Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux
(Gentoo)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 131 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-04-14 | CVE-2004-1090 | Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." | Debian_linux, Linux, Midnight_commander, Enterprise_linux, Linux_advanced_workstation, Suse_linux, Turbolinux_server, Turbolinux_workstation | N/A | ||
| 2005-03-01 | CVE-2004-1055 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser. | Linux, Phpmyadmin | N/A | ||
| 2005-03-01 | CVE-2004-1052 | Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters. | Bnc, Debian_linux, Linux | N/A | ||
| 2005-03-01 | CVE-2004-1037 | The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string. | Linux, Twiki | N/A | ||
| 2005-03-01 | CVE-2004-1036 | Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and earlier, and 1.5.1-cvs before 23rd October 2004, allows remote attackers to execute arbitrary web script or HTML. | Linux, Squirrelmail | N/A | ||
| 2005-03-01 | CVE-2004-1034 | Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file. | Linux, Kaffeine_player, Gxine | N/A | ||
| 2005-03-01 | CVE-2004-1033 | Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable. | Linux, Fcron | N/A | ||
| 2005-03-01 | CVE-2004-1032 | fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the resulting string. | Linux, Fcron | N/A | ||
| 2005-03-01 | CVE-2004-1031 | fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ. | Linux, Fcron | N/A | ||
| 2005-03-01 | CVE-2004-1030 | fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message. | Linux, Fcron | N/A |