Product:

Secure_linux

(Trustix)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 67
Date Id Summary Products Score Patch Annotated
2005-02-09 CVE-2004-0940 Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. Http_server, Hp\-Ux, Openpkg, Slackware_linux, Suse_linux, Secure_linux N/A
2004-09-16 CVE-2004-0809 The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. Http_server, Linux, Linux, Hp\-Ux, Secure_web_server_for_tru64, Mandrake_linux, Enterprise_linux, Enterprise_linux_desktop, Secure_linux, Turbolinux_desktop, Turbolinux_home, Turbolinux_server N/A
2004-08-06 CVE-2004-0493 The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters. Http_server, Converged_communications_server, S8300, S8500, S8700, Linux, Http_server, Secure_linux N/A
2004-07-07 CVE-2004-0488 Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. Http_server, Linux, Mandrake_linux, Mandrake_linux_corporate_server, Mandrake_multi_network_firewall, Mod_ssl, Openbsd, Propack, Tinysofa_enterprise_server, Secure_linux N/A
2005-02-09 CVE-2004-0957 Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities. Openpkg, Mysql, Enterprise_linux, Enterprise_linux_desktop, Suse_linux, Secure_linux, Ubuntu_linux N/A
2007-02-13 CVE-2007-0910 Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors. Php, Secure_linux N/A
2007-02-13 CVE-2007-0909 Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function. Php, Secure_linux N/A
2007-02-13 CVE-2007-0907 Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function. Php, Secure_linux N/A
2007-02-13 CVE-2007-0906 Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions. NOTE: vector 6 might actually be an integer overflow (CVE-2007-1885). NOTE: as of 20070411, vector (3) might involve the imap_mail_compose... Php, Secure_linux N/A
2007-02-13 CVE-2007-0905 PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension. NOTE: it is possible that this issue is a duplicate of CVE-2006-6383. Php, Secure_linux N/A