Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux
(Gentoo)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 135 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-01-27 | CVE-2004-0891 | Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer. | Linux, Gaim, Slackware_linux, Ubuntu_linux | N/A | ||
| 2005-01-27 | CVE-2004-0889 | Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. | Debian_linux, Cups, Linux, Gpdf, Kde, Koffice, Kpdf, Pdftohtml, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Tetex, Ubuntu_linux, Xpdf | N/A | ||
| 2005-01-27 | CVE-2004-0888 | Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. | Debian_linux, Cups, Linux, Gpdf, Kde, Koffice, Kpdf, Pdftohtml, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux_advanced_workstation, Suse_linux, Tetex, Ubuntu_linux, Xpdf | N/A | ||
| 2005-01-27 | CVE-2004-0881 | getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir. | Linux, Getmail, Slackware_linux | N/A | ||
| 2005-01-27 | CVE-2004-0880 | getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file. | Linux, Getmail, Slackware_linux | N/A | ||
| 2004-12-23 | CVE-2004-0749 | The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames. | Linux, Subversion | N/A | ||
| 2004-10-20 | CVE-2004-0746 | Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. | Linux, Kde, Konqueror, Mandrake_linux, Suse_linux | N/A | ||
| 2004-07-27 | CVE-2004-0700 | Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. | Linux, Mod_ssl | N/A | ||
| 2004-08-06 | CVE-2004-0649 | Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code. | Linux, L2tpd | N/A | ||
| 2004-12-06 | CVE-2004-0626 | The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type. | Linux, Linux, Linux_kernel, Suse_linux | N/A |