Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Linux
(Redhat)| Repositories | https://github.com/mjg59/linux |
| #Vulnerabilities | 232 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2002-10-28 | CVE-2002-0836 | dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. | Secure_os, Mandrake_linux, Linux | N/A | ||
| 2002-08-12 | CVE-2002-0638 | setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. | Secure_os, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_single_network_firewall, Linux | N/A | ||
| 2002-08-12 | CVE-2002-0506 | Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt. | Linux | N/A | ||
| 2002-03-08 | CVE-2002-0069 | Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service. | Linux, Squid | N/A | ||
| 2002-03-08 | CVE-2002-0068 | Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters. | Linux, Squid | N/A | ||
| 2002-03-08 | CVE-2002-0067 | Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions. | Linux, Squid | N/A | ||
| 2002-01-31 | CVE-2002-0045 | slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs. | Openldap, Linux | N/A | ||
| 2002-01-31 | CVE-2002-0044 | GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files. | Debian_linux, Enscript, Linux | N/A | ||
| 2002-02-27 | CVE-2002-0004 | Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | Openlinux_server, Openlinux_workstation, Debian_linux, Freebsd, Mandrake_linux, Netbsd, Linux, Slackware_linux, Suse_linux | N/A | ||
| 2002-01-31 | CVE-2002-0002 | Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code. | Secure_linux, Mandrake_linux, Linux, Stunnel | N/A |