrakesoft mandrake_linux 9.2
trustix secure_linux 2.1
todd_miller sudo 1.6.4_p2
mandrakesoft mandrake_multi_network_firewall 8.2
todd_miller sudo 1.5.6
todd_miller sudo 1.6.5
todd_miller sudo 1.5.8
trustix secure_linux 2.2
debian debian_linux 3.0
todd_miller sudo 1.6.8
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
todd_miller sudo 1.6.3_p2
todd_miller sudo 1.6.3
mandrakesoft mandrake_linux 10.1
todd_miller sudo 1.6.3_p6
todd_miller sudo 1.6.3_p4
todd_miller sudo 1.6.4
todd_miller sudo 1.6.8_p1
todd_miller sudo 1.6
todd_miller sudo 1.6.4_p1
todd_miller sudo 1.6.7
trustix secure_linux 2.0
todd_miller sudo 1.6.5_p2
trustix secure_linux 1.5
todd_miller sudo 1.6.3_p7
CVE-2004-1096 HIGH

Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom inoculateit 6.0
rav_antivirus rav_antivirus_for_file_servers 1.0
sophos sophos_puremessage_anti-virus 4.6
broadcom etrust_secure_content_manager 1.1
broadcom etrust_intrusion_detection 1.4.1.13
sophos sophos_anti-virus 3.4.6
broadcom etrust_ez_armor 2.4
ca etrust_antivirus 7.0_sp2
broadcom etrust_ez_antivirus 6.2
broadcom etrust_antivirus_gateway 7.1
broadcom etrust_ez_antivirus 6.1
sophos sophos_anti-virus 3.78d
eset_software nod32_antivirus 1.0.11
sophos sophos_anti-virus 3.80
broadcom etrust_intrusion_detection 1.4.5
gentoo linux 1.4
broadcom etrust_antivirus 7.1
sophos sophos_anti-virus 3.79
rav_antivirus rav_antivirus_desktop 8.6
gentoo linux *
broadcom etrust_secure_content_manager 1.0
eset_software nod32_antivirus 1.0.13
sophos sophos_anti-virus 3.86
broadcom brightstor_arcserve_backup 11.1
mcafee antivirus_engine 4.3.20
broadcom etrust_ez_armor 2.0
sophos sophos_anti-virus 3.83
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.85
mandrakesoft mandrake_linux 10.1
ca etrust_secure_content_manager 1.0
kaspersky_lab kaspersky_anti-virus 3.0
sophos sophos_anti-virus 3.84
broadcom etrust_ez_antivirus 6.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.81
kaspersky_lab kaspersky_anti-virus 4.0
eset_software nod32_antivirus 1.0.12
suse suse_linux 9.2
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.78
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus 7.0
broadcom etrust_ez_armor 2.3
broadcom etrust_intrusion_detection 1.5
broadcom etrust_antivirus_gateway 7.0
CVE-2004-1098 HIGH

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
roaring_penguin mimedefang 2.14
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
roaring_penguin mimedefang 2.41
roaring_penguin mimedefang 2.39
roaring_penguin mimedefang 2.44
roaring_penguin mimedefang 2.43
mandrakesoft mandrake_linux 10.1
suse suse_linux 9.0
roaring_penguin mimedefang 2.38
suse suse_linux 8.1
roaring_penguin mimedefang 4.46
roaring_penguin mimedefang 2.21
roaring_penguin mimedefang 2.4
roaring_penguin mimedefang 2.45
mandrakesoft mandrake_linux 9.2
suse suse_linux 9.1
suse suse_linux 9.2
roaring_penguin mimedefang 2.20
suse suse_linux 8.2
roaring_penguin mimedefang 4.47
roaring_penguin mimedefang 2.42
CVE-2004-1158 HIGH

Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat fedora_core core_3.0
kde konqueror 3.2.1
kde konqueror 3.0.5
kde konqueror 3.2.3
kde konqueror 2.2.2
kde konqueror 3.0.3
kde konqueror 3.1.1
kde konqueror 3.0.5b
kde konqueror 3.1
kde konqueror 3.2.2.6
kde konqueror 3.1.2
kde konqueror 2.1.1
kde konqueror 3.0.1
mandrakesoft mandrake_linux 10.0
redhat fedora_core core_2.0
kde konqueror 2.1.2
kde konqueror 3.1.4
kde konqueror 3.1.3
mandrakesoft mandrake_linux 10.1
kde konqueror 3.1.5
kde konqueror 3.0
kde konqueror 2.2.1
kde konqueror 3.3
kde konqueror 3.0.2
kde konqueror 3.3.1
kde konqueror 3.3.2
CVE-2004-1171 LOW

KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat fedora_core core_3.0
kde kde 3.2
mandrakesoft mandrake_linux 10.0
kde kde 3.3.1
redhat fedora_core core_2.0
kde kde 3.2.2
kde kde 3.2.3
kde kde 3.3
mandrakesoft mandrake_linux 10.1
kde kde 3.3.2
kde kde 3.2.1
CVE-2004-1180 MEDIUM

Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sun sunos 5.9
debian debian_linux 3.0
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 10.1
sun solaris *
CVE-2004-1187 HIGH

Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mplayer mplayer 0.90
xine xine 1_rc3
xine xine-lib 1_rc6
xine xine 1_rc8
xine xine-lib 1_beta9
xine xine 1_rc7
xine xine-lib 0.9.13
xine xine 1_beta9
xine xine-lib 1_beta10
xine xine-lib 1_beta12
xine xine 1_beta3
mplayer mplayer 1.0_pre5
mplayer mplayer 1.0_pre5try1
xine xine 1_rc4
xine xine 1_beta1
xine xine-lib 1_beta8
xine xine 1_rc0
xine xine-lib 1_beta5
xine xine-lib 0.99
xine xine 1_beta2
xine xine-lib 1_beta7
xine xine 0.9.13
xine xine 1_rc1
xine xine 1_rc0a
mplayer mplayer 1.0_pre3
xine xine 1_rc3b
xine xine-lib 1_rc3c
xine xine-lib 1_rc0
xine xine-lib 1_beta2
xine xine-lib 1_rc3
mplayer mplayer 1.0_pre2
xine xine 1_beta5
xine xine 1_rc3a
mplayer mplayer 1.0_pre5try2
xine xine-lib 1_beta4
mplayer mplayer 1.0_pre1
xine xine 1_beta8
xine xine 0.9.8
mplayer mplayer 0.90_rc
xine xine 1_beta7
xine xine 0.9.18
xine xine-lib 1_rc3b
xine xine-lib 1_rc7
xine xine-lib 1_beta6
xine xine 1_beta4
mplayer mplayer 0.90_pre
mplayer mplayer head_cvs
mplayer mplayer 0.90_rc4
xine xine-lib 1_rc2
xine xine 1_rc5
xine xine-lib 1_beta3
xine xine 1_beta10
xine xine 1_beta12
xine xine-lib 1_rc5
xine xine 1_rc6a
xine xine-lib 1_rc4
xine xine-lib 1_alpha
xine xine-lib 1_rc1
mplayer mplayer 0.91
xine xine-lib 0.9.8
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 10.1
xine xine 1_rc6
xine xine 1_beta6
xine xine-lib 1_rc6a
xine xine-lib 1_rc3a
xine xine 1_alpha
mplayer mplayer 1.0_pre4
xine xine-lib 1_beta11
xine xine 1_rc2
mplayer mplayer 0.92
mplayer mplayer 1.0_pre3try2
xine xine 1_beta11
mplayer mplayer 0.92.1
mplayer mplayer 0.92_cvs
xine xine-lib 1_beta1
CVE-2004-1188 HIGH

The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mplayer mplayer 0.90
xine xine 1_rc3
xine xine-lib 1_rc6
xine xine 1_rc8
xine xine-lib 1_beta9
xine xine 1_rc7
xine xine-lib 0.9.13
xine xine 1_beta9
xine xine-lib 1_beta10
xine xine-lib 1_beta12
xine xine 1_beta3
mplayer mplayer 1.0_pre5
mplayer mplayer 1.0_pre5try1
xine xine 1_rc4
xine xine 1_beta1
xine xine-lib 1_beta8
xine xine 1_rc0
xine xine-lib 1_beta5
xine xine-lib 0.99
xine xine 1_beta2
xine xine-lib 1_beta7
xine xine 0.9.13
xine xine 1_rc1
xine xine 1_rc0a
mplayer mplayer 1.0_pre3
xine xine 1_rc3b
xine xine-lib 1_rc3c
xine xine-lib 1_rc0
xine xine-lib 1_beta2
xine xine-lib 1_rc3
mplayer mplayer 1.0_pre2
xine xine 1_beta5
xine xine 1_rc3a
mplayer mplayer 1.0_pre5try2
xine xine-lib 1_beta4
mplayer mplayer 1.0_pre1
xine xine 1_beta8
xine xine 0.9.8
mplayer mplayer 0.90_rc
xine xine 1_beta7
xine xine 0.9.18
xine xine-lib 1_rc3b
xine xine-lib 1_rc7
xine xine-lib 1_beta6
xine xine 1_beta4
mplayer mplayer 0.90_pre
mplayer mplayer head_cvs
mplayer mplayer 0.90_rc4
xine xine-lib 1_rc2
xine xine 1_rc5
xine xine-lib 1_beta3
xine xine 1_beta10
xine xine 1_beta12
xine xine-lib 1_rc5
xine xine 1_rc6a
xine xine-lib 1_rc4
xine xine-lib 1_alpha
xine xine-lib 1_rc1
mplayer mplayer 0.91
xine xine-lib 0.9.8
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 10.1
xine xine 1_rc6
xine xine 1_beta6
xine xine-lib 1_rc6a
xine xine-lib 1_rc3a
xine xine 1_alpha
mplayer mplayer 1.0_pre4
xine xine-lib 1_beta11
xine xine 1_rc2
mplayer mplayer 0.92
mplayer mplayer 1.0_pre3try2
xine xine 1_beta11
mplayer mplayer 0.92.1
mplayer mplayer 0.92_cvs
xine xine-lib 1_beta1
CVE-2004-1235 MEDIUM

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.23_ow2
redhat fedora_core core_3.0
linux linux_kernel 2.4.25
linux linux_kernel 2.4.7
avaya s8500 r2.0.1
redhat enterprise_linux_desktop 3.0
linux linux_kernel 2.4.10
linux linux_kernel 2.4.19
linux linux_kernel 2.4.6
linux linux_kernel 2.4.24_ow1
suse suse_linux 8.1
linux linux_kernel 2.4.14
linux linux_kernel 2.4.24
mandrakesoft mandrake_linux 9.2
suse suse_linux 9.1
linux linux_kernel 2.4.1
mandrakesoft mandrake_multi_network_firewall 8.2
redhat fedora_core core_1.0
avaya s8700 r2.0.0
linux linux_kernel 2.4.12
avaya s8700 r2.0.1
linux linux_kernel 2.6_test9_cvs
linux linux_kernel 2.4.13
redhat enterprise_linux_desktop 4.0
linux linux_kernel 2.4.5
linux linux_kernel 2.4.11
redhat linux 7.3
linux linux_kernel 2.4.27
conectiva linux 10.0
suse suse_linux 9.0
linux linux_kernel 2.4.21
linux linux_kernel 2.4.28
avaya s8710 r2.0.0
suse suse_linux 9.2
avaya modular_messaging_message_storage_server 1.1
linux linux_kernel 2.6.0
linux linux_kernel 2.6.6
linux linux_kernel 2.6.5
suse suse_linux 1.0
redhat enterprise_linux 3.0
redhat linux 9.0
linux linux_kernel 2.6.1
avaya network_routing *
linux linux_kernel 2.6.3
linux linux_kernel 2.4.16
linux linux_kernel 2.4.20
ubuntu ubuntu_linux 4.1
linux linux_kernel 2.4.23
linux linux_kernel 2.4.3
linux linux_kernel 2.4.2
linux linux_kernel 2.4.4
avaya s8710 r2.0.1
avaya modular_messaging_message_storage_server 2.0
linux linux_kernel 2.6.9
avaya s8300 r2.0.0
redhat enterprise_linux 4.0
linux linux_kernel 2.4.26
linux linux_kernel 2.4.9
avaya mn100 *
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
linux linux_kernel 2.6.2
redhat fedora_core core_2.0
avaya intuity_audix *
avaya converged_communications_server 2.0
linux linux_kernel 2.4.8
mandrakesoft mandrake_linux 10.1
linux linux_kernel 2.4.29
linux linux_kernel 2.6.7
linux linux_kernel 2.4.15
avaya s8500 r2.0.0
linux linux_kernel 2.4.18
avaya s8300 r2.0.1
linux linux_kernel 2.4.17
linux linux_kernel 2.6.10
linux linux_kernel 2.6.4
suse suse_linux 8
suse suse_linux 8.2
linux linux_kernel 2.4.22
linux linux_kernel 2.6.8
linux linux_kernel 2.4.0
mandrakesoft mandrake_linux_corporate_server 3.0
CVE-2004-1307 HIGH

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
libtiff libtiff 3.6.1
libtiff libtiff 3.5.3
apple mac_os_x 10.3.7
sun solaris 10.0
apple mac_os_x 10.3.1
avaya call_management_system_server 11.0
libtiff libtiff 3.7.0
apple mac_os_x_server 10.3.2
apple mac_os_x 10.3.8
libtiff libtiff 3.5.5
avaya intuity_audix_lx *
avaya call_management_system_server 9.0
apple mac_os_x_server 10.3.1
avaya call_management_system_server 8.0
conectiva linux 9.0
avaya integrated_management *
sgi propack 3.0
libtiff libtiff 3.5.1
apple mac_os_x_server 10.3.3
avaya interactive_response 1.2.1
apple mac_os_x 10.3.3
conectiva linux 10.0
apple mac_os_x 10.3.5
apple mac_os_x 10.3.4
avaya interactive_response *
avaya modular_messaging_message_storage_server 1.1
avaya call_management_system_server 13.0
apple mac_os_x_server 10.3.5
apple mac_os_x_server 10.3.6
avaya interactive_response 1.3
f5 icontrol_service_manager 1.3.6
libtiff libtiff 3.6.0
apple mac_os_x 10.3
sun sunos 5.7
apple mac_os_x_server 10.3.4
apple mac_os_x 10.3.2
avaya cvlan *
libtiff libtiff 3.5.4
sun solaris 8.0
sun solaris 9.0
apple mac_os_x_server 10.3.7
avaya modular_messaging_message_storage_server 2.0
libtiff libtiff 3.5.2
gentoo linux *
libtiff libtiff 3.4
avaya mn100 *
f5 icontrol_service_manager 1.3.5
mandrakesoft mandrake_linux 10.0
libtiff libtiff 3.5.7
apple mac_os_x 10.3.9
mandrakesoft mandrake_linux 10.1
f5 icontrol_service_manager 1.3
apple mac_os_x_server 10.3.8
apple mac_os_x_server 10.3.9
sun sunos 5.8
apple mac_os_x_server 10.3
sco unixware 7.1.4
avaya call_management_system_server 12.0
apple mac_os_x 10.3.6
sun solaris 7.0
f5 icontrol_service_manager 1.3.4
mandrakesoft mandrake_linux_corporate_server 3.0
CVE-2004-2392 MEDIUM

libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 9.2
mandrakesoft mandrake_linux 9.1
CVE-2004-2394 LOW

Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 9.2
mandrakesoft mandrake_linux 9.0
mandrakesoft mandrake_multi_network_firewall 8.2
mandrakesoft mandrake_linux 8.2
mandrakesoft mandrake_linux 9.1
CVE-2004-2395 LOW

Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 9.2
mandrakesoft mandrake_linux 9.0
mandrakesoft mandrake_multi_network_firewall 8.2
mandrakesoft mandrake_linux 8.2
mandrakesoft mandrake_linux 9.1
CVE-2005-0003 LOW

The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel 2.4.23_ow2
linux linux_kernel 2.4.25
linux linux_kernel 2.4.7
avaya s8500 r2.0.1
redhat enterprise_linux_desktop 3.0
linux linux_kernel 2.4.10
linux linux_kernel 2.4.19
linux linux_kernel 2.4.6
linux linux_kernel 2.4.24_ow1
linux linux_kernel 2.4.14
linux linux_kernel 2.4.24
mandrakesoft mandrake_linux 9.2
linux linux_kernel 2.4.1
mandrakesoft mandrake_multi_network_firewall 8.2
avaya s8700 r2.0.0
linux linux_kernel 2.4.12
avaya s8700 r2.0.1
linux linux_kernel 2.4.13
linux linux_kernel 2.4.5
linux linux_kernel 2.4.11
linux linux_kernel 2.4.27
linux linux_kernel 2.4.21
linux linux_kernel 2.4.28
avaya s8710 r2.0.0
avaya modular_messaging_message_storage_server 1.1
redhat enterprise_linux 3.0
avaya network_routing *
linux linux_kernel 2.4.16
linux linux_kernel 2.4.20
linux linux_kernel 2.4.23
linux linux_kernel 2.4.3
linux linux_kernel 2.4.2
linux linux_kernel 2.4.4
avaya s8710 r2.0.1
avaya modular_messaging_message_storage_server 2.0
avaya s8300 r2.0.0
linux linux_kernel 2.4.26
linux linux_kernel 2.4.9
avaya mn100 *
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
avaya intuity_audix *
avaya converged_communications_server 2.0
linux linux_kernel 2.4.8
mandrakesoft mandrake_linux 10.1
linux linux_kernel 2.4.29
linux linux_kernel 2.4.15
avaya s8500 r2.0.0
linux linux_kernel 2.4.18
avaya s8300 r2.0.1
linux linux_kernel 2.4.17
linux linux_kernel 2.4.22
linux linux_kernel 2.4.0
mandrakesoft mandrake_linux_corporate_server 3.0
CVE-2005-0020 HIGH

Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
playmidi playmidi 2.3.25
playmidi playmidi 2.3.17
playmidi playmidi 2.3.20
playmidi playmidi 2.3.11
playmidi playmidi 2.3.10
playmidi playmidi 2.3.16
playmidi playmidi 2.3.19
playmidi playmidi 2.3.3
playmidi playmidi 2.3.5
playmidi playmidi 2.3.9
playmidi playmidi 2.3.26
playmidi playmidi 2.3.21
playmidi playmidi 2.3.24
mandrakesoft mandrake_linux 10.0
playmidi playmidi 2.3.2
playmidi playmidi 2.3.15
playmidi playmidi 2.3.4
mandrakesoft mandrake_linux 10.1
playmidi playmidi 2.3.12
playmidi playmidi 2.3.22
playmidi playmidi 2.3.6
playmidi playmidi 2.3.13
playmidi playmidi 2.3.18
playmidi playmidi 2.3.8
playmidi playmidi 2.3.7
playmidi playmidi 2.3.14
playmidi playmidi 2.3.25.1
playmidi playmidi 2.3.23
playmidi playmidi 2.3.1
mandrakesoft mandrake_linux_corporate_server 3.0
CVE-2005-0085 MEDIUM

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 8.0
redhat fedora_core core_3.0
htdig htdig 3.1.5_7
htdig htdig 3.2.0b4
htdig htdig 3.2.0b5
mandrakesoft mandrake_linux_corporate_server 2.1
htdig htdig 3.1.5_8
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux 10.1
htdig htdig 3.2.0b3
suse suse_linux 9.0
htdig htdig 3.2.0b2
suse suse_linux 8.1
htdig htdig 3.1.6
htdig htdig 3.2.0b6
suse suse_linux 9.1
htdig htdig 3.1.5
htdig htdig 3.2.0
suse suse_linux 9.2
suse suse_linux 8.2
mandrakesoft mandrake_linux_corporate_server 3.0
CVE-2005-0206 HIGH

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat fedora_core core_3.0
kde koffice 1.3.1
easy_software_products cups 1.1.15
xpdf xpdf 2.3
easy_software_products cups 1.1.4_2
pdftohtml pdftohtml 0.33
easy_software_products cups 1.1.1
redhat fedora_core core_1.0
kde kpdf 3.2
easy_software_products cups 1.1.4
tetex tetex 2.0
suse suse_linux 6.0
suse suse_linux 9.0
gnome gpdf 0.110
easy_software_products cups 1.1.10
pdftohtml pdftohtml 0.34
kde kde 3.2
kde koffice 1.3
kde koffice 1.3.3
suse suse_linux 9.2
suse suse_linux 1.0
redhat enterprise_linux 3.0
suse suse_linux 3.0
ubuntu ubuntu_linux 4.1
suse suse_linux 5.2
suse suse_linux 7.2
pdftohtml pdftohtml 0.32a
kde kde 3.3
gentoo linux *
easy_software_products cups 1.1.19_rc5
tetex tetex 1.0.6
xpdf xpdf 1.1
pdftohtml pdftohtml 0.35
xpdf xpdf 3.0
suse suse_linux 6.2
kde koffice 1.3.2
xpdf xpdf 1.0a
xpdf xpdf 0.90
tetex tetex 2.0.2
suse suse_linux 5.3
easy_software_products cups 1.1.7
easy_software_products cups 1.1.4_5
kde kde 3.3.1
redhat enterprise_linux_desktop 3.0
easy_software_products cups 1.1.4_3
xpdf xpdf 0.91
tetex tetex 1.0.7
suse suse_linux 8.1
cstex cstetex 2.0.2
easy_software_products cups 1.1.6
suse suse_linux 9.1
xpdf xpdf 0.93
redhat enterprise_linux 2.1
suse suse_linux 5.0
suse suse_linux 7.0
debian debian_linux 3.0
sgi propack 3.0
easy_software_products cups 1.1.13
kde koffice 1.3_beta1
xpdf xpdf 1.0
suse suse_linux 6.4
pdftohtml pdftohtml 0.32b
easy_software_products cups 1.1.19
kde kde 3.2.1
ascii ptex 3.1.4
kde kde 3.2.2
redhat linux_advanced_workstation 2.1
xpdf xpdf 2.0
redhat linux 9.0
easy_software_products cups 1.1.14
suse suse_linux 4.4.1
suse suse_linux 6.1
easy_software_products cups 1.1.12
suse suse_linux 8.0
gnome gpdf 0.112
pdftohtml pdftohtml 0.33a
suse suse_linux 4.2
easy_software_products cups 1.1.18
kde koffice 1.3_beta2
easy_software_products cups 1.0.4
easy_software_products cups 1.0.4_8
xpdf xpdf 2.1
kde koffice 1.3_beta3
suse suse_linux 6.3
suse suse_linux 7.1
easy_software_products cups 1.1.16
easy_software_products cups 1.1.20
pdftohtml pdftohtml 0.36
suse suse_linux 7.3
suse suse_linux 4.4
easy_software_products cups 1.1.17
tetex tetex 2.0.1
suse suse_linux 5.1
redhat fedora_core core_2.0
kde kde 3.2.3
gnome gpdf 0.131
xpdf xpdf 0.92
sgi advanced_linux_environment 3.0
suse suse_linux 4.3
suse suse_linux 4.0
suse suse_linux 2.0
suse suse_linux 8.2
mandrakesoft mandrake_linux_corporate_server 3.0
CVE-2005-0472 MEDIUM

Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 1.1.2
mandrakesoft mandrake_linux 10.0
redhat enterprise_linux_desktop 4.0
mandrakesoft mandrake_linux 10.1
redhat enterprise_linux 4.0
rob_flynn gaim 1.0
rob_flynn gaim 1.0.1
mandrakesoft mandrake_linux_corporate_server 3.0
rob_flynn gaim 1.1.1
CVE-2005-0473 MEDIUM

The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
rob_flynn gaim 1.1.2
mandrakesoft mandrake_linux 10.0
redhat enterprise_linux_desktop 4.0
mandrakesoft mandrake_linux 10.1
redhat enterprise_linux 4.0
rob_flynn gaim 1.0
rob_flynn gaim 1.0.1
mandrakesoft mandrake_linux_corporate_server 3.0
rob_flynn gaim 1.1.1
CVE-2005-0503 MEDIUM

uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 10.1
uim uim 0.4.5
CVE-2005-0605 HIGH

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat fedora_core core_3.0
xfree86_project x11r6 4.1.12
redhat enterprise_linux_desktop 3.0
suse suse_linux 8.1
x.org x11r6 6.7.0
x.org x11r6 6.8
suse suse_linux 9.1
xfree86_project x11r6 4.0.1
xfree86_project x11r6 4.1.0
xfree86_project x11r6 3.3
suse suse_linux 7.0
sgi propack 3.0
redhat enterprise_linux_desktop 4.0
suse suse_linux 6.4
xfree86_project x11r6 4.3.0.2
xfree86_project x11r6 4.2.0
xfree86_project x11r6 3.3.6
suse suse_linux 9.0
xfree86_project x11r6 4.1.11
suse suse_linux 9.2
xfree86_project x11r6 3.3.4
redhat enterprise_linux 3.0
suse suse_linux 6.1
x.org x11r6 6.8.1
suse suse_linux 8.0
xfree86_project x11r6 4.2.1
lesstif lesstif 0.93.94
xfree86_project x11r6 4.0.3
xfree86_project x11r6 4.3.0
mandrakesoft mandrake_linux 10.2
suse suse_linux 7.2
suse suse_linux 6.3
suse suse_linux 7.1
redhat enterprise_linux 4.0
suse suse_linux 7.3
xfree86_project x11r6 4.0.2.11
xfree86_project x11r6 4.0
mandrakesoft mandrake_linux_corporate_server 2.1
mandrakesoft mandrake_linux 10.0
redhat fedora_core core_2.0
xfree86_project x11r6 3.3.5
mandrakesoft mandrake_linux 10.1
xfree86_project x11r6 3.3.3
suse suse_linux 6.2
xfree86_project x11r6 3.3.2
altlinux alt_linux 2.3
xfree86_project x11r6 4.3.0.1
suse suse_linux 8.2
mandrakesoft mandrake_linux_corporate_server 3.0
CVE-2005-1267 MEDIUM

The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
lbl tcpdump 3.4
redhat fedora_core core_3.0
trustix secure_linux 2.2
lbl tcpdump 3.8.1
lbl tcpdump 3.5.2
lbl tcpdump 3.7.2
lbl tcpdump 3.6.2
mandrakesoft mandrake_linux 10.1
mandrakesoft mandrake_linux 10.2
lbl tcpdump 3.5
lbl tcpdump 3.9
lbl tcpdump 3.7
lbl tcpdump 3.9.1
trustix secure_linux 2.0
lbl tcpdump 3.4a6
lbl tcpdump 3.8.3
trustix secure_linux 2.1
lbl tcpdump 3.8.2
gentoo linux *
lbl tcpdump 3.5_alpha
redhat fedora_core core_4.0
lbl tcpdump 3.6.3
lbl tcpdump 3.7.1
CVE-2005-1379 MEDIUM

The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_lam-runtime 7.0.6.2mdk
CVE-2005-2377 MEDIUM

nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable. NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 10.0
mandrakesoft mandrake_linux_corporate_server *
CVE-2005-3624 MEDIUM

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
redhat fedora_core core_3.0
turbolinux turbolinux_workstation 8.0
sco openserver 5.0.7
slackware slackware_linux 10.2
redhat enterprise_linux_desktop 3.0
turbolinux turbolinux_server 10.0_x86
kde kpdf 3.4.3
tetex tetex 1.0.7
tetex tetex 3.0
suse suse_linux 9.1
redhat fedora_core core_1.0
kde kpdf 3.2
redhat fedora_core core_4.0
redhat enterprise_linux 2.1
suse suse_linux 10.0
trustix secure_linux 2.2
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
debian debian_linux 3.0
slackware slackware_linux 9.0
sgi propack 3.0
redhat enterprise_linux_desktop 4.0
redhat linux 7.3
tetex tetex 2.0
turbolinux turbolinux_appliance_server 1.0_hosting_edition
conectiva linux 10.0
suse suse_linux 9.0
turbolinux turbolinux_home *
turbolinux turbolinux_personal *
kde koffice 1.4
kde kword 1.4.2
trustix secure_linux 2.0
turbolinux turbolinux_server 10.0
sco openserver 6.0
redhat linux_advanced_workstation 2.1
suse suse_linux 9.2
mandrakesoft mandrake_linux 2006
slackware slackware_linux 10.1
suse suse_linux 1.0
turbolinux turbolinux 10
redhat enterprise_linux 3.0
redhat linux 9.0
slackware slackware_linux 9.1
easy_software_products cups 1.1.22
turbolinux turbolinux_server 8.0
debian debian_linux 3.1
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 4.1
mandrakesoft mandrake_linux 10.2
easy_software_products cups 1.1.23
ubuntu ubuntu_linux 5.10
poppler poppler 0.4.2
easy_software_products cups 1.1.22_rc1
gentoo linux *
easy_software_products cups 1.1.23_rc1
redhat enterprise_linux 4.0
kde koffice 1.4.1
libextractor libextractor *
tetex tetex 2.0.1
turbolinux turbolinux fuji
mandrakesoft mandrake_linux_corporate_server 2.1
redhat fedora_core core_2.0
suse suse_linux 9.3
xpdf xpdf 3.0
mandrakesoft mandrake_linux 10.1
kde kdegraphics 3.2
turbolinux turbolinux_multimedia *
kde kdegraphics 3.4.3
kde koffice 1.4.2
tetex tetex 2.0.2
slackware slackware_linux 10.0
turbolinux turbolinux_desktop 10.0
mandrakesoft mandrake_linux_corporate_server 3.0
trustix secure_linux 3.0
CVE-2005-3625 HIGH

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
redhat fedora_core core_3.0
turbolinux turbolinux_workstation 8.0
sco openserver 5.0.7
slackware slackware_linux 10.2
redhat enterprise_linux_desktop 3.0
turbolinux turbolinux_server 10.0_x86
kde kpdf 3.4.3
tetex tetex 1.0.7
tetex tetex 3.0
suse suse_linux 9.1
redhat fedora_core core_1.0
kde kpdf 3.2
redhat fedora_core core_4.0
redhat enterprise_linux 2.1
suse suse_linux 10.0
trustix secure_linux 2.2
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
debian debian_linux 3.0
slackware slackware_linux 9.0
sgi propack 3.0
redhat enterprise_linux_desktop 4.0
redhat linux 7.3
tetex tetex 2.0
turbolinux turbolinux_appliance_server 1.0_hosting_edition
conectiva linux 10.0
suse suse_linux 9.0
turbolinux turbolinux_home *
turbolinux turbolinux_personal *
kde koffice 1.4
kde kword 1.4.2
trustix secure_linux 2.0
turbolinux turbolinux_server 10.0
sco openserver 6.0
redhat linux_advanced_workstation 2.1
suse suse_linux 9.2
mandrakesoft mandrake_linux 2006
slackware slackware_linux 10.1
suse suse_linux 1.0
turbolinux turbolinux 10
redhat enterprise_linux 3.0
redhat linux 9.0
slackware slackware_linux 9.1
easy_software_products cups 1.1.22
turbolinux turbolinux_server 8.0
debian debian_linux 3.1
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 4.1
mandrakesoft mandrake_linux 10.2
easy_software_products cups 1.1.23
ubuntu ubuntu_linux 5.10
poppler poppler 0.4.2
easy_software_products cups 1.1.22_rc1
gentoo linux *
easy_software_products cups 1.1.23_rc1
redhat enterprise_linux 4.0
kde koffice 1.4.1
libextractor libextractor *
tetex tetex 2.0.1
turbolinux turbolinux fuji
mandrakesoft mandrake_linux_corporate_server 2.1
redhat fedora_core core_2.0
suse suse_linux 9.3
xpdf xpdf 3.0
mandrakesoft mandrake_linux 10.1
kde kdegraphics 3.2
turbolinux turbolinux_multimedia *
kde kdegraphics 3.4.3
kde koffice 1.4.2
tetex tetex 2.0.2
slackware slackware_linux 10.0
turbolinux turbolinux_desktop 10.0
mandrakesoft mandrake_linux_corporate_server 3.0
trustix secure_linux 3.0
CVE-2005-3626 MEDIUM

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
redhat fedora_core core_3.0
turbolinux turbolinux_workstation 8.0
sco openserver 5.0.7
slackware slackware_linux 10.2
redhat enterprise_linux_desktop 3.0
turbolinux turbolinux_server 10.0_x86
kde kpdf 3.4.3
tetex tetex 1.0.7
tetex tetex 3.0
suse suse_linux 9.1
redhat fedora_core core_1.0
kde kpdf 3.2
redhat fedora_core core_4.0
redhat enterprise_linux 2.1
suse suse_linux 10.0
trustix secure_linux 2.2
turbolinux turbolinux_appliance_server 1.0_workgroup_edition
debian debian_linux 3.0
slackware slackware_linux 9.0
sgi propack 3.0
redhat enterprise_linux_desktop 4.0
redhat linux 7.3
tetex tetex 2.0
turbolinux turbolinux_appliance_server 1.0_hosting_edition
conectiva linux 10.0
suse suse_linux 9.0
turbolinux turbolinux_home *
turbolinux turbolinux_personal *
kde koffice 1.4
kde kword 1.4.2
trustix secure_linux 2.0
turbolinux turbolinux_server 10.0
sco openserver 6.0
redhat linux_advanced_workstation 2.1
suse suse_linux 9.2
mandrakesoft mandrake_linux 2006
slackware slackware_linux 10.1
suse suse_linux 1.0
turbolinux turbolinux 10
redhat enterprise_linux 3.0
redhat linux 9.0
slackware slackware_linux 9.1
easy_software_products cups 1.1.22
turbolinux turbolinux_server 8.0
debian debian_linux 3.1
ubuntu ubuntu_linux 5.04
ubuntu ubuntu_linux 4.1
mandrakesoft mandrake_linux 10.2
easy_software_products cups 1.1.23
ubuntu ubuntu_linux 5.10
poppler poppler 0.4.2
easy_software_products cups 1.1.22_rc1
gentoo linux *
easy_software_products cups 1.1.23_rc1
redhat enterprise_linux 4.0
kde koffice 1.4.1
libextractor libextractor *
tetex tetex 2.0.1
turbolinux turbolinux fuji
mandrakesoft mandrake_linux_corporate_server 2.1
redhat fedora_core core_2.0
suse suse_linux 9.3
xpdf xpdf 3.0
mandrakesoft mandrake_linux 10.1
kde kdegraphics 3.2
turbolinux turbolinux_multimedia *
kde kdegraphics 3.4.3
kde koffice 1.4.2
tetex tetex 2.0.2
slackware slackware_linux 10.0
turbolinux turbolinux_desktop 10.0
mandrakesoft mandrake_linux_corporate_server 3.0
trustix secure_linux 3.0
CVE-2006-0745 HIGH

X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
x.org x11r7 1.0.1
sun solaris 10.0
x.org x11r6 6.9
redhat fedora_core core_5.0
mandrakesoft mandrake_linux 2006
x.org x11r7 1.0
suse suse_linux 10.0
CVE-2007-6284 MEDIUM

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
redhat fedora 7
redhat fedora 8
mandrakesoft mandrake_linux 2008.0
mandrakesoft mandrake_linux 2007.1
debian debian_linux 3.1
debian debian_linux 4.0
mandrakesoft mandrake_linux 2007
mandrakesoft mandrake_linux_corporate_server 4.0
mandrakesoft mandrake_linux_corporate_server 3.0
CVE-2008-0595 MEDIUM

dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-863,

Products Affected

Vendor Product Version
mandrakesoft mandrake_linux 2008.0
mandrakesoft mandrake_linux 2007.1
mandrakesoft mandrake_linux 2007
freedesktop dbus *
redhat enterprise_linux 5
mandrakesoft mandrake_linux 2007.0_x86_64
redhat enterprise_linux 5.0
fedoraproject fedora 7