Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openpkg
(Openpkg)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 27 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-05-05 | CVE-2004-1997 | Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges. | Kolab_groupware_server, Openpkg | N/A | ||
| 2004-12-31 | CVE-2004-1471 | Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. | Cvs, Freebsd, Linux, Openbsd, Openpkg, Propack | N/A | ||
| 2005-01-10 | CVE-2004-1065 | Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file. | Openpkg, Php, Secure_linux, Ubuntu_linux | N/A | ||
| 2005-01-10 | CVE-2004-1019 | The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results. | Openpkg, Php, Secure_linux, Ubuntu_linux | N/A | ||
| 2005-01-10 | CVE-2004-1013 | The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption. | Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux | N/A | ||
| 2005-01-10 | CVE-2004-1012 | The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. | Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux | N/A | ||
| 2005-01-10 | CVE-2004-1011 | Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015. | Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux | N/A | ||
| 2005-03-01 | CVE-2004-0990 | Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941. | Gdlib, Linux, Openpkg, Suse_linux, Secure_linux | N/A | ||
| 2005-01-27 | CVE-2004-0918 | The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. | Linux, Openpkg, Fedora_core, Squid, Secure_linux, Ubuntu_linux | N/A | ||
| 2004-08-06 | CVE-2004-0418 | serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. | Cvs, Linux, Openbsd, Openpkg, Propack | N/A |