Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora_core
(Redhat)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 79 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-01-10 | CVE-2004-1067 | Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username. | Cyrus_imap_server, Fedora_core, Ubuntu_linux | N/A | ||
| 2005-01-10 | CVE-2004-1015 | Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011. | Cyrus_imap_server, Fedora_core, Ubuntu_linux | N/A | ||
| 2005-01-10 | CVE-2004-1013 | The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption. | Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux | N/A | ||
| 2005-01-10 | CVE-2004-1012 | The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. | Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux | N/A | ||
| 2005-01-10 | CVE-2004-1011 | Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015. | Cyrus_imap_server, Linux, Openpkg, Fedora_core, Secure_linux, Ubuntu_linux | N/A | ||
| 2005-03-01 | CVE-2004-0989 | Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. | Fedora_core, Secure_linux, Ubuntu_linux, Libxml, Libxml2, Command_line_xml_toolkit | N/A | ||
| 2005-03-01 | CVE-2004-0986 | Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers. | Debian_linux, Linux_kernel, Fedora_core, Suse_iptables | N/A | ||
| 2005-02-09 | CVE-2004-0974 | The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | Mandrake_linux, Mandrake_linux_corporate_server, Open_source_apple_file_share_protocol_suite, Fedora_core | N/A | ||
| 2005-02-09 | CVE-2004-0961 | Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes. | Freeradius, Enterprise_linux, Fedora_core | N/A | ||
| 2005-02-09 | CVE-2004-0960 | FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument. | Freeradius, Enterprise_linux, Fedora_core | N/A |