Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openpkg
(Openpkg)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 27 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-07-27 | CVE-2004-0594 | The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete. | Converged_communications_server, Debian_linux, Hp\-Ux, Openpkg, Php, Secure_linux | N/A | ||
| 2003-05-12 | CVE-2003-0190 | OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack. | Openssh, Openpkg, Scalance_x204rna_ecc_firmware, Scalance_x204rna_firmware | N/A | ||
| 2002-09-24 | CVE-2002-0985 | Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands. | Openpkg, Php | N/A | ||
| 2004-08-18 | CVE-2004-0421 | The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. | Libpng, Openpkg, Enterprise_linux, Enterprise_linux_desktop, Libpng, Secure_linux | N/A | ||
| 2004-10-20 | CVE-2004-0772 | Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code. | Debian_linux, Kerberos_5, Openpkg | 9.8 | ||
| 2002-03-15 | CVE-2002-0083 | Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. | Linux, Secure_linux, Immunix, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_single_network_firewall, Openssh, Openpkg, Linux, Suse_linux, Secure_linux | 9.8 | ||
| 2005-02-09 | CVE-2004-0940 | Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. | Http_server, Hp\-Ux, Openpkg, Slackware_linux, Suse_linux, Secure_linux | 7.8 | ||
| 2005-02-09 | CVE-2004-0957 | Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities. | Openpkg, Mysql, Enterprise_linux, Enterprise_linux_desktop, Suse_linux, Secure_linux, Ubuntu_linux | N/A | ||
| 2007-11-07 | CVE-2007-5116 | Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. | Perl, Mandrake_multi_network_firewall, Openpkg, Enterprise_linux | N/A | ||
| 2004-10-07 | CVE-2005-0373 | Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. | Mac_os_x, Mac_os_x_server, Linux, Sasl, Openpkg, Fedora_core, Suse_cvsup, Suse_linux | N/A |