Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux
(Gentoo)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 135 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-08-06 | CVE-2004-0495 | Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. | Converged_communications_server, Intuity_audix, Modular_messaging_message_storage_server, S8300, S8500, S8700, Linux, Linux, Linux_kernel, Enterprise_linux, Suse_email_server, Suse_linux, Suse_linux_admin\-Cd_for_firewall, Suse_linux_connectivity_server, Suse_linux_database_server, Suse_linux_firewall_cd, Suse_linux_office_server, Suse_office_server | N/A | ||
| 2004-12-06 | CVE-2004-0456 | Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header. | Debian_linux, Linux, Pavuk | N/A | ||
| 2004-08-18 | CVE-2004-0432 | ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions. | Linux, Proftpd, Secure_linux | N/A | ||
| 2004-08-18 | CVE-2004-0419 | XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions. | Linux, X11r6, Xdm | N/A | ||
| 2004-08-06 | CVE-2004-0418 | serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | Cvs, Linux, Openbsd, Openpkg, Propack | N/A | ||
| 2004-08-06 | CVE-2004-0417 | Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space. | Cvs, Linux, Openbsd, Openpkg, Propack | N/A | ||
| 2004-08-06 | CVE-2004-0416 | Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code. | Cvs, Linux, Openbsd, Openpkg, Propack | N/A | ||
| 2004-08-06 | CVE-2004-0414 | CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. | Cvs, Linux, Openbsd, Openpkg, Propack | N/A | ||
| 2004-05-04 | CVE-2004-0386 | Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header. | Linux, Mandrake_linux, Mplayer | N/A | ||
| 2004-11-23 | CVE-2004-0333 | Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters. | Linux, Openpkg, Uudeview, Winzip | N/A |