Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux
(Gentoo)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 136 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-03-07 | CVE-2002-1337 | Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. | Linux, Alphaserver_sc, Hp\-Ux, Netbsd, Solaris, Sendmail, Sunos, Bsdos, Platform_sa | N/A | ||
| 2004-08-06 | CVE-2004-0493 | The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters. | Http_server, Converged_communications_server, S8300, S8500, S8700, Linux, Http_server, Secure_linux | N/A | ||
| 2004-09-16 | CVE-2004-0809 | The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. | Http_server, Debian_linux, Linux, Hp\-Ux, Secure_web_server_for_tru64, Mandrake_linux, Enterprise_linux, Enterprise_linux_desktop, Secure_linux, Turbolinux_desktop, Turbolinux_home, Turbolinux_server | N/A | ||
| 2004-12-23 | CVE-2004-0834 | Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3. | Linux, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall, Speedtouch_usb_driver | N/A | ||
| 2008-02-29 | CVE-2008-1078 | expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1. | Linux, Rpath_linux | N/A | ||
| 2005-03-01 | CVE-2004-1027 | Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences. | Unarj, Debian_linux, Linux | N/A | ||
| 2004-08-06 | CVE-2004-0667 | Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges. | Linux, Rule_set_based_access_control | N/A | ||
| 2013-12-13 | CVE-2013-0348 | thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file. | Thttpd, Fedora, Linux, Sthttpd, Opensuse | N/A | ||
| 2004-12-31 | CVE-2004-1491 | Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. | Linux, Kde, Opera_browser, Suse_linux | N/A | ||
| 2005-01-10 | CVE-2004-1096 | Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | Brightstor_arcserve_backup, Etrust_antivirus, Etrust_antivirus_gateway, Etrust_ez_antivirus, Etrust_ez_armor, Etrust_intrusion_detection, Etrust_secure_content_manager, Inoculateit, Etrust_antivirus, Etrust_secure_content_manager, Nod32_antivirus, Linux, Kaspersky_anti\-Virus, Mandrake_linux, Antivirus_engine, Rav_antivirus_desktop, Rav_antivirus_for_file_servers, Rav_antivirus_for_mail_servers, Sophos_anti\-Virus, Sophos_puremessage_anti\-Virus, Sophos_small_business_suite, Suse_linux | N/A |