Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux_desktop
(Redhat)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2008-11-26 | CVE-2008-4313 | A certain Red Hat patch for tog-pegasus in OpenGroup Pegasus 2.7.0 does not properly configure the PAM tty name, which allows remote authenticated users to bypass intended access restrictions and send requests to OpenPegasus WBEM services. | Enterprise_linux, Enterprise_linux_desktop | N/A | ||
| 2008-10-03 | CVE-2008-3825 | pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename and running the (1) su or (2) sudo program. NOTE: there may be a related vector involving sshd that has limited relevance. | Enterprise_linux, Enterprise_linux_desktop | N/A | ||
| 2008-05-23 | CVE-2008-1767 | Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps. | Desktop, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_desktop_workstation, Linux_advanced_workstation | N/A | ||
| 2008-05-07 | CVE-2008-1615 | Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls. | Enterprise_linux, Enterprise_linux_desktop | N/A | ||
| 2008-05-07 | CVE-2007-6282 | The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV. | Enterprise_linux, Enterprise_linux_desktop | N/A | ||
| 2008-05-07 | CVE-2007-5001 | Linux kernel before 2.4.21 allows local users to cause a denial of service (kernel panic) via asynchronous input or output on a FIFO special file. | Enterprise_linux, Enterprise_linux_desktop | N/A | ||
| 2008-02-04 | CVE-2007-4130 | The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic) via invalid arguments to set_mempolicy in an MPOL_BIND operation. | Enterprise_linux, Enterprise_linux_desktop | N/A | ||
| 2007-07-15 | CVE-2007-3103 | The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file. | Fedora_core, Enterprise_linux, Enterprise_linux_desktop, Linux | N/A | ||
| 2007-04-05 | CVE-2007-1352 | Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. | Mandrake_multi_network_firewall, Openbsd, Enterprise_linux, Enterprise_linux_desktop, Fedora_core, Linux, Linux_advanced_workstation, Linux, Slackware_linux, Turbolinux_desktop, Ubuntu_linux, Libxfont | N/A | ||
| 2007-04-05 | CVE-2007-1351 | Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. | Mandrake_multi_network_firewall, Openbsd, Enterprise_linux, Enterprise_linux_desktop, Linux_advanced_workstation, Rpath_linux, Ubuntu_linux, Libxfont, X11r6 | N/A |