Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux
(Redhat)| Repositories | https://github.com/mjg59/linux |
| #Vulnerabilities | 232 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2003-03-03 | CVE-2002-1509 | A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email. | Linux | N/A | ||
| 2002-11-04 | CVE-2002-1232 | Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist. | Debian_linux, Secure_os, Linux | N/A | ||
| 2003-02-19 | CVE-2002-1160 | The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's credentials after root uses su. | Linux | N/A | ||
| 2003-06-16 | CVE-2002-1155 | Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument. | Linux | N/A | ||
| 2002-10-28 | CVE-2002-0836 | dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. | Secure_os, Mandrake_linux, Linux | N/A | ||
| 2002-08-12 | CVE-2002-0638 | setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. | Secure_os, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_single_network_firewall, Linux | N/A | ||
| 2002-08-12 | CVE-2002-0506 | Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt. | Linux | N/A | ||
| 2002-03-08 | CVE-2002-0069 | Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service. | Linux, Squid | N/A | ||
| 2002-03-08 | CVE-2002-0068 | Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters. | Linux, Squid | N/A | ||
| 2002-03-08 | CVE-2002-0067 | Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. | Linux, Squid | N/A |