Product:

Linux

(Gentoo)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 131
Date Id Summary Products Score Patch Annotated
2004-12-06 CVE-2004-0634 The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference. Ethereal, Linux, Mandrake_linux, Enterprise_linux, Linux_advanced_workstation N/A
2004-12-06 CVE-2004-0633 The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow. Ethereal, Linux, Mandrake_linux, Enterprise_linux, Linux_advanced_workstation N/A
2005-01-10 CVE-2004-1106 Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via "specially formed URLs," possibly via the include parameter in index.php. Gallery, Linux N/A
2003-03-07 CVE-2002-1337 Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. Linux, Alphaserver_sc, Hp\-Ux, Netbsd, Solaris, Sendmail, Sunos, Bsdos, Platform_sa N/A
2004-12-31 CVE-2004-1901 Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles. Linux, Portage 5.5
2004-08-06 CVE-2004-0493 The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters. Http_server, Converged_communications_server, S8300, S8500, S8700, Linux, Http_server, Secure_linux N/A
2004-09-16 CVE-2004-0809 The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. Http_server, Debian_linux, Linux, Hp\-Ux, Secure_web_server_for_tru64, Mandrake_linux, Enterprise_linux, Enterprise_linux_desktop, Secure_linux, Turbolinux_desktop, Turbolinux_home, Turbolinux_server N/A
2004-12-23 CVE-2004-0834 Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3. Linux, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall, Speedtouch_usb_driver N/A
2008-02-29 CVE-2008-1078 expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1. Linux, Rpath_linux N/A
2005-03-01 CVE-2004-1027 Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences. Unarj, Debian_linux, Linux N/A