Vulnerabilites related to redhat - linux
Vulnerability from fkie_nvd
Published
1999-08-11 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Red Hat pump DHCP client allows remote attackers to gain root access in some configurations." } ], "id": "CVE-1999-0814", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-08-11T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-1999-027.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-1999-027.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1998-12-04 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:bsdi:bsd_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA7932DF-A035-4506-9BF1-C733DC5DD872", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*", "matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:internet_faststart:*:*:*:*:*:*:*:*", "matchCriteriaId": "9E88B374-7D32-467D-9A5B-3011897F844C", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5F14C63-9596-4675-B217-F22F8A18CD1B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:unixware:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "17439B5B-0B66-490B-9B53-2C9D576C879F", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:unixware:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "EF9FD7BF-97E4-426D-881F-03C9D5B8895D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type." } ], "id": "CVE-1999-0798", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1998-12-04T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=91278867118128\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=91278867118128\u0026w=2" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-06-30 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA8CD46B-C22E-4576-9EA9-909B64D9EAC5", "versionEndIncluding": "6.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service." } ], "id": "CVE-1999-1348", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-06-30T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=93220073515880\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=93220073515880\u0026w=2" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-04-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://xforce.iss.net/alerts/advise46.php3 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://xforce.iss.net/alerts/advise46.php3 | Patch, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands." } ], "id": "CVE-2000-0248", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-04-24T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://xforce.iss.net/alerts/advise46.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://xforce.iss.net/alerts/advise46.php3" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-09-17 17:17
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | linux | 4.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*", "matchCriteriaId": "49EF5B77-9BC9-4AE8-A677-48E5E576BE63", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*", "matchCriteriaId": "36389D32-61C1-4487-8399-FA7D2864FACD", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*", "matchCriteriaId": "49B67F74-AF8F-4A27-AA8A-A8479E256A9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:desktop:*:*:*:*:*", "matchCriteriaId": "ECE78A67-50EC-443F-A83F-4FFD875E31ED", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command." }, { "lang": "es", "value": "Vulnerabilidad no especificada en el kernel en Red Hat Enterprise Linux (RHEL) 4 sobre la plataforma x86_64 permite a usuarios locales provocar denegaci\u00f3n de servicio (OOPS) a trav\u00e9s de vectores no especificados relacionados con la funci\u00f3n get_gate_vma y el comando fuser." } ], "id": "CVE-2007-3379", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-09-17T17:17:00.000", "references": [ { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://rhn.redhat.com/errata/RHBA-2007-0304.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=178981" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10426" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://rhn.redhat.com/errata/RHBA-2007-0304.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=178981" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10426" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-12-06 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header." } ], "id": "CVE-2001-0852", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-12-06T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=100498100112191\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=tux-list\u0026m=100584714702328\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-142.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3506" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7464" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=100498100112191\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=tux-list\u0026m=100584714702328\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-142.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3506" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7464" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-03-03 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*", "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user\u0027s group (mode 660), which allows other users in the same group to read or modify the new user\u0027s incoming email." } ], "id": "CVE-2002-1509", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-03-03T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=75418" }, { "source": "cve@mitre.org", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:026" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-057.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-058.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=75418" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-058.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-11-13 19:29
Modified
2024-11-21 03:49
Severity ?
4.6 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. When using 'response_mode=form_post' it is possible to inject arbitrary Javascript-Code via the 'state'-parameter in the authentication URL. This allows an XSS-Attack upon succesfully login.
References
▶ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:3592 | Vendor Advisory | |
secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:3593 | Vendor Advisory | |
secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:3595 | Vendor Advisory | |
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655 | Issue Tracking, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3592 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3593 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3595 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655 | Issue Tracking, Vendor Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:keycloak:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "3D602684-69EC-4051-AF5B-02595A16BEBA", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:keycloak:4.0.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "91B84EB8-4384-4638-9033-914B0F378D46", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:keycloak:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "45BFBB51-AC74-453F-B24D-2BB1E04BD410", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:single_sign-on:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "FABBE0BB-135A-458C-BD84-54C052FFDC57", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:single_sign-on:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "FABBE0BB-135A-458C-BD84-54C052FFDC57", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*", "matchCriteriaId": "341E6313-20D5-44CB-9719-B20585DC5AD6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. When using \u0027response_mode=form_post\u0027 it is possible to inject arbitrary Javascript-Code via the \u0027state\u0027-parameter in the authentication URL. This allows an XSS-Attack upon succesfully login." }, { "lang": "es", "value": "Se ha descubierto un error en Keycloak 3.4.3.Final, 4.0.0.Beta2 y 4.3.0.Final. Al emplear \"response_mode=form_post\", es posible inyectar c\u00f3digo JavaScript arbitrario mediante el par\u00e1metro \"state\" en la URL de autenticaci\u00f3n. Esto permite un ataque Cross-Site Scripting (XSS) al iniciar sesi\u00f3n exitosamente." } ], "id": "CVE-2018-14655", "lastModified": "2024-11-21T03:49:31.257", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.0" }, "exploitabilityScore": 2.1, "impactScore": 2.5, "source": "secalert@redhat.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-11-13T19:29:00.307", "references": [ { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3592" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3593" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3595" }, { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3592" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3593" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3595" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "secalert@redhat.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-03-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mandrakesoft | mandrake_linux | 7.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords." } ], "id": "CVE-2000-0184", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-03-09T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0082.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0082.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1037" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-06-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops").
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service (\"kernel oops\")." }, { "lang": "es", "value": "Vulnerabilidad desconocida en la capa TTY del kernel de Linux 2.4 permite que atacantes causen una denegaci\u00f3n de servicio (\"kernel oops\")." } ], "id": "CVE-2003-0247", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-06-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2003/dsa-311" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-312" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-332" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-336" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-442" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "source": "cve@mitre.org", "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A284" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2003/dsa-311" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-336" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A284" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2025-06-18 16:15
Modified
2025-08-13 14:12
Severity ?
Summary
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their privileges when handling external entities due to execution with unnecessary privileges.
References
▶ | URL | Tags | |
---|---|---|---|
psirt@us.ibm.com | https://www.ibm.com/support/pages/node/7237144 | Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ibm | webmethods_integration | 10.5 | |
ibm | webmethods_integration | 10.7 | |
ibm | webmethods_integration | 10.11 | |
ibm | webmethods_integration | 10.15 | |
apple | macos | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
novell | suse_linux | - | |
redhat | linux | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ibm:webmethods_integration:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "BF7F23BC-1BBD-440F-A122-59CDE90A30A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:webmethods_integration:10.7:*:*:*:*:*:*:*", "matchCriteriaId": "E52CFF5B-D741-422C-ABF8-EC71E69F3A0E", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:webmethods_integration:10.11:*:*:*:*:*:*:*", "matchCriteriaId": "2008B366-18FC-4991-976F-4CE78FE52B55", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:webmethods_integration:10.15:*:*:*:*:*:*:*", "matchCriteriaId": "A74F598F-90A3-4F57-99B8-5BA7AD731699", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false }, { "criteria": "cpe:2.3:o:novell:suse_linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "B627E2A9-DE93-43FB-BFB7-5B6F421554D5", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EBE07A-6FEF-4343-BA5D-58FD175F5CD1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their privileges when handling external entities due to execution with unnecessary privileges." }, { "lang": "es", "value": "IBM webMethods Integration Server 10.5, 10.7, 10.11 y 10.15 podr\u00edan permitir que un usuario privilegiado aumente sus privilegios al manejar entidades externas debido a la ejecuci\u00f3n con privilegios innecesarios." } ], "id": "CVE-2025-36048", "lastModified": "2025-08-13T14:12:38.570", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "psirt@us.ibm.com", "type": "Primary" } ] }, "published": "2025-06-18T16:15:27.080", "references": [ { "source": "psirt@us.ibm.com", "tags": [ "Vendor Advisory" ], "url": "https://www.ibm.com/support/pages/node/7237144" } ], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-250" } ], "source": "psirt@us.ibm.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-05-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cygnus:cygnus_network_security:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "05857121-8827-45FD-886F-4269E0336036", "vulnerable": true }, { "criteria": "cpe:2.3:a:cygnus:kerbnet:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE1B0821-64F1-46E3-8DD3-12FFD1B037F5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "AFB8BD89-F049-4C3B-8744-E8D00D752DE0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "08FA60A9-10E1-4ACD-819C-17801FAD7671", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges." } ], "id": "CVE-2000-0390", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-05-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/4884" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/4884" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1220" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-02-17 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:tcpdump:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF58D46A-19E6-42EF-877A-C215DAB5AC19", "versionEndIncluding": "3.8.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057." }, { "lang": "es", "value": "tcpdump anteriores a 3.8.1 permite a atacantes remotos causar una denegaci\u00f3n de servico (bucle infinito) mediante ciertos paquetes ISAKMP, una vulnerabilidad distinta de CAN-2004-9957." } ], "id": "CVE-2003-0989", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-02-17T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt" }, { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html" }, { "source": "cve@mitre.org", "url": "http://lwn.net/Alerts/66445/" }, { "source": "cve@mitre.org", "url": "http://lwn.net/Alerts/66805/" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=107577418225627\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/10636" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/10637" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/10639" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/10644" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/10652" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/10668" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/10718" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11022" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11032/" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/12179/" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-425" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/738518" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:008" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-007.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-008.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/350238/30/21640/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/9507" }, { "source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1008716" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10599" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A847" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lwn.net/Alerts/66445/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lwn.net/Alerts/66805/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=107577418225627\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/10636" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/10637" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/10639" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/10644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/10652" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/10668" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/10718" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11022" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11032/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/12179/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/738518" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-007.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-008.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/350238/30/21640/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/9507" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1008716" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10599" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A847" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A852" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1997-05-29 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:larry_wall:perl:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "C6D64BFC-E974-460C-A635-7319676049A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:freeware:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E7970668-A80C-461D-A779-A8A6880D319B", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:freeware:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A3D6C767-472A-4C09-B06F-C73537E764DD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684", "vulnerable": true }, { "criteria": "cpe:2.3:o:bsdi:bsd_os:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "99235B00-0050-42BF-99EF-FCDD72D8627D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in suidperl (sperl), Perl 4.x and 5.x." } ], "id": "CVE-1999-0034", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1997-05-29T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0034" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0034" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-12-21 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
openbsd | openssh | * | |
redhat | linux | 7.0 | |
redhat | linux | 7.1 | |
redhat | linux | 7.2 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.2 | |
suse | suse_linux | 7.3 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BD465DC-BAA4-4582-A5A1-824DF20E339C", "versionEndIncluding": "3.0.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges." }, { "lang": "es", "value": "OpenSSH 3.0.1 y anteriores con UseLogin activado no limpia variables de entorno cr\u00edticas como LD_PRELOAD, lo que permite a usuario locales ganar privilegios de root." } ], "id": "CVE-2001-0872", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-12-21T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-042.1.txt" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000446" }, { "source": "cve@mitre.org", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2001:092" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archives/suse-security-announce/2001-Dec/0001.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=100749779131514\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=openssh-unix-dev\u0026m=100747128105913\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/m-026.shtml" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2001/dsa-091" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/157447" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/688" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-161.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3614" }, { "source": "cve@mitre.org", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0112-005" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7647" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-042.1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000446" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2001:092" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archives/suse-security-announce/2001-Dec/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=100749779131514\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=openssh-unix-dev\u0026m=100747128105913\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/m-026.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2001/dsa-091" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/157447" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/688" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-161.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3614" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0112-005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7647" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0143", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-011.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2186" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5923" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-011.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2186" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5923" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2020-08-28 15:15
Modified
2024-11-21 04:43
Severity ?
Summary
IBM Resilient SOAR 38 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 167236.
References
▶ | URL | Tags | |
---|---|---|---|
psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/167236 | VDB Entry, Vendor Advisory | |
psirt@us.ibm.com | https://www.ibm.com/support/pages/node/6323783 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/167236 | VDB Entry, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/pages/node/6323783 | Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ibm | resilient_security_orchestration_automation_and_response | 38.0 | |
redhat | linux | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ibm:resilient_security_orchestration_automation_and_response:38.0:*:*:*:*:*:*:*", "matchCriteriaId": "00863999-85CE-4E74-B01B-29C64C97C0CD", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EBE07A-6FEF-4343-BA5D-58FD175F5CD1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Resilient SOAR 38 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 167236." }, { "lang": "es", "value": "IBM Resilient SOAR versi\u00f3n 38, usa listas negras incompletas para una comprobaci\u00f3n de entrada, permitiendo a atacantes omitir los controles de las aplicaciones, resultando en un impacto directo en el sistema y la integridad de los datos. IBM X-Force ID: 167236" } ], "id": "CVE-2019-4579", "lastModified": "2024-11-21T04:43:45.877", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "psirt@us.ibm.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2020-08-28T15:15:12.110", "references": [ { "source": "psirt@us.ibm.com", "tags": [ "VDB Entry", "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167236" }, { "source": "psirt@us.ibm.com", "tags": [ "Vendor Advisory" ], "url": "https://www.ibm.com/support/pages/node/6323783" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "VDB Entry", "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167236" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.ibm.com/support/pages/node/6323783" } ], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-04-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:isc:inn:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5658CF74-5AF1-4161-BF4C-6A394F2AA164", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:inn:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "62017AA2-B4DB-44AA-806C-6CFEC839E297", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:inn:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E4F9A712-AF96-4A04-B547-F29094ACFE9B", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:inn:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A2480B45-A626-49F5-A48B-BA6DFAA4411B", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:inn:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "21969A37-9F10-4D70-AC73-F3DB4D169AEB", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:inn:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "94FD2948-EF52-464B-A605-DA3806037762", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables." } ], "id": "CVE-1999-0706", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-04-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/583" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/583" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-10-17 13:29
Modified
2024-11-21 04:11
Severity ?
Summary
A remote unauthorized disclosure of information vulnerability was identified in HPE Service Governance Framework (SGF) version 4.2, 4.3. A race condition under high load in SGF exists where SGF transferred different parameter to the enabler.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
hpe | service_governance_framework | 4.2 | |
hpe | service_governance_framework | 4.3 | |
redhat | linux | 6.0 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:hpe:service_governance_framework:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "324E0607-32D1-4750-8701-8BF54ABB6199", "vulnerable": true }, { "criteria": "cpe:2.3:a:hpe:service_governance_framework:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "4D62533C-9305-4A9F-A6E1-ABAD7F200054", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A remote unauthorized disclosure of information vulnerability was identified in HPE Service Governance Framework (SGF) version 4.2, 4.3. A race condition under high load in SGF exists where SGF transferred different parameter to the enabler." }, { "lang": "es", "value": "Se ha identificado una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n remota no autorizada en HPE Service Governance Framework (SGF) en versiones 4.2 y 4.3. Existe una condici\u00f3n de carrera bajo una gran carga en SGF cuando \u00e9ste transmiti\u00f3 un par\u00e1metro diferente al enabler." } ], "id": "CVE-2018-7110", "lastModified": "2024-11-21T04:11:39.557", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-10-17T13:29:00.643", "references": [ { "source": "security-alert@hpe.com", "tags": [ "Vendor Advisory" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03890en_us" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03890en_us" } ], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-362" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-08-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E66F7BF0-EF7C-4695-9D67-7C1A01C6F9B9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords." }, { "lang": "es", "value": "/proc/tty/driver/serial en Linux 2.4.x revela el n\u00famero exacto de caract\u00e9res usado en enlaces serie, lo que podr\u00eda permitir a usuarios locales obtener informaci\u00f3n potencialmente sensible como la longitud de las contrase\u00f1as." } ], "id": "CVE-2003-0461", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-08-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-358" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-188.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A304" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9330" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A997" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-358" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-188.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A304" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9330" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A997" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-09-26 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files." } ], "id": "CVE-2001-1383", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-09-26T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2001-110.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/7177.php" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3367" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2001-110.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/7177.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3367" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-09-18 19:17
Modified
2025-04-09 00:30
Severity ?
Summary
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE", "vulnerable": false }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": false }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*", "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*", "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*", "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*", "matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*", "matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "matchCriteriaId": "492EA1BE-E678-4300-A690-3BFCD4B233B2", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*", "matchCriteriaId": "C4B5DD1C-BFF6-4247-B684-A7C3D8F60745", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "matchCriteriaId": "4E3C9031-F69A-4B6A-A8CB-39027174AA01", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:as:*:*:*:*:*", "matchCriteriaId": "327FEE54-79EC-4B5E-B838-F3C61FCDF48E", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:es:*:*:*:*:*", "matchCriteriaId": "056C1C15-D110-4309-A9A6-41BD753FE4F2", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:ws:*:*:*:*:*", "matchCriteriaId": "08392974-5AC1-4B12-893F-3F733EF05F80", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*", "matchCriteriaId": "49EF5B77-9BC9-4AE8-A677-48E5E576BE63", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*", "matchCriteriaId": "36389D32-61C1-4487-8399-FA7D2864FACD", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*", "matchCriteriaId": "49B67F74-AF8F-4A27-AA8A-A8479E256A9F", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client:*:*:*:*:*", "matchCriteriaId": "3AA8F2EC-55E9-4529-A816-B5D495605F6B", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:client_workstation:*:*:*:*:*", "matchCriteriaId": "28FBE982-794E-4C22-B5EE-F48269282C32", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:server:*:*:*:*:*", "matchCriteriaId": "40D71CBC-D365-4710-BAB5-8A1159F35E41", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:2.1:*:aw_itanium:*:*:*:*:*", "matchCriteriaId": "6B34B4FF-A596-4B1E-8DA7-40B3498147EA", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "CBBA00E3-1147-4E6F-BE93-92494285F88F", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": false }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*", "matchCriteriaId": "F1672825-AB87-4402-A628-B33AE5B7D4C8", "vulnerable": false }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*", "matchCriteriaId": "939216D8-9E6C-419E-BC0A-EC7F0F29CE95", "vulnerable": false }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*", "matchCriteriaId": "E520564E-964D-4758-945B-5EF0C35E605C", "vulnerable": false }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*", "matchCriteriaId": "2294D5A7-7B36-497A-B0F1-514BC49E1423", "vulnerable": false }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "AB80939E-8B58-48B6-AFB7-9CF518C0EE1F", "vulnerable": false }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*", "matchCriteriaId": "80FF1759-5F86-4046-ABA3-EB7B0038F656", "vulnerable": false }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88", "vulnerable": false }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*", "matchCriteriaId": "61B11116-FA94-4989-89A1-C7B551D5195A", "vulnerable": false }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "7BD79C43-2615-47DE-A100-D21482D866F4", "vulnerable": false }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:i386:*:*:*:*:*", "matchCriteriaId": "1856594D-7D84-4830-A8A7-2C9D4C2D61FD", "vulnerable": false }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "0B20DDF0-2FAB-4EB0-B62D-2351514B2808", "vulnerable": false }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:sparc:*:*:*:*:*", "matchCriteriaId": "B7748895-CE00-4BB8-BFCD-A5559BA15869", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:trolltech:qt:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9CB2B261-F31A-4EDF-89D5-1648E7698559", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "E995A0F0-E1BB-441D-B145-1FB0AF4330DB", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "A0B868D0-B166-455D-A96F-8530853D83EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "F354E5EE-0B83-4960-98DF-9DBBB504C1C1", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B546D37F-7115-4CA4-8A63-BFCC0B9E1E81", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BA756A7-DE14-40F4-87F6-B3374E88B21A", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EDD3DFD7-307F-4110-A412-D1C56836DF33", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D6D18E6C-5202-4406-AEC8-6477CDA7AE67", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A881DD8-9B96-4581-B39B-7721CBCD5F4A", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "C314FF87-F182-4ABF-93D4-748EEF47C5FF", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "63829009-5782-4671-8678-2F090CA5520A", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "9AA116DA-DA3F-415C-88A7-3E65EAA2089C", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "E9734F0E-6CB9-4C8C-B2D0-21ABA6A22D58", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "2B28B5A5-98EF-4710-B8B5-D348692046BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "F1539C15-BF9A-43B5-8D29-A3F2C87F92A8", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "A9E9281D-0DB4-491C-AD2B-E7CA77FC7E48", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:3.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "5DB7CA86-30F5-48B0-AB47-C4871E16DA10", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "00ED4154-E5B7-49F5-B97F-2B02C82D6B0E", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "5FC87D43-8E5E-4AD7-8228-345C042EC98F", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "1461D39A-7705-4932-ABA9-4A2869E692F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "1E47B11C-9098-4F39-8BF3-46C95CE63B79", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "00F001C9-E388-437A-8F72-1C1C4D54FB7F", "vulnerable": true }, { "criteria": "cpe:2.3:a:trolltech:qt:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "8C558DAB-23BD-4076-B839-36B269B97650", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable." }, { "lang": "es", "value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en la funci\u00f3n QUtf8Decoder::toUnicode de Trolltech Qt3 permite a usuarios locales o remotos (dependiendo del contexto) provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante una cadena Unicode manipulada que dispara un desbordamiento de b\u00fafer basado en mont\u00edculo. NOTA: Qt 4 tiene el mismo error en la funci\u00f3n QUtf8Codec::convertToUnicode, pero no es explotable." } ], "id": "CVE-2007-4137", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-09-18T19:17:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc" }, { "source": "secalert@redhat.com", "url": "http://bugs.gentoo.org/show_bug.cgi?id=192472" }, { "source": "secalert@redhat.com", "url": "http://dist.trolltech.com/developer/download/175791_3.diff" }, { "source": "secalert@redhat.com", "url": "http://dist.trolltech.com/developer/download/175791_4.diff" }, { "source": "secalert@redhat.com", "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml" }, { "source": "secalert@redhat.com", "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml" }, { "source": "secalert@redhat.com", "url": "http://osvdb.org/39384" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26778" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26782" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26804" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26811" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26857" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26868" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26882" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/26987" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/27053" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/27275" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/27382" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/27996" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/28021" }, { "source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200710-28.xml" }, { "source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml" }, { "source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1018688" }, { "source": "secalert@redhat.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm" }, { "source": "secalert@redhat.com", "url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2007/dsa-1426" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/25657" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-513-1" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/3144" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001" }, { "source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-1751" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.gentoo.org/show_bug.cgi?id=192472" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://dist.trolltech.com/developer/download/175791_3.diff" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://dist.trolltech.com/developer/download/175791_4.diff" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/39384" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26778" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26782" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26804" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26811" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26857" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26868" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26882" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26987" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27053" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27275" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27382" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27996" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28021" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200710-28.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1018688" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2007/dsa-1426" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/25657" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-513-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/3144" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-1751" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-26 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:matthew_smith:micq:*:*:*:*:*:*:*:*", "matchCriteriaId": "39485A91-7E65-4756-90F5-0F7C89D5C37C", "versionEndIncluding": "0.4.6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field." } ], "id": "CVE-2001-0233", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-26T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:14.micq.asc" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0307.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0395.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2001/dsa-012" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-005.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:14.micq.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0307.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0395.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2001/dsa-012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-005.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5962" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-02-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's credentials after root uses su.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user\u0027s credentials after root uses su." }, { "lang": "es", "value": "La configuraci\u00f3n por defecto de pam_xauth en Red Hat Linux 7.1 a 8.0 envia MIT-Magic-Cookies a sesiones X nuevas, lo que podr\u00eda permitir a usuarios locales ganar privilegios de root robando las cookies de un fichero .xauth temporal, que es creado con los credenciales del usuario original despues de que root use el comando su" } ], "id": "CVE-2002-1160", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-02-19T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000693" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=104431622818954\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55760" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/11254.php" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/911505" }, { "source": "cve@mitre.org", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:017" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-028.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-035.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/6753" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000693" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=104431622818954\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55760" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/11254.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/911505" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:017" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-028.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-035.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/6753" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-12-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt | Patch, Vendor Advisory | |
cve@mitre.org | http://www.securityfocus.com/archive/1/138550 | Broken Link, Third Party Advisory, VDB Entry | |
cve@mitre.org | http://www.securityfocus.com/bid/1142 | Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/44487 | VDB Entry, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/138550 | Broken Link, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1142 | Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/44487 | VDB Entry, Vendor Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*", "matchCriteriaId": "237174A4-E030-4A0B-AD0B-5C463603EAA4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnu:ncurses:*:*:*:*:*:*:*:*", "matchCriteriaId": "05541A17-7388-4157-9481-461E930FC3EF", "versionEndExcluding": "5.6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS." } ], "id": "CVE-2000-0963", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-12-19T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/138550" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1142" }, { "source": "cve@mitre.org", "tags": [ "VDB Entry", "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44487" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/archive/1/138550" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Exploit", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1142" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "VDB Entry", "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44487" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name." } ], "id": "CVE-2000-0750", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-10-20T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html" }, { "source": "cve@mitre.org", "url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h" }, { "source": "cve@mitre.org", "url": "http://www.openbsd.org/errata.html#mopd" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-050.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1558" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openbsd.org/errata.html#mopd" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-050.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1558" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack." } ], "id": "CVE-2000-0031", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-10-20T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0031" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0031" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-08-21 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
bent_bagger | pbpg | 1.1 | |
redhat | linux | 6.0 | |
suse | suse_linux | 6.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:bent_bagger:pbpg:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "09E95EB9-AFE3-4362-BE10-7D85C5B34365", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files." } ], "id": "CVE-2000-0355", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-08-21T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_21.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_21.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "6ECB750B-9F53-4DB6-8B26-71BCCA446FF7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "5663579C-3AD2-4E5B-A595-C8DB984F9C26", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "41AA1290-5039-406F-B195-3A4C018202D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "60CC9410-F6B8-4748-B76F-30626279028E", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*", "matchCriteriaId": "DCC67401-C85A-4E4E-AE61-85FEBBF4346B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*", "matchCriteriaId": "1C4427AC-07C1-4765-981B-B5D86D698C2D", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*", "matchCriteriaId": "63EF0CEE-74A9-45C8-8AFD-77815230ACC6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.14f:*:*:*:*:*:*:*", "matchCriteriaId": "A7B59E7C-B059-41CD-AE33-E9623ADA12BC", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.14m:*:*:*:*:*:*:*", "matchCriteriaId": "0DF1B657-C910-4BB0-828C-09B6A59D988D", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.15f:*:*:*:*:*:*:*", "matchCriteriaId": "72D61A9F-AC57-4DD9-9047-74BFA9BFACFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.15m:*:*:*:*:*:*:*", "matchCriteriaId": "C254FC5D-895D-4EFC-B9A7-74699D9FE65E", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.16f:*:*:*:*:*:*:*", "matchCriteriaId": "27532639-37CD-4BD2-AE48-F741009D3449", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.16m:*:*:*:*:*:*:*", "matchCriteriaId": "F83879DE-1BD7-4FF7-ACC6-5B119DB09BF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*", "matchCriteriaId": "EED22734-8AAC-4897-BB71-438E19B8A005", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*", "matchCriteriaId": "FEA9C28F-18E6-4199-9740-FAB00563EBF7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*", "matchCriteriaId": "C6E63313-9533-478D-ACC0-C050FBA3EACF", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*", "matchCriteriaId": "EA0A7D5D-BDD9-45F8-9BE7-3B01D70C8CC1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*", "matchCriteriaId": "E040A866-0D2C-40E1-B1FB-DB600B389E27", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*", "matchCriteriaId": "D71083B4-1736-4501-8DE8-BC24AC1447AA", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:ia-32:*:*:*:*:*", "matchCriteriaId": "E9D468DB-C4AE-4ACB-B3B7-2FAEA90D6A49", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:powerpc:*:*:*:*:*", "matchCriteriaId": "2A32E486-2598-41B3-B6DB-3CC46D239AFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "613A22EC-D93C-48B0-B97C-3E0DDFBD0B62", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*", "matchCriteriaId": "2D3B703C-79B2-4FA2-9E12-713AB977A880", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA733AD2-D948-46A0-A063-D29081A56F1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*", "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*", "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "C1DE93B9-1ADD-4B19-BA32-7D9F9CCD293F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*", "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "6A1EF00A-52E9-4FD8-98FD-3998225D8655", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*", "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*", "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*", "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*", "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*", "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*", "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target\u0027s Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network." } ], "evaluatorSolution": "IGMP 1 and 2", "id": "CVE-2002-2185", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A" }, { "source": "cve@mitre.org", "url": "http://online.securityfocus.com/archive/1/276968" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18510" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18562" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18684" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch" ], "url": "http://www.cs.ucsb.edu/~krishna/igmp_dos/" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0101.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0140.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0191.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/427980/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/427981/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/428028/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/428058/100/0/threaded" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/5020" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9436" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://online.securityfocus.com/archive/1/276968" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18510" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18562" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18684" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch" ], "url": "http://www.cs.ucsb.edu/~krishna/igmp_dos/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0101.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0140.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0191.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427980/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427981/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/428028/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/428058/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/5020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-07-19 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:conectiva:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCE4BBA3-7332-45EE-8C29-BE5A473B559D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "97177EF7-8FC4-4D4D-A8D9-3628AA0035FB", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory." } ], "id": "CVE-2001-1375", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-07-19T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000409" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/6869.php" }, { "source": "cve@mitre.org", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2002-148.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/3073" }, { "source": "cve@mitre.org", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28226" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000409" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/6869.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2002-148.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/3073" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28226" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-02-15 17:29
Modified
2024-11-21 03:59
Severity ?
Summary
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
jboss | jboss-remoting | 3.3.10 | |
redhat | jboss_enterprise_application_platform | 6.0.0 | |
redhat | jboss_enterprise_application_platform | 6.4.0 | |
redhat | linux | 5.0 | |
redhat | linux | 6.0 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:jboss:jboss-remoting:3.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "49A23572-17D5-497B-A7ED-B57C7AB2BF09", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "B1ABA871-3271-48E2-A69C-5AD70AF94E53", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop." }, { "lang": "es", "value": "Se ha encontrado una vulnerabilidad en la forma en la que RemoteMessageChannel, introducido en las versiones 3.3.10 de jboss-remoting, lee desde un b\u00fafer vac\u00edo. Un atacante podr\u00eda emplear este error para provocar una denegaci\u00f3n de servicio (DoS) mediante un consumo alto de CPU a trav\u00e9s de un bucle infinito." } ], "id": "CVE-2018-1041", "lastModified": "2024-11-21T03:59:03.100", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-02-15T17:29:00.267", "references": [ { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040323" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0268" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0269" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0270" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0271" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0275" }, { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457" }, { "source": "secalert@redhat.com", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/44099/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1040323" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0268" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0269" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0270" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0271" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:0275" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/44099/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "secalert@redhat.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-835" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-02-28 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
freebsd | freebsd | 3.4 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
redhat | linux | 5.1 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
turbolinux | turbolinux | 4.2 | |
turbolinux | turbolinux | 4.4 | |
turbolinux | turbolinux | 6.0.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "5D15A193-3E01-467C-AEAD-497F4600DB06", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "F7C765FF-0A3D-4BF4-B236-609658776ACA", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument." } ], "id": "CVE-2000-0186", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-02-28T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-100.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-100.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1020" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1997-02-13 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in NLS (Natural Language Service).
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnu:libc:5.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "E0EE0514-E70B-43D8-ADBA-B0A3BCD8B44D", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:libc:5.2.18:*:*:*:*:*:*:*", "matchCriteriaId": "BBB49C49-1AC9-48C5-906E-05E67DC99BB9", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:libc:5.3.12:*:*:*:*:*:*:*", "matchCriteriaId": "03EFCDE7-4C23-43A5-B34B-EB2EC73481CF", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cray:unicos:1.5:*:mk:*:*:*:*:*", "matchCriteriaId": "71CAA155-04D6-4FDF-BE79-EE5AFD0B55A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cray:unicos:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FFB0C892-B2B2-4810-A009-AE1809730FE6", "vulnerable": true }, { "criteria": "cpe:2.3:o:cray:unicos:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "D4029356-417F-4738-ACE0-B88351EA9010", "vulnerable": true }, { "criteria": "cpe:2.3:o:cray:unicos_max:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "56C16675-1822-4B1B-8BE0-D7FC7FA106D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "D3C00FC9-AD97-4226-A0EA-7DB14AA592DE", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "9FDBA67D-84A7-42D6-A994-7C967B6306D3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in NLS (Natural Language Service)." } ], "id": "CVE-1999-0041", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1997-02-13T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
gnome | bonobo | * | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux | 9.0 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 7.0 | |
redhat | linux | 7.0 | |
redhat | linux | 7.0 | |
redhat | linux | 7.1 | |
redhat | linux | 7.1 | |
redhat | linux | 7.1 | |
slackware | slackware_linux | 8.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnome:bonobo:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD879CDE-5533-4F50-ADFE-C7780961A03A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "C1DE93B9-1ADD-4B19-BA32-7D9F9CCD293F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*", "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "78D76664-F4AC-470A-9686-3F708922A340", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments." } ], "id": "CVE-2002-1814", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://online.securityfocus.com/archive/1/279676" }, { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/9451.php" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.securiteam.com/exploits/5AP0E0K8AO.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/5125" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://online.securityfocus.com/archive/1/279676" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/9451.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.securiteam.com/exploits/5AP0E0K8AO.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.securityfocus.com/bid/5125" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-04-23 16:29
Modified
2024-11-21 04:16
Severity ?
Summary
While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0. This means that an undetected man in the middle attack could be constructed if an attacker can arrange to intercept TLS traffic.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apache:qpid:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF9D1E83-264F-4FD3-91DC-7E5CC856C36D", "versionEndIncluding": "0.27.0", "versionStartIncluding": "0.9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:jboss_amq_clients_2:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A493C8B-B5B9-4BE2-A449-24BE131FF8D3", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", "matchCriteriaId": "704CFA1A-953E-4105-BFBE-406034B83DED", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*", "matchCriteriaId": "EB7F358B-5E56-41AB-BB8A-23D3CB7A248B", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:satellite:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "87F6E32E-6AF3-489A-AFEF-D5309E0D1779", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "FB283C80-F7AF-4776-8432-655E50D7D65B", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:satellite:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "D5B7C3FA-0F90-47ED-835F-FBA07B3993E4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "967EC28A-607F-48F4-AD64-5E3041C768F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*", "matchCriteriaId": "92C9F1C4-55B0-426D-BB5E-01372C23AF97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0. This means that an undetected man in the middle attack could be constructed if an attacker can arrange to intercept TLS traffic." }, { "lang": "es", "value": "Mientras investig\u00e1bamos el error PROTON-2014, descubrimos que en algunas circunstancias las versiones de Apache Qpid Proton 0.9 a 0.27.0 (librer\u00eda de C y sus adaptaciones de lenguaje) pueden conectarse a un peer de forma an\u00f3nima utilizando TLS *incluso cuando est\u00e1 configurado para verificar el certificado del peer* mientras se utiliza con versiones de OpenSSL anteriores a la 1.1.0. Esto significa que un ataque man in the middle podr\u00eda ser construido si un atacante puede interceptar el tr\u00e1fico TLS." } ], "id": "CVE-2019-0223", "lastModified": "2024-11-21T04:16:31.753", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-04-23T16:29:00.467", "references": [ { "source": "security@apache.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2019/04/23/4" }, { "source": "security@apache.org", "tags": [ "Broken Link" ], "url": "http://www.securityfocus.com/bid/108044" }, { "source": "security@apache.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:0886" }, { "source": "security@apache.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:1398" }, { "source": "security@apache.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:1399" }, { "source": "security@apache.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:1400" }, { "source": "security@apache.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2777" }, { "source": "security@apache.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2778" }, { "source": "security@apache.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2779" }, { "source": "security@apache.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2780" }, { "source": "security@apache.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2781" }, { "source": "security@apache.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2782" }, { "source": "security@apache.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://issues.apache.org/jira/browse/PROTON-2014?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel" }, { "source": "security@apache.org", "url": "https://lists.apache.org/thread.html/008ee5e78e5a090e1fcc5f6617f425e4e51d59f03d3eda2dd006df9f%40%3Cusers.qpid.apache.org%3E" }, { "source": "security@apache.org", "url": "https://lists.apache.org/thread.html/3adb2f020f705b4fd453982992a68cd10f9d5ac728b699efdb73c1f5%40%3Cdev.qpid.apache.org%3E" }, { "source": "security@apache.org", "url": "https://lists.apache.org/thread.html/49c83f0acce5ceaeffca51714ec2ba0f0199bcb8f99167181bba441b%40%3Cdev.qpid.apache.org%3E" }, { "source": "security@apache.org", "url": "https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d%40%3Ccommits.qpid.apache.org%3E" }, { "source": "security@apache.org", "url": "https://lists.apache.org/thread.html/d9c9a882a292e2defaed1f954528c916fb64497ce57db652727e39b0%40%3Cannounce.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2019/04/23/4" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.securityfocus.com/bid/108044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:0886" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:1398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:1399" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:1400" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2777" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2778" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2779" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2780" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2781" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:2782" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://issues.apache.org/jira/browse/PROTON-2014?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/008ee5e78e5a090e1fcc5f6617f425e4e51d59f03d3eda2dd006df9f%40%3Cusers.qpid.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/3adb2f020f705b4fd453982992a68cd10f9d5ac728b699efdb73c1f5%40%3Cdev.qpid.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/49c83f0acce5ceaeffca51714ec2ba0f0199bcb8f99167181bba441b%40%3Cdev.qpid.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d%40%3Ccommits.qpid.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/d9c9a882a292e2defaed1f954528c916fb64497ce57db652727e39b0%40%3Cannounce.apache.org%3E" } ], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-11-28 12:15
Modified
2024-11-21 08:42
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
gnu | gnutls | 1.5.0 | |
redhat | linux | 8.0 | |
redhat | linux | 9.0 | |
fedoraproject | fedora | 37 | |
fedoraproject | fedora | 38 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnu:gnutls:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "00DE1208-BDDC-405B-A34A-B58D00A279DD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E66F7BF0-EF7C-4695-9D67-7C1A01C6F9B9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding." }, { "lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en la que los tiempos de respuesta a textos cifrados con formato incorrecto en RSA-PSK ClientKeyExchange difieren de los tiempos de respuesta de textos cifrados con el relleno PKCS#1 v1.5 correcto." } ], "id": "CVE-2023-5981", "lastModified": "2024-11-21T08:42:54.777", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-11-28T12:15:07.040", "references": [ { "source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:0155" }, { "source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:0319" }, { "source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:0399" }, { "source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:0451" }, { "source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:0533" }, { "source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5981" }, { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248445" }, { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2024/01/19/3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:0155" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:0319" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:0399" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:0451" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:0533" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5981" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248445" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-203" } ], "source": "secalert@redhat.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-203" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*", "matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*", "matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*", "matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files." }, { "lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en el manejador de im\u00e1genes de imlib 1.9.14 y anteriores, que es usado en gkrellm y varios gestores de ventanas, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) y ejecutar c\u00f3digo arbitrario mediante ciertos ficheros de im\u00e1genes." } ], "id": "CVE-2004-1026", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-01-10T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2005/dsa-628" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:007" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-651.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11830" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10771" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-628" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:007" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-651.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11830" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10771" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2e:*:*:*:*:*:*:*", "matchCriteriaId": "24EEDE00-6F40-4A9A-BF74-6BE6CEAE39E0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program." } ], "id": "CVE-2000-1125", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-01-09T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97336034309944\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1914" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97336034309944\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1914" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1998-04-08 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:data_general:dg_ux:5.4_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2EDB1993-75C9-4738-BDB3-E4433AC202FE", "vulnerable": true }, { "criteria": "cpe:2.3:a:data_general:dg_ux:5.4_3.1:*:*:*:*:*:*:*", "matchCriteriaId": "BB15FBD9-B4F8-42EF-92C2-8D70A2385E3E", "vulnerable": true }, { "criteria": "cpe:2.3:a:data_general:dg_ux:5.4_4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA109D17-268F-4E8A-BBA9-0EAA6B46A705", "vulnerable": true }, { "criteria": "cpe:2.3:a:data_general:dg_ux:5.4_4.11:*:*:*:*:*:*:*", "matchCriteriaId": "59EFCFC1-A15C-4B8D-BCCE-DB401A50D23C", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:bind:4.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "8257C916-6F4D-4B7E-8EED-B2789B3B35AC", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:bind:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "BB79EDA4-9B2C-4C4C-A5DE-CB8C6EB00BDC", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:bind:8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4DF8869C-2446-48F3-A1CD-70AE44D74EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "199F4D8C-2FB9-4AF7-B7A3-339513665616", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "41D0212C-EA41-4DF3-9A93-4559545BCD7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3567046C-FE3F-424D-A1B0-D7A43D00B79F", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:3.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "40511481-CD42-4EB7-BE2A-7A78964B7D3B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:3.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "D926CDA1-AF2B-4DED-93AE-8F12091E0B23", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "536CB843-5FF6-4BC1-A6DA-92A8CB69D6D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0B4722F-1FBA-4A73-BF85-5920B94F833D", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.1t:*:*:*:*:*:*:*", "matchCriteriaId": "B7FD1CEC-9064-483C-A3C2-04E3C50EFBEE", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "05B1518A-9BBC-4CDB-8338-4DCC9A1A91D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C26983FB-6FD7-4938-8025-E535A6505ADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "52D01CD7-CE53-44D6-82C6-C72579BA089C", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.4b:*:*:*:*:*:*:*", "matchCriteriaId": "73F04863-29CB-4E0C-838B-1C23E25C129C", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.4t:*:*:*:*:*:*:*", "matchCriteriaId": "79AA794C-C18F-48A4-ADCB-DC219DF259CA", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "4D4B36C0-D3FF-4B33-B810-DB920062480B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.5_iop:*:*:*:*:*:*:*", "matchCriteriaId": "C03CED73-9451-4DE4-A00A-7EAB24424CC6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.5_ipr:*:*:*:*:*:*:*", "matchCriteriaId": "29446761-8ACE-4E05-82C3-3FF77C1E2CCB", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.5a:*:*:*:*:*:*:*", "matchCriteriaId": "20B3C51E-DE28-4B50-B841-31CCFEA88A1C", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.5d:*:*:*:*:*:*:*", "matchCriteriaId": "A67E6C0C-F5A4-4591-94B9-3D72221C0933", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.5e:*:*:*:*:*:*:*", "matchCriteriaId": "7CC66EB2-FFC7-4EF1-9591-A5C5E1E7C919", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.5f:*:*:*:*:*:*:*", "matchCriteriaId": "85D02672-84E9-4036-8ED8-FE6EF4D7E275", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.5g:*:*:*:*:*:*:*", "matchCriteriaId": "646483C9-6FFC-46FE-B9CD-40D733FABFD0", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:4.0.5h:*:*:*:*:*:*:*", "matchCriteriaId": "C6B71C71-FA29-4B4C-831C-63AE2797BA2F", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D792E16B-A1AB-4BCE-9E6E-88C17D4F57CA", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "30F950B1-7D5F-4CA9-BBEF-E6DB1A28C156", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "333103D5-71B8-4DC1-90F7-15F2841955D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "8A889C10-0637-4133-AFBD-533C8397BE89", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "E292DA15-91BF-4957-9C0F-A69518538BED", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "26144F94-63FD-4907-B548-09B68C2FC9B3", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26309EFA-0991-46B6-9818-F0FBB902D5F5", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "966C1A13-8007-408D-96BE-0DA3BB6CA401", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:bsdi:bsd_os:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "DD254562-D74A-4D7C-B846-E242D785B830", "vulnerable": true }, { "criteria": "cpe:2.3:o:bsdi:bsd_os:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "BBFBCFEE-C24C-4D38-83F9-810E05D27901", "vulnerable": true }, { "criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B3BA7775-30F2-4CA0-BA6E-70ED12A48D90", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "FB038A89-1CA6-4313-B7CE-56C894945FFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2B3BC86F-5718-4232-BFFF-6244A7C09B8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "E6118CC1-6E51-4E1B-8F58-43B337515222", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "F3D3B348-270F-4209-B31A-2B40F5E4A601", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "91D7C561-4D23-430B-A7D8-137E52B08FF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:nec:asl_ux_4800:64:*:*:*:*:*:*:*", "matchCriteriaId": "BF1C22CE-FF69-44CF-82C3-EBFDA9E7EC0E", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9DF613C9-DC4A-45F0-BEE1-8450762B0089", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "441CEF2E-9687-4930-8536-B8B83018BD28", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "55DD3C82-0B7D-4B25-B603-AD6C6D59239A", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "FC7A39CD-C4B2-4FD9-A450-E5C7A5480174", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:open_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "0AD2701A-E930-4F4D-85F7-02F80135E34E", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:open_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1530468C-EDEF-431D-9164-B0D670AF07D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:unixware:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "168248AC-E4F6-4C8F-9A21-0E6ABE029DFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:unixware:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "17439B5B-0B66-490B-9B53-2C9D576C879F", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*", "matchCriteriaId": "200D8CB2-0D52-40A8-9CD9-6E4513605201", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "54AF87E4-52A4-44CA-B48E-A5BB139E6410", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*", "matchCriteriaId": "F66BAF35-A8B9-4E95-B270-444206FDD35B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*", "matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases." } ], "id": "CVE-1999-0009", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1998-04-08T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/134" }, { "source": "cve@mitre.org", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/134" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-03-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*", "matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*", "matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*", "matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*", "matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*", "matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*", "matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*", "matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*", "matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*", "matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*", "matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*", "matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*", "matchCriteriaId": "E120257D-346B-4BA6-A431-E6F820FBB5FB", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.29:*:*:*:*:*:*:*", "matchCriteriaId": "361D407D-A4BE-491D-BC8E-32E78DC4A8F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*", "matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "2CDE1E92-C64D-4A3B-95A2-384BD772B28B", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*", "matchCriteriaId": "9D90502F-EC45-4ADC-9428-B94346DA660B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*", "matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*", "matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A7D073E9-E535-4B36-BEF2-8499536E37DA", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value." } ], "id": "CVE-2005-0750", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-03-27T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html" }, { "source": "secalert@redhat.com", "url": "http://marc.info/?l=bugtraq\u0026m=111204562102633\u0026w=2" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-284.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-293.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2005-366.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/12911" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19844" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11719" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=111204562102633\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-284.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-293.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-366.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/12911" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19844" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11719" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-08-25 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:paul_vixie:vixie_cron:3.0_pl1:*:*:*:*:*:*:*", "matchCriteriaId": "D8F45BCD-EBC1-4707-8C53-A25F373026A5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "86288A2E-B1BD-4DA9-BCCC-35AC44EEDD52", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable." } ], "id": "CVE-1999-0769", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-08-25T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/611" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/611" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-06-22 19:15
Modified
2025-03-10 18:35
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted script. IBM X-Force ID: 294830.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ibm:soar:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D7AF290-5F74-4B88-ABCB-D8C70037AB5D", "versionEndIncluding": "51.0.2.0", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EBE07A-6FEF-4343-BA5D-58FD175F5CD1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted script. IBM X-Force ID: 294830." }, { "lang": "es", "value": "IBM Security SOAR 51.0.2.0 podr\u00eda permitir que un usuario autenticado ejecute c\u00f3digo malicioso cargado desde un script especialmente manipulado. ID de IBM X-Force: 294830." } ], "id": "CVE-2024-38319", "lastModified": "2025-03-10T18:35:02.337", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "psirt@us.ibm.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2024-06-22T19:15:09.070", "references": [ { "source": "psirt@us.ibm.com", "tags": [ "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/294830" }, { "source": "psirt@us.ibm.com", "tags": [ "Vendor Advisory" ], "url": "https://www.ibm.com/support/pages/node/7158261" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/294830" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.ibm.com/support/pages/node/7158261" } ], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "psirt@us.ibm.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-06-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mandrakesoft | mandrake_linux | 2007 | |
redhat | linux | 7.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*", "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*", "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges." } ], "id": "CVE-2001-0496", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-06-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-046.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-059.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6856" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-046.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-059.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6856" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-03-31 14:09
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this issue crosses privilege boundaries in realistic uses of the product.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:cman:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5280A55-F6CF-4D35-B9D4-A76321EC591A", "versionEndIncluding": "2.03.08-1", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:cman:2.03.03-1:*:*:*:*:*:*:*", "matchCriteriaId": "F12B9C5F-29A5-4B40-89E2-CD32477C087F", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:cman:2.03.04-1:*:*:*:*:*:*:*", "matchCriteriaId": "06ABB244-870D-4D5F-81FA-0D8D133A1B2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:cman:2.03.05-1:*:*:*:*:*:*:*", "matchCriteriaId": "C31DAF4D-B7BB-43CE-87EC-33062475AF0C", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:cman:2.03.07-1:*:*:*:*:*:*:*", "matchCriteriaId": "25AD771F-0B14-4EC9-A425-3E49BE177402", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:fedora:9:*:*:*:*:*:*:*", "matchCriteriaId": "D32A30CD-EA21-4AA6-868F-3448AA50B70D", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:enterprise:*:*:*:*:*", "matchCriteriaId": "A00F5B01-0C61-48A6-BE78-1981CA6C09FD", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this issue crosses privilege boundaries in realistic uses of the product." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en CMAN - The Cluster Manager versiones anteriores a v2.03.09-1 en Fedora 9 y Red Hat Enterprise Linux (RHEL) 5 permite a atacantes provocar una denegaci\u00f3n de servicio (consumo de CPU y consumo de memoria) a trav\u00e9s de un fichero cluster.conf con muchas l\u00edneas. \r\nNOTA: no est\u00e1 claro si este problema cruza fronteras de privilegios en usuarios reales del producto." } ], "id": "CVE-2008-6560", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-03-31T14:09:53.390", "references": [ { "source": "cve@mitre.org", "url": "http://git.fedorahosted.org/git/cluster.git?p=cluster.git%3Ba=commitdiff%3Bh=67fee9128e54c6c3fc3eae306b5b501f3029c3be" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html" }, { "source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-875-1" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=468966" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49832" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.fedorahosted.org/git/cluster.git?p=cluster.git%3Ba=commitdiff%3Bh=67fee9128e54c6c3fc3eae306b5b501f3029c3be" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-875-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=468966" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49832" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Red Hat does not consider this to be a security issue. The misbehaviour of CMAN is triggered by corrupted / specially crafted cluster.conf configuration file. Ability to edit this file is restricted to system administrator, therefore no privilege boundary is crossed.", "lastModified": "2009-08-04T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
caldera | openlinux_desktop | 2.3 | |
immunix | immunix | 7.0_beta | |
caldera | openlinux_edesktop | 2.4 | |
caldera | openlinux_eserver | 2.3 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:caldera:openlinux_desktop:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "39CEEC92-B7FE-4E41-9966-DDA9EDF943C1", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*", "matchCriteriaId": "E040A866-0D2C-40E1-B1FB-DB600B389E27", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*", "matchCriteriaId": "D71083B4-1736-4501-8DE8-BC24AC1447AA", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ], "id": "CVE-2001-0139", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2190" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2190" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | mozilla | 1.0 | |
mozilla | mozilla | 1.0 | |
mozilla | mozilla | 1.0 | |
mozilla | mozilla | 1.0.1 | |
mozilla | mozilla | 1.0.2 | |
mozilla | mozilla | 1.1 | |
mozilla | mozilla | 1.1 | |
mozilla | mozilla | 1.1 | |
mozilla | mozilla | 1.2 | |
mozilla | mozilla | 1.2 | |
mozilla | mozilla | 1.2 | |
mozilla | mozilla | 1.2.1 | |
mozilla | mozilla | 1.3 | |
mozilla | mozilla | 1.3.1 | |
mozilla | mozilla | 1.4 | |
mozilla | mozilla | 1.4 | |
mozilla | mozilla | 1.4 | |
mozilla | mozilla | 1.4.1 | |
mozilla | mozilla | 1.4.2 | |
mozilla | mozilla | 1.4.4 | |
mozilla | mozilla | 1.5 | |
mozilla | mozilla | 1.6 | |
mozilla | mozilla | 1.7 | |
mozilla | mozilla | 1.7 | |
mozilla | mozilla | 1.7.1 | |
mozilla | mozilla | 1.7.2 | |
mozilla | mozilla | 1.7.3 | |
mozilla | mozilla | 1.8 | |
sgi | propack | 3.0 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux_desktop | 3.0 | |
redhat | fedora_core | core_1.0 | |
redhat | fedora_core | core_2.0 | |
redhat | linux | 7.3 | |
redhat | linux | 7.3 | |
redhat | linux | 7.3 | |
redhat | linux | 9.0 | |
redhat | linux_advanced_workstation | 2.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "CCDAEAE6-BA9F-4D40-B264-4A72930239E1", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "C9296197-0EE0-4CC0-A11F-E44E3443E990", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "A76ACC55-754D-4501-8312-5A4E10D053B8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A8987151-0901-4547-B750-5DC470BB9CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "53E60BCC-6D1C-489E-9F3B-9BE42B46704F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "66A87ED8-9E1F-4C2C-B806-A41765081C9C", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "C795D86F-9B08-41FE-B82B-5BBB3DE6357D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.1:beta:*:*:*:*:*:*", "matchCriteriaId": "2637D552-4A3D-4867-B52A-ACCED8681AF4", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "7CC237C8-CFE0-4128-B549-93CD16894E71", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.2:alpha:*:*:*:*:*:*", "matchCriteriaId": "6B8EA79A-8426-44CF-AF13-58F7EF8B6D88", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.2:beta:*:*:*:*:*:*", "matchCriteriaId": "367A5D46-0FF3-4140-9478-251363822E9C", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "CAA58EE9-05C7-4395-A8A4-5F54BE4C5DAD", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "C656A621-BE62-4BB8-9B25-A3916E60FA12", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8DE4889-424F-4A44-8C14-9F18821CE961", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "4D3F91A1-7DD9-4146-8BA4-BE594C66DD30", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "82A6419D-0E94-4D80-8B07-E5AB4DBA2F28", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4:beta:*:*:*:*:*:*", "matchCriteriaId": "1003D688-3EEA-45F9-BB2C-5BAB395D7678", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "ED69BEB9-8D83-415B-826D-9D17FB67976B", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "9AE678D7-812D-4C55-91B0-F3AC6BE0CD58", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "098458D4-635B-4A4D-9472-39370094E1ED", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "BCDB64E5-AE26-43DF-8A66-654D5D22A635", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "6BF63077-4E98-497D-8CE6-B84B022DB21D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "FCEAEDEB-0EE7-4221-B9B8-65438580D331", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*", "matchCriteriaId": "150F1B28-0FAB-4880-B1D5-7F244A1C4D31", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "2FE7EA3B-3BF8-4696-9488-78506074D62D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "CCFD7AF7-0FE9-4F56-98B0-60FC7F7F1B78", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "C883B45F-D28D-428E-AAF7-F93522A229DC", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.8:alpha2:*:*:*:*:*:*", "matchCriteriaId": "10349BA5-70D3-4D11-94F6-A77D8570CB06", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*", "matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme." } ], "id": "CVE-2004-1613", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-10-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://lcamtuf.coredump.cx/mangleme/gallery/" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://securitytracker.com/id?1011810" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-323.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11439" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://lcamtuf.coredump.cx/mangleme/gallery/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://securitytracker.com/id?1011810" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-323.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11439" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-18 14:15
Modified
2024-11-21 08:17
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service.
References
▶ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2218380 | Issue Tracking, Third Party Advisory | |
nvd@nist.gov | https://github.com/AcademySoftwareFoundation/OpenImageIO/issues/3840 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2218380 | Issue Tracking, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
openimageio | openimageio | 2.4.11 | |
redhat | linux | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:openimageio:openimageio:2.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "1026CE08-F9A9-4AE9-9C58-B20DE134CFAD", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EBE07A-6FEF-4343-BA5D-58FD175F5CD1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service." }, { "lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en OpenImageIO, donde existe un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico en el archivo src/gif.imageio/gifinput.cpp. Este fallo permite que un atacante remoto pase un archivo especialmente manipulado a la aplicaci\u00f3n, lo que desencadena un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico y podr\u00eda causar una falla, lo que llevar\u00eda a una denegaci\u00f3n de servicio." } ], "id": "CVE-2023-3430", "lastModified": "2024-11-21T08:17:14.940", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-18T14:15:08.113", "references": [ { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218380" }, { "source": "nvd@nist.gov", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/AcademySoftwareFoundation/OpenImageIO/issues/3840" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218380" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-122" } ], "source": "secalert@redhat.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-787" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0120", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-007.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2196" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-007.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2196" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5927" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1998-07-29 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel." } ], "id": "CVE-1999-1406", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1998-07-29T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=90221104526185\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=90221104526192\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/372" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=90221104526185\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=90221104526192\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/372" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-04-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
X fontserver xfs allows local users to cause a denial of service via malformed input to the server.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "X fontserver xfs allows local users to cause a denial of service via malformed input to the server." } ], "id": "CVE-2000-0286", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-04-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1111" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1111" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-10-28 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
hp | secure_os | 1.0 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux | 8.1 | |
mandrakesoft | mandrake_linux | 8.1 | |
mandrakesoft | mandrake_linux | 8.2 | |
mandrakesoft | mandrake_linux | 8.2 | |
mandrakesoft | mandrake_linux | 9.0 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 7.0 | |
redhat | linux | 7.0 | |
redhat | linux | 7.0 | |
redhat | linux | 7.1 | |
redhat | linux | 7.1 | |
redhat | linux | 7.1 | |
redhat | linux | 7.1 | |
redhat | linux | 7.2 | |
redhat | linux | 7.2 | |
redhat | linux | 7.2 | |
redhat | linux | 7.3 | |
redhat | linux | 7.3 | |
redhat | linux | 8.0 | |
redhat | linux | 8.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*", "matchCriteriaId": "B345284D-6842-47C0-B823-B5DDC30CC8A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "613A22EC-D93C-48B0-B97C-3E0DDFBD0B62", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:*", "matchCriteriaId": "128F5289-E9F3-41A7-A534-FBAA8A119A9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*", "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "6A1EF00A-52E9-4FD8-98FD-3998225D8655", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*", "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4D1E6298-EDF5-438F-8DFD-16A514CB938A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts." }, { "lang": "es", "value": "El conversor dvips para ficheros Postscript en el paquete tetex llama a la funci\u00f3n system() de forma insegura, lo que permite a atacantes ejecutar comandos arbitrarios mediante ciertos trabajos de impresi\u00f3n, posiblemente conteniendo fuentes." } ], "id": "CVE-2002-0836", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-10-28T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2002/dsa-207" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/10365.php" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/169841" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-194.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2002-195.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/advisories/4567" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/5978" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2002/dsa-207" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/10365.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/169841" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-194.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2002-195.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/advisories/4567" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/5978" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-05-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cygnus:cygnus_network_security:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "05857121-8827-45FD-886F-4269E0336036", "vulnerable": true }, { "criteria": "cpe:2.3:a:cygnus:kerbnet:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE1B0821-64F1-46E3-8DD3-12FFD1B037F5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "AFB8BD89-F049-4C3B-8744-E8D00D752DE0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "08FA60A9-10E1-4ACD-819C-17801FAD7671", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges." } ], "id": "CVE-2000-0389", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-05-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1220" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-04-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:avaya:mn100:*:*:*:*:*:*:*:*", "matchCriteriaId": "D073442B-D7E7-4E07-AF2D-E22FE65B09A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:network_routing:*:*:*:*:*:*:*:*", "matchCriteriaId": "E942E0E7-0808-479C-B061-66119EBA12E3", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8710:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "68B1272B-8B71-4D2D-A5E4-0E7828500C22", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8710:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A7C7B9C0-91A2-4529-B879-60DE043E719C", "vulnerable": true }, { "criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E25F5CF2-F891-41CA-A40C-13966F72FDF8", "vulnerable": true }, { "criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "7417958C-5321-41D6-9D1A-D16BF5511E81", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*", "matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*", "matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*", "matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*", "matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*", "matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*", "matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*", "matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*", "matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*", "matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*", "matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*", "matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*", "matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*", "matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*", "matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*", "matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*", "matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*", "matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*", "matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*", "matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*", "matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*", "matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*", "matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*", "matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*", "matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*", "matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*", "matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*", "matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*", "matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*", "matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*", "matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*", "matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*", "matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*", "matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*", "matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*", "matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*", "matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*", "matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*", "matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*", "matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*", "matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*", "matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*", "matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*", "matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*", "matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*", "matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*", "matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*", "matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*", "matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*", "matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*", "matchCriteriaId": "E120257D-346B-4BA6-A431-E6F820FBB5FB", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.29:rc2:*:*:*:*:*:*", "matchCriteriaId": "0AFD594E-48BA-4281-8DEE-306E3008ABB9", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*", "matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*", "matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*", "matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*", "matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*", "matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*", "matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*", "matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*", "matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*", "matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*", "matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*", "matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*", "matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*", "matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*", "matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*", "matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*", "matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*", "matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "2CDE1E92-C64D-4A3B-95A2-384BD772B28B", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*", "matchCriteriaId": "4B130EB7-A951-4717-A906-E2F602F7B69F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*", "matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*", "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*", "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*", "matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", "matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", "vulnerable": true }, { "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor." }, { "lang": "es", "value": "Condici\u00f3n de carrera en las llamadas de funciones (1) load_elf_library y (2) binfmt_aout de uselib de los kernel de Linux 2.4 a 2.429-rc2 y 2.6 a 2.6.10 permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n manipulando el descriptor WMA." } ], "id": "CVE-2004-1235", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-04-14T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930" }, { "source": "cve@mitre.org", "url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/20162" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/20163" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/20202" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/20338" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1067" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1069" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1070" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1082" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-092.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/advisories/7804" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/advisories/7805" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/advisories/7806" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12190" }, { "source": "cve@mitre.org", "url": "http://www.trustix.org/errata/2005/0001/" }, { "source": "cve@mitre.org", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20162" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20163" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20202" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1067" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1069" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1070" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1082" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-092.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/advisories/7804" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/advisories/7805" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/advisories/7806" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12190" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2005/0001/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-12-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
caldera | openlinux_ebuilder | 3.0 | |
caldera | openlinux | * | |
caldera | openlinux_edesktop | 2.4 | |
caldera | openlinux_eserver | 2.3 | |
redhat | linux | 7.0 | |
trustix | secure_linux | 1.0 | |
trustix | secure_linux | 1.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E02719FF-924A-4E96-AE1D-5994A8D4275E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*", "matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "8DF1A678-FEF1-4549-8EDC-518444CFC57F", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands." } ], "id": "CVE-2000-0917", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-12-19T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html" }, { "source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2000-22.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-065.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1712" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2000-22.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-065.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1712" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-02-18 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
A buffer overflow in lsof allows local users to obtain root privilege.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 2.0 | |
debian | debian_linux | 2.0.5 | |
freebsd | freebsd | 2.0 | |
freebsd | freebsd | 2.0.5 | |
freebsd | freebsd | 2.1.0 | |
freebsd | freebsd | 2.1.5 | |
freebsd | freebsd | 2.1.6 | |
freebsd | freebsd | 2.1.7.1 | |
freebsd | freebsd | 2.2.2 | |
freebsd | freebsd | 2.2.3 | |
freebsd | freebsd | 2.2.4 | |
freebsd | freebsd | 2.2.5 | |
freebsd | freebsd | 2.2.6 | |
freebsd | freebsd | 2.2.8 | |
freebsd | freebsd | 3.0 | |
freebsd | freebsd | 3.1 | |
freebsd | freebsd | 3.2 | |
redhat | linux | 5.2 | |
suse | suse_linux | 4.2 | |
suse | suse_linux | 4.3 | |
suse | suse_linux | 4.4 | |
suse | suse_linux | 4.4.1 | |
suse | suse_linux | 5.0 | |
suse | suse_linux | 5.1 | |
suse | suse_linux | 5.2 | |
suse | suse_linux | 5.3 | |
suse | suse_linux | 6.0 | |
suse | suse_linux | 6.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "224CAC5B-96B0-4015-8106-63B486F37053", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "34797660-41F5-4358-B70F-2A40DE48F182", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "CA26ABBE-9973-45FA-9E9B-82170B751219", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "BF8F9B2F-E898-4F87-A245-32A41748587B", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "EBDDEC3F-52EB-4E1E-84C4-B472600059EC", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "314BA420-4C74-4060-8ACE-D7A7C041CF2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "2EAD7613-A5B3-4621-B981-290C7C6B8BA0", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A buffer overflow in lsof allows local users to obtain root privilege." } ], "id": "CVE-1999-0405", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-02-18T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.osvdb.org/3163" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/3163" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable." } ], "id": "CVE-1999-1327", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=90221103125826\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/7239.php" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/6065" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=90221103125826\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/7239.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/6065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 7.0 | |
trustix | secure_linux | 1.1 | |
trustix | secure_linux | 1.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack." } ], "id": "CVE-2001-0117", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/579928" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2191" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/579928" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2191" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-08-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "9E297EF4-139A-4FF4-AF1B-F3559B992775", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service." }, { "lang": "es", "value": "La implementaci\u00f3n del protocolo STP en Linux 2.4.x no verifica adecuadamente ciertas longitudes, lo que podr\u00eda permitir a atacantes causar una denegaci\u00f3n de servicio." } ], "id": "CVE-2003-0551", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-08-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-358" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A384" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-358" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A384" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-05-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cygnus:cygnus_network_security:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "05857121-8827-45FD-886F-4269E0336036", "vulnerable": true }, { "criteria": "cpe:2.3:a:cygnus:kerbnet:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE1B0821-64F1-46E3-8DD3-12FFD1B037F5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "AFB8BD89-F049-4C3B-8744-E8D00D752DE0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "08FA60A9-10E1-4ACD-819C-17801FAD7671", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges." } ], "id": "CVE-2000-0392", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-05-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1220" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2025-04-03 01:03
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B9CAFC15-178C-4176-9668-D4A04B63E77B", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C8D6949-89F4-40EF-98F4-8D15628DC345", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*", "matchCriteriaId": "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*", "matchCriteriaId": "6479D85C-1A12-486D-818C-6679F415CA26", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "287CF5FA-D0EC-4FD7-9718-973587EF34DF", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*", "matchCriteriaId": "C88168D4-7DB5-4720-8640-400BB680D0FD", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*", "matchCriteriaId": "968915A1-375B-4C69-BE11-9A393F7F1B0F", "vulnerable": true }, { "criteria": "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "11465DCA-72E5-40E9-9D8E-B3CD470C47E9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3954D0D1-9FDF-47D0-9710-D0FB06955B8B", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A4C5F60-B32D-4D85-BA28-AE11972ED614", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*", "matchCriteriaId": "6A5935C3-3D83-461F-BC26-E03362115C42", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "80AC523B-3106-46F2-B760-803DCF8061F4", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*", "matchCriteriaId": "F8B8D6F3-D15D-489F-A807-17E63F4831F2", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*", "matchCriteriaId": "808189BA-197F-49CE-933E-A728F395749C", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CC7EF0CD-EA39-457B-8E2E-9120B65A5835", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7BC2983F-5212-464B-AC21-8A897DEC1F58", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "EBF17989-D1F2-4B04-80BD-CFABDD482ABA", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", "matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", "matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", "matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", "matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*", "matchCriteriaId": "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*", "matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "580BA1FE-0826-47A7-8BD3-9225E0841EDD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "040B04CD-B891-4F19-A7CC-5C2D462FBD6C", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*", "matchCriteriaId": "5BF29685-7FFC-4093-A1D4-21E4871AF5C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*", "matchCriteriaId": "E72872C9-63AF-417F-BFAE-92B4D350C006", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*", "matchCriteriaId": "80BCF196-5E5A-4F31-BCE7-AA0C748CA922", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*", "matchCriteriaId": "970939C5-1E6F-47B6-97E6-7B2C1E019985", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", "matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*", "matchCriteriaId": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", "matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", "matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8B87C95-4B34-4628-AD03-67D1DE13E097", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F04471C-732F-44EE-AD1B-6305C1DD7DDD", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "E237919A-416B-4039-AAD2-7FAE1F4E100D", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "39149924-188C-40C1-B598-A9CD407C90DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E6501108-5455-48FE-AA82-37AFA5D7EC24", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", "matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*", "matchCriteriaId": "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*", "matchCriteriaId": "9D0EF4A3-2FE5-41E4-A764-30B379ECF081", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*", "matchCriteriaId": "CCF6D59E-8AEA-4380-B86B-0803B2202F16", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*", "matchCriteriaId": "140ABF28-FA39-4D77-AEB2-304962ED48C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*", "matchCriteriaId": "09473DD9-5114-44C5-B56C-6630FBEBCACB", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A7ECD3A4-5A39-4222-8350-524F11D8FFB0", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*", "matchCriteriaId": "D36C140D-E80C-479A-ADA7-18E901549059", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "940712E9-B041-4B7F-BD02-7DD0AE596D65", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "03B887A2-9025-4C5B-8901-71BC63BF5293", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "33264586-7160-4550-9FF9-4101D72F5C9B", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE5E6521-0611-4473-82AC-21655F10FEC0", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*", "matchCriteriaId": "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*", "matchCriteriaId": "8C83ABA2-87CD-429B-9800-590F8256B064", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*", "matchCriteriaId": "A4D9A576-2878-4AC4-AC95-E69CB8A84A71", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*", "matchCriteriaId": "0A1A0B02-CF33-401F-9AB2-D595E586C795", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*", "matchCriteriaId": "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "90FB3825-21A6-4DBE-8188-67672DBE01CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "80623E58-8B46-4559-89A4-C329AACF3CB7", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "AEE6C228-CD93-4636-868B-C19BC1674BE6", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "A645148C-AD0D-46C1-BEE3-10F5C9066279", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*", "matchCriteriaId": "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*", "matchCriteriaId": "02029D75-FAF2-4842-9246-079C7DE36417", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2:*:*:*:*:*:*:*", "matchCriteriaId": "E0146341-364C-4085-A2E1-BC8C260FBA3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*", "matchCriteriaId": "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8496E0D-2507-4C25-A122-0B846CBCA72A", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E383F2A-DFCF-47F8-94EE-3563D41EA597", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D2D87EF0-056E-4128-89EB-2803ED83DEE9", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB3163C1-2044-44DA-9C88-076D75FDF1EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*", "matchCriteriaId": "07E1B690-C58B-4C08-A757-F3DF451FDAAA", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "31F0E14C-7681-4D1A-B982-A51E450B93A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*", "matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*", "matchCriteriaId": "AC604680-2E9E-4DC4-ACDD-74D552A45BA4", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*", "matchCriteriaId": "37A94436-D092-4C7E-B87B-63BC621EE82E", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*", "matchCriteriaId": "862165CF-3CFB-4C6E-8238-86FA85F243C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*", "matchCriteriaId": "056F3336-BAA8-4A03-90B4-7B31710FC1B3", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "9FDC2510-FBB9-429A-B6D4-10AB11F93960", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*", "matchCriteriaId": "5D45127E-A544-40A0-9D34-BD70D95C9772", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*", "matchCriteriaId": "56C69C3E-C895-45C8-8182-7BB412A0C828", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4D9564B-B92E-4C97-87FF-B56D62DCA775", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*", "matchCriteriaId": "B931D4F8-23F5-4ABA-A457-959995D30C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*", "matchCriteriaId": "BE6A023E-9C2A-487F-B5CE-674C766BFE75", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*", "matchCriteriaId": "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2A045971-8756-47E8-9044-C39D08B36F1F", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CAA95881-7231-4FDA-AF73-04DF9FF0B64C", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "62B7F6AD-EDBD-4B09-BDB2-795ED114F2AE", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F045AB7B-1551-46E5-A5CC-BF13C1BB49F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "44E85930-3AAD-420B-8E3E-AEC57344F6C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "52FD4485-BCA2-485A-A0CF-F8152C9DBFA5", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "7CF53BE4-FE2D-4D63-BD0F-A423D0FE3BE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "00993464-BE09-4691-B3F0-51BBA9FB80C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "896AB39E-2078-4BA2-9522-477BD5F98FD1", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "EB9279EC-47CF-45F1-B4CC-B2B332E82E34", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E7300C3E-8105-4C23-89B9-7D29CED18C15", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "90C59DB2-48DA-4172-A1F5-25CF3B5097AE", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "715F4E0B-7E4B-4520-A987-9B3ED3136B75", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3:*:*:*:*:*:*:*", "matchCriteriaId": "9CA1F606-C558-40FD-9300-6E2796F47BA8", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A037FAA6-6D26-4496-BC67-03475B4D1155", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3831DD3-E783-4200-8986-FDBF7DD9BA53", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "699764B6-0F86-4AB0-86A3-4F2E69AD820C", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*", "matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*", "matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*", "matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8FA6420B-9F6A-48F4-A445-12B60A320347", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*", "matchCriteriaId": "09F3FB7B-0F68-49F3-A3B7-977A687A42E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*", "matchCriteriaId": "088F2FF7-96E5-455E-A35B-D99F9854EC6E", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*", "matchCriteriaId": "FFA721BF-1B2E-479F-BF25-02D441BF175B", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*", "matchCriteriaId": "AFEDCE49-21CC-4168-818F-4C638EE3B077", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*", "matchCriteriaId": "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF1A5808-6D5D-48AD-9470-5A6510D17913", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8D09E11C-C5BB-409E-BB0D-7F351250419B", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B06A05D-AA31-441D-9FC2-3558648C3B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0886901-6F93-44C1-B774-84D7E5D9554C", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "3F203A80-7C1E-4A04-8E99-63525E176753", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CA0A204C-158B-4014-A53C-75E0CD63E0DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "085BA581-7DA5-4FA4-A888-351281FD0A7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.17:*:*:*:*:*:*:*", "matchCriteriaId": "EA1C4B3C-5701-4233-BA94-28915713F9C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.18:*:*:*:*:*:*:*", "matchCriteriaId": "28D9F8D7-698A-486A-918A-7DB5CAFBB3CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "D125C2A0-A4B5-48D6-A38A-54755C3FDF4C", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0F85F672-0F21-4AD7-8620-13D82F2ECC22", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "89070041-613A-4F7B-BD6A-C6091D21FC52", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "D9A71933-4BD5-4B11-8B14-D997E75F29CD", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B6BE11D-FC02-4950-A554-08CC9D8B1853", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A53FD0E1-9BAA-43F0-BCC9-0BE8D4356F55", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "B80ADAE8-94D4-46A4-A5ED-FF134D808B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "69FA0221-5073-4D45-950F-119497B53FED", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "C4AE5B43-7C90-4C2A-A215-30F5EC5841C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "2CC1A110-B203-4962-8E1A-74BD98121AF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "B5A92C4D-B024-4D39-9479-409C39586F64", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "E7E0C4F5-CF02-4FF6-AE9B-5B6B70D5C067", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "5E8998CC-E372-46D0-8339-47DC8D92D253", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "AF131FDC-BF8D-4A17-99F0-444EB900E83D", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "880811B3-E78E-456E-972E-DE733F368576", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "22411F18-2B93-405A-A3B5-2CF0A04977C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "C71188B7-E6DC-41E5-B619-367341113501", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "07491444-0196-4504-A971-A5E388B86BBA", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "72BC6CD2-3291-4E69-8DC6-F3AB853F8931", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "CD43EDDF-58A7-4705-B8C7-FD76C35A437D", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "A7C2E603-568F-40F6-9A7C-439E2A51B37F", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "703421A7-E8C5-450B-97EF-FD9D99D4B834", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", "matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*", "matchCriteriaId": "BBE573E8-DD94-4293-99AE-27B9067B3ED9", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*", "matchCriteriaId": "D14413DA-5199-4282-9E22-D347E9D8E469", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "05CC5F49-0E9E-45D8-827D-A5940566DB25", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*", "matchCriteriaId": "5D94EE19-6CE9-4E02-8174-D9954CDBF02B", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*", "matchCriteriaId": "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*", "matchCriteriaId": "8CE38F15-BD42-4171-8670-86AA8169A60C", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", "vulnerable": true }, { "criteria": "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF28C435-C036-4507-8E3F-44E722F9974A", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F2CDFE7-6853-4A31-85C0-50C57A8D606A", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*", "matchCriteriaId": "408A9DB0-81EF-4186-B338-44954E67289B", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*", "matchCriteriaId": "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*", "matchCriteriaId": "303362A5-9C3C-4C85-8C97-2AB12CE01BF6", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "FED22DC1-E06B-4511-B920-6DAB792262D8", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*", "matchCriteriaId": "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F757B2A7-869F-4702-81EB-466317A79D61", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*", "matchCriteriaId": "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F", "vulnerable": true }, { "criteria": "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "64AF1E33-4086-43E2-8F54-DA75A99D4B75", "vulnerable": true }, { "criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "53D16F03-A4C7-4497-AB74-499F208FF059", "vulnerable": true }, { "criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "13A33EC1-836B-4C8C-AC18-B5BD4F90E612", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*", "matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*", "matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*", "matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*", "matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference." }, { "lang": "es", "value": "La funci\u00f3n do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (ca\u00edda) mediante una h\u00e1bil uni\u00f3n SSL/TLS que provoca un puntero nulo." } ], "id": "CVE-2004-0079", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2004-11-23T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/11139" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/17381" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/17398" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/17401" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/18247" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2004/dsa-465" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/288574" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9899" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/11139" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/17381" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/17398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/17401" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/18247" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2004/dsa-465" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/288574" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9899" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
1999-01-04 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Dosemu Slang library in Linux.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in Dosemu Slang library in Linux." } ], "id": "CVE-1999-0390", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-01-04T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-006.1.txt" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/187" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-006.1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/187" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-06-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services." } ], "id": "CVE-2001-0309", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-06-02T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-006.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6380" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-05-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges." } ], "id": "CVE-2001-1028", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-05-28T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/8622.php" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-072.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/8622.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-072.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-02-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
proftpd_project | proftpd | 1.2_pre1 | |
washington_university | wu-ftpd | 2.4.2_beta18 | |
washington_university | wu-ftpd | 2.4.2_beta18_vr9 | |
caldera | openlinux | 1.3 | |
debian | debian_linux | 2.0 | |
redhat | linux | 5.0 | |
redhat | linux | 5.1 | |
sco | openserver | 5.0 | |
sco | openserver | 5.0.2 | |
sco | openserver | 5.0.3 | |
sco | openserver | 5.0.4 | |
sco | openserver | 5.0.5 | |
sco | unixware | 7.0 | |
sco | unixware | 7.0.1 | |
slackware | slackware_linux | 3.4 | |
slackware | slackware_linux | 3.5 | |
slackware | slackware_linux | 3.6 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:proftpd_project:proftpd:1.2_pre1:*:*:*:*:*:*:*", "matchCriteriaId": "CE1015CB-9A33-48D5-861A-A1FC0D8D0FA6", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18:*:*:*:*:*:*:*", "matchCriteriaId": "2D48DE48-5216-42AB-BEA8-EA490C5D4278", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr9:*:*:*:*:*:*:*", "matchCriteriaId": "4989799F-143A-45E5-A30C-9E3203649770", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "EED21F27-4ADA-42AC-B28E-F849F47D4043", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "2C19F7B3-9043-4E53-90DE-92A4387858A7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "0169CBF5-9301-42D2-A6DA-73393BD986D8", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "6236FA51-E996-4E84-A8CC-2635A814CCC6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "035FBF8B-EB91-4211-9979-8A9E913A54A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "B8BA72B4-C4AF-41C6-92ED-30B286E00EF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:unixware:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "17439B5B-0B66-490B-9B53-2C9D576C879F", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:unixware:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "EF9FD7BF-97E4-426D-881F-03C9D5B8895D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "125918E7-53BB-407A-8D95-5D95CDF39A88", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.6:*:*:*:*:*:*:*", "matchCriteriaId": "CE0BBA4F-C61A-4A8E-A7E2-CE0DF76DF592", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto." } ], "id": "CVE-1999-0368", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-02-09T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-07-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
conectiva | linux | 4.0 | |
conectiva | linux | 4.0es | |
conectiva | linux | 4.1 | |
conectiva | linux | 4.2 | |
conectiva | linux | 5.0 | |
conectiva | linux | 5.1 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.3 | |
debian | debian_linux | 2.3 | |
debian | debian_linux | 2.3 | |
debian | debian_linux | 2.3 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
suse | suse_linux | 6.3 | |
suse | suse_linux | 6.3 | |
suse | suse_linux | 6.3 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 7.0 | |
trustix | secure_linux | 1.0 | |
trustix | secure_linux | 1.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*", "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:powerpc:*:*:*:*:*", "matchCriteriaId": "2A32E486-2598-41B3-B6DB-3CC46D239AFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:alpha:*:*:*:*:*", "matchCriteriaId": "33E4AFED-E180-429F-AEAB-E9FC311319E5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:powerpc:*:*:*:*:*", "matchCriteriaId": "FD8008FD-421F-4650-8C42-848B95689CF6", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:sparc:*:*:*:*:*", "matchCriteriaId": "1BAEA161-4A19-4B28-97D0-B741D2BBF7FF", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*", "matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*", "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "8DF1A678-FEF1-4549-8EDC-518444CFC57F", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges." } ], "id": "CVE-2000-0666", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-07-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html" }, { "source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2000-17.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-043.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1480" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4939" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2000-17.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-043.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1480" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4939" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-01-08 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
sgi | irix | 6.5 | |
sgi | irix | 6.5.1 | |
sgi | irix | 6.5.2 | |
sgi | irix | 6.5.3 | |
sgi | irix | 6.5.4 | |
sgi | irix | 6.5.5 | |
sgi | irix | 6.5.6 | |
sgi | irix | 6.5.7 | |
sgi | irix | 6.5.8 | |
sgi | irix | 6.5.9 | |
sgi | irix | 6.5.10 | |
sgi | irix | 6.5.11 | |
sgi | irix | 6.5.12 | |
sgi | irix | 6.5.13 | |
sgi | irix | 6.5.14f | |
sgi | irix | 6.5.14m | |
sgi | irix | 6.5.15f | |
sgi | irix | 6.5.15m | |
sgi | irix | 6.5.16f | |
sgi | irix | 6.5.16m | |
sgi | irix | 6.5.17f | |
sgi | irix | 6.5.17m | |
sgi | irix | 6.5.18f | |
sgi | irix | 6.5.18m | |
debian | debian_linux | 2.1 | |
redhat | linux | 4.1 | |
redhat | linux | 4.2 | |
redhat | linux | 5.0 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "6ECB750B-9F53-4DB6-8B26-71BCCA446FF7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "5663579C-3AD2-4E5B-A595-C8DB984F9C26", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "41AA1290-5039-406F-B195-3A4C018202D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "60CC9410-F6B8-4748-B76F-30626279028E", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*", "matchCriteriaId": "DCC67401-C85A-4E4E-AE61-85FEBBF4346B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*", "matchCriteriaId": "1C4427AC-07C1-4765-981B-B5D86D698C2D", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*", "matchCriteriaId": "63EF0CEE-74A9-45C8-8AFD-77815230ACC6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.14f:*:*:*:*:*:*:*", "matchCriteriaId": "A7B59E7C-B059-41CD-AE33-E9623ADA12BC", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.14m:*:*:*:*:*:*:*", "matchCriteriaId": "0DF1B657-C910-4BB0-828C-09B6A59D988D", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.15f:*:*:*:*:*:*:*", "matchCriteriaId": "72D61A9F-AC57-4DD9-9047-74BFA9BFACFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.15m:*:*:*:*:*:*:*", "matchCriteriaId": "C254FC5D-895D-4EFC-B9A7-74699D9FE65E", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.16f:*:*:*:*:*:*:*", "matchCriteriaId": "27532639-37CD-4BD2-AE48-F741009D3449", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.16m:*:*:*:*:*:*:*", "matchCriteriaId": "F83879DE-1BD7-4FF7-ACC6-5B119DB09BF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*", "matchCriteriaId": "EED22734-8AAC-4897-BB71-438E19B8A005", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*", "matchCriteriaId": "FEA9C28F-18E6-4199-9740-FAB00563EBF7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*", "matchCriteriaId": "C6E63313-9533-478D-ACC0-C050FBA3EACF", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*", "matchCriteriaId": "EA0A7D5D-BDD9-45F8-9BE7-3B01D70C8CC1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP." } ], "id": "CVE-2000-1221", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-01-08T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P" }, { "source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2000-002.html" }, { "source": "cve@mitre.org", "url": "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2000/20000109" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/30308" }, { "source": "cve@mitre.org", "url": "http://www.l0pht.com/advisories/lpd_advisory" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/927" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3840" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2000-002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2000/20000109" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/30308" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.l0pht.com/advisories/lpd_advisory" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3840" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-06-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E66F7BF0-EF7C-4695-9D67-7C1A01C6F9B9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions." }, { "lang": "es", "value": "El manejo de reensamblaje de fragmentos TCP/IP en el Linux kernel 2.4 permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (agotamiento de CPU) mediante ciertos paquetes que causan un elevado n\u00famero de colisiones en la tabla hash." } ], "id": "CVE-2003-0364", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-06-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2003/dsa-311" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-312" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-332" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-336" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-442" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A295" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2003/dsa-311" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-336" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A295" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-06-09 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | linux | 2.0 | |
redhat | linux | 2.1 | |
redhat | linux | 3.0.3 | |
redhat | linux | 4.0 | |
redhat | linux | 4.1 | |
redhat | linux | 4.2 | |
redhat | linux | 5.0 | |
redhat | linux | 5.1 | |
redhat | linux | 5.2 | |
redhat | linux | 5.2 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
sun | solaris | * | |
sun | solaris | 1.1.3 | |
sun | solaris | 1.1.4 | |
sun | solaris | 2.4 | |
sun | sunos | - | |
sun | sunos | 4.1.3 | |
sun | sunos | 4.1.4 | |
sun | sunos | 5.0 | |
sun | sunos | 5.1 | |
sun | sunos | 5.2 | |
sun | sunos | 5.3 | |
sun | sunos | 5.4 | |
sun | sunos | 5.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "5302613E-F0DD-4B46-884C-49A977FD4147", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "674066BB-2576-4AAE-B97F-A4470815F1AC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "445EECD3-2DB9-43D1-B26F-0979A3C02D45", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "07396B95-E434-46C9-A345-27C9EA9BEA26", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "0775CE08-C5AD-4FF7-AEA9-537B1EAE3BDE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:*:*:x86:*:*:*:*:*", "matchCriteriaId": "FEEC0C5A-4A6E-403C-B929-D1EC8B0FE2A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:1.1.3:u1:*:*:*:*:*:*", "matchCriteriaId": "D3373737-C6FC-4D19-845C-B0382AE1DC48", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:1.1.4:*:jl:*:*:*:*:*", "matchCriteriaId": "10EC0267-500D-496F-9D88-7F93F7D4A88B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*", "matchCriteriaId": "1F881110-7B54-49DA-B23A-710273430C44", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*", "matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "615FA6E4-4DE0-422A-9220-F747D95192C9", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "1070749A-65E9-439A-A7CC-3CE529A5D5E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1370216-93EB-400F-9AA6-CB2DC316DAA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "84523B48-218B-45F4-9C04-2C103612DCB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing." } ], "id": "CVE-2000-0118", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-06-09T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=94935300520617\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=94935300520617\u0026w=2" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-10-09 22:29
Modified
2024-11-21 03:55
Severity ?
Summary
Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
qemu | qemu | 2.1.0 | |
qemu | qemu | 2.8.0 | |
qemu | qemu | 2.12.0 | |
canonical | ubuntu_linux | 14.04 | |
canonical | ubuntu_linux | 16.04 | |
canonical | ubuntu_linux | 18.04 | |
canonical | ubuntu_linux | 18.10 | |
debian | debian_linux | 8.0 | |
debian | debian_linux | 9.0 | |
oracle | linux | 7 | |
redhat | linux | 6.0 | |
suse | linux_enterprise_server | 11 | |
suse | linux_enterprise_server | 11 | |
suse | linux_enterprise_server | 12 | |
suse | linux_enterprise_server | 15 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:qemu:qemu:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A47A306F-4E42-467E-ACDA-62028DC93436", "vulnerable": true }, { "criteria": "cpe:2.3:a:qemu:qemu:2.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "242C3AA9-F5FC-4D25-9F96-1DEC709AA9C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:qemu:qemu:2.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "FBB973F5-032B-455F-A465-B677FB30BCB7", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true }, { "criteria": "cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*", "matchCriteriaId": "D1137279-81F0-4F6B-8E91-95590106BADF", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*", "matchCriteriaId": "B12243B2-D726-404C-ABFF-F1AB51BA1783", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*", "matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*", "matchCriteriaId": "B2F3699A-38E4-4E9D-9414-411F71D9E371", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:*:*:*", "matchCriteriaId": "70A029CD-2AC4-4877-B1A4-5C72B351BA27", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used." }, { "lang": "es", "value": "Qemu tiene un desbordamiento de b\u00fafer en pcnet_receive en hw/net/pcnet.c debido a que se emplea un tipo de datos de enteros incorrecto." } ], "id": "CVE-2018-17962", "lastModified": "2024-11-21T03:55:17.350", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-10-09T22:29:00.987", "references": [ { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2018/10/08/1" }, { "source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2892" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Mailing List", "Third Party Advisory" ], "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3826-1/" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2018/dsa-4338" }, { "source": "nvd@nist.gov", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/security/cve/cve-2018-17962" }, { "source": "nvd@nist.gov", "tags": [ "Third Party Advisory" ], "url": "https://linux.oracle.com/cve/CVE-2018-17962.html" }, { "source": "nvd@nist.gov", "tags": [ "Third Party Advisory" ], "url": "https://www.suse.com/security/cve/CVE-2018-17962/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2018/10/08/1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2019:2892" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Mailing List", "Third Party Advisory" ], "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3826-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2018/dsa-4338" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" }, { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 6.2 | |
immunix | immunix | 7.0 | |
immunix | immunix | 7.0_beta | |
university_of_washington | pine | * | |
engardelinux | secure_linux | 1.0.1 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 5.2 | |
redhat | linux | 6.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true }, { "criteria": "cpe:2.3:a:university_of_washington:pine:*:*:*:*:*:*:*:*", "matchCriteriaId": "12627ECC-CFED-4893-8C1C-5CC454A982E1", "versionEndIncluding": "4.33", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:engardelinux:secure_linux:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "79A6E38E-9BC6-4CD7-ABC6-754C9DB07DB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0736", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-10-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 2.0.34 | |
digital | unix | 4.0 | |
netbsd | netbsd | * | |
redhat | linux | 2.0.34 | |
slackware | slackware_linux | 2.0.34 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "89F6AB54-5D9F-4EE2-8AA4-7E61F09C7F17", "vulnerable": true }, { "criteria": "cpe:2.3:o:digital:unix:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E1E08495-C0C5-40A9-A8FF-834F5F6083B3", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF5ACB4A-7B75-4B29-813D-EDE7E566A754", "versionEndIncluding": "1.3.3", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:2.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "F3CA3C2F-739A-4E61-803A-877978D70468", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:2.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "B35CE11D-53A9-4C69-8AC4-2ECE48468125", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero." } ], "id": "CVE-2000-0314", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/7574" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/7574" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-07-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
conectiva | linux | 4.0 | |
conectiva | linux | 4.0es | |
conectiva | linux | 4.1 | |
conectiva | linux | 4.2 | |
conectiva | linux | 5.0 | |
conectiva | linux | 5.1 | |
mandrakesoft | mandrake_linux | 7.1 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2e | |
redhat | linux | 6.2e | |
redhat | linux | 6.2e |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*", "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2e:*:alpha:*:*:*:*:*", "matchCriteriaId": "2A21DA48-A818-4745-8F58-2C17BFEF44CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2e:*:i386:*:*:*:*:*", "matchCriteriaId": "58F0028D-D4BB-4EBC-A665-A4BA95BC29CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2e:*:sparc:*:*:*:*:*", "matchCriteriaId": "25B6F37C-9ACD-49F7-9E55-E0FE0B10BBC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system." } ], "id": "CVE-2000-0633", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-07-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0251.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0117.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-053.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1489" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4944" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0251.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0117.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-053.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1489" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4944" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-12-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack." } ], "id": "CVE-2000-0934", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-12-19T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-062.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1703" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5271" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-062.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1703" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5271" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-12-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
university_of_cambridge | exim | * | |
redhat | linux | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7E4A99A-FC71-4FC2-8F1D-DB29D35752BD", "versionEndIncluding": "3.22", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters." }, { "lang": "es", "value": "Exim 3.22 y anteriores, bajo ciertas configuraciones, no verifica apropiadamente la parte local de una direcci\u00f3n cuando redirige \u00e9sta a una tuber\u00eda (pipe), lo que permitir\u00eda a atacantes remotos ejecutar comandos remotos por medio de metacaracteres de la shell." } ], "id": "CVE-2001-0889", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-12-19T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=100877978506387\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2002/dsa-097" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/283723" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-176.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3728" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7738" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=100877978506387\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2002/dsa-097" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/283723" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-176.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3728" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7738" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1998-09-05 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 1.3.1 | |
redhat | linux | 4.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "7A632089-47D7-410D-AE12-F801193FA18F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \\w option in the PS1 environmental variable when another user changes into that directory." } ], "id": "CVE-1999-1048", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1998-09-05T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=87602746719555\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/1998/19980909" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/8345" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/10542" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=87602746719555\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/1998/19980909" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/8345" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/10542" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3414" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-02-23 00:15
Modified
2024-11-21 05:51
Severity ?
Summary
Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the "Explode message/Explode now" functionality. Local filesystem access is needed by the attacker.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/keybase/client/releases | Release Notes, Third Party Advisory | |
cve@mitre.org | https://hackerone.com/reports/1074930 | Exploit, Issue Tracking, Third Party Advisory | |
cve@mitre.org | https://johnjhacking.com/blog/cve-2021-23827/ | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/keybase/client/releases | Release Notes, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://hackerone.com/reports/1074930 | Exploit, Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://johnjhacking.com/blog/cve-2021-23827/ | Exploit, Third Party Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:keybase:keybase:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB47E767-AB7D-40EA-BC26-2BCA3FD29271", "versionEndExcluding": "5.6.0", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:keybase:keybase:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF8618D1-A963-4F75-94BA-74994AAFB2FF", "versionEndExcluding": "5.6.1", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EBE07A-6FEF-4343-BA5D-58FD175F5CD1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the \"Explode message/Explode now\" functionality. Local filesystem access is needed by the attacker." }, { "lang": "es", "value": "Keybase Desktop Client antes de la versi\u00f3n 5.6.0 en Windows y macOS, y antes de la 5.6.1 en Linux, permite a un atacante obtener medios potencialmente sensibles (como fotos privadas) en los directorios Cache y uploadtemps. No consigue borrar eficazmente las im\u00e1genes almacenadas en la cach\u00e9, ni siquiera despu\u00e9s de haberlas borrado mediante la metodolog\u00eda normal dentro del cliente, o utilizando la funcionalidad \"Explotar mensaje/Explotar ahora\". El atacante necesita acceso al sistema de archivos local." } ], "id": "CVE-2021-23827", "lastModified": "2024-11-21T05:51:54.273", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-02-23T00:15:12.533", "references": [ { "source": "cve@mitre.org", "tags": [ "Release Notes", "Third Party Advisory" ], "url": "https://github.com/keybase/client/releases" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://hackerone.com/reports/1074930" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://johnjhacking.com/blog/cve-2021-23827/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Third Party Advisory" ], "url": "https://github.com/keybase/client/releases" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ], "url": "https://hackerone.com/reports/1074930" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://johnjhacking.com/blog/cve-2021-23827/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-312" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1997-03-01 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:hp:hp-ux:11:*:*:*:*:*:*:*", "matchCriteriaId": "87FB80D8-1BE7-46F7-9F7E-B7DA88D039F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4:*:*:*:*:*:*:*", "matchCriteriaId": "0BAE3D61-9D78-46D7-87EB-5A33ECF86F83", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable." } ], "id": "CVE-1999-0318", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1997-03-01T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0318" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0318" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E02719FF-924A-4E96-AE1D-5994A8D4275E", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*", "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*", "matchCriteriaId": "772E3C7E-9947-414F-8642-18653BB048E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*", "matchCriteriaId": "8D51EC29-8836-4F87-ABF8-FF7530DECBB1", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*", "matchCriteriaId": "518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*", "matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:3.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "E55C28A7-CD21-47CD-AA50-E8B2D89A18E8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "D3C00FC9-AD97-4226-A0EA-7DB14AA592DE", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "44C6203A-D05B-47B1-8BC2-BA021EBAFDEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B3BA7775-30F2-4CA0-BA6E-70ED12A48D90", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "FB038A89-1CA6-4313-B7CE-56C894945FFD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2B3BC86F-5718-4232-BFFF-6244A7C09B8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "E6118CC1-6E51-4E1B-8F58-43B337515222", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "F3D3B348-270F-4209-B31A-2B40F5E4A601", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "91D7C561-4D23-430B-A7D8-137E52B08FF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "55919E74-09E7-44BA-9941-D1B69BB1692F", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "45F3C5D8-8BC3-44EB-917A-D0BA051D3D9D", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2A9C005-4392-4C95-9B92-98EEC73EFE73", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "F0297F56-5F41-48FD-AB47-36E3BD2AB7E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1370216-93EB-400F-9AA6-CB2DC316DAA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "84523B48-218B-45F4-9C04-2C103612DCB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "8DF1A678-FEF1-4549-8EDC-518444CFC57F", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "981A0654-C17D-48BB-A8B3-A728CB159C33", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2AA8956D-F533-42BA-A06B-7CDB0A267B2F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A0AA1204-D181-4E1C-B795-159FC57E86A9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "24740C11-59D0-4071-97BD-8BF7084FC1FC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen." } ], "id": "CVE-2000-0844", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-11-14T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html" }, { "source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2000/20000902" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1634" }, { "source": "cve@mitre.org", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2000/20000902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1634" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges." }, { "lang": "es", "value": "LPRng en Red Hat Linux 7.0 y 7.1 no libera miembros en grupos suplementarios cuando se bajan los privilegios, lo que podr\u00eda permitir a un usuario local elevar sus privilegios." } ], "id": "CVE-2001-0787", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-10-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/l-096.shtml" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2001-077.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/2865" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6703" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/l-096.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2001-077.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/2865" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6703" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-12-11 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | linux | 6.2 | |
trustix | secure_linux | 1.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program." } ], "id": "CVE-2000-1009", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-12-11T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0438.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1871" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5437" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0438.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1871" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5437" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1997-07-17 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
delix | dld | 5.2 | |
caldera | openlinux_lite | 1.1 | |
debian | debian_linux | 4.0 | |
lst | lst_power_linux | 2.2 | |
redhat | linux | 4.0 | |
redhat | linux | 4.1 | |
redhat | linux | 4.2 | |
suse | suse_linux | 5.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:delix:dld:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "8B149610-0B27-4CE2-8A2E-D460529B524F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux_lite:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "183C974A-3C40-4DB0-8883-76C589873422", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", "vulnerable": true }, { "criteria": "cpe:2.3:o:lst:lst_power_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "DABB88D7-AF77-4460-B5FD-23CB2CDE280D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error." } ], "id": "CVE-1999-1182", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1997-07-17T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=87602661419318\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=87602661419351\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=88661732807795\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=87602661419318\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=87602661419351\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=88661732807795\u0026w=2" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-12-11 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "07396B95-E434-46C9-A345-27C9EA9BEA26", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "0775CE08-C5AD-4FF7-AEA9-537B1EAE3BDE", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters." } ], "id": "CVE-2000-1010", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-12-11T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/137890" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1764" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5344" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/137890" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1764" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5344" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1997-04-07 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:university_of_washington:imap:4:*:*:*:*:*:*:*", "matchCriteriaId": "C97FA8D5-1A78-4E3C-BEA8-0C37A9BBE8D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:university_of_washington:pop:3:*:*:*:*:*:*:*", "matchCriteriaId": "2E8FE8B6-213B-48E5-8E62-B2F75AD8F589", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684", "vulnerable": true }, { "criteria": "cpe:2.3:o:bsdi:bsd_os:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "99235B00-0050-42BF-99EF-FCDD72D8627D", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "91D7C561-4D23-430B-A7D8-137E52B08FF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "5302613E-F0DD-4B46-884C-49A977FD4147", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in University of Washington\u0027s implementation of IMAP and POP servers." } ], "id": "CVE-1999-0042", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1997-04-07T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-06-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job." }, { "lang": "es", "value": "Vulnerabilidad desconocida en GNU Ghostscript anterior a la 7.07 permite que atacantes remotos ejecuten comandos arbitrarios, incluso cuando -dSAFER est\u00e1 habilitado, mediante un fichero PostScript da\u00f1ino." } ], "id": "CVE-2003-0354", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-06-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=105465818929172\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:065" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-181.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-182.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A133" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=105465818929172\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-181.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-182.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A133" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-07-19 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
don_libes | expect | 0 | |
don_libes | expect | 1 | |
don_libes | expect | 2 | |
don_libes | expect | 3 | |
don_libes | expect | 4 | |
don_libes | expect | 5.0 | |
don_libes | expect | 5.1 | |
don_libes | expect | 5.2 | |
don_libes | expect | 5.3 | |
don_libes | expect | 5.4 | |
don_libes | expect | 5.5 | |
don_libes | expect | 5.6 | |
don_libes | expect | 5.7 | |
don_libes | expect | 5.8 | |
don_libes | expect | 5.9 | |
don_libes | expect | 5.10 | |
don_libes | expect | 5.11 | |
don_libes | expect | 5.12 | |
don_libes | expect | 5.13 | |
don_libes | expect | 5.14 | |
don_libes | expect | 5.15 | |
don_libes | expect | 5.16 | |
don_libes | expect | 5.17 | |
don_libes | expect | 5.18 | |
don_libes | expect | 5.19 | |
don_libes | expect | 5.20 | |
don_libes | expect | 5.21 | |
don_libes | expect | 5.22 | |
don_libes | expect | 5.23 | |
don_libes | expect | 5.24 | |
don_libes | expect | 5.25 | |
don_libes | expect | 5.26 | |
don_libes | expect | 5.27 | |
don_libes | expect | 5.28 | |
don_libes | expect | 5.29 | |
don_libes | expect | 5.30 | |
don_libes | expect | 5.31 | |
conectiva | linux | 6.0 | |
conectiva | linux | 7.0 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:don_libes:expect:0:*:*:*:*:*:*:*", "matchCriteriaId": "C3DE5021-6C95-42B9-A2F1-2416E1DFFDF8", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:1:*:*:*:*:*:*:*", "matchCriteriaId": "F0B34078-6C72-4160-8C06-CE8DF05F90CF", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:2:*:*:*:*:*:*:*", "matchCriteriaId": "40F92B64-2FC2-494B-80A7-C13799BB0C02", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:3:*:*:*:*:*:*:*", "matchCriteriaId": "68CC2FFF-8CA6-4610-82F4-13C91CCBFF18", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:4:*:*:*:*:*:*:*", "matchCriteriaId": "AE85170E-C60D-4A51-BFD0-A08E0F16266B", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E7522C4-5B5B-49CB-A612-2D3719669EDB", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "022D0F6C-2EC7-4193-A3F8-DB9968A453EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "95B5F3CA-557A-4389-B1F1-4DF2598B3DB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "8AB3F7AB-F00B-424B-9F94-93736B8AC4BE", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "06C6F995-58CC-405B-A11A-225249131FFA", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "EA9D4278-7E36-4704-9709-9F18DD202459", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "E1BBDD23-C9D2-4EC7-A377-D7CCBE5BFB83", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "29CCE2DF-8B6D-4736-BBE9-87E8D9562542", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.8:*:*:*:*:*:*:*", "matchCriteriaId": "0BEB2EE9-C619-4E4A-A89A-A035674ED821", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.9:*:*:*:*:*:*:*", "matchCriteriaId": "2959FA2C-08CD-42A9-A5D5-15568F1E570C", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.10:*:*:*:*:*:*:*", "matchCriteriaId": "FC361FE5-B35A-454F-B860-B07E85135764", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.11:*:*:*:*:*:*:*", "matchCriteriaId": "27488026-A7C7-4691-BD8E-4082947D39D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.12:*:*:*:*:*:*:*", "matchCriteriaId": "D61E571C-24E6-48AF-B82E-4ABE258AF422", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.13:*:*:*:*:*:*:*", "matchCriteriaId": "8995324B-665B-435D-9F80-F0A3A7EC5D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.14:*:*:*:*:*:*:*", "matchCriteriaId": "784F1220-1D89-4AC5-B9FC-F6E53B4997E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.15:*:*:*:*:*:*:*", "matchCriteriaId": "0ED3433E-5FAD-4643-A000-5830D2841B94", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.16:*:*:*:*:*:*:*", "matchCriteriaId": "ACAEE414-0038-457C-9E56-19B1F32E1322", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.17:*:*:*:*:*:*:*", "matchCriteriaId": "D1EDC1A7-8AC3-4329-9574-28F9D62B4BBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.18:*:*:*:*:*:*:*", "matchCriteriaId": "41697D90-1B8F-4C8E-BDF9-6478F052CC97", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.19:*:*:*:*:*:*:*", "matchCriteriaId": "F51F3D11-4B37-4E3A-9DA0-A1E5D8D66283", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.20:*:*:*:*:*:*:*", "matchCriteriaId": "74DD6439-CB30-4156-9853-08AD5ECC7B30", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.21:*:*:*:*:*:*:*", "matchCriteriaId": "FB58864B-CEA9-4E1C-A016-23BB377FEE5D", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.22:*:*:*:*:*:*:*", "matchCriteriaId": "868C41FB-05DD-4C44-880B-2D88B44787C0", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.23:*:*:*:*:*:*:*", "matchCriteriaId": "965E4608-9A40-4018-91DB-1D3CACF64FDD", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.24:*:*:*:*:*:*:*", "matchCriteriaId": "378B08A0-001C-4A1F-9D6D-F32CF4483C7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.25:*:*:*:*:*:*:*", "matchCriteriaId": "D6812A69-900D-44A0-8916-1DA12696D72C", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.26:*:*:*:*:*:*:*", "matchCriteriaId": "EDB1C0AF-8C61-49C4-8F12-EEDE26556B79", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.27:*:*:*:*:*:*:*", "matchCriteriaId": "7131D6F4-DD3D-4E51-BE00-CE8A44011B05", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.28:*:*:*:*:*:*:*", "matchCriteriaId": "1C29001E-4771-4737-A5FD-DDD14573B361", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.29:*:*:*:*:*:*:*", "matchCriteriaId": "B429DFA8-29BA-4F08-BA7D-0A3A5FF1B606", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.30:*:*:*:*:*:*:*", "matchCriteriaId": "94C6A9E5-0FF5-4254-ABAD-D784419AF0A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:don_libes:expect:5.31:*:*:*:*:*:*:*", "matchCriteriaId": "ED82C82B-2227-4C64-A4B0-B597E97E7168", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCE4BBA3-7332-45EE-8C29-BE5A473B559D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "97177EF7-8FC4-4D4D-A8D9-3628AA0035FB", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd." } ], "id": "CVE-2001-1374", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-07-19T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000409" }, { "source": "cve@mitre.org", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2002-148.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/3074" }, { "source": "cve@mitre.org", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187" }, { "source": "cve@mitre.org", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6870" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000409" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2002-148.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/3074" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6870" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 6.2 | |
immunix | immunix | 7.0_beta | |
conectiva | linux | 5.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters." } ], "id": "CVE-2000-1095", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-01-09T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0179.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0596.html" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000340" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2000/20001120" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-071-1.php3?dis=7.1" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-108.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1936" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5516" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0179.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0596.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000340" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2000/20001120" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-071-1.php3?dis=7.1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-108.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5516" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-03-21 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
xfree86_project | x11r6 | 3.3.3 | |
netbsd | netbsd | 1.3.2 | |
netbsd | netbsd | 1.3.3 | |
redhat | linux | 5.1 | |
redhat | linux | 5.2 | |
slackware | slackware_linux | 3.3 | |
slackware | slackware_linux | 3.4 | |
slackware | slackware_linux | 3.5 | |
slackware | slackware_linux | 3.6 | |
slackware | slackware_linux | 4.0 | |
suse | suse_linux | 5.1 | |
suse | suse_linux | 5.2 | |
suse | suse_linux | 6.0 | |
suse | suse_linux | 6.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "C104B02C-3F3B-4DB4-8A1D-65A7DAA380EB", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "06F2131E-F9F2-4E65-B95C-B52DB25C69F5", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "125918E7-53BB-407A-8D95-5D95CDF39A88", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.6:*:*:*:*:*:*:*", "matchCriteriaId": "CE0BBA4F-C61A-4A8E-A7E2-CE0DF76DF592", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "CC3B1DD9-10B5-40FE-AE56-D068C41653DE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service." } ], "id": "CVE-1999-0433", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-03-21T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1996-01-02 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:rxvt:rxvt:*:*:*:*:*:*:*:*", "matchCriteriaId": "A9305637-EC79-4BD5-82FC-A1DF3A3D32F3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "674066BB-2576-4AAE-B97F-A4470815F1AC", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "FFC0D816-7D38-4CE1-B78C-3A02195713D5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter." } ], "id": "CVE-1999-1186", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1996-01-02T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=87602167418966\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=87602167418966\u0026w=2" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-05-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cygnus:cygnus_network_security:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "05857121-8827-45FD-886F-4269E0336036", "vulnerable": true }, { "criteria": "cpe:2.3:a:cygnus:kerbnet:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE1B0821-64F1-46E3-8DD3-12FFD1B037F5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "AFB8BD89-F049-4C3B-8744-E8D00D752DE0", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "08FA60A9-10E1-4ACD-819C-17801FAD7671", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges." } ], "id": "CVE-2000-0391", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-05-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/4876" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/4876" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1220" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-12-03 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys." } ], "id": "CVE-2000-0357", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-12-03T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.redhat.com/corp/support/errata/RHSA1999058-01.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/corp/support/errata/RHSA1999058-01.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-07-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
michael_k._johnson | pam_console | 0.66 | |
michael_k._johnson | pam_console | 0.72_unpatched | |
conectiva | linux | 4.0 | |
conectiva | linux | 4.0es | |
conectiva | linux | 4.1 | |
conectiva | linux | 4.2 | |
conectiva | linux | 5.0 | |
conectiva | linux | 5.1 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:michael_k._johnson:pam_console:0.66:*:*:*:*:*:*:*", "matchCriteriaId": "0D11E305-8077-4210-9115-B5047AE8C25C", "vulnerable": true }, { "criteria": "cpe:2.3:a:michael_k._johnson:pam_console:0.72_unpatched:*:*:*:*:*:*:*", "matchCriteriaId": "487A2F8B-E4FE-4181-9B6F-A99AE6850D1D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*", "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled." } ], "id": "CVE-2000-0668", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-07-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0398.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0455.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-044.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1513" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5001" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0398.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0455.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1513" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5001" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-06-16 17:15
Modified
2024-11-21 05:46
Severity ?
Summary
IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239.
References
▶ | URL | Tags | |
---|---|---|---|
psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/199239 | VDB Entry, Vendor Advisory | |
psirt@us.ibm.com | https://www.ibm.com/support/pages/node/6464039 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/199239 | VDB Entry, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/pages/node/6464039 | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ibm | resilient_security_orchestration_automation_and_response | 38.0 | |
redhat | linux | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ibm:resilient_security_orchestration_automation_and_response:38.0:*:*:*:*:*:*:*", "matchCriteriaId": "00863999-85CE-4E74-B01B-29C64C97C0CD", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EBE07A-6FEF-4343-BA5D-58FD175F5CD1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239." }, { "lang": "es", "value": "IBM Resilient SOAR versi\u00f3n V38.0, podr\u00eda permitir a un atacante local con privilegios obtener informaci\u00f3n confidencial debido a un cifrado inapropiado o inexistente. IBM X-Force ID: 199239" } ], "id": "CVE-2021-20567", "lastModified": "2024-11-21T05:46:47.357", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "psirt@us.ibm.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 0.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-06-16T17:15:07.817", "references": [ { "source": "psirt@us.ibm.com", "tags": [ "VDB Entry", "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199239" }, { "source": "psirt@us.ibm.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://www.ibm.com/support/pages/node/6464039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "VDB Entry", "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199239" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://www.ibm.com/support/pages/node/6464039" } ], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-311" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-03-08 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:squid:squid:*:*:*:*:*:*:*:*", "matchCriteriaId": "169C4A52-3191-423A-97C9-0E86A8D8160E", "versionEndIncluding": "2.4_stable_2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*", "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "6A1EF00A-52E9-4FD8-98FD-3998225D8655", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*", "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service." }, { "lang": "es", "value": "Error de memoria en SNMP de Squid STABLE2 y versiones anteriores permite a un atacante remoto provocar una denegaci\u00f3n del servicio." } ], "id": "CVE-2002-0069", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-03-08T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/8260.php" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/4146" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/8260.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/4146" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-12-21 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
caldera | openlinux_workstation | 3.1 | |
redhat | linux_powertools | 6.2 | |
caldera | openlinux_eserver | 3.1 | |
redhat | linux | 7.0 | |
redhat | linux | 7.2 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.2 | |
suse | suse_linux | 7.3 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:caldera:openlinux_workstation:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "BB41DE44-C3A1-4CC9-ACA7-4EC171D68910", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:linux_powertools:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "A5AE3BF4-237D-4D84-9753-512A642141A0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux_eserver:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "BA1B334D-F259-4DD8-838C-17446476820F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands." }, { "lang": "es", "value": "Vulnerabilidad de cadena de formato en la funci\u00f3n de retrollamada (callback) en common.c en la librer\u00eda Cyrus SASL (cyrus-sasl) podr\u00eda permitr a atacantes remotos ejecutar comandos de su elecci\u00f3n." } ], "id": "CVE-2001-0869", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-12-21T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000444" }, { "source": "cve@mitre.org", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3" }, { "source": "cve@mitre.org", "url": "http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-150.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-151.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3498" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7443" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000444" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-150.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-151.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3498" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7443" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2020-08-28 15:15
Modified
2024-11-21 04:43
Severity ?
Summary
IBM Resilient SOAR V38.0 users may experience a denial of service of the SOAR Platform due to a insufficient input validation. IBM X-Force ID: 165589.
References
▶ | URL | Tags | |
---|---|---|---|
psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/165589 | VDB Entry, Vendor Advisory | |
psirt@us.ibm.com | https://www.ibm.com/support/pages/node/6323645 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/165589 | VDB Entry, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/pages/node/6323645 | Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ibm | resilient_security_orchestration_automation_and_response | 38.0 | |
redhat | linux | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ibm:resilient_security_orchestration_automation_and_response:38.0:*:*:*:*:*:*:*", "matchCriteriaId": "00863999-85CE-4E74-B01B-29C64C97C0CD", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EBE07A-6FEF-4343-BA5D-58FD175F5CD1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Resilient SOAR V38.0 users may experience a denial of service of the SOAR Platform due to a insufficient input validation. IBM X-Force ID: 165589." }, { "lang": "es", "value": "IBM Resilient SOAR versi\u00f3n V38.0, los usuarios pueden experimentar una denegaci\u00f3n de servicio de la Plataforma SOAR debido a una comprobaci\u00f3n insuficiente de la entrada. IBM X-Force ID: 165589" } ], "id": "CVE-2019-4533", "lastModified": "2024-11-21T04:43:41.633", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "psirt@us.ibm.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2020-08-28T15:15:12.033", "references": [ { "source": "psirt@us.ibm.com", "tags": [ "VDB Entry", "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/165589" }, { "source": "psirt@us.ibm.com", "tags": [ "Vendor Advisory" ], "url": "https://www.ibm.com/support/pages/node/6323645" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "VDB Entry", "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/165589" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.ibm.com/support/pages/node/6323645" } ], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-02-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html | Broken Link | |
cve@mitre.org | http://secunia.com/advisories/7979 | Broken Link | |
cve@mitre.org | http://secunia.com/advisories/8114 | Broken Link | |
cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2003:021 | Third Party Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-020.html | Broken Link, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html | Broken Link | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/7979 | Broken Link | |
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/8114 | Broken Link | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2003:021 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-020.html | Broken Link, Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos_ftp_client | * | |
redhat | linux | 6.2 | |
redhat | linux | 7.0 | |
redhat | linux | 7.1 | |
redhat | linux | 7.2 | |
redhat | linux | 7.3 | |
redhat | linux | 8.0 | |
mandrakesoft | mandrake_multi_network_firewall | 8.2 | |
mandrakesoft | mandrake_linux | 8.1 | |
mandrakesoft | mandrake_linux | 8.2 | |
mandrakesoft | mandrake_linux | 9.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mit:kerberos_ftp_client:*:*:*:*:*:*:*:*", "matchCriteriaId": "B51B344D-A39A-4318-B291-88C5FD8513A1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "E4F3F3BB-E004-4FD9-9580-F2D5F3ED3701", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client." }, { "lang": "es", "value": "El cliente de ftp Kerberos permite a sitios FTP remotos ejecutar c\u00f3digo arbitrario mediante un car\u00e1cter de tuber\u00eda (|) en un nombre de fichero que recupera el cliente" } ], "id": "CVE-2003-0041", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-02-19T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/7979" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/8114" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:021" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-020.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/7979" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/8114" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:021" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-020.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnu:mailman:2.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "EC6B30F6-70A8-43C7-BA5C-6DD8A6ED829D", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "767101D3-ABB0-4D34-AA28-75F78A392F39", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges." } ], "id": "CVE-2000-0701", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-10-20T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0474.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0479.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-030.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/73220" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1539" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000802105050.A11733%40rak.isternet.sk" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0474.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0479.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/73220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1539" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000802105050.A11733%40rak.isternet.sk" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-04-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html | Vendor Advisory | |
cve@mitre.org | http://www.securityfocus.com/bid/1111 | Exploit, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1111 | Exploit, Vendor Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request." } ], "id": "CVE-2000-0263", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-04-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1111" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1111" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*", "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*", "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*", "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*", "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*", "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*", "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*", "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*", "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*", "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*", "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*", "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*", "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*", "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*", "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*", "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*", "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*", "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*", "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*", "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*", "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*", "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*", "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*", "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*", "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*", "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*", "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*", "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*", "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*", "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*", "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows." } ], "id": "CVE-2005-3624", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18334" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18373" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18414" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18425" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18463" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/236-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/236-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1996-12-04 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:isc:inn:1.4sec:*:*:*:*:*:*:*", "matchCriteriaId": "E5D0063D-01CE-49E2-A19A-FA861F3C40CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:inn:1.4sec2:*:*:*:*:*:*:*", "matchCriteriaId": "967E86C5-3635-49FF-A98A-C9B2BC85A812", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:inn:1.4unoff3:*:*:*:*:*:*:*", "matchCriteriaId": "14DBB010-4064-4B46-834C-6FD5F1FE78FE", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:inn:1.4unoff4:*:*:*:*:*:*:*", "matchCriteriaId": "EEE0D317-4F02-4896-95FC-20B64EB3A91F", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:inn:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "9915A668-8E8C-4EC8-A72A-6937EC7D3496", "vulnerable": true }, { "criteria": "cpe:2.3:a:netscape:news_server:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "A0FB9EFB-F5C3-447B-A1B7-DB762F93D8F2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:h:nec:goah_intrasv:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "39F6E390-A2CF-4F42-83EC-65B23EC644CA", "vulnerable": true }, { "criteria": "cpe:2.3:h:nec:goah_networksv:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "11389E13-8EE5-4C33-9A6D-4B30849F0722", "vulnerable": true }, { "criteria": "cpe:2.3:h:nec:goah_networksv:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3C409173-AC55-493F-9B55-51A69D933F04", "vulnerable": true }, { "criteria": "cpe:2.3:h:nec:goah_networksv:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "2CC1F3C7-D016-44B4-843A-34538227668B", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Command execution via shell metachars in INN daemon (innd) 1.5 using \"newgroup\" and \"rmgroup\" control messages, and others." } ], "id": "CVE-1999-0043", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "1996-12-04T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2003-07-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
adobe | acrobat | 5.0.6 | |
xpdf | xpdf | 1.1 | |
mandrakesoft | mandrake_linux | 9.0 | |
mandrakesoft | mandrake_linux | 9.1 | |
mandrakesoft | mandrake_linux_corporate_server | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | linux | 7.1 | |
redhat | linux | 7.2 | |
redhat | linux | 7.3 | |
redhat | linux | 8.0 | |
redhat | linux | 9.0 | |
redhat | linux_advanced_workstation | 2.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B453FA1D-0FE9-4324-9644-E167561926C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E66F7BF0-EF7C-4695-9D67-7C1A01C6F9B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink." }, { "lang": "es", "value": "Varios visores de PDF, incluidos Adobe Acrobat 5.06 y Xpdf 1.01 permiten a atacantes remotos la ejecuci\u00f3n arbitraria de comandos mediante metacaracteres de shell en un hiperv\u00ednculo embebido." } ], "id": "CVE-2003-0434", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-07-24T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/9037" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/9038" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/200132" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/9037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/9038" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/200132" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-02-28 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
nmh | nmh | 1.0.2 | |
redhat | linux | 5.2 | |
redhat | linux | 5.2 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
turbolinux | turbolinux | 3.5b2 | |
turbolinux | turbolinux | 4.2 | |
turbolinux | turbolinux | 4.4 | |
turbolinux | turbolinux | 6.0.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:nmh:nmh:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CEE22340-554C-4E8F-970B-27264B89F0B0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "07396B95-E434-46C9-A345-27C9EA9BEA26", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "0775CE08-C5AD-4FF7-AEA9-537B1EAE3BDE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:3.5b2:*:*:*:*:*:*:*", "matchCriteriaId": "667CF388-298D-4B64-9BA5-89D153FFA998", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "5D15A193-3E01-467C-AEAD-497F4600DB06", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "F7C765FF-0A3D-4BF4-B236-609658776ACA", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message." } ], "id": "CVE-2000-0196", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-02-28T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-006.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1018" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1018" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.13:*:*:*:*:*:*:*", "matchCriteriaId": "917A16B8-65F3-4C5D-904E-DD0FBD46A3F2", "vulnerable": true }, { "criteria": "cpe:2.3:a:enlightenment:imlib:1.9.14:*:*:*:*:*:*:*", "matchCriteriaId": "89F6F148-15BA-4F07-A7A6-457B54FB234E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*", "matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files." }, { "lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer basados en el mont\u00f3n en imlib 1.9.14 y anteriores, que es usado en gkrellm y varios gestores de ventas, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) y ejecutar c\u00f3digo de su elecci\u00f3n mediante ciertos ficheros de im\u00e1genes." } ], "id": "CVE-2004-1025", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-01-10T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:007" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-651.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11830" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10786" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:007" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-651.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11830" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10786" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-09-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
university_of_cambridge | exim | * | |
conectiva | linux | * | |
debian | debian_linux | 4.0 | |
redhat | linux | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7E4A99A-FC71-4FC2-8F1D-DB29D35752BD", "versionEndIncluding": "3.22", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "C74C8F2C-92F4-4A9F-BF5A-8B5DF1A50DC7", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers." } ], "id": "CVE-2001-0690", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-09-20T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-06/0041.html" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000402" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2001/dsa-058" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-078.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/2828" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6671" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-06/0041.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000402" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2001/dsa-058" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-078.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/2828" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6671" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-06-01 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 2.1 | |
linux | linux_kernel | 2.2.0 | |
redhat | linux | 6.0 | |
suse | suse_linux | 6.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "146F7A77-A950-4CAD-BDA9-C239696F569D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths." } ], "id": "CVE-1999-0804", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-06-01T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/302" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/302" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-07-15 22:30
Modified
2025-04-09 00:30
Severity ?
Summary
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
fedoraproject | fedora_core | 6.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux_desktop | 4.0 | |
redhat | linux | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fedoraproject:fedora_core:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "74E4B2FB-BED0-4076-A9C5-6DE09CAC7582", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*", "matchCriteriaId": "49EF5B77-9BC9-4AE8-A677-48E5E576BE63", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*", "matchCriteriaId": "36389D32-61C1-4487-8399-FA7D2864FACD", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*", "matchCriteriaId": "49B67F74-AF8F-4A27-AA8A-A8479E256A9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file." }, { "lang": "es", "value": "El script init.d para el servidor de fuentes xfs de X.Org X11 en varias distribuciones de Linux podr\u00eda permitir a los usuarios locales cambiar los permisos de archivos arbitrarios por medio de un ataque de tipo symlink en el archivo temporal /tmp/.font-unix." } ], "id": "CVE-2007-3103", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-07-15T22:30:00.000", "references": [ { "source": "secalert@redhat.com", "url": "http://bugs.gentoo.org/show_bug.cgi?id=185660" }, { "source": "secalert@redhat.com", "url": "http://bugzilla.redhat.com/242903" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=557" }, { "source": "secalert@redhat.com", "url": "http://osvdb.org/40945" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26056" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26081" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26282" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27240" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35674" }, { "source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200710-11.xml" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2007/dsa-1342" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-0519.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-0520.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/473869/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/24888" }, { "source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1018375" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35375" }, { "source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-1485" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10802" }, { "source": "secalert@redhat.com", "url": "https://www.exploit-db.com/exploits/5167" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00095.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00096.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.gentoo.org/show_bug.cgi?id=185660" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugzilla.redhat.com/242903" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=557" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/40945" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26056" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26081" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/26282" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/27240" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/35674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200710-11.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2007/dsa-1342" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-0519.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-0520.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/473869/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/24888" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-1485" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10802" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/5167" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00095.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00096.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-59" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-10-07 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "143809B4-A40E-426D-9800-C268AECBCA88", "versionEndIncluding": "6.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm." } ], "id": "CVE-1999-1347", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-10-07T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=93942774609925\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=93942774609925\u0026w=2" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1998-03-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file." } ], "id": "CVE-1999-1407", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1998-03-09T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=88950856416985\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/7294.php" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/368" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=88950856416985\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/7294.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/368" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1996-11-16 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Local users can start Sendmail in daemon mode and gain root privileges.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
caldera | network_desktop | 1.0 | |
eric_allman | sendmail | 8.7 | |
eric_allman | sendmail | 8.8 | |
eric_allman | sendmail | 8.8.1 | |
eric_allman | sendmail | 8.8.2 | |
bsdi | bsd_os | 2.1 | |
freebsd | freebsd | 2.1.5 | |
freebsd | freebsd | 2.1.6 | |
hp | hp-ux | 10.00 | |
hp | hp-ux | 10.01 | |
hp | hp-ux | 10.10 | |
hp | hp-ux | 10.20 | |
ibm | aix | 4.2 | |
redhat | linux | 4.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:caldera:network_desktop:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C6CA6D9E-90A8-4A56-A6E9-24618F3FC4F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:eric_allman:sendmail:8.7:*:*:*:*:*:*:*", "matchCriteriaId": "31E3751E-859F-47E5-8048-FCBA450DD4B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:eric_allman:sendmail:8.8:*:*:*:*:*:*:*", "matchCriteriaId": "C973CF06-BEE8-4D79-8649-1510E9EFC29D", "vulnerable": true }, { "criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "56D2BAF2-F430-41A1-8DEE-1D9CB2A56C32", "vulnerable": true }, { "criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "5E36E877-6028-49DE-8B2E-3087A141F8EC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "CA26ABBE-9973-45FA-9E9B-82170B751219", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*", "matchCriteriaId": "3187435B-C052-4DBA-AA79-F8AC0287EE14", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*", "matchCriteriaId": "53BBFE9A-6846-4625-91AC-47AA0BC0933A", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*", "matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*", "matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Local users can start Sendmail in daemon mode and gain root privileges." } ], "id": "CVE-1999-0130", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1996-11-16T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/716" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/716" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1998-03-01 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
A Unix account has a default, null, blank, or missing password.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*", "matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11:*:*:*:*:*:*:*", "matchCriteriaId": "87FB80D8-1BE7-46F7-9F7E-B7DA88D039F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Unix account has a default, null, blank, or missing password." } ], "id": "CVE-1999-0502", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1998-03-01T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0502" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0502" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-07-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "086DC60F-F530-4515-8F3D-87F30DB9B322", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D538927-82D5-476E-9C85-2E9297316D44", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "2A904832-A6D6-45D4-B07C-79ED1FE47A80", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "1BB554A4-EEC2-4E17-9F32-27A580B9E389", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "191DB249-6A73-4561-8CCA-565D1525CB31", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "34A5D9A5-FB1D-4ACF-846A-4DB73196122C", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "41400CE6-FA51-435C-93F7-B31FE42F18AE", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "6022ABEB-6825-4A5F-9884-74F94C2387F8", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "D2F15789-334D-460D-B5B3-FCC71087D107", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F77B1548-BB6D-4618-AE7B-E97F91A0AF5D", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "B7064C52-1211-42B8-BF1F-C22D800AED07", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "1CD95826-E44A-48C6-BAAB-77A905CAE6B3", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "FEEA6BB6-41FC-4F15-A95F-9B052F062454", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "E90766C1-6DBD-435C-85E1-920DAFA26D67", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8CD13DAE-9588-4540-9183-FB80C507F985", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "526366F3-52F0-4816-A356-8F39B718C048", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "AC07AD0D-5DF9-41A4-8592-CEFF1842355D", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "30017C56-42A9-4AF9-B5B3-7357E424F837", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "C8A51F38-3F5A-4F6D-93EE-776B5C2FF48F", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "8DBEC27E-3220-42CE-B6CC-675F387CB506", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "E641DFFB-CBAF-4DCF-944F-443CFF836A53", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "A552E270-5C9C-40DC-B23D-97C8D995B8FE", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "552F2E25-DDB8-49A6-844A-8520696DBE5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "03D75A36-41C4-464F-8DC4-42C841ABC087", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C3EE919-D05C-4625-85FE-132F6F2B932C", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "20D99A58-8D7E-4586-A9BF-1DD2A1DBB8D3", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DEBA0118-545E-4D7B-B819-34D157B2BA6D", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "67826609-F4CA-42CB-A5D0-B4503DDE2C92", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "61676BBD-95B8-44C9-BD66-79F00381BF86", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "719A9B1D-8E32-461F-BCD4-F72C6AD3E63E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field." } ], "id": "CVE-2001-0977", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-07-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000417" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2001-18.html" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2001/dsa-068" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/935800" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/1905" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2001-098.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/3049" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6904" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000417" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.cert.org/advisories/CA-2001-18.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2001/dsa-068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/935800" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/1905" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2001-098.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/3049" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6904" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-08-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "C1DE93B9-1ADD-4B19-BA32-7D9F9CCD293F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*", "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "6EAAC51F-9DC5-4026-8147-1B74975D6183", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "6A1EF00A-52E9-4FD8-98FD-3998225D8655", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*", "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt." }, { "lang": "es", "value": "Desbordamiento de buffer en newt.c de la librer\u00eda de ventanas newt (libnewt) 0.50.33 y anteriores que podr\u00eda permitir a atacantes causar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo arbitrario en programas que usen libnewt." } ], "id": "CVE-2002-0506", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-08-12T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://online.securityfocus.com/archive/1/264699" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/8700.php" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/4393" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://online.securityfocus.com/archive/1/264699" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/8700.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/4393" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*", "matchCriteriaId": "E040A866-0D2C-40E1-B1FB-DB600B389E27", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*", "matchCriteriaId": "D71083B4-1736-4501-8DE8-BC24AC1447AA", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:powerpc:*:*:*:*:*", "matchCriteriaId": "2A32E486-2598-41B3-B6DB-3CC46D239AFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0138", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2001/dsa-016" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2189" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2001/dsa-016" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2189" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-03-08 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:squid:squid:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5F50EF3-9CC0-4E49-8B37-E39A3228CB82", "versionEndIncluding": "2.4_stable_3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*", "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "6A1EF00A-52E9-4FD8-98FD-3998225D8655", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*", "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters." }, { "lang": "es", "value": "Squid 2.4 STABLE3 y versiones anteriores permite a atacantes remotos causar la denegaci\u00f3n de servicios por volcado del n\u00facleo (core dump) y ejecutar c\u00f3digo arbitrario mediante una direcci\u00f3n URL ftp:// mal construida." } ], "id": "CVE-2002-0068", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-03-08T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=101440163111826\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.caldera.com/support/security/advisories/CSSA-2002-010.0.txt" }, { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/8258.php" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2002_008_squid_txt.html" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/5378" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/4148" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=101440163111826\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.caldera.com/support/security/advisories/CSSA-2002-010.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/8258.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2002_008_squid_txt.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/5378" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/4148" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-12-15 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*", "matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*", "matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*", "matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*", "matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*", "matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*", "matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*", "matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*", "matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*", "matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*", "matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*", "matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*", "matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*", "matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*", "matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*", "matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*", "matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*", "matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*", "matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*", "matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*", "matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*", "matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*", "matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*", "matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*", "matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*", "matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*", "matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*", "matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*", "matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*", "matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*", "matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*", "matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*", "matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*", "matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*", "matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*", "matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*", "matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*", "matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*", "matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*", "matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*", "matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*", "matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*", "matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*", "matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*", "matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*", "matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*", "matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*", "matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*", "matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*", "matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*", "matchCriteriaId": "E120257D-346B-4BA6-A431-E6F820FBB5FB", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*", "matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*", "matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*", "matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*", "matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*", "matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*", "matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*", "matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*", "matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*", "matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*", "matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*", "matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*", "matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*", "matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*", "matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*", "matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*", "matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*", "matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*", "matchCriteriaId": "4B130EB7-A951-4717-A906-E2F602F7B69F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*", "matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*", "matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow." } ], "id": "CVE-2004-1333", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-12-15T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/17826" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/20162" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/20163" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/20202" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/20338" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1067" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1069" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1070" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1082" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:218" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11956" }, { "source": "cve@mitre.org", "tags": [ "URL Repurposed" ], "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18523" }, { "source": "cve@mitre.org", "url": "https://usn.ubuntu.com/47-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/17826" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20162" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20163" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20202" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1067" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1069" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1070" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1082" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:218" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11956" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "URL Repurposed" ], "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18523" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/47-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1996-10-08 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Bash treats any character with a value of 255 as a command separator.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:yggdrasil:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "7467132F-CA92-462F-8E2C-E0EEBD956E7B", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*", "matchCriteriaId": "056B3397-81A9-4128-9F49-ECEBE1743EE8", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*", "matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "445EECD3-2DB9-43D1-B26F-0979A3C02D45", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Bash treats any character with a value of 255 as a command separator." } ], "id": "CVE-1999-0234", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1996-10-08T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2009-05-14 17:30
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | windows | * | |
novell | netware | * | |
redhat | linux | * | |
suse | suse_linux | - | |
hp | data_protector_express | 3.5 | |
hp | data_protector_express | 3.5 | |
hp | data_protector_express | 3.5 | |
hp | data_protector_express | 4.0 | |
hp | data_protector_express | 4.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false }, { "criteria": "cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF45C68A-5F83-4090-A0C1-A09EC2987706", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": false }, { "criteria": "cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "1FB65EF0-0E6A-4178-8564-3CC96891A072", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:hp:data_protector_express:3.5:sp1:*:*:*:*:*:*", "matchCriteriaId": "0B416366-2680-41E2-ABF9-5CD8D89C7FBA", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:data_protector_express:3.5:sp2:*:*:*:*:*:*", "matchCriteriaId": "3F5B5D2E-4692-4DA5-805E-B449CFD9DA5A", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:data_protector_express:3.5:sp2:*:*:sse:*:*:*", "matchCriteriaId": "95F46633-43B3-416F-89CC-EA6A03EFAA4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:data_protector_express:4.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "AED70E63-BA67-4A68-A121-C3E80F2D1EF0", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:data_protector_express:4.0:sp1:*:*:sse:*:*:*", "matchCriteriaId": "4D5B564A-E034-4E65-BCF9-224CBB175F98", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets." }, { "lang": "es", "value": "Vulnerabilidad no especificada en el m\u00f3dulo dpwinsup (dpwinsup.dll) para dpwingad (dpwingad.exe) en HP Data Protector Express y Express SSE 3.x en versiones anteriores a build 47065 y Express y Express SSE 4.x en versiones anteriores a build 46537, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o lectura de porciones de memoria a trav\u00e9s de uno o m\u00e1s paquetes manipulados." } ], "id": "CVE-2009-0714", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2009-05-14T17:30:00.547", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://ivizsecurity.com/security-advisory-iviz-sr-09002.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/35084" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/34955" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1022220" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1309" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/9006" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/9007" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://ivizsecurity.com/security-advisory-iviz-sr-09002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://secunia.com/advisories/35084" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/34955" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id?1022220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/1309" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/9006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "https://www.exploit-db.com/exploits/9007" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1997-05-21 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*", "matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Arbitrary command execution via metamail package using message headers, when user processes attacker\u0027s message using metamail." } ], "id": "CVE-1999-0037", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1997-05-21T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0037" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-12-06 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4D1E6298-EDF5-438F-8DFD-16A514CB938A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:i686:*:*:*:*:*", "matchCriteriaId": "75D77C6F-2125-4548-86ED-70A48E2D335A", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:athlon:*:*:*:*:*", "matchCriteriaId": "36393930-7292-4AEC-8E1E-3D0019934AFC", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:athlon_smp:*:*:*:*:*", "matchCriteriaId": "C2618F2F-042B-4938-A7C8-2C2D1C387D52", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:i386:*:*:*:*:*", "matchCriteriaId": "862D6BE3-0712-4745-A0A6-EE6B3F1542AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:i386_src:*:*:*:*:*", "matchCriteriaId": "41A053DD-92F8-4DC7-B331-D462AF3CEB19", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:i586:*:*:*:*:*", "matchCriteriaId": "28076543-85FB-4ED8-9EB2-F3C235CC2D74", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:i586_smp:*:*:*:*:*", "matchCriteriaId": "8A2D5C8E-D36C-4DF2-B02B-A7AEA5E2F89B", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:i686:*:*:*:*:*", "matchCriteriaId": "B965D3F0-6FF5-405D-BF47-B59D3B264E50", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:kernel:2.4.20-8:*:i686_smp:*:*:*:*:*", "matchCriteriaId": "DA772F5D-5C17-4FEA-AD80-8FCC82627817", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow." }, { "lang": "es", "value": "Desbordamiento de enteros en la funci\u00f3n ubsec_keysetup del controlador de Linux Broadcom 5820 cryptonet permite a usuarios locales causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante una variable add_dsa_buf_bytes negativa, lo que conduce a un desbordamiento de b\u00fafer." } ], "id": "CVE-2004-0619", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-12-06T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11936" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/p-047.shtml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-549.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10599" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/p-047.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-549.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10599" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-04-06 01:19
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*", "matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*", "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*", "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*", "matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E", "vulnerable": false }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "77FF1412-A7DA-4669-8AE1-5A529AB387FB", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "AFADBA5A-8168-40B8-B5CA-0F1F7F9193D2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:*:*:*", "matchCriteriaId": "13B6DE5F-3143-4C63-8D8D-4679CF0F9DC8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client_workstation:*:*:*:*:*", "matchCriteriaId": "50988CF6-07E5-44BA-81C2-C33DD8E7151B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*", "matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia32:*:*:*:*:*", "matchCriteriaId": "49F400D5-4CA7-4F7D-818B-DEBF58DEB113", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*", "matchCriteriaId": "EF15862D-6108-4791-8817-622123C8D10C", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*", "matchCriteriaId": "F1672825-AB87-4402-A628-B33AE5B7D4C8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*", "matchCriteriaId": "939216D8-9E6C-419E-BC0A-EC7F0F29CE95", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*", "matchCriteriaId": "E520564E-964D-4758-945B-5EF0C35E605C", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*", "matchCriteriaId": "2294D5A7-7B36-497A-B0F1-514BC49E1423", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "AB80939E-8B58-48B6-AFB7-9CF518C0EE1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*", "matchCriteriaId": "80FF1759-5F86-4046-ABA3-EB7B0038F656", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*", "matchCriteriaId": "61B11116-FA94-4989-89A1-C7B551D5195A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:rpath:linux:1:*:*:*:*:*:*:*", "matchCriteriaId": "A2B66383-4124-4579-BC8E-36DBE7ABB543", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*", "matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "CC77812C-D84E-493E-9D21-1BA6C2129E70", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow." }, { "lang": "es", "value": "Desbordamiento de entero en la funci\u00f3n FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar c\u00f3digo de su elecci\u00f3n mediante una primera l\u00ednea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de mont\u00f3n." } ], "evaluatorSolution": "The vendor has addressed this vulnerability in the following product update: http://xorg.freedesktop.org/archive/X11R7.2/patches/", "id": "CVE-2007-1352", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 3.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:M/Au:S/C:N/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 4.4, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-04-06T01:19:00.000", "references": [ { "source": "secalert@redhat.com", "url": "http://issues.foresightlinux.org/browse/FL-223" }, { "source": "secalert@redhat.com", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502" }, { "source": "secalert@redhat.com", "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html" }, { "source": "secalert@redhat.com", "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html" }, { "source": "secalert@redhat.com", "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/24741" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/24745" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/24756" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/24758" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/24765" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/24770" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/24771" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/24772" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/24791" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25004" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25006" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25195" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25216" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25305" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/33937" }, { "source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1" }, { "source": "secalert@redhat.com", "url": "http://support.apple.com/kb/HT3438" }, { "source": "secalert@redhat.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2007/dsa-1294" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html" }, { "source": "secalert@redhat.com", "url": "http://www.openbsd.org/errata39.html#021_xorg" }, { "source": "secalert@redhat.com", "url": "http://www.openbsd.org/errata40.html#011_xorg" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/23283" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/23300" }, { "source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1017857" }, { "source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/usn-448-1" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/1217" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/1548" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419" }, { "source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-1213" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://issues.foresightlinux.org/browse/FL-223" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/24741" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24745" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/24756" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24758" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24765" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/24770" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24771" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24772" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25195" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25216" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25305" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/33937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT3438" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2007/dsa-1294" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openbsd.org/errata39.html#021_xorg" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openbsd.org/errata40.html#011_xorg" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/23283" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/23300" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1017857" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-448-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/1217" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/1548" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-1213" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
national_science_foundation | squid_web_proxy | 2.3_stable4 | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 | |
trustix | secure_linux | 1.1 | |
trustix | secure_linux | 1.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true }, { "criteria": "cpe:2.3:a:national_science_foundation:squid_web_proxy:2.3_stable4:*:*:*:*:*:*:*", "matchCriteriaId": "05BE866B-EBCC-4847-98E9-C89288748B79", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ], "id": "CVE-2001-0142", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2001/dsa-019" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-003.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2184" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5921" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2001/dsa-019" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-003.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2184" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5921" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*", "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*", "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*", "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*", "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*", "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*", "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*", "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*", "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*", "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*", "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*", "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*", "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*", "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*", "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*", "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*", "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*", "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*", "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*", "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*", "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*", "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*", "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*", "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*", "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*", "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*", "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*", "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*", "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*", "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*", "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference." } ], "id": "CVE-2005-3626", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18373" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18414" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18425" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18463" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/236-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/236-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-08-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Red Hat Linux 7.1 sets insecure permissions on swap files created during installation, which can allow a local attacker to gain additional privileges by reading sensitive information from the swap file, such as passwords.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Red Hat Linux 7.1 sets insecure permissions on swap files created during installation, which can allow a local attacker to gain additional privileges by reading sensitive information from the swap file, such as passwords." } ], "id": "CVE-2001-0635", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-08-14T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.osvdb.org/5564" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-058.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6493" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/5564" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-058.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6493" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-12-04 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "apmscript in Apmd in Red Hat 7.2 \"Enigma\" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins." } ], "id": "CVE-2001-0946", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-12-04T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=100743394701962\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/5493" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=56389" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8268" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=100743394701962\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/5493" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=56389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8268" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack." } ], "id": "CVE-1999-1328", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=90383955231511\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/7232.php" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/6068" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=90383955231511\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/7232.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/6068" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | firefox | 0.8 | |
mozilla | firefox | 0.9 | |
mozilla | firefox | 0.9 | |
mozilla | firefox | 0.9.1 | |
mozilla | firefox | 0.9.2 | |
mozilla | firefox | 0.9.3 | |
mozilla | mozilla | 1.7 | |
mozilla | mozilla | 1.7 | |
mozilla | mozilla | 1.7.1 | |
mozilla | mozilla | 1.7.2 | |
mozilla | thunderbird | 0.6 | |
mozilla | thunderbird | 0.7 | |
mozilla | thunderbird | 0.7.1 | |
mozilla | thunderbird | 0.7.2 | |
mozilla | thunderbird | 0.7.3 | |
netscape | navigator | 7.0 | |
netscape | navigator | 7.0.2 | |
netscape | navigator | 7.1 | |
netscape | navigator | 7.2 | |
conectiva | linux | 9.0 | |
conectiva | linux | 10.0 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux_desktop | 3.0 | |
redhat | fedora_core | core_1.0 | |
redhat | linux | 7.3 | |
redhat | linux | 7.3 | |
redhat | linux | 7.3 | |
redhat | linux | 9.0 | |
redhat | linux_advanced_workstation | 2.1 | |
redhat | linux_advanced_workstation | 2.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "93C142C5-3A85-432B-80D6-2E7B1B4694F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*", "matchCriteriaId": "2434FCE7-A50B-4527-9970-C7224B31141C", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*", "matchCriteriaId": "5633FB6E-D623-49D4-9858-4E20E64DE458", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "429ECA02-DBCD-45FB-942C-CA4BC1BC8A72", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "B5F0DC80-5473-465C-9D7F-9589F1B78E12", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "567FF916-7DE0-403C-8528-7931A43E0D18", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "FCEAEDEB-0EE7-4221-B9B8-65438580D331", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*", "matchCriteriaId": "150F1B28-0FAB-4880-B1D5-7F244A1C4D31", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "2FE7EA3B-3BF8-4696-9488-78506074D62D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "CCFD7AF7-0FE9-4F56-98B0-60FC7F7F1B78", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "8E2A68B4-9101-4AC5-9E82-EEB5A5405541", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "EDA6C390-9BA7-4355-8C0A-CD68FF6AC236", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "0C75B125-E5BB-49A0-B12D-6CF40D8A5DB7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "70DDB53E-7A12-4A08-8999-DB68E6DF901E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "6514EDE8-7C78-4C72-A313-E0915D89E4EF", "vulnerable": true }, { "criteria": "cpe:2.3:a:netscape:navigator:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "30A0231A-B664-46C2-9602-B60EAD6AEC12", "vulnerable": true }, { "criteria": "cpe:2.3:a:netscape:navigator:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C632D06D-0172-46DA-A7F9-0BC484365BD7", "vulnerable": true }, { "criteria": "cpe:2.3:a:netscape:navigator:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "4C1BC491-9C5A-46D5-B6C3-5A8E5A1A0AF3", "vulnerable": true }, { "criteria": "cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "842CBD30-B4BA-4FCF-9152-9DBEBE59857C", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*", "matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows." } ], "id": "CVE-2004-0904", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=255067" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/847200" }, { "source": "cve@mitre.org", "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11171" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17381" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10952" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=255067" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/847200" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11171" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17381" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10952" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-01-08 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
sgi | irix | 6.5 | |
sgi | irix | 6.5.1 | |
sgi | irix | 6.5.2 | |
sgi | irix | 6.5.3 | |
sgi | irix | 6.5.4 | |
sgi | irix | 6.5.5 | |
sgi | irix | 6.5.6 | |
sgi | irix | 6.5.7 | |
sgi | irix | 6.5.8 | |
sgi | irix | 6.5.9 | |
sgi | irix | 6.5.10 | |
sgi | irix | 6.5.11 | |
sgi | irix | 6.5.12 | |
sgi | irix | 6.5.13 | |
sgi | irix | 6.5.14f | |
sgi | irix | 6.5.14m | |
sgi | irix | 6.5.15f | |
sgi | irix | 6.5.15m | |
sgi | irix | 6.5.16f | |
sgi | irix | 6.5.16m | |
sgi | irix | 6.5.17f | |
sgi | irix | 6.5.17m | |
sgi | irix | 6.5.18f | |
sgi | irix | 6.5.18m | |
redhat | linux | 4.0 | |
redhat | linux | 4.1 | |
redhat | linux | 4.2 | |
redhat | linux | 5.0 | |
redhat | linux | 5.1 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "6ECB750B-9F53-4DB6-8B26-71BCCA446FF7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "5663579C-3AD2-4E5B-A595-C8DB984F9C26", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "41AA1290-5039-406F-B195-3A4C018202D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "60CC9410-F6B8-4748-B76F-30626279028E", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.11:*:*:*:*:*:*:*", "matchCriteriaId": "DCC67401-C85A-4E4E-AE61-85FEBBF4346B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.12:*:*:*:*:*:*:*", "matchCriteriaId": "1C4427AC-07C1-4765-981B-B5D86D698C2D", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.13:*:*:*:*:*:*:*", "matchCriteriaId": "63EF0CEE-74A9-45C8-8AFD-77815230ACC6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.14f:*:*:*:*:*:*:*", "matchCriteriaId": "A7B59E7C-B059-41CD-AE33-E9623ADA12BC", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.14m:*:*:*:*:*:*:*", "matchCriteriaId": "0DF1B657-C910-4BB0-828C-09B6A59D988D", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.15f:*:*:*:*:*:*:*", "matchCriteriaId": "72D61A9F-AC57-4DD9-9047-74BFA9BFACFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.15m:*:*:*:*:*:*:*", "matchCriteriaId": "C254FC5D-895D-4EFC-B9A7-74699D9FE65E", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.16f:*:*:*:*:*:*:*", "matchCriteriaId": "27532639-37CD-4BD2-AE48-F741009D3449", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.16m:*:*:*:*:*:*:*", "matchCriteriaId": "F83879DE-1BD7-4FF7-ACC6-5B119DB09BF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*", "matchCriteriaId": "EED22734-8AAC-4897-BB71-438E19B8A005", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*", "matchCriteriaId": "FEA9C28F-18E6-4199-9740-FAB00563EBF7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*", "matchCriteriaId": "C6E63313-9533-478D-ACC0-C050FBA3EACF", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*", "matchCriteriaId": "EA0A7D5D-BDD9-45F8-9BE7-3B01D70C8CC1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file." } ], "id": "CVE-2000-1220", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-01-08T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P" }, { "source": "cve@mitre.org", "url": "http://seclists.org/lists/bugtraq/2000/Jan/0116.html" }, { "source": "cve@mitre.org", "url": "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2000/20000109" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/39001" }, { "source": "cve@mitre.org", "url": "http://www.l0pht.com/advisories/lpd_advisory" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-002.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/927" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3841" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/lists/bugtraq/2000/Jan/0116.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2000/20000109" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/39001" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.l0pht.com/advisories/lpd_advisory" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/927" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3841" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-06-09 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
tcpdump does not properly drop privileges to the pcap user when starting up.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:tcpdump:3.4-39:*:i386:*:*:*:*:*", "matchCriteriaId": "655DF4AC-5573-4832-B601-3121C4206741", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:tcpdump:3.6.2-9:*:i386:*:*:*:*:*", "matchCriteriaId": "BF77546F-26C2-48F7-B041-BA2C9863445C", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:tcpdump:3.6.2-9:*:ia64:*:*:*:*:*", "matchCriteriaId": "2F42C3A9-230E-411C-BF76-4DBC1B074E46", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:tcpdump:3.6.2-12:*:i386:*:*:*:*:*", "matchCriteriaId": "296411E3-2A64-4F21-A9D8-AD31B1EDCB0A", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:tcpdump:3.6.3-3:*:i386:*:*:*:*:*", "matchCriteriaId": "51C18B7E-006A-4D48-BB4D-0F3972032CC8", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:tcpdump:3.7.2-1:*:i386:*:*:*:*:*", "matchCriteriaId": "3B52A38A-A3A6-4D33-9B83-15DF47001B41", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "tcpdump does not properly drop privileges to the pcap user when starting up." }, { "lang": "es", "value": "Cuando se arranca tcpdump, \u00e9ste no rebaja privilegios adecuadamente al usuario pcap" } ], "id": "CVE-2003-0194", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-06-09T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-151.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-174.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-151.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-174.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-06-08 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
todd_miller | sudo | 1.5 | |
debian | debian_linux | 2.1 | |
redhat | linux | 6.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:todd_miller:sudo:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "9D796959-61D2-42D5-BF93-1A93AE1392BC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist." } ], "id": "CVE-1999-1496", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-06-08T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/14665" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/321" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2277" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/14665" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/321" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2277" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-03-15 20:19
Modified
2025-04-09 00:30
Severity ?
Summary
The luci server component in conga preserves the password between page loads for the Add System/Cluster task flow by storing the password in the Value attribute of a password entry field, which allows attackers to steal the password by performing a "view source" or other operation to obtain the web page. NOTE: there are limited circumstances under which such an attack is feasible.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:conga:conga:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D03758E-CEC5-4E1A-A21C-A86CBFB77FB2", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The luci server component in conga preserves the password between page loads for the Add System/Cluster task flow by storing the password in the Value attribute of a password entry field, which allows attackers to steal the password by performing a \"view source\" or other operation to obtain the web page. NOTE: there are limited circumstances under which such an attack is feasible." }, { "lang": "es", "value": "El componente de servidor luci en conga, conserva la contrase\u00f1a entre cargas de p\u00e1gina para el flujo de tarea Add System/Cluster almacenando la contrase\u00f1a en el atributo Value de un campo de introducci\u00f3n de contrase\u00f1a, lo cual permite a atacantes obtener la contrase\u00f1a realizando una operaci\u00f3n \"ver c\u00f3digo fuente\" u otras que obtengan la p\u00e1gina web.\r\nNOTA: hay ciertas circunstancias bajo las cuales este ataque es factible." } ], "id": "CVE-2007-1462", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-03-15T20:19:00.000", "references": [ { "source": "secalert@redhat.com", "url": "http://osvdb.org/35086" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228637" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/35086" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228637" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-01-04 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
turbolinux | turbolinux | 3.5b2 | |
turbolinux | turbolinux | 4.2 | |
turbolinux | turbolinux | 4.4 | |
turbolinux | turbolinux | 6.0.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:3.5b2:*:*:*:*:*:*:*", "matchCriteriaId": "667CF388-298D-4B64-9BA5-89D153FFA998", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "5D15A193-3E01-467C-AEAD-497F4600DB06", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "F7C765FF-0A3D-4BF4-B236-609658776ACA", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack." } ], "id": "CVE-2000-0052", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-01-04T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.l0pht.com/advisories/pam_advisory" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-001.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/913" }, { "source": "cve@mitre.org", "url": "http://xforce.iss.net/search.php3?type=2\u0026pattern=linux-pam-userhelper" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.l0pht.com/advisories/pam_advisory" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://xforce.iss.net/search.php3?type=2\u0026pattern=linux-pam-userhelper" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-09-01 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in INN inews program.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:isc:inn:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CFFB533-89C9-493A-851E-393D502C8A9E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in INN inews program." } ], "id": "CVE-1999-0705", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-09-01T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/616" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/616" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ], "id": "CVE-2001-0140", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-002.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2183" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5922" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-002.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2183" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5922" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-08-19 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable." } ], "id": "CVE-1999-0740", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-08-19T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/594" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/594" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1998-04-08 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
data_general | dg_ux | y2k_patchr4.11mu05 | |
data_general | dg_ux | y2k_patchr4.12mu03 | |
data_general | dg_ux | y2k_patchr4.20mu01 | |
data_general | dg_ux | y2k_patchr4.20mu02 | |
data_general | dg_ux | y2k_patchr4.20mu03 | |
isc | bind | 4.9 | |
isc | bind | 8 | |
ibm | aix | 4.1 | |
ibm | aix | 4.2 | |
ibm | aix | 4.3 | |
nec | asl_ux_4800 | 11 | |
nec | asl_ux_4800 | 13 | |
netbsd | netbsd | 1.3 | |
netbsd | netbsd | 1.3.1 | |
redhat | linux | 4.2 | |
redhat | linux | 5.0 | |
sco | open_desktop | 3.0 | |
sco | openserver | 5.0 | |
sco | unix | 3.2v4 | |
sco | unixware | 2.1 | |
sco | unixware | 7.0 | |
sun | sunos | 5.3 | |
sun | sunos | 5.4 | |
sun | sunos | 5.5 | |
sun | sunos | 5.5.1 | |
sun | sunos | 5.6 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.11mu05:*:*:*:*:*:*:*", "matchCriteriaId": "D85C6D97-CF88-4F47-8580-1E1271C3BEB8", "vulnerable": true }, { "criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.12mu03:*:*:*:*:*:*:*", "matchCriteriaId": "803355A3-10BA-45DA-AFF7-867A06AEE420", "vulnerable": true }, { "criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.20mu01:*:*:*:*:*:*:*", "matchCriteriaId": "59665BA5-0818-44E7-9102-62060C88431A", "vulnerable": true }, { "criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.20mu02:*:*:*:*:*:*:*", "matchCriteriaId": "930A6977-EF72-4693-96E0-603FE096EB4A", "vulnerable": true }, { "criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.20mu03:*:*:*:*:*:*:*", "matchCriteriaId": "BDE41F0D-8CCB-4A79-B05E-E08E37B1E15C", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:bind:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "49A7C6F2-F769-447A-8C8B-9002BD6FBF6D", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*", "matchCriteriaId": "7904F3D9-A6B0-4ED6-8BAD-2D26C118C0F2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:nec:asl_ux_4800:11:*:*:*:*:*:*:*", "matchCriteriaId": "707579B5-701A-4A36-8567-AB2E11759322", "vulnerable": true }, { "criteria": "cpe:2.3:o:nec:asl_ux_4800:13:*:*:*:*:*:*:*", "matchCriteriaId": "E7C620CF-5046-4A6A-A479-AC315D1E36BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:open_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "0AD2701A-E930-4F4D-85F7-02F80135E34E", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "2C19F7B3-9043-4E53-90DE-92A4387858A7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:unix:3.2v4:*:*:*:*:*:*:*", "matchCriteriaId": "51756048-EB32-4A72-9ED4-937AF2B9DE37", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:unixware:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "168248AC-E4F6-4C8F-9A21-0E6ABE029DFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:unixware:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "17439B5B-0B66-490B-9B53-2C9D576C879F", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "C1A13A9E-E24A-4AEE-AD42-2BCA5990E4B9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages." } ], "id": "CVE-1999-0010", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1998-04-08T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "source": "cve@mitre.org", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-03-30 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.securityfocus.com/bid/359 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/359 | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
caldera | openlinux | 1.2 | |
debian | debian_linux | 2.0 | |
debian | debian_linux | 2.0 | |
debian | debian_linux | 2.1 | |
netbsd | netbsd | 1.3.3 | |
redhat | linux | 5.1 | |
suse | suse_linux | 5.3 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "A5C77FA7-C977-4223-B6AC-91B82C45129C", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.0:r5:*:*:*:*:*:*", "matchCriteriaId": "D3067DBB-FBA1-48E9-9EC8-5A8D74B9F2D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service." } ], "id": "CVE-1999-0434", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-03-30T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/359" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/359" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-03-22 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
alessandro_rubini | gpm | 1.18.1 | |
alessandro_rubini | gpm | 1.19 | |
debian | debian_linux | 2.0 | |
debian | debian_linux | 2.1 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
suse | suse_linux | 5.3 | |
suse | suse_linux | 6.0 | |
suse | suse_linux | 6.1 | |
suse | suse_linux | 6.2 | |
suse | suse_linux | 6.3 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:alessandro_rubini:gpm:1.18.1:*:*:*:*:*:*:*", "matchCriteriaId": "FD68842D-DD39-4FFD-95B5-0A4BB28D9F94", "vulnerable": true }, { "criteria": "cpe:2.3:o:alessandro_rubini:gpm:1.19:*:*:*:*:*:*:*", "matchCriteriaId": "8156E792-8374-41CD-B60C-DAB2911E7169", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:pre_potato:*:*:*:*:*", "matchCriteriaId": "2B19ABCB-70F0-450E-9A71-2EE8F2BFB2EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root." } ], "id": "CVE-2000-0229", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-03-22T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_45.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-009.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-045.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1069" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_45.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1069" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-06-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
apple | safari | 1.0 | |
apple | safari | 1.0 | |
kde | konqueror_embedded | 0.1 | |
kde | kde | * | |
redhat | linux | 7.1 | |
redhat | linux | 7.2 | |
turbolinux | turbolinux_server | 7.0 | |
turbolinux | turbolinux_server | 8.0 | |
turbolinux | turbolinux_workstation | 7.0 | |
turbolinux | turbolinux_workstation | 8.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:*", "matchCriteriaId": "64FE1AA1-32D1-4825-8B2B-E66093937D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "E760CD65-A10E-44F1-B835-DA6B77057C93", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:konqueror_embedded:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "68C3DE36-4687-4157-8C7F-223B289B9A8B", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:kde:kde:*:*:*:*:*:*:*:*", "matchCriteriaId": "4EE0724E-B37D-4177-A117-74F5A39BCC5B", "versionEndIncluding": "2.2.2", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "839D2945-1417-43F5-A526-A14C491CBCEE", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "EA8F79B3-2FBD-4CF1-B202-AB302C5F9CC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack." }, { "lang": "es", "value": "Konqueror Embedded y KDE 2.2.2 y anteriores no validan el campo Common Name (CN) en certificados X.509, lo que permitir\u00eda que atacantes remotos falsifiquen certificados mediante un ataque \"man-in-the-middle\"." } ], "id": "CVE-2003-0370", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-06-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-361" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20030602-1.txt" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-192.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-193.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/320707" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/7520" }, { "source": "cve@mitre.org", "url": "http://www.turbolinux.com/security/TLSA-2003-36.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-361" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20030602-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-192.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-193.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/320707" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/7520" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.turbolinux.com/security/TLSA-2003-36.txt" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-01-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:openldap:openldap:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D5CCDD0-2D88-4E8A-AD04-7E6101F6690C", "versionEndIncluding": "2.0.19", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "552F2E25-DDB8-49A6-844A-8520696DBE5B", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a \"replace\" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs." }, { "lang": "es", "value": "sldap en OpenLDAP 2.0 a 2.0.19 permite a usuarios locales, y a usuarios an\u00f3nimos en versiones anteriores a 2.0.8, llevar a cabo una acci\u00f3n \"replace\" en controles de acceso sin valores, lo que causa que OpenLDAP borre atributos no mandatorios que de otra forma estar\u00edan protegidos por listas de control de accesso (ACL)." } ], "id": "CVE-2002-0045", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-01-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-001.0.txt" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000459" }, { "source": "cve@mitre.org", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:013" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.openldap.org/lists/openldap-announce/200201/msg00002.html" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/5395" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2002-014.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3945" }, { "source": "cve@mitre.org", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0201-020" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7978" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-001.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000459" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:013" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.openldap.org/lists/openldap-announce/200201/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/5395" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2002-014.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3945" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0201-020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7978" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-09-30 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844).
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844)." } ], "id": "CVE-2000-1207", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-09-30T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97034397026473\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97063854808796\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-059.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-075.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97034397026473\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97063854808796\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-059.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-075.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-07-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
caldera | openlinux_server | 3.1 | |
immunix | immunix | 6.2 | |
immunix | immunix | 7.0 | |
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_single_network_firewall | 7.2 | |
squid | squid_web_proxy | 2.3stable3 | |
squid | squid_web_proxy | 2.3stable4 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 7.0 | |
trustix | secure_linux | 1.1 | |
trustix | secure_linux | 1.01 | |
trustix | secure_linux | 1.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:caldera:openlinux_server:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A218B67-B87B-4A5E-B9EF-EF39ADEAD9FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true }, { "criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63", "vulnerable": true }, { "criteria": "cpe:2.3:a:squid:squid_web_proxy:2.3stable3:*:*:*:*:*:*:*", "matchCriteriaId": "1D5299EE-5CA6-4A9E-9543-BDB0ADF9ED68", "vulnerable": true }, { "criteria": "cpe:2.3:a:squid:squid_web_proxy:2.3stable4:*:*:*:*:*:*:*", "matchCriteriaId": "69466E6B-CD99-4A6F-87EE-1CC430573509", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "9406727E-365C-466F-8406-82B393537559", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning." } ], "id": "CVE-2001-1030", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-07-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01" }, { "source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/197727" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/197727" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1997-02-03 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | linux | 4.0 | |
slackware | slackware_linux | 3.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "9FDBA67D-84A7-42D6-A994-7C967B6306D3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "rcp on various Linux systems including Red Hat 4.0 allows a \"nobody\" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file." } ], "id": "CVE-1999-1299", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1997-02-03T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=87602167420509\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=87602167420509\u0026w=2" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-02-23 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt." } ], "id": "CVE-2000-0219", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-02-23T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1005" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=200002230248.NAA19185%40cairo.anu.edu.au" }, { "source": "cve@mitre.org", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=200002230248.NAA19185%40cairo.anu.edu.au" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 2.1 | |
debian | debian_linux | 2.2 | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
redhat | linux | 5.2 | |
redhat | linux | 6.2 | |
slackware | slackware_linux | * | |
trustix | secure_linux | 1.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:slink:*:*:*:*:*", "matchCriteriaId": "FAB6D992-C0E9-4951-85FD-5FE54045AEAF", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:potato:*:*:*:*:*", "matchCriteriaId": "470653CE-3BF8-498E-B673-82AC854B23C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages." } ], "id": "CVE-2000-0867", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-11-14T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html" }, { "source": "cve@mitre.org", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97726239017741\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/5824" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-061.html" }, { "source": "cve@mitre.org", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5259" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97726239017741\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/5824" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-061.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5259" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-03-08 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://www.debian.org/security/2002/dsa-113 | Patch, Vendor Advisory | |
cve@mitre.org | http://www.iss.net/security_center/static/8222.php | Third Party Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2002-020.html | Patch, Vendor Advisory | |
cve@mitre.org | http://www.securityfocus.com/bid/2116 | Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2002/dsa-113 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/8222.php | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2002-020.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/2116 | Patch, Third Party Advisory, VDB Entry, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
freebsd | freebsd | 3.1 | |
freebsd | freebsd | 3.2 | |
freebsd | freebsd | 3.3 | |
freebsd | freebsd | 3.4 | |
freebsd | freebsd | 3.5 | |
freebsd | freebsd | 3.5.1 | |
freebsd | freebsd | 4.0 | |
freebsd | freebsd | 4.1 | |
freebsd | freebsd | 4.1.1 | |
freebsd | freebsd | 5.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 7.0 | |
redhat | linux | 7.0 | |
redhat | linux | 7.1 | |
redhat | linux | 7.1 | |
redhat | linux | 7.2 | |
suse | suse_linux | 6.2 | |
suse | suse_linux | 6.3 | |
suse | suse_linux | 7.0 | |
gnu | ncurses | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*", "matchCriteriaId": "E040A866-0D2C-40E1-B1FB-DB600B389E27", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*", "matchCriteriaId": "D71083B4-1736-4501-8DE8-BC24AC1447AA", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:ia-32:*:*:*:*:*", "matchCriteriaId": "E9D468DB-C4AE-4ACB-B3B7-2FAEA90D6A49", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:powerpc:*:*:*:*:*", "matchCriteriaId": "2A32E486-2598-41B3-B6DB-3CC46D239AFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "47E02BE6-4800-4940-B269-385B66AC5077", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*", "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "6A1EF00A-52E9-4FD8-98FD-3998225D8655", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnu:ncurses:*:*:*:*:*:*:*:*", "matchCriteriaId": "305BF03D-747B-4049-81B5-65B8C7CEF408", "versionEndExcluding": "5.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to \"routines for moving the physical cursor and scrolling.\"" }, { "lang": "es", "value": "El desbordamiento del b\u00fafer en ncurses 5.0, y el paquete de compatibilidad ncurses4 basado en \u00e9l, permite a usuarios locales la obtenci\u00f3n de privilegios." } ], "id": "CVE-2002-0062", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-03-08T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2002/dsa-113" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.iss.net/security_center/static/8222.php" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-020.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2116" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2002/dsa-113" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.iss.net/security_center/static/8222.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-020.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2116" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-120" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-01-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnu:enscript:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D3BDB18-C459-4790-B0E1-2207C24C285F", "versionEndIncluding": "1.6.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files." }, { "lang": "es", "value": "Enscript 1.5.1 y anteriores permiten a usaurios locales sobreescribir ficheros arbitrarios del usuario Enscript mediante un ataque de enlaces simb\u00f3licos (symlink attack) en ficheros temporales." } ], "id": "CVE-2002-0044", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-01-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2002/dsa-105" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2002-012.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/advisories/3818" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3920" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2002/dsa-105" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2002-012.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/advisories/3818" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3920" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7932" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-08-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mandrakesoft | mandrake_single_network_firewall | 7.2 | |
hp | secure_os | 1.0 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux | 8.1 | |
mandrakesoft | mandrake_linux | 8.1 | |
mandrakesoft | mandrake_linux | 8.2 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 7.0 | |
redhat | linux | 7.0 | |
redhat | linux | 7.1 | |
redhat | linux | 7.1 | |
redhat | linux | 7.1 | |
redhat | linux | 7.2 | |
redhat | linux | 7.2 | |
redhat | linux | 7.2 | |
redhat | linux | 7.3 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*", "matchCriteriaId": "B345284D-6842-47C0-B823-B5DDC30CC8A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "613A22EC-D93C-48B0-B97C-3E0DDFBD0B62", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "6EAAC51F-9DC5-4026-8147-1B74975D6183", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*", "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh." }, { "lang": "es", "value": "setpwnam.c en el paquete util-linux, como se incluye en Red Hat Linux 7.3 y antieriores, y en otros sistemas operativos, no bloquea adecuadamente un fichero temporal cuando se modifica /etc/passwd, lo que puede permitir a usuarios locales ganar privilegios mediante una compleja condici\u00f3n de carrera que usa un descriptor de fichero abierto en utilidades como chfn y chsh." } ], "id": "CVE-2002-0638", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-08-12T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://online.securityfocus.com/advisories/4320" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html" }, { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/9709.php" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/405955" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/5164" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/5344" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://online.securityfocus.com/advisories/4320" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/9709.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/405955" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/5164" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/5344" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-06-21 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 2.0 | |
debian | debian_linux | 2.1 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.3 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
redhat | linux | 5.0 | |
redhat | linux | 5.1 | |
redhat | linux | 5.2 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings." } ], "id": "CVE-2000-0607", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-06-21T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1371" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006192340340.19998-100000%40ferret.lmh.ox.ac.uk" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1371" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006192340340.19998-100000%40ferret.lmh.ox.ac.uk" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-07-03 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
caldera | openlinux | 2.3 | |
caldera | openlinux | 2.4 | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
redhat | linux | 5.2 | |
redhat | linux | 5.2 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "23B38FCC-2C86-4E84-860B-EBAE0FA123B6", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "A63714ED-A697-4AC3-AF13-3B028F9A87EF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "07396B95-E434-46C9-A345-27C9EA9BEA26", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "0775CE08-C5AD-4FF7-AEA9-537B1EAE3BDE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "makewhatis in Linux man package allows local users to overwrite files via a symlink attack." } ], "id": "CVE-2000-0566", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-07-03T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-021.0.txt" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0390.html" }, { "source": "cve@mitre.org", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:015" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-041.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1434" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4900" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-021.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0390.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:015" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-041.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1434" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4900" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-01-21 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5." } ], "id": "CVE-2000-0093", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-01-21T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0093" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0093" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1998-10-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:bsdi:bsd_os:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "2F5E922C-239D-4F98-87ED-BB7998BE99C5", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "A5C77FA7-C977-4223-B6AC-91B82C45129C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "5302613E-F0DD-4B46-884C-49A977FD4147", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "674066BB-2576-4AAE-B97F-A4470815F1AC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "445EECD3-2DB9-43D1-B26F-0979A3C02D45", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems." } ], "id": "CVE-1999-0002", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1998-10-12T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/j-006.shtml" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/121" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/j-006.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/121" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-09-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 6.2 | |
immunix | immunix | 7.0 | |
immunix | immunix | 7.0_beta | |
redhat | linux | 5.2 | |
redhat | linux | 6.2 | |
redhat | linux | 7.0 | |
suse | suse_linux | 6.0 | |
suse | suse_linux | 6.1 | |
suse | suse_linux | 6.2 | |
suse | suse_linux | 6.3 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option." } ], "id": "CVE-2001-0641", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-09-20T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-05/0087.html" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2001_019_man_txt.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-069.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/190136" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2711" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6530" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-05/0087.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2001_019_man_txt.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-069.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/190136" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2711" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6530" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-11-13 19:29
Modified
2024-11-21 03:49
Severity ?
Summary
A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures.
References
▶ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:3592 | Vendor Advisory | |
secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:3593 | Vendor Advisory | |
secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:3595 | Vendor Advisory | |
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14657 | Issue Tracking, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3592 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3593 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:3595 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14657 | Issue Tracking, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | keycloak | 4.2.1 | |
redhat | keycloak | 4.3.0 | |
redhat | single_sign-on | 7.2 | |
redhat | linux | 7.0 | |
redhat | single_sign-on | 7.2 | |
redhat | linux | 6.0 | |
redhat | single_sign-on | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:keycloak:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "1CE2C1F8-8B2D-4334-ADFC-D2B67CBF0E94", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:keycloak:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "45BFBB51-AC74-453F-B24D-2BB1E04BD410", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:single_sign-on:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "FABBE0BB-135A-458C-BD84-54C052FFDC57", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:single_sign-on:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "FABBE0BB-135A-458C-BD84-54C052FFDC57", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*", "matchCriteriaId": "341E6313-20D5-44CB-9719-B20585DC5AD6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures." }, { "lang": "es", "value": "Se ha descubierto un error en Keycloak 4.2.1.Final y 4.3.0.Final. Cuando TOPT est\u00e1 habilitado, la implementaci\u00f3n incorrecta del algoritmo de detecci\u00f3n de fuerza bruta no aplica sus medidas de protecci\u00f3n." } ], "id": "CVE-2018-14657", "lastModified": "2024-11-21T03:49:31.560", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "secalert@redhat.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-11-13T19:29:00.337", "references": [ { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3592" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3593" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3595" }, { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14657" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3592" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3593" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:3595" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14657" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-307" } ], "source": "secalert@redhat.com", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-307" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-06-21 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 2.0 | |
debian | debian_linux | 2.1 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.3 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
redhat | linux | 5.0 | |
redhat | linux | 5.1 | |
redhat | linux | 5.2 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter." } ], "id": "CVE-2000-0606", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-06-21T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1371" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006192340340.19998-100000%40ferret.lmh.ox.ac.uk" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1371" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006192340340.19998-100000%40ferret.lmh.ox.ac.uk" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-10-04 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the \"MAIL FROM\" command." } ], "id": "CVE-1999-1542", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-10-04T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=93915641729415\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=93923853105687\u0026w=2" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3353" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=93915641729415\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=93923853105687\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3353" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-08-31 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands." } ], "id": "CVE-2001-1002", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-08-31T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=99892644616749\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-102.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/3241" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=99892644616749\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-102.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/3241" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16509" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-06-16 17:15
Modified
2024-11-21 05:46
Severity ?
Summary
IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 199238.
References
▶ | URL | Tags | |
---|---|---|---|
psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/199238 | VDB Entry, Vendor Advisory | |
psirt@us.ibm.com | https://www.ibm.com/support/pages/node/6464043 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/199238 | VDB Entry, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/pages/node/6464043 | Patch, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ibm | resilient_security_orchestration_automation_and_response | 38.0 | |
redhat | linux | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ibm:resilient_security_orchestration_automation_and_response:38.0:*:*:*:*:*:*:*", "matchCriteriaId": "00863999-85CE-4E74-B01B-29C64C97C0CD", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EBE07A-6FEF-4343-BA5D-58FD175F5CD1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 199238." }, { "lang": "es", "value": "IBM Resilient SOAR versi\u00f3n V38.0, usa algoritmos criptogr\u00e1ficos m\u00e1s d\u00e9biles de lo esperado que podr\u00edan permitir a un atacante descifrar informaci\u00f3n altamente confidencial. IBM X-Force ID: 199238" } ], "id": "CVE-2021-20566", "lastModified": "2024-11-21T05:46:47.240", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "psirt@us.ibm.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-06-16T17:15:07.780", "references": [ { "source": "psirt@us.ibm.com", "tags": [ "VDB Entry", "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199238" }, { "source": "psirt@us.ibm.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://www.ibm.com/support/pages/node/6464043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "VDB Entry", "Vendor Advisory" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199238" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://www.ibm.com/support/pages/node/6464043" } ], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-327" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1996-09-11 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
eric_allman | sendmail | 8.6 | |
eric_allman | sendmail | 8.7.1 | |
eric_allman | sendmail | 8.7.2 | |
eric_allman | sendmail | 8.7.3 | |
eric_allman | sendmail | 8.7.4 | |
eric_allman | sendmail | 8.7.5 | |
bsdi | bsd_os | 2.1 | |
digital | osf_1 | 1.3.2 | |
freebsd | freebsd | 2.1.5 | |
hp | hp-ux | 10.01 | |
hp | hp-ux | 10.10 | |
hp | hp-ux | 10.20 | |
ibm | aix | 3.2 | |
ibm | aix | 4.1 | |
ibm | aix | 4.2 | |
redhat | linux | 3.0.3 | |
sco | internet_faststart | 1.0 | |
sco | openserver | 5.0 | |
sco | openserver | 5.0.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:eric_allman:sendmail:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "9413566A-425B-4684-A332-A9DD3309FB51", "vulnerable": true }, { "criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "C2D488B8-49D0-4AFD-A5C1-63CB036E3886", "vulnerable": true }, { "criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "A3E2EE58-BCAD-4F26-94B6-F91CF1731429", "vulnerable": true }, { "criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "10AC2FAD-C4AD-46DD-88D1-4F99433B3476", "vulnerable": true }, { "criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "3B730F70-5662-4BE4-8202-93E12620CBD2", "vulnerable": true }, { "criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "FA6D5E9F-275F-41EB-9707-6B7F129A700F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684", "vulnerable": true }, { "criteria": "cpe:2.3:o:digital:osf_1:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "44C3AF89-3854-4F37-807E-74FC0640693B", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*", "matchCriteriaId": "53BBFE9A-6846-4625-91AC-47AA0BC0933A", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*", "matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*", "matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:3.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "445EECD3-2DB9-43D1-B26F-0979A3C02D45", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:internet_faststart:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "61FEF2E3-1939-42B3-B32F-A22C173A186A", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "2C19F7B3-9043-4E53-90DE-92A4387858A7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "0169CBF5-9301-42D2-A6DA-73393BD986D8", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users." } ], "id": "CVE-1999-0131", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1996-09-11T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/717" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/717" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-10-06 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters." } ], "id": "CVE-2000-0816", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-10-06T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-056.php3?dis=7.1" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-080.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1785" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://xforce.iss.net/alerts/advise64.php" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5320" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-056.php3?dis=7.1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-080.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1785" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://xforce.iss.net/alerts/advise64.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5320" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 2.0.34 | |
digital | unix | 4.0 | |
netbsd | netbsd | * | |
redhat | linux | 2.0.34 | |
slackware | slackware_linux | 2.0.34 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "89F6AB54-5D9F-4EE2-8AA4-7E61F09C7F17", "vulnerable": true }, { "criteria": "cpe:2.3:o:digital:unix:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E1E08495-C0C5-40A9-A8FF-834F5F6083B3", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF5ACB4A-7B75-4B29-813D-EDE7E566A754", "versionEndIncluding": "1.3.3", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:2.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "F3CA3C2F-739A-4E61-803A-877978D70468", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:2.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "B35CE11D-53A9-4C69-8AC4-2ECE48468125", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks." } ], "id": "CVE-2000-0315", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/7575" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/7575" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-09-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server." } ], "id": "CVE-2001-1013", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-09-12T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0083.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0087.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0094.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/213667" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/3335" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7129" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0083.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0087.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0094.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/archive/1/213667" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/3335" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7129" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands." } ], "id": "CVE-2000-0751", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-10-20T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html" }, { "source": "cve@mitre.org", "url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h" }, { "source": "cve@mitre.org", "url": "http://www.openbsd.org/errata.html#mopd" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-050.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1559" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openbsd.org/errata.html#mopd" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-050.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1559" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-06-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address." }, { "lang": "es", "value": "El c\u00f3digo mxcsr en el kernel de Linux 2.4 permite que atacantes modifiquen el estado de los registros de la CPU mediante una direcci\u00f3n mal construida." } ], "id": "CVE-2003-0248", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-06-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2003/dsa-311" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-312" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-332" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-336" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-442" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "source": "cve@mitre.org", "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A292" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2003/dsa-311" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-336" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-442" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A292" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-06-01 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices." } ], "id": "CVE-2000-0365", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-06-01T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=92877527701347\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=92886009012161\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/corp/support/errata/RHSA1999014_01.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/308" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=92877527701347\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=92886009012161\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/corp/support/errata/RHSA1999014_01.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/308" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-12-15 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*", "matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*", "matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*", "matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*", "matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*", "matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*", "matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*", "matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*", "matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*", "matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*", "matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*", "matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*", "matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*", "matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*", "matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*", "matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*", "matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*", "matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*", "matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*", "matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*", "matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*", "matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*", "matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*", "matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*", "matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*", "matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*", "matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*", "matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*", "matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*", "matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*", "matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*", "matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*", "matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*", "matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*", "matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*", "matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*", "matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*", "matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*", "matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*", "matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*", "matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*", "matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*", "matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*", "matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*", "matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*", "matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*", "matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*", "matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*", "matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*", "matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*", "matchCriteriaId": "E120257D-346B-4BA6-A431-E6F820FBB5FB", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*", "matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*", "matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*", "matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*", "matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*", "matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*", "matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*", "matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*", "matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*", "matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*", "matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*", "matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*", "matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*", "matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*", "matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*", "matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*", "matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*", "matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*", "matchCriteriaId": "4B130EB7-A951-4717-A906-E2F602F7B69F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*", "matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*", "matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function." } ], "id": "CVE-2004-1335", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-12-15T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/20163" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/20202" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/20338" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1067" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1069" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1070" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2006/dsa-1082" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11956" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory", "URL Repurposed" ], "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18524" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11085" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20163" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20202" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1067" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1069" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1070" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1082" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11956" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory", "URL Repurposed" ], "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18524" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11085" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-08-12 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:netbsd:netbsd:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "C422E343-ADF2-427D-865D-B5C35431EFD1", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1C288A88-11C6-429E-A109-0395D0989264", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "516C6D9A-7483-4E36-A2E0-42698161AD31", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call." }, { "lang": "es", "value": "Vulnerabilidad de cadena de formato en la funci\u00f3n startprinting() de printjob.c en el paquete lpr lpd basado en BSD puede permitir a usuarios locales ganar privilegios mediante una llamada impropia a syslog que usa cadenas de formato de la llamada checkremote()." } ], "id": "CVE-2000-1208", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-08-12T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://online.securityfocus.com/archive/1/137555" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/5286.php" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-066.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1711" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://online.securityfocus.com/archive/1/137555" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/5286.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-066.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1711" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-03-13 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:halloween:halloween_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "D096A84E-F4FB-40D4-AC59-1E57CBD7E9E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable." } ], "id": "CVE-2000-0230", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-03-13T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0168.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-016.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1060" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0168.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1060" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-06-09 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:lv:lv:4.49.1:*:*:*:*:*:*:*", "matchCriteriaId": "BA6A63E3-13BB-4FD7-B6FF-8494A694A637", "vulnerable": true }, { "criteria": "cpe:2.3:a:lv:lv:4.49.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFE97CE9-247C-4B85-A2F1-32F14D59190A", "vulnerable": true }, { "criteria": "cpe:2.3:a:lv:lv:4.49.3:*:*:*:*:*:*:*", "matchCriteriaId": "1126844F-3B9D-46E7-9712-7A0D6A67773C", "vulnerable": true }, { "criteria": "cpe:2.3:a:lv:lv:4.49.4:*:*:*:*:*:*:*", "matchCriteriaId": "07A2DB45-1AA8-42AC-A082-00BD345EE757", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:lv:4.49.4-1:*:i386:*:*:*:*:*", "matchCriteriaId": "AFB601B0-3BDB-48E2-BAD1-DC139EF0BDB9", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:lv:4.49.4-3:*:i386:*:*:*:*:*", "matchCriteriaId": "DEAC3323-384B-4733-886D-56CBE396F72A", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:lv:4.49.4-7:*:i386:*:*:*:*:*", "matchCriteriaId": "3E33DD9C-62C8-4616-B627-4903FE90F2FA", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:lv:4.49.4-9:*:i386:*:*:*:*:*", "matchCriteriaId": "0E67C635-26FF-4147-A5C5-E40C6166C9CF", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories." }, { "lang": "es", "value": "lv lee un fichero .lv desde el directorio de trabajo actual, lo que permitir\u00eda que usuarios locales ejecuten comandos arbitrarios como otros usuarios lv (colocando ficheros .lv dentro de otros directorios)." } ], "id": "CVE-2003-0188", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-06-09T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2003/dsa-304" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-167.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-169.html" }, { "source": "cve@mitre.org", "url": "http://www.turbolinux.com/security/TLSA-2003-35.txt" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A430" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2003/dsa-304" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-167.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-169.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.turbolinux.com/security/TLSA-2003-35.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A430" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B9CAFC15-178C-4176-9668-D4A04B63E77B", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C8D6949-89F4-40EF-98F4-8D15628DC345", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*", "matchCriteriaId": "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*", "matchCriteriaId": "6479D85C-1A12-486D-818C-6679F415CA26", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "287CF5FA-D0EC-4FD7-9718-973587EF34DF", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*", "matchCriteriaId": "C88168D4-7DB5-4720-8640-400BB680D0FD", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*", "matchCriteriaId": "968915A1-375B-4C69-BE11-9A393F7F1B0F", "vulnerable": true }, { "criteria": "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "11465DCA-72E5-40E9-9D8E-B3CD470C47E9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3954D0D1-9FDF-47D0-9710-D0FB06955B8B", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A4C5F60-B32D-4D85-BA28-AE11972ED614", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*", "matchCriteriaId": "6A5935C3-3D83-461F-BC26-E03362115C42", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "80AC523B-3106-46F2-B760-803DCF8061F4", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*", "matchCriteriaId": "F8B8D6F3-D15D-489F-A807-17E63F4831F2", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*", "matchCriteriaId": "808189BA-197F-49CE-933E-A728F395749C", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CC7EF0CD-EA39-457B-8E2E-9120B65A5835", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7BC2983F-5212-464B-AC21-8A897DEC1F58", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "EBF17989-D1F2-4B04-80BD-CFABDD482ABA", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", "matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", "matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", "matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", "matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*", "matchCriteriaId": "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*", "matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "580BA1FE-0826-47A7-8BD3-9225E0841EDD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "040B04CD-B891-4F19-A7CC-5C2D462FBD6C", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*", "matchCriteriaId": "5BF29685-7FFC-4093-A1D4-21E4871AF5C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*", "matchCriteriaId": "E72872C9-63AF-417F-BFAE-92B4D350C006", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*", "matchCriteriaId": "80BCF196-5E5A-4F31-BCE7-AA0C748CA922", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*", "matchCriteriaId": "970939C5-1E6F-47B6-97E6-7B2C1E019985", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", "matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*", "matchCriteriaId": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", "matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", "matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8B87C95-4B34-4628-AD03-67D1DE13E097", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F04471C-732F-44EE-AD1B-6305C1DD7DDD", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "E237919A-416B-4039-AAD2-7FAE1F4E100D", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "39149924-188C-40C1-B598-A9CD407C90DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E6501108-5455-48FE-AA82-37AFA5D7EC24", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", "matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*", "matchCriteriaId": "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*", "matchCriteriaId": "9D0EF4A3-2FE5-41E4-A764-30B379ECF081", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*", "matchCriteriaId": "CCF6D59E-8AEA-4380-B86B-0803B2202F16", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*", "matchCriteriaId": "140ABF28-FA39-4D77-AEB2-304962ED48C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*", "matchCriteriaId": "09473DD9-5114-44C5-B56C-6630FBEBCACB", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A7ECD3A4-5A39-4222-8350-524F11D8FFB0", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*", "matchCriteriaId": "D36C140D-E80C-479A-ADA7-18E901549059", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "940712E9-B041-4B7F-BD02-7DD0AE596D65", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "03B887A2-9025-4C5B-8901-71BC63BF5293", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "33264586-7160-4550-9FF9-4101D72F5C9B", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE5E6521-0611-4473-82AC-21655F10FEC0", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*", "matchCriteriaId": "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*", "matchCriteriaId": "8C83ABA2-87CD-429B-9800-590F8256B064", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*", "matchCriteriaId": "A4D9A576-2878-4AC4-AC95-E69CB8A84A71", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*", "matchCriteriaId": "0A1A0B02-CF33-401F-9AB2-D595E586C795", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*", "matchCriteriaId": "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "90FB3825-21A6-4DBE-8188-67672DBE01CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "80623E58-8B46-4559-89A4-C329AACF3CB7", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "AEE6C228-CD93-4636-868B-C19BC1674BE6", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "A645148C-AD0D-46C1-BEE3-10F5C9066279", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*", "matchCriteriaId": "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*", "matchCriteriaId": "02029D75-FAF2-4842-9246-079C7DE36417", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2:*:*:*:*:*:*:*", "matchCriteriaId": "E0146341-364C-4085-A2E1-BC8C260FBA3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*", "matchCriteriaId": "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8496E0D-2507-4C25-A122-0B846CBCA72A", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E383F2A-DFCF-47F8-94EE-3563D41EA597", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D2D87EF0-056E-4128-89EB-2803ED83DEE9", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB3163C1-2044-44DA-9C88-076D75FDF1EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*", "matchCriteriaId": "07E1B690-C58B-4C08-A757-F3DF451FDAAA", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "31F0E14C-7681-4D1A-B982-A51E450B93A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*", "matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*", "matchCriteriaId": "AC604680-2E9E-4DC4-ACDD-74D552A45BA4", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*", "matchCriteriaId": "37A94436-D092-4C7E-B87B-63BC621EE82E", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*", "matchCriteriaId": "862165CF-3CFB-4C6E-8238-86FA85F243C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*", "matchCriteriaId": "056F3336-BAA8-4A03-90B4-7B31710FC1B3", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "9FDC2510-FBB9-429A-B6D4-10AB11F93960", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*", "matchCriteriaId": "5D45127E-A544-40A0-9D34-BD70D95C9772", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*", "matchCriteriaId": "56C69C3E-C895-45C8-8182-7BB412A0C828", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4D9564B-B92E-4C97-87FF-B56D62DCA775", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.5.17:*:*:*:*:*:*:*", "matchCriteriaId": "FF2AD44D-3BE8-4541-B62D-9F01D46F8E6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.5.18:*:*:*:*:*:*:*", "matchCriteriaId": "8BF2E08B-9046-41A1-BEDE-EB0B6436315C", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "811E1BE8-3868-49F8-B6E8-D5705559B02E", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "D67C9DB4-E46C-4E84-82D9-AF48EFDAEFBA", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "CF0E1BF0-6629-40DC-AB23-0256BABD0CB9", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1AC4E7E5-FCC1-46B0-B69F-F1F6B36838ED", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "2C4AED89-F862-4071-8E94-481A59EDAE8E", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7A3CB6FF-3840-4E80-A0A4-614D6686D2B6", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "67010B0B-ECE7-4EE5-B103-05DC637E150F", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "1355EF99-35FC-44A7-BC56-F7C0EA49BF0C", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "6DDA8F10-B059-4403-A790-EFC8822588B2", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "A06BCD31-3FB6-468B-9BC9-EA573717B19F", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "360238CC-3BF5-4750-B16D-8A2E0257022E", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "0C55C754-E213-4E79-AA7B-2CAF8A464388", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "647BA524-5A79-408C-BBF2-5780BC522B64", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D599C49D-4D7D-4C44-9D8D-A3F76746BBA8", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "7B4DC717-0785-4C19-8A33-ACA5F378DF3C", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "858843D3-84BB-48B6-80D1-1271AE60150D", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*", "matchCriteriaId": "B931D4F8-23F5-4ABA-A457-959995D30C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*", "matchCriteriaId": "BE6A023E-9C2A-487F-B5CE-674C766BFE75", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*", "matchCriteriaId": "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A7B80E0-40BB-4B4E-9711-AF293A038DD4", "vulnerable": true }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "9EFCFFE8-9CAD-4A7F-9751-8627E6297C9F", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3653856-207E-46A7-92DD-D7F377F1829A", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7E4627BB-0D75-44BC-989F-0E85C9FA0E2B", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "19053434-F9E7-4839-AB5A-B226CC4616A5", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2:rc1:*:*:*:*:*:*", "matchCriteriaId": "D04CABBA-7BEB-44EC-A6E4-A31E41A62BD7", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2:rc2:*:*:*:*:*:*", "matchCriteriaId": "8D15C938-4DAB-4011-80EE-A2663E20BFC1", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C9C056ED-2492-4B1C-BCB9-4F36806C4A48", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "A72FC232-A2CB-443B-9A4A-8BBFEFE6517C", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:-:*:*:*:*:*:*", "matchCriteriaId": "BA347CD3-0619-4EA2-A736-B59EE9E3AC12", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc1:*:*:*:*:*:*", "matchCriteriaId": "4ACEF29C-3225-43A7-9E07-FBCCF555887E", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc2:*:*:*:*:*:*", "matchCriteriaId": "46D932AF-FB1A-464D-BA3D-2DC2D3C187CD", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc3:*:*:*:*:*:*", "matchCriteriaId": "9F532860-9E26-45C3-9FB3-6B0888F1279A", "vulnerable": false }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A037FAA6-6D26-4496-BC67-03475B4D1155", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3831DD3-E783-4200-8986-FDBF7DD9BA53", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "699764B6-0F86-4AB0-86A3-4F2E69AD820C", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*", "matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*", "matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*", "matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8FA6420B-9F6A-48F4-A445-12B60A320347", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*", "matchCriteriaId": "09F3FB7B-0F68-49F3-A3B7-977A687A42E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*", "matchCriteriaId": "088F2FF7-96E5-455E-A35B-D99F9854EC6E", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*", "matchCriteriaId": "FFA721BF-1B2E-479F-BF25-02D441BF175B", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*", "matchCriteriaId": "AFEDCE49-21CC-4168-818F-4C638EE3B077", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*", "matchCriteriaId": "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF1A5808-6D5D-48AD-9470-5A6510D17913", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8D09E11C-C5BB-409E-BB0D-7F351250419B", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B06A05D-AA31-441D-9FC2-3558648C3B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0886901-6F93-44C1-B774-84D7E5D9554C", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "3F203A80-7C1E-4A04-8E99-63525E176753", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CA0A204C-158B-4014-A53C-75E0CD63E0DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "085BA581-7DA5-4FA4-A888-351281FD0A7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", "matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*", "matchCriteriaId": "BBE573E8-DD94-4293-99AE-27B9067B3ED9", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*", "matchCriteriaId": "D14413DA-5199-4282-9E22-D347E9D8E469", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "05CC5F49-0E9E-45D8-827D-A5940566DB25", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*", "matchCriteriaId": "5D94EE19-6CE9-4E02-8174-D9954CDBF02B", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*", "matchCriteriaId": "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*", "matchCriteriaId": "8CE38F15-BD42-4171-8670-86AA8169A60C", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", "vulnerable": true }, { "criteria": "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF28C435-C036-4507-8E3F-44E722F9974A", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F2CDFE7-6853-4A31-85C0-50C57A8D606A", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*", "matchCriteriaId": "408A9DB0-81EF-4186-B338-44954E67289B", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*", "matchCriteriaId": "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*", "matchCriteriaId": "303362A5-9C3C-4C85-8C97-2AB12CE01BF6", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "FED22DC1-E06B-4511-B920-6DAB792262D8", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*", "matchCriteriaId": "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F757B2A7-869F-4702-81EB-466317A79D61", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*", "matchCriteriaId": "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F", "vulnerable": true }, { "criteria": "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "64AF1E33-4086-43E2-8F54-DA75A99D4B75", "vulnerable": true }, { "criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "53D16F03-A4C7-4497-AB74-499F208FF059", "vulnerable": true }, { "criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "13A33EC1-836B-4C8C-AC18-B5BD4F90E612", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*", "matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*", "matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*", "matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*", "matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read." }, { "lang": "es", "value": "El c\u00f3digo que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una denegaci\u00f3n de servicio." } ], "id": "CVE-2004-0112", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-11-23T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/11139" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/484726" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9899" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/11139" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/484726" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9899" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-26 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
trustix | secure_linux | 1.1 | |
trustix | secure_linux | 1.2 | |
turbolinux | turbolinux | * | |
turbolinux | turbolinux | 6.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:*:*:*:*:*:*:*:*", "matchCriteriaId": "A94B142D-DA33-41BF-9398-C7ABB94C30DF", "versionEndIncluding": "6.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "CCEBB085-ECEE-4E18-951B-FC15C0646047", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib." } ], "id": "CVE-2001-0169", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-26T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html" }, { "source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2001/dsa-039" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-002.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/archive/1/157650" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2223" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5971" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2001/dsa-039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/archive/1/157650" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2223" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5971" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-12-20 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
millenux_gmbh | anonftp | 2.8.1 | |
university_of_washington | wu-ftpd | 2.4.2 | |
university_of_washington | wu-ftpd | 2.5.0 | |
university_of_washington | wu-ftpd | 2.6.0 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:millenux_gmbh:anonftp:2.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "54BD613B-52C9-4F57-B1B3-C7E38F829F91", "vulnerable": true }, { "criteria": "cpe:2.3:a:university_of_washington:wu-ftpd:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "82A23988-1494-4BFD-908A-78FE2BC7C33B", "vulnerable": true }, { "criteria": "cpe:2.3:a:university_of_washington:wu-ftpd:2.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D2322D-BBA4-4C36-81EC-E37FE8C87689", "vulnerable": true }, { "criteria": "cpe:2.3:a:university_of_washington:wu-ftpd:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "688CB1B7-D36C-4DA2-A261-07B23FCE1230", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress." } ], "id": "CVE-1999-0997", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-12-20T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-377" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Red Hat does not consider CVE-1999-0997 to be a security vulnerability. The wu-ftpd process chroots itself into the target ftp directory and will only run external commands as the user logged into the ftp server. Because the process chroots itself, an attacker needs a valid login with write access to the ftp server, and even then they could only potentially execute commands as themselves.", "lastModified": "2006-09-27T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "FCFC97A3-14D7-4B17-AB49-1A395A11CF64", "versionEndIncluding": "4.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information." } ], "id": "CVE-1999-1335", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7251" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:iputils:iputils:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD894839-1AD2-4707-B171-2CE7076D6446", "versionEndIncluding": "2000-10-10", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping\u0027s exposure to bugs that otherwise would occur at lower privileges." } ], "id": "CVE-2000-1213", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-10-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-12-03 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program." } ], "id": "CVE-2000-0358", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-12-03T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.redhat.com/corp/support/errata/RHSA1999058-01.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/corp/support/errata/RHSA1999058-01.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-07-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
licq | licq | * | |
conectiva | linux | 4.0 | |
conectiva | linux | 4.0es | |
conectiva | linux | 4.1 | |
conectiva | linux | 4.2 | |
conectiva | linux | 5.0 | |
freebsd | freebsd | 3.5.1 | |
freebsd | freebsd | 4.2 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:licq:licq:*:*:*:*:*:*:*:*", "matchCriteriaId": "1C6FC4D2-53F1-448A-82E0-CA189099FF84", "versionEndIncluding": "1.0.2", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*", "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL." } ], "id": "CVE-2001-0439", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-07-02T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000389" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/5641" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2001-022.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2001-023.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6261" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/5641" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2001-022.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2001-023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6261" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-04-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ascii:ptex:3.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "4AE020D3-0F38-4F53-AFB7-B4E98EAC659F", "vulnerable": true }, { "criteria": "cpe:2.3:a:cstex:cstetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E16058D9-AC8B-4A7C-865F-93B476348363", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*", "matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*", "matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*", "matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*", "matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*", "matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gpdf:0.110:*:*:*:*:*:*:*", "matchCriteriaId": "1CB6AE42-D493-43E5-A97C-76C8450E5881", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*", "matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*", "matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*", "matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*", "matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*", "matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*", "matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*", "matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*", "matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*", "matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*", "matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*", "matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*", "matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "739A56F5-B19A-4B92-B9CB-04ECE4FFE204", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*", "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:advanced_linux_environment:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A05AC3EE-6292-4ECC-9680-048A12FCE723", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "111575DE-98A2-4C54-BDE1-CACC74D22B35", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "1976D15D-9EE6-4A49-B59F-34F0505FD5BC", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "962FC8D7-BE5D-4E7D-9ADC-511681C593BF", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*", "matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*", "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*", "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*", "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*", "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*", "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities." }, { "lang": "es", "value": "El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podr\u00eda dejar a los usuarios de Xpdf expuestos a las vulnerabilidades originales." } ], "id": "CVE-2005-0206", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-04-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11501" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11501" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-12-21 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter." } ], "id": "CVE-2000-0017", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-12-21T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://marc.info/?l=bugtraq\u0026m=94580196627059\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://marc.info/?l=bugtraq\u0026m=94580196627059\u0026w=2" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-08-25 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | linux | 4.2 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
suse | suse_linux | 6.0 | |
suse | suse_linux | 6.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable." } ], "id": "CVE-1999-0768", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-08-25T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/602" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/602" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-09-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:bsdi:bsd_os:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "950CE88E-E396-4D32-AC9D-B76EB2B537C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:bsdi:bsd_os:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A37687D5-1239-474B-994C-C638AB9B105B", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others." } ], "id": "CVE-1999-0704", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-09-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/614" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/614" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2016-10-07 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
linux | linux_kernel | - | |
redhat | enterprise_mrg | 2.0 | |
redhat | linux | 7.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C60FA8B1-1802-4522-A088-22171DCF7A93", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd." }, { "lang": "es", "value": "El kernel de Linux, tal como se utiliza en Red Hat Enterprise Linux 7.2 y Red Hat Enterprise MRG 2 y cuando se arranca con UEFI Secure Boot habilitado, permite a usuarios locales eludir las restricciones destinadas a Secure Boot y ejecutar c\u00f3digo no confiable a\u00f1adiendo tablas ACPI para el initrd." } ], "id": "CVE-2016-3699", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.4, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-10-07T14:59:03.897", "references": [ { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2016/09/22/4" }, { "source": "secalert@redhat.com", "tags": [ "Broken Link" ], "url": "http://www.securityfocus.com/bid/93114" }, { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory", "VDB Entry" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1329653" }, { "source": "secalert@redhat.com", "tags": [ "Exploit" ], "url": "https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2016/09/22/4" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.securityfocus.com/bid/93114" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory", "VDB Entry" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1329653" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-264" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-02-26 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | linux | 4.0 | |
redhat | linux | 4.1 | |
redhat | linux | 4.2 | |
redhat | linux | 5.0 | |
redhat | linux | 5.1 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
redhat | linux | 6.2 | |
turbolinux | turbolinux | 3.5b2 | |
turbolinux | turbolinux | 4.2 | |
turbolinux | turbolinux | 4.4 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:3.5b2:*:*:*:*:*:*:*", "matchCriteriaId": "667CF388-298D-4B64-9BA5-89D153FFA998", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "5D15A193-3E01-467C-AEAD-497F4600DB06", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "F7C765FF-0A3D-4BF4-B236-609658776ACA", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable." } ], "id": "CVE-2000-0170", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-02-26T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1011" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | mozilla | 1.7 | |
mozilla | mozilla | 1.7.1 | |
mozilla | mozilla | 1.7.2 | |
mozilla | thunderbird | 0.7 | |
mozilla | thunderbird | 0.7.1 | |
mozilla | thunderbird | 0.7.2 | |
mozilla | thunderbird | 0.7.3 | |
conectiva | linux | 9.0 | |
conectiva | linux | 10.0 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux_desktop | 3.0 | |
redhat | fedora_core | core_1.0 | |
redhat | linux | 7.3 | |
redhat | linux | 7.3 | |
redhat | linux | 7.3 | |
redhat | linux | 9.0 | |
redhat | linux_advanced_workstation | 2.1 | |
redhat | linux_advanced_workstation | 2.1 | |
suse | suse_linux | 1.0 | |
suse | suse_linux | 8 | |
suse | suse_linux | 8.1 | |
suse | suse_linux | 8.2 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "FCEAEDEB-0EE7-4221-B9B8-65438580D331", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "2FE7EA3B-3BF8-4696-9488-78506074D62D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "CCFD7AF7-0FE9-4F56-98B0-60FC7F7F1B78", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "EDA6C390-9BA7-4355-8C0A-CD68FF6AC236", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "0C75B125-E5BB-49A0-B12D-6CF40D8A5DB7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "70DDB53E-7A12-4A08-8999-DB68E6DF901E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "6514EDE8-7C78-4C72-A313-E0915D89E4EF", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*", "matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*", "matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the \"Send page\" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname." } ], "id": "CVE-2004-0902", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-01-27T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=226669" }, { "source": "cve@mitre.org", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=245066" }, { "source": "cve@mitre.org", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=256316" }, { "source": "cve@mitre.org", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=258005" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "source": "cve@mitre.org", "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17378" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17379" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11201" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=226669" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=245066" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=256316" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=258005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17378" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17379" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11201" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-06-01 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys." } ], "id": "CVE-2000-0364", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-06-01T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=92877527701347\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=92886009012161\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/corp/support/errata/RHSA1999014_01.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/309" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=92877527701347\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=92886009012161\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/corp/support/errata/RHSA1999014_01.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/309" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-04-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters." } ], "id": "CVE-2000-0322", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-04-24T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-014.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1149" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Enip.BSO.23.0004241601140.28851-100000%40www.whitehats.com" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-014.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1149" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Enip.BSO.23.0004241601140.28851-100000%40www.whitehats.com" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-07-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", "matchCriteriaId": "0BAF4C14-87E2-4AC2-9EF6-7A6E9D776D09", "versionEndIncluding": "4.3.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E66F7BF0-EF7C-4695-9D67-7C1A01C6F9B9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter." }, { "lang": "es", "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la capacidad de soporte transparente de SID en PHP anteriores a 4.3.2 (session.use_trans_sid) permite a atacantes remotos insertar script arbitrario mediante el par\u00e1metro PHPSESSID" } ], "id": "CVE-2003-0442", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-07-24T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000691" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=105449314612963\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=105760591228031\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://shh.thathost.com/secadv/2003-05-11-php.txt" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/n-112.shtml" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-351" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:082" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/4758" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-204.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/7761" }, { "source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1008653" }, { "source": "cve@mitre.org", "url": "http://www.turbolinux.co.jp/security/2003/TLSA-2003-47j.txt" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12259" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A485" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000691" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=105449314612963\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=105760591228031\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://shh.thathost.com/secadv/2003-05-11-php.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/n-112.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-351" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:082" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/4758" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-204.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/7761" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1008653" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.turbolinux.co.jp/security/2003/TLSA-2003-47j.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12259" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A485" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges." } ], "id": "CVE-2000-1189", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-01-09T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000358" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-082.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-120.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000358" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-082.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-120.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5747" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1997-02-20 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
isc | inn | 1.5.1 | |
netscape | news_server | 1.1 | |
sun | sparc | * | |
redhat | linux | 4.0 | |
redhat | linux | 4.1 | |
nec | goah_intrasv | r1.1 | |
nec | goah_networksv | r1.2 | |
nec | goah_networksv | r2.2 | |
nec | goah_networksv | r3.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:isc:inn:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5658CF74-5AF1-4161-BF4C-6A394F2AA164", "vulnerable": true }, { "criteria": "cpe:2.3:a:netscape:news_server:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "A0FB9EFB-F5C3-447B-A1B7-DB762F93D8F2", "vulnerable": true }, { "criteria": "cpe:2.3:h:sun:sparc:*:*:*:*:*:*:*:*", "matchCriteriaId": "727D196F-786C-4C50-BF72-BE9E14A243EA", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:h:nec:goah_intrasv:r1.1:*:*:*:*:*:*:*", "matchCriteriaId": "D6CA81EB-5910-454D-AB36-B3EF80CDC44F", "vulnerable": true }, { "criteria": "cpe:2.3:h:nec:goah_networksv:r1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D66E31D1-4E06-49FC-AF8C-2904F8776CDD", "vulnerable": true }, { "criteria": "cpe:2.3:h:nec:goah_networksv:r2.2:*:*:*:*:*:*:*", "matchCriteriaId": "289D9EB9-46B7-4176-B5EC-65768A18CAC3", "vulnerable": true }, { "criteria": "cpe:2.3:h:nec:goah_networksv:r3.1:*:*:*:*:*:*:*", "matchCriteriaId": "EF85EE71-0A56-4F40-A90C-976541C8F33F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN." } ], "id": "CVE-1999-0868", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1997-02-20T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://www.cs.ait.ac.th/joomla3/index.php/security-advisories?CERT/CA97/msg00027.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.cs.ait.ac.th/joomla3/index.php/security-advisories?CERT/CA97/msg00027.shtml" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-02-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4D1E6298-EDF5-438F-8DFD-16A514CB938A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode." }, { "lang": "es", "value": "uml_net en el paquete kernel-utils de Red Hat Linux 8.0 tiene privilegios setuid de root incorrectos, lo que permite a usuarios locales modificar interfaces de red, por ejemplo modificando las entradas ARP o poniendo los interfaces en modo prom\u00edscuo." } ], "id": "CVE-2003-0019", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-02-19T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/n-044.shtml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/11276.php" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/134025" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-056.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/6801" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/n-044.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/11276.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/134025" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-056.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/6801" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-06-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E66F7BF0-EF7C-4695-9D67-7C1A01C6F9B9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en KON kon2 0.3.9b y anteriores permite que usuarios locales ejecuten c\u00f3digo arbitrario mediante un argumento largo -Coding de la l\u00ednea de comandos." } ], "id": "CVE-2002-1155", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-06-16T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=105474080512376\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=105577912106710\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:064" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-047.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-050.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=105474080512376\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=105577912106710\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:064" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-047.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-050.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-02-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:caldera:openlinux_server:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A218B67-B87B-4A5E-B9EF-EF39ADEAD9FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:caldera:openlinux_workstation:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "BB41DE44-C3A1-4CC9-ACA7-4EC171D68910", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*", "matchCriteriaId": "E040A866-0D2C-40E1-B1FB-DB600B389E27", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*", "matchCriteriaId": "D71083B4-1736-4501-8DE8-BC24AC1447AA", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:ia-32:*:*:*:*:*", "matchCriteriaId": "E9D468DB-C4AE-4ACB-B3B7-2FAEA90D6A49", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:powerpc:*:*:*:*:*", "matchCriteriaId": "2A32E486-2598-41B3-B6DB-3CC46D239AFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "613A22EC-D93C-48B0-B97C-3E0DDFBD0B62", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*", "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "6EAAC51F-9DC5-4026-8147-1B74975D6183", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "6A1EF00A-52E9-4FD8-98FD-3998225D8655", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*", "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2A9C005-4392-4C95-9B92-98EEC73EFE73", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "F0297F56-5F41-48FD-AB47-36E3BD2AB7E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "78D76664-F4AC-470A-9686-3F708922A340", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*", "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*", "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "65CB09B5-0DE1-49AE-B87E-3C04EEA3E281", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*", "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*", "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap corruption vulnerability in the \"at\" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice." }, { "lang": "es", "value": "Corrupci\u00f3n de memoria en el comando \"at\" permite que usuarios locales ejecuten c\u00f3digo arbitrario haciendo uso de un tiempo de ejecuci\u00f3n mal escrito (lo que provoca que at libere la misma memoria dos veces)." } ], "id": "CVE-2002-0004", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-02-27T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://online.securityfocus.com/advisories/3833" }, { "source": "cve@mitre.org", "url": "http://online.securityfocus.com/advisories/3969" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2002/dsa-102" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-015.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/3886" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://online.securityfocus.com/advisories/3833" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://online.securityfocus.com/advisories/3969" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.debian.org/security/2002/dsa-102" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-015.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/3886" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0118", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-005.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2195" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5925" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-005.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2195" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5925" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-03-15 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:samba:rsync:*:*:*:*:*:*:*:*", "matchCriteriaId": "2388AF97-7C59-4CF8-9B4F-EA3EE07EC68B", "versionEndExcluding": "2.5.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed." }, { "lang": "es", "value": "rsync no llama adecuadamente a \u0027setgroups\u0027 antes de establecer los permisos, lo cual podr\u00eda proveer de ciertos privilegios de grupo a usuarios locales, los cuales podr\u00edan leer ciertos ficheros que de otro modo les estar\u00edan vetados." } ], "id": "CVE-2002-0080", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-03-15T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.caldera.com/support/security/advisories/CSSA-2002-014.1.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.iss.net/security_center/static/8463.php" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-024.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-026.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/4285" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.caldera.com/support/security/advisories/CSSA-2002-014.1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.iss.net/security_center/static/8463.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-024.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-026.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/4285" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-269" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-12-15 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C24A129D-2E5E-436C-95DE-AE75D2E8D092", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test1:*:*:*:*:*:*", "matchCriteriaId": "2E244C37-E366-482E-9173-9376D0839839", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test10:*:*:*:*:*:*", "matchCriteriaId": "11F96BB9-6509-4F1E-9590-E55EE8C6F992", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test11:*:*:*:*:*:*", "matchCriteriaId": "AFAEE304-B9D4-4F1E-A2E0-9E5A4932096D", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test12:*:*:*:*:*:*", "matchCriteriaId": "12375EA9-EBFF-40B6-BCBC-E34BC3A6CDA3", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test2:*:*:*:*:*:*", "matchCriteriaId": "718D4631-440E-4783-8966-B2A2D3EF89B3", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test3:*:*:*:*:*:*", "matchCriteriaId": "6111EDDB-065F-4AD1-925C-E0A3C1DE26AE", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test4:*:*:*:*:*:*", "matchCriteriaId": "A8A2F7E7-0C51-43F2-BCEA-01FF738971D6", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test5:*:*:*:*:*:*", "matchCriteriaId": "40F5FFBB-05C8-4D65-9FCF-11E67BEE86AD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test6:*:*:*:*:*:*", "matchCriteriaId": "7015F57A-1E3B-42D2-9D12-F695078EFB21", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test7:*:*:*:*:*:*", "matchCriteriaId": "467721EE-5130-46C5-BBB7-0F4878F3F171", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test8:*:*:*:*:*:*", "matchCriteriaId": "171257E7-12C5-4283-88F7-FFE643995563", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.0:test9:*:*:*:*:*:*", "matchCriteriaId": "0887E02F-9F36-41F0-9F75-060B8414D7BF", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "55B85D5B-4EA1-4FCF-8D50-9C54E8FDA92F", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "01408EC0-9C2D-4A44-8080-D7FC7E1A1FA1", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "5F49A384-7222-41F3-9BE1-4E18C00E50A6", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "05520FE3-C48D-42E8-BC24-C2396BD46CBA", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "D865FBB6-E07D-492F-A75E-168B06C8ADEE", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "598F24C2-0366-4799-865C-5EE4572B734B", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "D0399660-6385-45AB-9785-E504D8788146", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "DCBC50EA-130C-41B7-83EA-C523B3C3AAD7", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "B91F6CBE-400F-4D0B-B893-34577B47A342", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "1548ECFD-FCB5-4AE0-9788-42F61F25489F", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6ABB9787-5497-4BDC-8952-F99CF60A89BD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "615F6BA2-CD51-4159-B28A-A018CA9FC25C", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "093848CB-68A1-4258-8357-373A477FE4E2", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "E275F440-A427-465F-B314-BF0730C781DB", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "98651D39-60CF-409F-8276-DBBB56B972AA", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "067B8E09-C923-4DDA-92DB-4A2892CB526A", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.17:*:*:*:*:*:*:*", "matchCriteriaId": "9EBE3738-E530-4EC6-9FC6-1A063605BE05", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:*:*:*:*:*:*", "matchCriteriaId": "474384F1-FB2D-4C00-A4CD-0C2C5AE42DB4", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:*:x86:*:*:*:*:*", "matchCriteriaId": "D77F8919-4064-4EA5-A948-76178EA21F83", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre1:*:*:*:*:*:*", "matchCriteriaId": "5E7C423D-23DE-4C7B-A518-66F87E041925", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre2:*:*:*:*:*:*", "matchCriteriaId": "8EA1382E-71B0-4E65-A310-716A244F4FB1", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre3:*:*:*:*:*:*", "matchCriteriaId": "AC955BD8-3ABB-4FDB-B37E-B1F0C47A5E0D", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre4:*:*:*:*:*:*", "matchCriteriaId": "2EBCA878-CCD0-4645-ACF6-12FB9C4B4A4D", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre5:*:*:*:*:*:*", "matchCriteriaId": "B4BEF62D-2BEF-4CF8-9559-8A6D9631B0EC", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre6:*:*:*:*:*:*", "matchCriteriaId": "824BBD31-8F3B-4F05-981B-ABF662BBF5F2", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre7:*:*:*:*:*:*", "matchCriteriaId": "10F4CCC2-8AE5-4CFF-8DC4-126F02126E1F", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.18:pre8:*:*:*:*:*:*", "matchCriteriaId": "388A5C99-1F60-4C20-9AE5-6E73E5A3F819", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:*:*:*:*:*:*:*", "matchCriteriaId": "F677E992-8D37-438F-97DF-9D98B28F020C", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre1:*:*:*:*:*:*", "matchCriteriaId": "5888F8D7-15C2-4435-BB3C-8674DFAF0089", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre2:*:*:*:*:*:*", "matchCriteriaId": "29439AD0-EB8D-4675-A77A-6548FF27ADA3", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre3:*:*:*:*:*:*", "matchCriteriaId": "F27AADF6-1605-47FC-8C4D-87827A578A90", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre4:*:*:*:*:*:*", "matchCriteriaId": "B42F4080-A76F-4D17-85E2-CD2D2E4D0450", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre5:*:*:*:*:*:*", "matchCriteriaId": "6968EF1D-7CC5-430D-866D-206F66486F63", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.19:pre6:*:*:*:*:*:*", "matchCriteriaId": "50E6F5C5-BF74-4C10-830A-F232D528D290", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.20:*:*:*:*:*:*:*", "matchCriteriaId": "476687F9-722B-490C-BD0B-B5F2CD7891DC", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*", "matchCriteriaId": "A399D94B-D08D-4454-A07A-6634C9AE612F", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*", "matchCriteriaId": "8EEBFBB4-CC06-40D2-8DE9-22E82DBEFADA", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*", "matchCriteriaId": "DCD8E4AE-FEF7-4CE2-B338-4F766921593F", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*", "matchCriteriaId": "13A8B50A-73F6-4FCF-A81F-FB624FBA7143", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*", "matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*", "matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*", "matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*", "matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*", "matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*", "matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*", "matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*", "matchCriteriaId": "D813900D-DCF3-4F5D-9D90-13EDE2CBB3DA", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*", "matchCriteriaId": "6E4C7831-0296-4DFA-A4E9-F7B6B30FFB72", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*", "matchCriteriaId": "C5FE15BF-91C7-452A-BE1B-7EC9632421C2", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*", "matchCriteriaId": "15C1923C-D9C4-400D-9F0F-20B519EEC9C0", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*", "matchCriteriaId": "E51913F9-FC7D-450A-9A82-5084AA74A5B2", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*", "matchCriteriaId": "B62E02D5-9EEE-439B-A510-BEEE28A9F358", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*", "matchCriteriaId": "02278C07-E649-427D-9E5C-F1738A01BCBD", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*", "matchCriteriaId": "E120257D-346B-4BA6-A431-E6F820FBB5FB", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "142BCD48-8387-4D0C-A052-44DD4144CBFF", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*", "matchCriteriaId": "7BCA84E2-AC4A-430D-8A30-E660D2A232A0", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*", "matchCriteriaId": "2255842B-34CD-4062-886C-37161A065703", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*", "matchCriteriaId": "F0ED322D-004C-472E-A37F-89B78C55FE5B", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*", "matchCriteriaId": "412F7334-C46B-4F61-B38A-2CA56B498151", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*", "matchCriteriaId": "5967AF83-798D-4B1E-882A-5737FFC859C9", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*", "matchCriteriaId": "A90D2123-D55B-4104-8D82-5B6365AA3B77", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*", "matchCriteriaId": "DCCDFD49-D402-420E-92F5-20445A0FE139", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*", "matchCriteriaId": "2A073700-E8A9-4F76-9265-2BE0D5AC9909", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*", "matchCriteriaId": "8877D178-1655-46E9-8F5A-2DD576601F38", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*", "matchCriteriaId": "0D55059C-B867-4E0F-B29C-9CD2C86915A5", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*", "matchCriteriaId": "8358E965-3689-4B05-8470-C4A1463FA0E9", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "79787868-2D77-4B55-AD61-C2B357CCE047", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "2B3F27D3-8F1D-4576-A584-1E2059CC67B1", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "FB5D260C-AE1C-47E9-A88C-B9C2B4349249", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*", "matchCriteriaId": "A0934C49-5F88-4189-BD88-2F32C39C2F25", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "AA9958C6-AB7D-4B67-9AA7-42B628CBC391", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*", "matchCriteriaId": "14B0A230-4054-4483-A3A7-9A5A286C7552", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "C16E3D04-EC66-41FD-9CFA-FE0C21952CAB", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*", "matchCriteriaId": "F90242EF-048B-4539-AA41-87AA84875A9E", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*", "matchCriteriaId": "3C4E9325-2A70-4E15-9AAF-5588BF218055", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*", "matchCriteriaId": "01402A85-B681-4DE0-B7BB-F52567DA29E2", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*", "matchCriteriaId": "1FC53528-A67F-42DF-B8DA-778A65893F9D", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*", "matchCriteriaId": "4B130EB7-A951-4717-A906-E2F602F7B69F", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*", "matchCriteriaId": "608FDE1E-B02A-45A2-8877-0E52A5BD0963", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*", "matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": false } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow." } ], "id": "CVE-2004-1334", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-12-15T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11956" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory", "URL Repurposed" ], "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18522" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11956" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory", "URL Repurposed" ], "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18522" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1994-12-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-06/0073.html | Patch, Vendor Advisory | |
cve@mitre.org | http://www.securityfocus.com/bid/1372 | Exploit, Patch, Vendor Advisory | |
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5050 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-06/0073.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1372 | Exploit, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5050 |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 2.1 | |
debian | debian_linux | 2.2 | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request." } ], "id": "CVE-2000-0508", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1994-12-19T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0073.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1372" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5050" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0073.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1372" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5050" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1998-04-08 04:00
Modified
2025-04-09 19:15
Severity ?
Summary
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
data_general | dg_ux | y2k_patchr4.11mu05 | |
data_general | dg_ux | y2k_patchr4.12mu03 | |
data_general | dg_ux | y2k_patchr4.20mu01 | |
data_general | dg_ux | y2k_patchr4.20mu02 | |
data_general | dg_ux | y2k_patchr4.20mu03 | |
isc | bind | 4.9 | |
isc | bind | 8 | |
ibm | aix | 4.1 | |
ibm | aix | 4.2 | |
ibm | aix | 4.3 | |
nec | asl_ux_4800 | 11 | |
nec | asl_ux_4800 | 13 | |
netbsd | netbsd | 1.3 | |
netbsd | netbsd | 1.3.1 | |
redhat | linux | 4.2 | |
redhat | linux | 5.0 | |
sco | open_desktop | 3.0 | |
sco | openserver | 5.0 | |
sco | unix | 3.2v4 | |
sco | unixware | 2.1 | |
sco | unixware | 7.0 | |
sun | sunos | 5.3 | |
sun | sunos | 5.4 | |
sun | sunos | 5.5 | |
sun | sunos | 5.5.1 | |
sun | sunos | 5.6 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.11mu05:*:*:*:*:*:*:*", "matchCriteriaId": "D85C6D97-CF88-4F47-8580-1E1271C3BEB8", "vulnerable": true }, { "criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.12mu03:*:*:*:*:*:*:*", "matchCriteriaId": "803355A3-10BA-45DA-AFF7-867A06AEE420", "vulnerable": true }, { "criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.20mu01:*:*:*:*:*:*:*", "matchCriteriaId": "59665BA5-0818-44E7-9102-62060C88431A", "vulnerable": true }, { "criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.20mu02:*:*:*:*:*:*:*", "matchCriteriaId": "930A6977-EF72-4693-96E0-603FE096EB4A", "vulnerable": true }, { "criteria": "cpe:2.3:a:data_general:dg_ux:y2k_patchr4.20mu03:*:*:*:*:*:*:*", "matchCriteriaId": "BDE41F0D-8CCB-4A79-B05E-E08E37B1E15C", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:bind:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "49A7C6F2-F769-447A-8C8B-9002BD6FBF6D", "vulnerable": true }, { "criteria": "cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*", "matchCriteriaId": "7904F3D9-A6B0-4ED6-8BAD-2D26C118C0F2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:nec:asl_ux_4800:11:*:*:*:*:*:*:*", "matchCriteriaId": "707579B5-701A-4A36-8567-AB2E11759322", "vulnerable": true }, { "criteria": "cpe:2.3:o:nec:asl_ux_4800:13:*:*:*:*:*:*:*", "matchCriteriaId": "E7C620CF-5046-4A6A-A479-AC315D1E36BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "7CBA1B13-B378-4F13-BD13-EC58F15F5C81", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B8C8CAB1-2D8C-4875-A795-41178D48410F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:open_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "0AD2701A-E930-4F4D-85F7-02F80135E34E", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "2C19F7B3-9043-4E53-90DE-92A4387858A7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:unix:3.2v4:*:*:*:*:*:*:*", "matchCriteriaId": "51756048-EB32-4A72-9ED4-937AF2B9DE37", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:unixware:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "168248AC-E4F6-4C8F-9A21-0E6ABE029DFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:unixware:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "17439B5B-0B66-490B-9B53-2C9D576C879F", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "C1A13A9E-E24A-4AEE-AD42-2BCA5990E4B9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer." } ], "id": "CVE-1999-0011", "lastModified": "2025-04-09T19:15:42.567", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "1998-04-08T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180" }, { "source": "cve@mitre.org", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-1067" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
1999-10-13 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts." } ], "id": "CVE-2000-0356", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-10-13T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/697" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/templates/advisory.html?id=1789" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/697" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/templates/advisory.html?id=1789" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-03-08 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:squid:squid:*:*:*:*:*:*:*:*", "matchCriteriaId": "169C4A52-3191-423A-97C9-0E86A8D8160E", "versionEndIncluding": "2.4_stable_2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*", "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "6A1EF00A-52E9-4FD8-98FD-3998225D8655", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*", "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when \"htcp_port 0\" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions." }, { "lang": "es", "value": "Squid 2.4 STABLE2 y versiones anteriores no deshabilita adecuadamente HTCP, incluso cuando \"\"htcp_port 0\"\" es especificado en el fichero squid.conf, el cual podr\u00eda permitir a atacantes remotos saltarse las restricciones de acceso." } ], "id": "CVE-2002-0067", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-03-08T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/8261.php" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/5379" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/4150" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/8261.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/5379" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/4150" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2025-06-18 16:15
Modified
2025-08-13 14:08
Severity ?
Summary
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15
is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands.
References
▶ | URL | Tags | |
---|---|---|---|
psirt@us.ibm.com | https://www.ibm.com/support/pages/node/7237146 | Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
ibm | webmethods_integration | 10.5 | |
ibm | webmethods_integration | 10.7 | |
ibm | webmethods_integration | 10.11 | |
ibm | webmethods_integration | 10.15 | |
apple | macos | - | |
linux | linux_kernel | - | |
microsoft | windows | - | |
novell | suse_linux | - | |
redhat | linux | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ibm:webmethods_integration:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "BF7F23BC-1BBD-440F-A122-59CDE90A30A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:webmethods_integration:10.7:*:*:*:*:*:*:*", "matchCriteriaId": "E52CFF5B-D741-422C-ABF8-EC71E69F3A0E", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:webmethods_integration:10.11:*:*:*:*:*:*:*", "matchCriteriaId": "2008B366-18FC-4991-976F-4CE78FE52B55", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:webmethods_integration:10.15:*:*:*:*:*:*:*", "matchCriteriaId": "A74F598F-90A3-4F57-99B8-5BA7AD731699", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false }, { "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false }, { "criteria": "cpe:2.3:o:novell:suse_linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "B627E2A9-DE93-43FB-BFB7-5B6F421554D5", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EBE07A-6FEF-4343-BA5D-58FD175F5CD1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 \n\nis vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands." }, { "lang": "es", "value": "IBM webMethods Integration Server 10.5, 10.7, 10.11 y 10.15 es vulnerable a un ataque de inyecci\u00f3n de entidad externa (XXE) XML al procesar datos XML. Un atacante remoto autenticado podr\u00eda aprovechar esta vulnerabilidad para ejecutar comandos arbitrarios." } ], "id": "CVE-2025-36049", "lastModified": "2025-08-13T14:08:53.837", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "psirt@us.ibm.com", "type": "Primary" } ] }, "published": "2025-06-18T16:15:27.233", "references": [ { "source": "psirt@us.ibm.com", "tags": [ "Vendor Advisory" ], "url": "https://www.ibm.com/support/pages/node/7237146" } ], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-611" } ], "source": "psirt@us.ibm.com", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-01-04 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals." } ], "id": "CVE-1999-0894", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-01-04T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0894" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0894" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1998-05-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable." } ], "id": "CVE-1999-1490", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1998-05-28T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=90221101926021\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=90221101926034\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/8787.php" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/362" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=90221101926021\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=90221101926034\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/8787.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/362" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1997-10-06 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | linux | 4.1 | |
slackware | slackware_linux | 3.3 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "06F2131E-F9F2-4E65-B95C-B52DB25C69F5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort." } ], "id": "CVE-1999-1095", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1997-10-06T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=87619953510834\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=88886870129518\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=88890116304676\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=87619953510834\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=88886870129518\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=88890116304676\u0026w=2" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "040166C7-CB3A-485E-9337-CB679B779BF8", "versionEndIncluding": "5.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file." } ], "id": "CVE-1999-1332", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=88603844115233\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2003/dsa-308" }, { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/7241.php" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/3812" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#gzip" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/7845" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=88603844115233\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2003/dsa-308" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/7241.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/3812" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#gzip" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/7845" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-08-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E66F7BF0-EF7C-4695-9D67-7C1A01C6F9B9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd." }, { "lang": "es", "value": "El c\u00f3digo RPC en el kernel 2.4 de Linux establece la bandera de reusar cuando se crean sockets, lo que podr\u00eda permitir a usuarios locales atar puertos UDP usados por servicios privilegiados como nfsd." } ], "id": "CVE-2003-0464", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-08-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A311" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A311" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-03-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 2.1 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
linux | linux_kernel | 2.2.10 | |
linux | linux_kernel | 2.2.12 | |
linux | linux_kernel | 2.2.14 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:pre_potato:*:*:*:*:*", "matchCriteriaId": "2B19ABCB-70F0-450E-9A71-2EE8F2BFB2EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D3E03-0ABE-4325-AD67-BA8EA16B6DBE", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "0EEF4480-D50B-464C-AE39-A12455DBC99F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.2.14:*:*:*:*:*:*:*", "matchCriteriaId": "15928E10-7D41-45B2-87D6-8AA10190A8EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection." } ], "id": "CVE-2000-0289", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-03-27T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0284.html" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_48.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1078" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0284.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_48.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1078" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-10-07 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "143809B4-A40E-426D-9800-C268AECBCA88", "versionEndIncluding": "6.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file." } ], "id": "CVE-1999-1346", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-10-07T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=93942774609925\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=93942774609925\u0026w=2" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-08-13 17:29
Modified
2024-11-21 03:42
Severity ?
5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.2 (Medium) - CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.2 (Medium) - CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. A remote attacker may provide an existing but invalid XML file which would be opened and never closed, possibly producing a Denial of Service.
References
▶ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://access.redhat.com/errata/RHSA-2018:2373 | Vendor Advisory | |
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10864 | Issue Tracking, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2373 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10864 | Issue Tracking, Vendor Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | certification | - | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:certification:-:*:*:*:*:*:*:*", "matchCriteriaId": "1854E0A8-A08D-451E-9BDB-6548A9DD451D", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. A remote attacker may provide an existing but invalid XML file which would be opened and never closed, possibly producing a Denial of Service." }, { "lang": "es", "value": "Se ha descubierto un fallo de consumo no controlado de recursos en redhat-certification en la forma en la que se cargan los documentos. Un atacante remoto puede proporcionar un archivo XML existente pero no v\u00e1lido que se abrir\u00eda y nunca se cerrar\u00eda, produciendo posiblemente una denegaci\u00f3n de servicio." } ], "id": "CVE-2018-10864", "lastModified": "2024-11-21T03:42:10.330", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "secalert@redhat.com", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-08-13T17:29:00.717", "references": [ { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:2373" }, { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10864" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2018:2373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10864" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-400" } ], "source": "secalert@redhat.com", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-400" } ], "source": "nvd@nist.gov", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 6.2 | |
conectiva | linux | 4.0 | |
conectiva | linux | 4.0es | |
conectiva | linux | 4.1 | |
conectiva | linux | 4.2 | |
conectiva | linux | 5.0 | |
conectiva | linux | 5.1 | |
caldera | openlinux | * | |
caldera | openlinux_edesktop | 2.4 | |
caldera | openlinux_eserver | 2.3 | |
hp | hp-ux | 11.11 | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2e | |
suse | suse_linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*", "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*", "matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux_edesktop:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B211BCBF-CB17-4D32-B6FE-A34D86C4FBF9", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2e:*:*:*:*:*:*:*", "matchCriteriaId": "24EEDE00-6F40-4A9A-BF74-6BE6CEAE39E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing \u003c\u003c redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack." } ], "id": "CVE-2000-1134", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-01-09T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html" }, { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt" }, { "source": "cve@mitre.org", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2000/20001111a" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/10277" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-117.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-121.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/146657" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1926" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2006" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2000/20001111a" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/10277" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-117.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-121.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/146657" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1926" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-11-23 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "23B38FCC-2C86-4E84-860B-EBAE0FA123B6", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "A63714ED-A697-4AC3-AF13-3B028F9A87EF", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets." } ], "id": "CVE-2000-0531", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-11-23T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-045.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1377" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-08-25 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:paul_vixie:vixie_cron:3.0_pl1:*:*:*:*:*:*:*", "matchCriteriaId": "D8F45BCD-EBC1-4707-8C53-A25F373026A5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "86288A2E-B1BD-4DA9-BCCC-35AC44EEDD52", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file." } ], "id": "CVE-1999-0872", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-08-25T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/611" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/759" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/611" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/759" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1996-12-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
paul_vixie | vixie_cron | 3.0 | |
bsdi | bsd_os | 2.1 | |
freebsd | freebsd | 2.1.0 | |
netbsd | netbsd | 2.0.4 | |
redhat | linux | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:paul_vixie:vixie_cron:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "41EA671E-F3F2-464A-8FAB-6C9D8DB9E002", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:netbsd:netbsd:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "36419DD6-0DB4-4BB6-A35F-D8FDB89402F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable." } ], "id": "CVE-1999-0297", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1996-12-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-05-03 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in." } ], "id": "CVE-2000-0378", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-05-03T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0023.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1176" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0023.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1176" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-03-15 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0 | |
mandrakesoft | mandrake_single_network_firewall | 7.2 | |
openbsd | openssh | * | |
openpkg | openpkg | 1.0 | |
conectiva | linux | 5.0 | |
conectiva | linux | 5.1 | |
conectiva | linux | 6.0 | |
conectiva | linux | 7.0 | |
conectiva | linux | ecommerce | |
conectiva | linux | graficas | |
engardelinux | secure_linux | 1.0.1 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux | 8.0 | |
mandrakesoft | mandrake_linux | 8.1 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 7.0 | |
redhat | linux | 7.1 | |
redhat | linux | 7.2 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 6.4 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.0 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.1 | |
suse | suse_linux | 7.2 | |
suse | suse_linux | 7.3 | |
suse | suse_linux | 7.3 | |
suse | suse_linux | 7.3 | |
trustix | secure_linux | 1.1 | |
trustix | secure_linux | 1.2 | |
trustix | secure_linux | 1.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63", "vulnerable": true }, { "criteria": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", "matchCriteriaId": "57BE3D9D-42CA-45A4-A2BB-A7154F177A45", "versionEndExcluding": "3.1", "versionStartIncluding": "2.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2AD28A07-6B9F-443B-88E5-7CE777012037", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCE4BBA3-7332-45EE-8C29-BE5A473B559D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "97177EF7-8FC4-4D4D-A8D9-3628AA0035FB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:ecommerce:*:*:*:*:*:*:*", "matchCriteriaId": "FB63DADC-A9AE-4FBA-BCCA-9714646DBD04", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:graficas:*:*:*:*:*:*:*", "matchCriteriaId": "99E6E71D-100E-45FA-B90A-C2F7C37E458C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:engardelinux:secure_linux:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "79A6E38E-9BC6-4CD7-ABC6-754C9DB07DB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*", "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*", "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*", "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*", "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*", "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "13EBB2F7-712E-4CB1-B4B4-5F0851F3D37E", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges." }, { "lang": "es", "value": "Error \u0027off-by-one\u0027 en el c\u00f3digo de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios." } ], "id": "CVE-2002-0083", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2002-03-15T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Patch" ], "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://online.securityfocus.com/advisories/3960" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://online.securityfocus.com/archive/1/264657" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://www.debian.org/security/2002/dsa-119" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.iss.net/security_center/static/8383.php" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Patch", "Vendor Advisory" ], "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.osvdb.org/730" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/4241" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Patch" ], "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://online.securityfocus.com/advisories/3960" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://online.securityfocus.com/archive/1/264657" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Vendor Advisory" ], "url": "http://www.debian.org/security/2002/dsa-119" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.iss.net/security_center/static/8383.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Patch", "Vendor Advisory" ], "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.osvdb.org/730" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/4241" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-193" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-12-06 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions." } ], "id": "CVE-2001-0859", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-12-06T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://online.securityfocus.com/advisories/3725" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-148.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3527" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7549" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://online.securityfocus.com/advisories/3725" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-148.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3527" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7549" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-09-14 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "93C142C5-3A85-432B-80D6-2E7B1B4694F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*", "matchCriteriaId": "2434FCE7-A50B-4527-9970-C7224B31141C", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*", "matchCriteriaId": "5633FB6E-D623-49D4-9858-4E20E64DE458", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "429ECA02-DBCD-45FB-942C-CA4BC1BC8A72", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "B5F0DC80-5473-465C-9D7F-9589F1B78E12", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "567FF916-7DE0-403C-8528-7931A43E0D18", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "CCDAEAE6-BA9F-4D40-B264-4A72930239E1", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "C9296197-0EE0-4CC0-A11F-E44E3443E990", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "A76ACC55-754D-4501-8312-5A4E10D053B8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A8987151-0901-4547-B750-5DC470BB9CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "53E60BCC-6D1C-489E-9F3B-9BE42B46704F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "66A87ED8-9E1F-4C2C-B806-A41765081C9C", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "C795D86F-9B08-41FE-B82B-5BBB3DE6357D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.1:beta:*:*:*:*:*:*", "matchCriteriaId": "2637D552-4A3D-4867-B52A-ACCED8681AF4", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "7CC237C8-CFE0-4128-B549-93CD16894E71", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.2:alpha:*:*:*:*:*:*", "matchCriteriaId": "6B8EA79A-8426-44CF-AF13-58F7EF8B6D88", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.2:beta:*:*:*:*:*:*", "matchCriteriaId": "367A5D46-0FF3-4140-9478-251363822E9C", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "CAA58EE9-05C7-4395-A8A4-5F54BE4C5DAD", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "C656A621-BE62-4BB8-9B25-A3916E60FA12", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8DE4889-424F-4A44-8C14-9F18821CE961", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "4D3F91A1-7DD9-4146-8BA4-BE594C66DD30", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "82A6419D-0E94-4D80-8B07-E5AB4DBA2F28", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4:beta:*:*:*:*:*:*", "matchCriteriaId": "1003D688-3EEA-45F9-BB2C-5BAB395D7678", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "ED69BEB9-8D83-415B-826D-9D17FB67976B", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "9AE678D7-812D-4C55-91B0-F3AC6BE0CD58", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "BCDB64E5-AE26-43DF-8A66-654D5D22A635", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "6BF63077-4E98-497D-8CE6-B84B022DB21D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "FCEAEDEB-0EE7-4221-B9B8-65438580D331", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*", "matchCriteriaId": "150F1B28-0FAB-4880-B1D5-7F244A1C4D31", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "2FE7EA3B-3BF8-4696-9488-78506074D62D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "CCFD7AF7-0FE9-4F56-98B0-60FC7F7F1B78", "vulnerable": true }, { "criteria": "cpe:2.3:a:netscape:navigator:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "30A0231A-B664-46C2-9602-B60EAD6AEC12", "vulnerable": true }, { "criteria": "cpe:2.3:a:netscape:navigator:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C632D06D-0172-46DA-A7F9-0BC484365BD7", "vulnerable": true }, { "criteria": "cpe:2.3:a:netscape:navigator:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "4C1BC491-9C5A-46D5-B6C3-5A8E5A1A0AF3", "vulnerable": true }, { "criteria": "cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "842CBD30-B4BA-4FCF-9152-9DBEBE59857C", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*", "matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*", "matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain." } ], "id": "CVE-2004-0905", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2004-09-14T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=250862" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/651928" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11177" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17374" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10378" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=250862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/651928" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11177" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17374" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10378" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0116", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-006.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2188" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5917" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-006.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2188" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5917" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 7.0_beta | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack." } ], "id": "CVE-2001-0119", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-004.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2194" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5924" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-004.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2194" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5924" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:tmpwatch:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C8A78557-96FB-458B-A6B8-CF61BBFEBBDB", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:tmpwatch:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D976654E-FA94-4146-9FB1-7764E39C2AC0", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/." } ], "id": "CVE-2000-0829", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-11-14T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-080.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/81364" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1664" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5217" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-080.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/81364" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1664" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5217" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*", "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*", "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*", "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*", "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*", "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*", "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*", "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*", "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*", "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*", "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*", "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*", "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*", "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*", "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*", "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*", "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*", "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*", "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*", "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*", "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*", "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*", "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*", "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*", "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*", "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*", "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*", "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*", "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*", "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*", "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\"" } ], "id": "CVE-2005-3625", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18373" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18414" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18425" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18463" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/236-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/236-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-04-21 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
openldap | openldap | 1.2.7 | |
openldap | openldap | 1.2.8 | |
openldap | openldap | 1.2.9 | |
openldap | openldap | 1.2.10 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
turbolinux | turbolinux | 4.2 | |
turbolinux | turbolinux | 4.4 | |
turbolinux | turbolinux | 6.0.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:openldap:openldap:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "AC07AD0D-5DF9-41A4-8592-CEFF1842355D", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "30017C56-42A9-4AF9-B5B3-7357E424F837", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "C8A51F38-3F5A-4F6D-93EE-776B5C2FF48F", "vulnerable": true }, { "criteria": "cpe:2.3:a:openldap:openldap:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "8DBEC27E-3220-42CE-B6CC-675F387CB506", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:i386:*:*:*:*:*", "matchCriteriaId": "B72D6205-DFA4-41D9-B3B6-0B7DA756CD8F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "5D15A193-3E01-467C-AEAD-497F4600DB06", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "F7C765FF-0A3D-4BF4-B236-609658776ACA", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack." } ], "id": "CVE-2000-0336", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-04-21T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-009.0.txt" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-012.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1232" }, { "source": "cve@mitre.org", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-May/000009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-009.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-012.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1232" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-May/000009.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-04-15 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://marc.info/?l=bugtraq&m=107694800908164&w=2 | Exploit, Mailing List | |
cve@mitre.org | http://www.securityfocus.com/bid/9662 | Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/15215 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=107694800908164&w=2 | Exploit, Mailing List | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/9662 | Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/15215 | Third Party Advisory, VDB Entry |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
symantec | antivirus_scan_engine | 4.0 | |
symantec | antivirus_scan_engine | 4.3 | |
redhat | linux | - |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "4D2AD14C-2BD2-4658-BDB0-232A9E26EA2F", "vulnerable": true }, { "criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "F11687CE-E997-4D26-ACAE-B9175348ADDE", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EBE07A-6FEF-4343-BA5D-58FD175F5CD1", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log." }, { "lang": "es", "value": "La capacidad LiveUpdate de Symantec Antivirus Scan Engine 4.0 y 4.3 para Red Hat Linux permite a usuarios locales crear o a\u00f1adir ficheros arbitrarios mediante un ataque de enlaces simb\u00f3licos sobre /tmp/LiveUpdate.log." } ], "id": "CVE-2004-0217", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.7, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2004-04-15T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=107694800908164\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9662" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15215" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=107694800908164\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Patch", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9662" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15215" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-59" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 4.0 | |
redhat | linux | 4.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf." } ], "id": "CVE-1999-1330", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://lists.openresources.com/Debian/debian-bugs-closed/msg00581.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=87602661419259\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/7244.php" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#db" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.openresources.com/Debian/debian-bugs-closed/msg00581.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=87602661419259\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/7244.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#db" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-06-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | * | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
mandrakesoft | mandrake_linux_corporate_server | 1.0.1 | |
redhat | linux | 6.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "2424DDDB-8C74-42F8-B131-791AD8CEFF63", "versionEndIncluding": "2.2", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header." } ], "id": "CVE-2001-0441", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-06-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000383" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=98471253131191\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2001/dsa-040" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-028.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/2493" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6213" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000383" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=98471253131191\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2001/dsa-040" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-028.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/2493" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6213" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-06-21 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp." } ], "id": "CVE-2000-0604", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-06-21T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1383" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006211209500.22969-100000%40nimue.tpi.pl" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/1383" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006211209500.22969-100000%40nimue.tpi.pl" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2000-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:iputils:iputils:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD894839-1AD2-4707-B171-2CE7076D6446", "versionEndIncluding": "2000-10-10", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges." } ], "id": "CVE-2000-1214", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2000-10-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97208562830613\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/5431.php" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1813" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97208562830613\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/5431.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1813" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-26 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:icecast:icecast:*:*:*:*:*:*:*:*", "matchCriteriaId": "E42B2D17-6E9B-4E2E-8329-C5A30C171414", "versionEndIncluding": "1.3.8_beta2", "vulnerable": true }, { "criteria": "cpe:2.3:a:icecast:icecast:1.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "9C35E7B3-C898-4127-9188-65E691148EEF", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands." } ], "id": "CVE-2001-0197", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-26T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0348.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000374" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-004.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2264" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5978" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0348.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000374" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2264" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5978" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1997-10-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | linux | 4.0 | |
redhat | linux | 4.1 | |
redhat | linux | 4.2 | |
redhat | linux | 5.0 | |
redhat | linux | 5.1 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
slackware | slackware_linux | 3.2 | |
slackware | slackware_linux | 3.3 | |
slackware | slackware_linux | 3.4 | |
slackware | slackware_linux | 3.5 | |
slackware | slackware_linux | 3.6 | |
slackware | slackware_linux | 3.9 | |
slackware | slackware_linux | 4.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*", "matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "852B55FE-8180-4357-B717-399C16954C6F", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "06F2131E-F9F2-4E65-B95C-B52DB25C69F5", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "125918E7-53BB-407A-8D95-5D95CDF39A88", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.6:*:*:*:*:*:*:*", "matchCriteriaId": "CE0BBA4F-C61A-4A8E-A7E2-CE0DF76DF592", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:3.9:*:*:*:*:*:*:*", "matchCriteriaId": "15CB96AA-7CC1-4F01-8E9A-F85CD851594A", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "CC3B1DD9-10B5-40FE-AE56-D068C41653DE", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable." } ], "id": "CVE-1999-0192", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1997-10-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "040166C7-CB3A-485E-9337-CB679B779BF8", "versionEndIncluding": "5.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded." } ], "id": "CVE-1999-1333", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=89042322924057\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/7240.php" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/6111" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=89042322924057\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/7240.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/6111" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1996-02-02 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://marc.info/?l=bugtraq&m=87602167418994&w=2 | ||
cve@mitre.org | http://www.securityfocus.com/bid/354 | Exploit, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=87602167418994&w=2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/354 | Exploit, Patch, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "674066BB-2576-4AAE-B97F-A4470815F1AC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program." } ], "id": "CVE-1999-1491", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1996-02-02T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=87602167418994\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/354" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=87602167418994\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/354" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-11-04 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 2.2 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
debian | debian_linux | 3.0 | |
hp | secure_os | 1.0 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 6.2 | |
redhat | linux | 7.0 | |
redhat | linux | 7.0 | |
redhat | linux | 7.0 | |
redhat | linux | 7.1 | |
redhat | linux | 7.1 | |
redhat | linux | 7.1 | |
redhat | linux | 7.2 | |
redhat | linux | 7.2 | |
redhat | linux | 7.3 | |
redhat | linux | 7.3 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*", "matchCriteriaId": "E040A866-0D2C-40E1-B1FB-DB600B389E27", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*", "matchCriteriaId": "D71083B4-1736-4501-8DE8-BC24AC1447AA", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:ia-32:*:*:*:*:*", "matchCriteriaId": "E9D468DB-C4AE-4ACB-B3B7-2FAEA90D6A49", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:powerpc:*:*:*:*:*", "matchCriteriaId": "2A32E486-2598-41B3-B6DB-3CC46D239AFC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*", "matchCriteriaId": "B345284D-6842-47C0-B823-B5DDC30CC8A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*", "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*", "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*", "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*", "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist." }, { "lang": "es", "value": "Fuga de memoria en ypdb_open en yp_db.c en ypserv anteriores a 2.5 en el paquete NIS 3.9 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumici\u00f3n de memoria) mediante un n\u00famero grande de peticiones de un mapa inexistente." } ], "id": "CVE-2002-1232", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-11-04T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://online.securityfocus.com/advisories/4605" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2002/dsa-180" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/10423.php" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-223.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2002-224.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-229.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/6016" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://online.securityfocus.com/advisories/4605" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2002/dsa-180" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.iss.net/security_center/static/10423.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-223.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2002-224.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-229.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/6016" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1998-01-25 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in SGI IRIX mailx program.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:sgi:irix:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "E292DA15-91BF-4957-9C0F-A69518538BED", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "26144F94-63FD-4907-B548-09B68C2FC9B3", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*", "matchCriteriaId": "1F881110-7B54-49DA-B23A-710273430C44", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*", "matchCriteriaId": "200D8CB2-0D52-40A8-9CD9-6E4513605201", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "54AF87E4-52A4-44CA-B48E-A5BB139E6410", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*", "matchCriteriaId": "F66BAF35-A8B9-4E95-B270-444206FDD35B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*", "matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in SGI IRIX mailx program." } ], "id": "CVE-1999-0125", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1998-01-25T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/19980605-01-PX" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/19980605-01-PX" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-11-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 2.1 | |
redhat | linux | 5.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname." } ], "id": "CVE-1999-0832", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-11-09T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-033.0.txt" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/1999/19991111" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_29.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#NFS" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/782" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.20.9911091058140.12964-100000%40mail.zigzag.pl" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-033.0.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/1999/19991111" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_29.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#NFS" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/782" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.20.9911091058140.12964-100000%40mail.zigzag.pl" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2017-12-11 17:29
Modified
2025-04-20 01:37
Severity ?
Summary
The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1101347 | Issue Tracking, Patch, Third Party Advisory | |
cve@mitre.org | https://puppet.com/security/cve/CVE-2014-3250 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1101347 | Issue Tracking, Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://puppet.com/security/cve/CVE-2014-3250 | Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:puppet:puppet:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E3A2C03-6897-4AC2-A444-ED604B899681", "versionEndExcluding": "3.6.2", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:apache:http_server:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "BDC40E89-2D57-4988-913E-024BFB56B367", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EBE07A-6FEF-4343-BA5D-58FD175F5CD1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4." }, { "lang": "es", "value": "El archivo de configuraci\u00f3n vhost por defecto en Puppet en versiones anteriores a la 3.6.2 no incluye la directiva SSLCARevocationCheck. Esto podr\u00eda permitir que atacantes remotos obtengan informaci\u00f3n sensible mediante un certificado revocado cuando un Puppet master se ejecuta con Apache 2.4." } ], "id": "CVE-2014-3250", "lastModified": "2025-04-20T01:37:25.860", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-12-11T17:29:00.193", "references": [ { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101347" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://puppet.com/security/cve/CVE-2014-3250" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101347" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://puppet.com/security/cve/CVE-2014-3250" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-295" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-09-25 01:17
Modified
2025-04-09 00:30
Severity ?
Summary
Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions." }, { "lang": "es", "value": "Red Hat Enterprise Linux 4 no compila apropiadamente y enlaza gdm con tcp_wrappers en plataformas x86_64, lo cual podr\u00eda permitir a atacantes remotos evitar restricciones de acceso intencionadas." } ], "id": "CVE-2007-5079", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-09-25T01:17:00.000", "references": [ { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2010-0657.html" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=181302" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36791" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2010-0657.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=181302" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36791" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=181302\n\nAn update has been released which resolves this issue:\nhttp://rhn.redhat.com/errata/RHSA-2010-0657.html", "lastModified": "2010-08-26T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-06-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflows in Red Hat net-tools package.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflows in Red Hat net-tools package." } ], "id": "CVE-1999-0748", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-06-24T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA1999017_01.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA1999017_01.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-06-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
immunix | immunix | 6.2 | |
immunix | immunix | 7.0 | |
immunix | immunix | 7.0_beta | |
mutt | mutt | * | |
conectiva | linux | * | |
mandrakesoft | mandrake_linux | 6.0 | |
mandrakesoft | mandrake_linux | 6.1 | |
mandrakesoft | mandrake_linux | 7.0 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 5.2 | |
redhat | linux | 6.0 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "660CA978-FDA1-4D48-8162-9CB9243A1B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true }, { "criteria": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "matchCriteriaId": "922D20A2-43EB-45FE-B01C-CBFBE66FA435", "versionEndIncluding": "1.2.5", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "C74C8F2C-92F4-4A9F-BF5A-8B5DF1A50DC7", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands." } ], "id": "CVE-2001-0473", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-06-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0246.html" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000385" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=98473109630421\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-031.php3" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/5615" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-029.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6235" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0246.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=98473109630421\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-031.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/5615" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-029.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6235" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface." } ], "id": "CVE-1999-1331", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/7245.php" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#netcfg" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/7245.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#netcfg" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-08-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "9E297EF4-139A-4FF4-AF1B-F3559B992775", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target." }, { "lang": "es", "value": "Linux 2.4.x pemite a atacantes remotos suplantar entradas en la tabla de reenvio de puente (bridge forwarding) mediante paquetes falsificados cuya direcci\u00f3n de origen es la misma que la del objetivo." } ], "id": "CVE-2003-0552", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-08-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-358" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-358" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A385" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
hp | hp-ux | 11.00 | |
hp | hp-ux | 11.11i | |
ibm | aix | 4.3.3 | |
microsoft | windows_2000 | * | |
microsoft | windows_nt | * | |
redhat | linux | 6.2 | |
redhat | linux | 7.1 | |
sun | solaris | 2.6 | |
sun | sunos | 5.7 | |
sun | sunos | 5.8 | |
bea | weblogic_server | 7.0 | |
bea | weblogic_server | 7.0 | |
bea | weblogic_server | 7.0.0.1 | |
bea | weblogic_server | 7.0.0.1 | |
hp | hp-ux | 11.00 | |
hp | hp-ux | 11.11i | |
ibm | aix | 4.3.3 | |
microsoft | windows_2000 | * | |
microsoft | windows_nt | * | |
redhat | linux | 6.2 | |
redhat | linux | 7.1 | |
sun | solaris | 2.6 | |
sun | sunos | 5.7 | |
sun | sunos | 5.8 | |
bea | weblogic_server | 7.0 | |
bea | weblogic_server | 7.0 | |
bea | weblogic_server | 7.0.0.1 | |
bea | weblogic_server | 7.0.0.1 | |
microsoft | windows_2000 | * | |
microsoft | windows_nt | * | |
bea | weblogic_server | 7.0 | |
bea | weblogic_server | 7.0 | |
bea | weblogic_server | 7.0.0.1 | |
bea | weblogic_server | 7.0.0.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647", "vulnerable": false }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.11i:v1:*:*:*:*:*:*", "matchCriteriaId": "8E98B8A6-A071-4BEA-BB39-C64A42816D8A", "vulnerable": false }, { "criteria": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "465B06C4-136D-4CD8-BA38-B6B50511624C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*", "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44", "vulnerable": false }, { "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B", "vulnerable": false }, { "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759", "vulnerable": false }, { "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:bea:weblogic_server:7.0:*:express:*:*:*:*:*", "matchCriteriaId": "FBDF3AC0-0680-4EEE-898C-47D194667BE2", "vulnerable": true }, { "criteria": "cpe:2.3:a:bea:weblogic_server:7.0:sp1:express:*:*:*:*:*", "matchCriteriaId": "BBDB9094-78E8-4CBF-9F5F-321D5174F1EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:*:express:*:*:*:*:*", "matchCriteriaId": "25C711BB-E7E0-41D8-985E-5DD386C54637", "vulnerable": true }, { "criteria": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp1:express:*:*:*:*:*", "matchCriteriaId": "071FAD20-D502-4634-852A-4CD06FE8E114", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647", "vulnerable": false }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.11i:*:*:*:*:*:*:*", "matchCriteriaId": "C10245E1-C95C-4219-92C9-888E5966ABF7", "vulnerable": false }, { "criteria": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "465B06C4-136D-4CD8-BA38-B6B50511624C", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*", "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*", "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44", "vulnerable": false }, { "criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B", "vulnerable": false }, { "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759", "vulnerable": false }, { "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "F9C5AFCF-79D8-4005-B800-B0C6BD461276", "vulnerable": true }, { "criteria": "cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "6828CE4B-91E8-4688-977F-DC7BC21131C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "74AE35FF-AC1C-435B-8CE9-F40AFFFA3A46", "vulnerable": true }, { "criteria": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "32E8797D-1B62-4480-A79D-0345E65699E8", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*", "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD", "vulnerable": false }, { "criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "F9C5AFCF-79D8-4005-B800-B0C6BD461276", "vulnerable": true }, { "criteria": "cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "6828CE4B-91E8-4688-977F-DC7BC21131C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "74AE35FF-AC1C-435B-8CE9-F40AFFFA3A46", "vulnerable": true }, { "criteria": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "32E8797D-1B62-4480-A79D-0345E65699E8", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access." } ], "id": "CVE-2003-1437", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-25.jsp" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/6719" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-25.jsp" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/6719" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11220" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
mozilla | mozilla | 1.7 | |
mozilla | mozilla | 1.7.1 | |
mozilla | mozilla | 1.7.2 | |
mozilla | thunderbird | 0.7 | |
mozilla | thunderbird | 0.7.1 | |
mozilla | thunderbird | 0.7.2 | |
mozilla | thunderbird | 0.7.3 | |
conectiva | linux | 9.0 | |
conectiva | linux | 10.0 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux_desktop | 3.0 | |
redhat | fedora_core | core_1.0 | |
redhat | linux | 7.3 | |
redhat | linux | 7.3 | |
redhat | linux | 7.3 | |
redhat | linux | 9.0 | |
redhat | linux_advanced_workstation | 2.1 | |
redhat | linux_advanced_workstation | 2.1 | |
suse | suse_linux | 1.0 | |
suse | suse_linux | 8 | |
suse | suse_linux | 8.1 | |
suse | suse_linux | 8.2 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "FCEAEDEB-0EE7-4221-B9B8-65438580D331", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "2FE7EA3B-3BF8-4696-9488-78506074D62D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "CCFD7AF7-0FE9-4F56-98B0-60FC7F7F1B78", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "EDA6C390-9BA7-4355-8C0A-CD68FF6AC236", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "0C75B125-E5BB-49A0-B12D-6CF40D8A5DB7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "70DDB53E-7A12-4A08-8999-DB68E6DF901E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "6514EDE8-7C78-4C72-A313-E0915D89E4EF", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*", "matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*", "matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "D2E2EF3C-1379-4CBE-8FF5-DACD47834651", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message." } ], "id": "CVE-2004-0903", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-01-27T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=257314" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/414240" }, { "source": "cve@mitre.org", "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11174" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17380" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10873" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=257314" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/414240" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11174" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10873" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-08-27 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "9E297EF4-139A-4FF4-AF1B-F3559B992775", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology." }, { "lang": "es", "value": "El protocolo STP, activado en Linux 2.4.x, no provee de suficiente seguridad por dise\u00f1o, lo que permite a atacantes modificar la topolog\u00eda de puente." } ], "id": "CVE-2003-0550", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-08-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-358" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-358" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A380" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-26 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:immunix:immunix:7.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1A2889C6-8DE0-4432-812A-F2A5C4A08897", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*", "matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCE4BBA3-7332-45EE-8C29-BE5A473B559D", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:ecommerce:*:*:*:*:*:*:*", "matchCriteriaId": "FB63DADC-A9AE-4FBA-BCCA-9714646DBD04", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:graficas:*:*:*:*:*:*:*", "matchCriteriaId": "99E6E71D-100E-45FA-B90A-C2F7C37E458C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files." } ], "id": "CVE-2001-0170", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-26T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-001.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2181" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5907" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/2181" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5907" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2002-01-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
stunnel | stunnel | 3.3 | |
stunnel | stunnel | 3.4a | |
stunnel | stunnel | 3.7 | |
stunnel | stunnel | 3.8 | |
stunnel | stunnel | 3.9 | |
stunnel | stunnel | 3.10 | |
stunnel | stunnel | 3.11 | |
stunnel | stunnel | 3.12 | |
stunnel | stunnel | 3.13 | |
stunnel | stunnel | 3.14 | |
stunnel | stunnel | 3.15 | |
stunnel | stunnel | 3.16 | |
stunnel | stunnel | 3.17 | |
stunnel | stunnel | 3.18 | |
stunnel | stunnel | 3.19 | |
stunnel | stunnel | 3.20 | |
stunnel | stunnel | 3.21 | |
stunnel | stunnel | 3.21a | |
stunnel | stunnel | 3.21b | |
stunnel | stunnel | 3.21c | |
stunnel | stunnel | 3.22 | |
stunnel | stunnel | 3.24 | |
engardelinux | secure_linux | 1.0.1 | |
mandrakesoft | mandrake_linux | 8.1 | |
redhat | linux | 7.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:stunnel:stunnel:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "2E4A0103-713D-4E56-B32F-EB1649F26EE7", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.4a:*:*:*:*:*:*:*", "matchCriteriaId": "7D009335-E83C-4B35-ADB0-CBD6B82C0EA3", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.7:*:*:*:*:*:*:*", "matchCriteriaId": "185B6AF8-18E7-4E6A-A7B9-60DFB17F33E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.8:*:*:*:*:*:*:*", "matchCriteriaId": "400FE849-D547-44DE-B06F-5B68E5B20E07", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.9:*:*:*:*:*:*:*", "matchCriteriaId": "C236DC35-A2F7-47FB-AD51-17D2A0FD7DA2", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.10:*:*:*:*:*:*:*", "matchCriteriaId": "B256301B-9C6A-4BA6-8318-675C0EF4C316", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.11:*:*:*:*:*:*:*", "matchCriteriaId": "EC33DAEE-8F51-404F-B5C4-B8A30B467E94", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.12:*:*:*:*:*:*:*", "matchCriteriaId": "1FCDC66D-3BF5-4763-8877-38B0D3326E62", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.13:*:*:*:*:*:*:*", "matchCriteriaId": "75772E28-BD93-4981-96FA-CDF41DAF65AF", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.14:*:*:*:*:*:*:*", "matchCriteriaId": "2415230E-4F66-4DDE-9E34-F685E8F4085A", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.15:*:*:*:*:*:*:*", "matchCriteriaId": "5121749D-3E19-4A9B-8C2D-84420A4E289B", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.16:*:*:*:*:*:*:*", "matchCriteriaId": "6E14DE44-69E6-4D0E-AD06-A829AFCDE528", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.17:*:*:*:*:*:*:*", "matchCriteriaId": "3D5B202D-D93D-4E33-BC9F-DA44B727C0B6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.18:*:*:*:*:*:*:*", "matchCriteriaId": "CCC62D42-832D-4E6E-93D9-E7BA0CBC7799", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.19:*:*:*:*:*:*:*", "matchCriteriaId": "B5D49F98-9A24-464A-8695-58218C14B3DC", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.20:*:*:*:*:*:*:*", "matchCriteriaId": "ADFFE78D-90EC-46C6-B215-2EADD9E0D146", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.21:*:*:*:*:*:*:*", "matchCriteriaId": "6132108C-C344-4ABC-AF40-1925830A6723", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.21a:*:*:*:*:*:*:*", "matchCriteriaId": "8362D330-E286-4534-8560-B4B38E21767F", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.21b:*:*:*:*:*:*:*", "matchCriteriaId": "D0496D60-BE45-45FF-B360-60E59443DB96", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.21c:*:*:*:*:*:*:*", "matchCriteriaId": "DA2EA0D4-05B6-4500-9374-74BBDAB6001F", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.22:*:*:*:*:*:*:*", "matchCriteriaId": "F16BDA03-BFAB-4839-A83A-370865928225", "vulnerable": true }, { "criteria": "cpe:2.3:a:stunnel:stunnel:3.24:*:*:*:*:*:*:*", "matchCriteriaId": "EB5A2E06-A98E-409C-9A90-460AF4CCF101", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:engardelinux:secure_linux:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "79A6E38E-9BC6-4CD7-ABC6-754C9DB07DB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code." }, { "lang": "es", "value": "Vulnerabilidad en el formateado de cadenas en stunnel anterior a la 3.22 cuando se usa en modo cliente para smtp, pop o nntp permite que servidores remotos maliciosos ejecuten c\u00f3digo arbitrario." } ], "id": "CVE-2002-0002", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2002-01-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://online.securityfocus.com/archive/1/247427" }, { "source": "cve@mitre.org", "url": "http://online.securityfocus.com/archive/1/248149" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://stunnel.mirt.net/news.html" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-002.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3748" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7741" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://online.securityfocus.com/archive/1/247427" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://online.securityfocus.com/archive/1/248149" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://stunnel.mirt.net/news.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3748" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7741" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-12-21 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "182B6CF4-3E9D-4188-AFBF-749E2CB53300", "versionEndIncluding": "7.2", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace \"{\" character." }, { "lang": "es", "value": "Desbordamiento de buffer en la funci\u00f3n glob de glibc para Red Hat Linux 6.2 a 7.2, y otros sistemas operativos, permite a atacantes causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrarios mediante un patr\u00f3n de glob que acaba en una llave \"{\"" } ], "id": "CVE-2001-0886", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-12-21T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000447" }, { "source": "cve@mitre.org", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-037-01" }, { "source": "cve@mitre.org", "url": "http://sources.redhat.com/ml/bug-glibc/2001-11/msg00109.html" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/m-029.shtml" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2002/dsa-103" }, { "source": "cve@mitre.org", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-095.php3" }, { "source": "cve@mitre.org", "url": "http://www.linuxsecurity.com/advisories/other_advisory-1752.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-160.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/245956" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/3707" }, { "source": "cve@mitre.org", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0112-008" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7705" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000447" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-037-01" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sources.redhat.com/ml/bug-glibc/2001-11/msg00109.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/m-029.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2002/dsa-103" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-095.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linuxsecurity.com/advisories/other_advisory-1752.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/245956" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/3707" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0112-008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7705" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2003-04-11 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended." } ], "id": "CVE-2003-0135", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-04-11T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-084.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/7253" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A634" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-084.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/7253" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A634" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1998-11-19 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:samba:samba:1.9.18:*:*:*:*:*:*:*", "matchCriteriaId": "EF3C20A1-F21D-41FF-8B87-B50E1AE8219E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8A9DB15-1F04-4864-A8AD-FCCB35A63B2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "A5C77FA7-C977-4223-B6AC-91B82C45129C", "vulnerable": true }, { "criteria": "cpe:2.3:o:caldera:openlinux:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "EED21F27-4ADA-42AC-B28E-F849F47D4043", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A03039A-881A-44C6-B69E-0BDC7914216F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program." } ], "id": "CVE-1999-1288", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1998-11-19T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.caldera.com/support/security/advisories/SA-1998.35.txt" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/11397" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1406" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.caldera.com/support/security/advisories/SA-1998.35.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/11397" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1406" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-12-21 21:29
Modified
2024-11-21 04:01
Severity ?
Summary
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*", "matchCriteriaId": "00D1E0B0-910B-4661-9E93-64746C0441A4", "versionEndExcluding": "3.25.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "CEC84646-AE0E-403B-903F-35E2D073FDC9", "versionEndExcluding": "71.0.3578.80", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan." }, { "lang": "es", "value": "SQLite anterior a la versi\u00f3n 3.25.3, cuando la extensi\u00f3n FTS3 est\u00e1 habilitada, encuentra un desbordamiento de enteros (y el desbordamiento del b\u00fafer resultante) para las consultas FTS3 que ocurren despu\u00e9s de los cambios especialmente dise\u00f1ados en las tablas de sombra FTS3, lo que permite a los atacantes remotos ejecutar c\u00f3digo arbitrario aprovechando la capacidad de ejecutar arbitrariamente Sentencias SQL (como en ciertos casos de uso de WebSQL), tambi\u00e9n conocido como Magellan." } ], "id": "CVE-2018-20346", "lastModified": "2024-11-21T04:01:17.200", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-12-21T21:29:00.243", "references": [ { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/106323" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/articles/3758321" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://blade.tencent.com/magellan/index_en.html" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659379" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659677" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e" }, { "source": "cve@mitre.org", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "https://crbug.com/900910" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html" }, { "source": "cve@mitre.org", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html" }, { "source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html" }, { "source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://news.ycombinator.com/item?id=18685296" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201904-21" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://sqlite.org/src/info/940f2adc8541a838" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://sqlite.org/src/info/d44318f59044162e" }, { "source": "cve@mitre.org", "url": "https://support.apple.com/HT209443" }, { "source": "cve@mitre.org", "url": "https://support.apple.com/HT209446" }, { "source": "cve@mitre.org", "url": "https://support.apple.com/HT209447" }, { "source": "cve@mitre.org", "url": "https://support.apple.com/HT209448" }, { "source": "cve@mitre.org", "url": "https://support.apple.com/HT209450" }, { "source": "cve@mitre.org", "url": "https://support.apple.com/HT209451" }, { "source": "cve@mitre.org", "url": "https://usn.ubuntu.com/4019-1/" }, { "source": "cve@mitre.org", "url": "https://usn.ubuntu.com/4019-2/" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://worthdoingbadly.com/sqlitebug/" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc" }, { "source": "cve@mitre.org", "url": "https://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg113218.html" }, { "source": "cve@mitre.org", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "source": "cve@mitre.org", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://www.sqlite.org/releaselog/3_25_3.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.synology.com/security/advisory/Synology_SA_18_61" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/106323" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/articles/3758321" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://blade.tencent.com/magellan/index_en.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659379" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659677" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "https://crbug.com/900910" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://news.ycombinator.com/item?id=18685296" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201904-21" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://sqlite.org/src/info/940f2adc8541a838" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://sqlite.org/src/info/d44318f59044162e" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/HT209443" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/HT209446" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/HT209447" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/HT209448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/HT209450" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://support.apple.com/HT209451" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/4019-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/4019-2/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://worthdoingbadly.com/sqlitebug/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg113218.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://www.sqlite.org/releaselog/3_25_3.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.synology.com/security/advisory/Synology_SA_18_61" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-190" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B9CAFC15-178C-4176-9668-D4A04B63E77B", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C8D6949-89F4-40EF-98F4-8D15628DC345", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*", "matchCriteriaId": "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*", "matchCriteriaId": "6479D85C-1A12-486D-818C-6679F415CA26", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "287CF5FA-D0EC-4FD7-9718-973587EF34DF", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*", "matchCriteriaId": "C88168D4-7DB5-4720-8640-400BB680D0FD", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*", "matchCriteriaId": "968915A1-375B-4C69-BE11-9A393F7F1B0F", "vulnerable": true }, { "criteria": "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "11465DCA-72E5-40E9-9D8E-B3CD470C47E9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3954D0D1-9FDF-47D0-9710-D0FB06955B8B", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A4C5F60-B32D-4D85-BA28-AE11972ED614", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*", "matchCriteriaId": "6A5935C3-3D83-461F-BC26-E03362115C42", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "80AC523B-3106-46F2-B760-803DCF8061F4", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*", "matchCriteriaId": "F8B8D6F3-D15D-489F-A807-17E63F4831F2", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*", "matchCriteriaId": "808189BA-197F-49CE-933E-A728F395749C", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CC7EF0CD-EA39-457B-8E2E-9120B65A5835", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7BC2983F-5212-464B-AC21-8A897DEC1F58", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "EBF17989-D1F2-4B04-80BD-CFABDD482ABA", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", "matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", "matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", "matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", "matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*", "matchCriteriaId": "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*", "matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "580BA1FE-0826-47A7-8BD3-9225E0841EDD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "040B04CD-B891-4F19-A7CC-5C2D462FBD6C", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*", "matchCriteriaId": "5BF29685-7FFC-4093-A1D4-21E4871AF5C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*", "matchCriteriaId": "E72872C9-63AF-417F-BFAE-92B4D350C006", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*", "matchCriteriaId": "80BCF196-5E5A-4F31-BCE7-AA0C748CA922", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*", "matchCriteriaId": "970939C5-1E6F-47B6-97E6-7B2C1E019985", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", "matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*", "matchCriteriaId": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", "matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", "matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8B87C95-4B34-4628-AD03-67D1DE13E097", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F04471C-732F-44EE-AD1B-6305C1DD7DDD", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "E237919A-416B-4039-AAD2-7FAE1F4E100D", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "39149924-188C-40C1-B598-A9CD407C90DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E6501108-5455-48FE-AA82-37AFA5D7EC24", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", "matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*", "matchCriteriaId": "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*", "matchCriteriaId": "9D0EF4A3-2FE5-41E4-A764-30B379ECF081", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*", "matchCriteriaId": "CCF6D59E-8AEA-4380-B86B-0803B2202F16", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*", "matchCriteriaId": "140ABF28-FA39-4D77-AEB2-304962ED48C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*", "matchCriteriaId": "09473DD9-5114-44C5-B56C-6630FBEBCACB", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A7ECD3A4-5A39-4222-8350-524F11D8FFB0", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*", "matchCriteriaId": "D36C140D-E80C-479A-ADA7-18E901549059", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "940712E9-B041-4B7F-BD02-7DD0AE596D65", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "03B887A2-9025-4C5B-8901-71BC63BF5293", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "33264586-7160-4550-9FF9-4101D72F5C9B", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE5E6521-0611-4473-82AC-21655F10FEC0", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*", "matchCriteriaId": "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*", "matchCriteriaId": "8C83ABA2-87CD-429B-9800-590F8256B064", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*", "matchCriteriaId": "A4D9A576-2878-4AC4-AC95-E69CB8A84A71", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*", "matchCriteriaId": "0A1A0B02-CF33-401F-9AB2-D595E586C795", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*", "matchCriteriaId": "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "90FB3825-21A6-4DBE-8188-67672DBE01CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "80623E58-8B46-4559-89A4-C329AACF3CB7", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "AEE6C228-CD93-4636-868B-C19BC1674BE6", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "A645148C-AD0D-46C1-BEE3-10F5C9066279", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation:*:*:*:*:*:*:*", "matchCriteriaId": "C48F4DF4-8091-45D0-9F80-F760500B1202", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*", "matchCriteriaId": "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*", "matchCriteriaId": "02029D75-FAF2-4842-9246-079C7DE36417", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*", "matchCriteriaId": "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8496E0D-2507-4C25-A122-0B846CBCA72A", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E383F2A-DFCF-47F8-94EE-3563D41EA597", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D2D87EF0-056E-4128-89EB-2803ED83DEE9", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB3163C1-2044-44DA-9C88-076D75FDF1EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*", "matchCriteriaId": "07E1B690-C58B-4C08-A757-F3DF451FDAAA", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "31F0E14C-7681-4D1A-B982-A51E450B93A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*", "matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*", "matchCriteriaId": "AC604680-2E9E-4DC4-ACDD-74D552A45BA4", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*", "matchCriteriaId": "37A94436-D092-4C7E-B87B-63BC621EE82E", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*", "matchCriteriaId": "862165CF-3CFB-4C6E-8238-86FA85F243C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*", "matchCriteriaId": "056F3336-BAA8-4A03-90B4-7B31710FC1B3", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "9FDC2510-FBB9-429A-B6D4-10AB11F93960", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*", "matchCriteriaId": "5D45127E-A544-40A0-9D34-BD70D95C9772", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*", "matchCriteriaId": "56C69C3E-C895-45C8-8182-7BB412A0C828", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4D9564B-B92E-4C97-87FF-B56D62DCA775", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*", "matchCriteriaId": "B931D4F8-23F5-4ABA-A457-959995D30C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*", "matchCriteriaId": "BE6A023E-9C2A-487F-B5CE-674C766BFE75", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*", "matchCriteriaId": "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2A045971-8756-47E8-9044-C39D08B36F1F", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CAA95881-7231-4FDA-AF73-04DF9FF0B64C", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "62B7F6AD-EDBD-4B09-BDB2-795ED114F2AE", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F045AB7B-1551-46E5-A5CC-BF13C1BB49F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "44E85930-3AAD-420B-8E3E-AEC57344F6C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "52FD4485-BCA2-485A-A0CF-F8152C9DBFA5", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "7CF53BE4-FE2D-4D63-BD0F-A423D0FE3BE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "00993464-BE09-4691-B3F0-51BBA9FB80C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "896AB39E-2078-4BA2-9522-477BD5F98FD1", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "EB9279EC-47CF-45F1-B4CC-B2B332E82E34", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E7300C3E-8105-4C23-89B9-7D29CED18C15", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "90C59DB2-48DA-4172-A1F5-25CF3B5097AE", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "715F4E0B-7E4B-4520-A987-9B3ED3136B75", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3:*:*:*:*:*:*:*", "matchCriteriaId": "9CA1F606-C558-40FD-9300-6E2796F47BA8", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A037FAA6-6D26-4496-BC67-03475B4D1155", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3831DD3-E783-4200-8986-FDBF7DD9BA53", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "699764B6-0F86-4AB0-86A3-4F2E69AD820C", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*", "matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*", "matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*", "matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8FA6420B-9F6A-48F4-A445-12B60A320347", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*", "matchCriteriaId": "09F3FB7B-0F68-49F3-A3B7-977A687A42E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*", "matchCriteriaId": "088F2FF7-96E5-455E-A35B-D99F9854EC6E", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*", "matchCriteriaId": "FFA721BF-1B2E-479F-BF25-02D441BF175B", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*", "matchCriteriaId": "AFEDCE49-21CC-4168-818F-4C638EE3B077", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*", "matchCriteriaId": "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF1A5808-6D5D-48AD-9470-5A6510D17913", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8D09E11C-C5BB-409E-BB0D-7F351250419B", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B06A05D-AA31-441D-9FC2-3558648C3B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0886901-6F93-44C1-B774-84D7E5D9554C", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "3F203A80-7C1E-4A04-8E99-63525E176753", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CA0A204C-158B-4014-A53C-75E0CD63E0DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "085BA581-7DA5-4FA4-A888-351281FD0A7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.17:*:*:*:*:*:*:*", "matchCriteriaId": "EA1C4B3C-5701-4233-BA94-28915713F9C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.18:*:*:*:*:*:*:*", "matchCriteriaId": "28D9F8D7-698A-486A-918A-7DB5CAFBB3CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "D125C2A0-A4B5-48D6-A38A-54755C3FDF4C", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0F85F672-0F21-4AD7-8620-13D82F2ECC22", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "89070041-613A-4F7B-BD6A-C6091D21FC52", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "D9A71933-4BD5-4B11-8B14-D997E75F29CD", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B6BE11D-FC02-4950-A554-08CC9D8B1853", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A53FD0E1-9BAA-43F0-BCC9-0BE8D4356F55", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "B80ADAE8-94D4-46A4-A5ED-FF134D808B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "69FA0221-5073-4D45-950F-119497B53FED", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "C4AE5B43-7C90-4C2A-A215-30F5EC5841C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "2CC1A110-B203-4962-8E1A-74BD98121AF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "B5A92C4D-B024-4D39-9479-409C39586F64", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "E7E0C4F5-CF02-4FF6-AE9B-5B6B70D5C067", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "5E8998CC-E372-46D0-8339-47DC8D92D253", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "AF131FDC-BF8D-4A17-99F0-444EB900E83D", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "880811B3-E78E-456E-972E-DE733F368576", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "22411F18-2B93-405A-A3B5-2CF0A04977C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "C71188B7-E6DC-41E5-B619-367341113501", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "07491444-0196-4504-A971-A5E388B86BBA", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "72BC6CD2-3291-4E69-8DC6-F3AB853F8931", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "CD43EDDF-58A7-4705-B8C7-FD76C35A437D", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "A7C2E603-568F-40F6-9A7C-439E2A51B37F", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "703421A7-E8C5-450B-97EF-FD9D99D4B834", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", "matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*", "matchCriteriaId": "BBE573E8-DD94-4293-99AE-27B9067B3ED9", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*", "matchCriteriaId": "D14413DA-5199-4282-9E22-D347E9D8E469", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "05CC5F49-0E9E-45D8-827D-A5940566DB25", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*", "matchCriteriaId": "5D94EE19-6CE9-4E02-8174-D9954CDBF02B", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*", "matchCriteriaId": "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*", "matchCriteriaId": "8CE38F15-BD42-4171-8670-86AA8169A60C", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", "vulnerable": true }, { "criteria": "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF28C435-C036-4507-8E3F-44E722F9974A", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F2CDFE7-6853-4A31-85C0-50C57A8D606A", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*", "matchCriteriaId": "408A9DB0-81EF-4186-B338-44954E67289B", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*", "matchCriteriaId": "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*", "matchCriteriaId": "303362A5-9C3C-4C85-8C97-2AB12CE01BF6", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "FED22DC1-E06B-4511-B920-6DAB792262D8", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*", "matchCriteriaId": "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F757B2A7-869F-4702-81EB-466317A79D61", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*", "matchCriteriaId": "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F", "vulnerable": true }, { "criteria": "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "64AF1E33-4086-43E2-8F54-DA75A99D4B75", "vulnerable": true }, { "criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "53D16F03-A4C7-4497-AB74-499F208FF059", "vulnerable": true }, { "criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "13A33EC1-836B-4C8C-AC18-B5BD4F90E612", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*", "matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*", "matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*", "matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*", "matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool." }, { "lang": "es", "value": "OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS." } ], "id": "CVE-2004-0081", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-11-23T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "source": "cve@mitre.org", "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11139" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "source": "cve@mitre.org", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-465" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/465542" }, { "source": "cve@mitre.org", "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9899" }, { "source": "cve@mitre.org", "url": "http://www.trustix.org/errata/2004/0012" }, { "source": "cve@mitre.org", "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11139" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-465" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/465542" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9899" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2004/0012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-12-08 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
debian | debian_linux | 2.1 | |
linux | linux_kernel | 2.0 | |
linux | linux_kernel | 2.0.34 | |
linux | linux_kernel | 2.0.35 | |
linux | linux_kernel | 2.0.36 | |
linux | linux_kernel | 2.0.37 | |
linux | linux_kernel | 2.0.38 | |
redhat | linux | 5.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "96A6EE7E-C79C-4B25-AFF0-C6638CB3C99A", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "92555500-16EB-4F76-B2C7-61A00A1AC722", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.0.35:*:*:*:*:*:*:*", "matchCriteriaId": "B03D22C9-94C6-4AC5-AAD0-15F06BCC5CA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.0.36:*:*:*:*:*:*:*", "matchCriteriaId": "541B4ED8-E970-4C67-B5AF-7DE5B7F754D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.0.37:*:*:*:*:*:*:*", "matchCriteriaId": "1E55F8A8-1ABD-4760-9074-353BBAEE005B", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.0.38:*:*:*:*:*:*:*", "matchCriteriaId": "F873503F-C6E2-4AC2-859E-9431FE0FA0A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*", "matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option." } ], "id": "CVE-1999-0986", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-12-08T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/870" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/870" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-07-25 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems." } ], "id": "CVE-1999-0710", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-07-25T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://fedoranews.org/updates/FEDORA--.shtml" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-576" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-1999-025.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-489.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/archives/rh52-errata-general.html#squid" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/2059" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://fedoranews.org/updates/FEDORA--.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-576" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-1999-025.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-489.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/archives/rh52-errata-general.html#squid" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/2059" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2385" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
redhat | linux_powertools | 6.1 | |
redhat | linux_powertools | 6.2 | |
redhat | linux_powertools | 7.0 | |
zope | zope | * | |
conectiva | linux | 4.2 | |
conectiva | linux | 5.0 | |
conectiva | linux | 5.1 | |
conectiva | linux | 6.0 | |
debian | debian_linux | 2.2 | |
freebsd | freebsd | 6.2 | |
mandrakesoft | mandrake_linux | 7.1 | |
mandrakesoft | mandrake_linux | 7.2 | |
redhat | linux | 6.1 | |
redhat | linux | 6.2 | |
redhat | linux | 7.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:linux_powertools:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "BAEE3A85-0A4C-4763-A141-AC27ECFDC2AA", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:linux_powertools:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "A5AE3BF4-237D-4D84-9753-512A642141A0", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:linux_powertools:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C50F9824-A12E-488E-A735-14696E11F847", "vulnerable": true }, { "criteria": "cpe:2.3:a:zope:zope:*:*:*:*:*:*:*:*", "matchCriteriaId": "0C7B8C8F-0A2D-4C55-9648-DA2B583EBA44", "versionEndIncluding": "2.2.4", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCE4BBA3-7332-45EE-8C29-BE5A473B559D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:6.2:stable:*:*:*:*:*:*", "matchCriteriaId": "32FCB0B3-8FBE-49FA-B17E-0D5462C9E5B4", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges." } ], "id": "CVE-2001-0128", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2001-03-12T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:06.zope.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000365" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2000/20001219" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-083.php3" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/6284" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2000-127.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5777" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:06.zope.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000365" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2000/20001219" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-083.php3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/6284" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2000-127.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5777" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
1999-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "64596B09-9E41-479E-9C66-01DCACE2282F", "versionEndIncluding": "5.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges." } ], "id": "CVE-1999-1329", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "1999-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.iss.net/security_center/static/7250.php" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#SysVinit" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/security_center/static/7250.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#SysVinit" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-06-24 19:41
Modified
2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
pagesperso-orange | gfl_sdk | 2.82 | |
pagesperso-orange | nconvert | 4.92 | |
microsoft | windows_nt | * | |
pagesperso-orange | xnview | 1.93.6 | |
freebsd | freebsd | * | |
redhat | linux | * | |
pagesperso-orange | xnview | 1.70 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:pagesperso-orange:gfl_sdk:2.82:*:*:*:*:*:*:*", "matchCriteriaId": "214EC4CD-CB47-4941-A6ED-19D751D80896", "vulnerable": true }, { "criteria": "cpe:2.3:a:pagesperso-orange:nconvert:4.92:*:*:*:*:*:*:*", "matchCriteriaId": "9A0776C8-0E4C-437A-9EAD-B9636EB72BB0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:pagesperso-orange:xnview:1.93.6:*:*:*:*:*:*:*", "matchCriteriaId": "48CB0A06-1BBC-495E-9FFF-48E07161DAB1", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "B133DAC8-2B0D-4F83-9025-AD071740187A", "vulnerable": false } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:pagesperso-orange:xnview:1.70:*:*:*:*:*:*:*", "matchCriteriaId": "97668A1C-61F7-4DF4-880B-1AA977BA3F02", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer basado en Pila en NConvert 4.92, GFL SDK 2.82, y XnView 1.93.6 sobre Windows y 1.70 sobre Linux y FreeBSD, lo que permite a los atacantes remotos asistidos por usuarios para ejecutar c\u00f3digo arbitrario a trav\u00e9s de un formato clave manipuda en un fichero Sun TAAC." } ], "id": "CVE-2008-2427", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2008-06-24T19:41:00.000", "references": [ { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30416" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30789" }, { "source": "PSIRT-CNA@flexerasoftware.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/secunia_research/2008-24/advisory/" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://securityreason.com/securityalert/3956" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://securitytracker.com/id?1020340" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securityfocus.com/archive/1/493505/100/0/threaded" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.securityfocus.com/bid/29851" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2008/1896" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "http://www.vupen.com/english/advisories/2008/1897" }, { "source": "PSIRT-CNA@flexerasoftware.com", "url": "https://www.exploit-db.com/exploits/5951" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30789" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/secunia_research/2008-24/advisory/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/3956" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1020340" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/493505/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/29851" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1896" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1897" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/5951" } ], "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
CVE-2025-36048 (GCVE-0-2025-36048)
Vulnerability from cvelistv5
Published
2025-06-18 16:04
Modified
2025-06-18 17:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-250 - Execution with Unnecessary Privileges
Summary
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their privileges when handling external entities due to execution with unnecessary privileges.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
IBM | webMethods Integration Server |
Version: 10.5, 10.7, 10.11, 10.15 cpe:2.3:a:softwareag:webmethods:10.5:*:*:*:*:*:*:* cpe:2.3:a:softwareag:webmethods:10.7:*:*:*:*:*:*:* cpe:2.3:a:softwareag:webmethods:10.11:*:*:*:*:*:*:* cpe:2.3:a:softwareag:webmethods:10.15:*:*:*:*:*:*:* |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-36048", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-06-18T17:49:44.656092Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-06-18T17:53:01.000Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:softwareag:webmethods:10.5:*:*:*:*:*:*:*", "cpe:2.3:a:softwareag:webmethods:10.7:*:*:*:*:*:*:*", "cpe:2.3:a:softwareag:webmethods:10.11:*:*:*:*:*:*:*", "cpe:2.3:a:softwareag:webmethods:10.15:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "webMethods Integration Server", "vendor": "IBM", "versions": [ { "status": "affected", "version": "10.5, 10.7, 10.11, 10.15" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Rob Maslen" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their privileges when handling external entities due to execution with unnecessary privileges." } ], "value": "IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their privileges when handling external entities due to execution with unnecessary privileges." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-250", "description": "CWE-250 Execution with Unnecessary Privileges", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-06-18T16:04:28.802Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7237144" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM strongly recommends addressing the vulnerability now by applying the mentioned core fixes or later core fixes for the affected versions and following the respective fix readme document.\u003cbr\u003e\u003cbr\u003eIS_10.5_Core_Fix29 or later\u003cbr\u003eIS_10.7_Core_Fix23 or later\u003cbr\u003eIS_10.11_Core_Fix11 or later\u003cbr\u003eIS_10.15_Core_Fix14 or later\u003cbr\u003e\u003cbr\u003eFixes can be downloaded and installed via IBM webMethods Update Manager. Refer to How to Download webMethods Software\u003cbr\u003e" } ], "value": "IBM strongly recommends addressing the vulnerability now by applying the mentioned core fixes or later core fixes for the affected versions and following the respective fix readme document.\n\nIS_10.5_Core_Fix29 or later\nIS_10.7_Core_Fix23 or later\nIS_10.11_Core_Fix11 or later\nIS_10.15_Core_Fix14 or later\n\nFixes can be downloaded and installed via IBM webMethods Update Manager. Refer to How to Download webMethods Software" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM webMethods Integration Sever code execution", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2025-36048", "datePublished": "2025-06-18T16:04:28.802Z", "dateReserved": "2025-04-15T21:16:10.569Z", "dateUpdated": "2025-06-18T17:53:01.000Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1235 (GCVE-0-2004-1235)
Vulnerability from cvelistv5
Published
2005-01-20 05:00
Modified
2024-08-08 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:46:12.034Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20163", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20163" }, { "name": "DSA-1082", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1082" }, { "name": "MDKSA-2005:022", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022" }, { "name": "RHSA-2005:017", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html" }, { "name": "FLSA:2336", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.securityfocus.com/advisories/7804" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt" }, { "name": "DSA-1070", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1070" }, { "name": "RHSA-2005:016", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html" }, { "name": "20162", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20162" }, { "name": "RHSA-2005:043", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html" }, { "name": "2005-0001", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2005/0001/" }, { "name": "RHSA-2005:092", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-092.html" }, { "name": "DSA-1067", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1067" }, { "name": "FEDORA-2005-014", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/advisories/7805" }, { "name": "DSA-1069", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1069" }, { "name": "CLA-2005:930", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930" }, { "name": "SUSE-SR:2005:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "name": "12190", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/12190" }, { "name": "linux-uselib-gain-privileges(18800)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800" }, { "name": "20050107 Linux kernel sys_uselib local root vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2" }, { "name": "oval:org.mitre.oval:def:9567", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567" }, { "name": "FEDORA-2005-013", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/advisories/7806" }, { "name": "20202", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20202" }, { "name": "20338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20338" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-01-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20163", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20163" }, { "name": "DSA-1082", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1082" }, { "name": "MDKSA-2005:022", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022" }, { "name": "RHSA-2005:017", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html" }, { "name": "FLSA:2336", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.securityfocus.com/advisories/7804" }, { "tags": [ "x_refsource_MISC" ], "url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt" }, { "name": "DSA-1070", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1070" }, { "name": "RHSA-2005:016", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html" }, { "name": "20162", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20162" }, { "name": "RHSA-2005:043", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html" }, { "name": "2005-0001", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2005/0001/" }, { "name": "RHSA-2005:092", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-092.html" }, { "name": "DSA-1067", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1067" }, { "name": "FEDORA-2005-014", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/advisories/7805" }, { "name": "DSA-1069", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1069" }, { "name": "CLA-2005:930", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930" }, { "name": "SUSE-SR:2005:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "name": "12190", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/12190" }, { "name": "linux-uselib-gain-privileges(18800)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800" }, { "name": "20050107 Linux kernel sys_uselib local root vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2" }, { "name": "oval:org.mitre.oval:def:9567", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567" }, { "name": "FEDORA-2005-013", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/advisories/7806" }, { "name": "20202", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20202" }, { "name": "20338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20338" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1235", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20163", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20163" }, { "name": "DSA-1082", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1082" }, { "name": "MDKSA-2005:022", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022" }, { "name": "RHSA-2005:017", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html" }, { "name": "FLSA:2336", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336" }, { "name": "http://www.securityfocus.com/advisories/7804", "refsource": "CONFIRM", "url": "http://www.securityfocus.com/advisories/7804" }, { "name": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt", "refsource": "MISC", "url": "http://isec.pl/vulnerabilities/isec-0021-uselib.txt" }, { "name": "DSA-1070", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1070" }, { "name": "RHSA-2005:016", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html" }, { "name": "20162", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20162" }, { "name": "RHSA-2005:043", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-043.html" }, { "name": "2005-0001", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2005/0001/" }, { "name": "RHSA-2005:092", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-092.html" }, { "name": "DSA-1067", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1067" }, { "name": "FEDORA-2005-014", "refsource": "FEDORA", "url": "http://www.securityfocus.com/advisories/7805" }, { "name": "DSA-1069", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1069" }, { "name": "CLA-2005:930", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000930" }, { "name": "SUSE-SR:2005:001", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "name": "12190", "refsource": "BID", "url": "http://www.securityfocus.com/bid/12190" }, { "name": "linux-uselib-gain-privileges(18800)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18800" }, { "name": "20050107 Linux kernel sys_uselib local root vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=110512575901427\u0026w=2" }, { "name": "oval:org.mitre.oval:def:9567", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9567" }, { "name": "FEDORA-2005-013", "refsource": "FEDORA", "url": "http://www.securityfocus.com/advisories/7806" }, { "name": "20202", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20202" }, { "name": "20338", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20338" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1235", "datePublished": "2005-01-20T05:00:00", "dateReserved": "2004-12-15T00:00:00", "dateUpdated": "2024-08-08T00:46:12.034Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0550 (GCVE-0-2003-0550)
Vulnerability from cvelistv5
Published
2003-07-25 04:00
Modified
2024-08-08 01:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:58:11.116Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2003:238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "DSA-423", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "name": "RHSA-2003:239", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "name": "oval:org.mitre.oval:def:380", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A380" }, { "name": "DSA-358", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-358" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-07-21T00:00:00", "descriptions": [ { "lang": "en", "value": "The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2003:238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "DSA-423", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "name": "RHSA-2003:239", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "name": "oval:org.mitre.oval:def:380", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A380" }, { "name": "DSA-358", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-358" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0550", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2003:238", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "DSA-423", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-423" }, { "name": "RHSA-2003:239", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "name": "oval:org.mitre.oval:def:380", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A380" }, { "name": "DSA-358", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-358" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0550", "datePublished": "2003-07-25T04:00:00", "dateReserved": "2003-07-14T00:00:00", "dateUpdated": "2024-08-08T01:58:11.116Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-10864 (GCVE-0-2018-10864)
Vulnerability from cvelistv5
Published
2018-08-13 17:00
Modified
2024-08-05 07:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. A remote attacker may provide an existing but invalid XML file which would be opened and never closed, possibly producing a Denial of Service.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
[UNKNOWN] | redhat-certification: |
Version: n/a |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T07:46:46.942Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10864" }, { "name": "RHSA-2018:2373", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:2373" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "redhat-certification:", "vendor": "[UNKNOWN]", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2018-06-21T00:00:00", "descriptions": [ { "lang": "en", "value": "An uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. A remote attacker may provide an existing but invalid XML file which would be opened and never closed, possibly producing a Denial of Service." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2018-08-14T09:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10864" }, { "name": "RHSA-2018:2373", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:2373" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2018-10864", "datePublished": "2018-08-13T17:00:00", "dateReserved": "2018-05-09T00:00:00", "dateUpdated": "2024-08-05T07:46:46.942Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1220 (GCVE-0-2000-1220)
Vulnerability from cvelistv5
Published
2005-04-21 04:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.471Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000109 lpr -- access control problem and root exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2000/20000109" }, { "name": "20000108 L0pht Advisory: LPD, RH 4.x,5.x,6.x", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://seclists.org/lists/bugtraq/2000/Jan/0116.html" }, { "name": "927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/927" }, { "name": "redhat-lpd-print-control(3841)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3841" }, { "name": "20021104-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P" }, { "name": "20000108 Quadruple Inverted Backflip", "tags": [ "vendor-advisory", "x_refsource_L0PHT", "x_transferred" ], "url": "http://www.l0pht.com/advisories/lpd_advisory" }, { "name": "VU#39001", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/39001" }, { "name": "RHSA-2000:002", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-002.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-01-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000109 lpr -- access control problem and root exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2000/20000109" }, { "name": "20000108 L0pht Advisory: LPD, RH 4.x,5.x,6.x", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://seclists.org/lists/bugtraq/2000/Jan/0116.html" }, { "name": "927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/927" }, { "name": "redhat-lpd-print-control(3841)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3841" }, { "name": "20021104-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P" }, { "name": "20000108 Quadruple Inverted Backflip", "tags": [ "vendor-advisory", "x_refsource_L0PHT" ], "url": "http://www.l0pht.com/advisories/lpd_advisory" }, { "name": "VU#39001", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/39001" }, { "name": "RHSA-2000:002", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-002.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1220", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000109 lpr -- access control problem and root exploit", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2000/20000109" }, { "name": "20000108 L0pht Advisory: LPD, RH 4.x,5.x,6.x", "refsource": "BUGTRAQ", "url": "http://seclists.org/lists/bugtraq/2000/Jan/0116.html" }, { "name": "927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/927" }, { "name": "redhat-lpd-print-control(3841)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3841" }, { "name": "20021104-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P" }, { "name": "20000108 Quadruple Inverted Backflip", "refsource": "L0PHT", "url": "http://www.l0pht.com/advisories/lpd_advisory" }, { "name": "VU#39001", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/39001" }, { "name": "RHSA-2000:002", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-002.html" }, { "name": "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt", "refsource": "MISC", "url": "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1220", "datePublished": "2005-04-21T04:00:00", "dateReserved": "2005-04-21T00:00:00", "dateUpdated": "2024-08-08T05:45:37.471Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0184 (GCVE-0-2000-0184)
Vulnerability from cvelistv5
Published
2000-04-25 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:05:54.110Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000309", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0082.html" }, { "name": "1037", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1037" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-03-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000309", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0082.html" }, { "name": "1037", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1037" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0184", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000309", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0082.html" }, { "name": "1037", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1037" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0184", "datePublished": "2000-04-25T04:00:00", "dateReserved": "2000-03-22T00:00:00", "dateUpdated": "2024-08-08T05:05:54.110Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-1509 (GCVE-0-2002-1509)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T03:26:28.671Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2003:058", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-058.html" }, { "name": "MDKSA-2003:026", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:026" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=75418" }, { "name": "RHSA-2003:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-057.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-02-13T00:00:00", "descriptions": [ { "lang": "en", "value": "A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user\u0027s group (mode 660), which allows other users in the same group to read or modify the new user\u0027s incoming email." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2007-11-13T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2003:058", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-058.html" }, { "name": "MDKSA-2003:026", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:026" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=75418" }, { "name": "RHSA-2003:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-057.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1509", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user\u0027s group (mode 660), which allows other users in the same group to read or modify the new user\u0027s incoming email." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2003:058", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-058.html" }, { "name": "MDKSA-2003:026", "refsource": "MANDRAKE", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:026" }, { "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=75418", "refsource": "CONFIRM", "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=75418" }, { "name": "RHSA-2003:057", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-057.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1509", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2003-02-13T00:00:00", "dateUpdated": "2024-08-08T03:26:28.671Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0390 (GCVE-0-1999-0390)
Vulnerability from cvelistv5
Published
2000-03-22 05:00
Modified
2024-08-01 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Dosemu Slang library in Linux.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:34:51.941Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "CSSA-1999-006.1", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-006.1.txt" }, { "name": "187", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/187" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in Dosemu Slang library in Linux." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "CSSA-1999-006.1", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-006.1.txt" }, { "name": "187", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/187" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0390", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in Dosemu Slang library in Linux." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "CSSA-1999-006.1", "refsource": "CALDERA", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-006.1.txt" }, { "name": "187", "refsource": "BID", "url": "http://www.securityfocus.com/bid/187" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0390", "datePublished": "2000-03-22T05:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:34:51.941Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1613 (GCVE-0-2004-1613)
Vulnerability from cvelistv5
Published
2005-02-20 05:00
Modified
2024-08-08 01:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
References
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:00:36.308Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20041018 Web browsers - a mini-farce", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2" }, { "name": "11439", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11439" }, { "name": "RHSA-2005:323", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-323.html" }, { "name": "mozilla-html-tags-dos(17805)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805" }, { "name": "oval:org.mitre.oval:def:10227", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227" }, { "name": "1011810", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1011810" }, { "name": "20041018 Web browsers - a mini-farce", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://lcamtuf.coredump.cx/mangleme/gallery/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-10-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20041018 Web browsers - a mini-farce", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2" }, { "name": "11439", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11439" }, { "name": "RHSA-2005:323", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-323.html" }, { "name": "mozilla-html-tags-dos(17805)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805" }, { "name": "oval:org.mitre.oval:def:10227", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227" }, { "name": "1011810", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1011810" }, { "name": "20041018 Web browsers - a mini-farce", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://lcamtuf.coredump.cx/mangleme/gallery/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1613", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20041018 Web browsers - a mini-farce", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2" }, { "name": "11439", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11439" }, { "name": "RHSA-2005:323", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-323.html" }, { "name": "mozilla-html-tags-dos(17805)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805" }, { "name": "oval:org.mitre.oval:def:10227", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227" }, { "name": "1011810", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1011810" }, { "name": "20041018 Web browsers - a mini-farce", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html" }, { "name": "http://lcamtuf.coredump.cx/mangleme/gallery/", "refsource": "MISC", "url": "http://lcamtuf.coredump.cx/mangleme/gallery/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1613", "datePublished": "2005-02-20T05:00:00", "dateReserved": "2005-02-20T00:00:00", "dateUpdated": "2024-08-08T01:00:36.308Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1009 (GCVE-0-2000-1009)
Vulnerability from cvelistv5
Published
2000-11-29 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:37:32.263Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "linux-dump-execute-code(5437)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5437" }, { "name": "1871", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1871" }, { "name": "20001030 Redhat 6.2 dump command executes external program with suid priviledge.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0438.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-30T00:00:00", "descriptions": [ { "lang": "en", "value": "dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-18T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "linux-dump-execute-code(5437)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5437" }, { "name": "1871", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1871" }, { "name": "20001030 Redhat 6.2 dump command executes external program with suid priviledge.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0438.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1009", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "linux-dump-execute-code(5437)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5437" }, { "name": "1871", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1871" }, { "name": "20001030 Redhat 6.2 dump command executes external program with suid priviledge.", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0438.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1009", "datePublished": "2000-11-29T05:00:00", "dateReserved": "2000-11-24T00:00:00", "dateUpdated": "2024-08-08T05:37:32.263Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0131 (GCVE-0-1999-0131)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:27:57.691Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "717", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/717" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "717", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/717" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0131", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "717", "refsource": "BID", "url": "http://www.securityfocus.com/bid/717" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0131", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:27:57.691Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-7110 (GCVE-0-2018-7110)
Vulnerability from cvelistv5
Published
2018-10-17 13:00
Modified
2024-09-16 17:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- remote unauthorized disclosure of information
Summary
A remote unauthorized disclosure of information vulnerability was identified in HPE Service Governance Framework (SGF) version 4.2, 4.3. A race condition under high load in SGF exists where SGF transferred different parameter to the enabler.
References
► | URL | Tags |
---|---|---|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Hewlett Packard Enterprise | HPE Service Governance Framework (SGF) |
Version: SGF v4.2,4.3 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T06:17:17.513Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03890en_us" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "HPE Service Governance Framework (SGF)", "vendor": "Hewlett Packard Enterprise", "versions": [ { "status": "affected", "version": "SGF v4.2,4.3" } ] } ], "datePublic": "2018-09-26T00:00:00", "descriptions": [ { "lang": "en", "value": "A remote unauthorized disclosure of information vulnerability was identified in HPE Service Governance Framework (SGF) version 4.2, 4.3. A race condition under high load in SGF exists where SGF transferred different parameter to the enabler." } ], "problemTypes": [ { "descriptions": [ { "description": "remote unauthorized disclosure of information", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-17T12:57:01", "orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03890en_us" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-alert@hpe.com", "DATE_PUBLIC": "2018-09-26T00:00:00", "ID": "CVE-2018-7110", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "HPE Service Governance Framework (SGF)", "version": { "version_data": [ { "version_value": "SGF v4.2,4.3" } ] } } ] }, "vendor_name": "Hewlett Packard Enterprise" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A remote unauthorized disclosure of information vulnerability was identified in HPE Service Governance Framework (SGF) version 4.2, 4.3. A race condition under high load in SGF exists where SGF transferred different parameter to the enabler." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "remote unauthorized disclosure of information" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03890en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03890en_us" } ] } } } }, "cveMetadata": { "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "assignerShortName": "hpe", "cveId": "CVE-2018-7110", "datePublished": "2018-10-17T13:00:00Z", "dateReserved": "2018-02-15T00:00:00", "dateUpdated": "2024-09-16T17:33:04.715Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-1383 (GCVE-0-2001-1383)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 04:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:51:08.387Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "3367", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3367" }, { "name": "linux-setserial-initscript-symlink(7177)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/7177.php" }, { "name": "RHSA-2001:110", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2001-110.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-09-19T00:00:00", "descriptions": [ { "lang": "en", "value": "initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-07-31T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "3367", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3367" }, { "name": "linux-setserial-initscript-symlink(7177)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/7177.php" }, { "name": "RHSA-2001:110", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2001-110.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-1383", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "3367", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3367" }, { "name": "linux-setserial-initscript-symlink(7177)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7177.php" }, { "name": "RHSA-2001:110", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2001-110.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-1383", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2002-07-25T00:00:00", "dateUpdated": "2024-08-08T04:51:08.387Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1334 (GCVE-0-2004-1334)
Vulnerability from cvelistv5
Published
2005-01-06 05:00
Modified
2024-08-08 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:46:12.329Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20041215 fun with linux kernel", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "name": "20041215 [USN-47-1] Linux kernel vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "name": "11956", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11956" }, { "name": "linux-ipoptionsget-dos(18522)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18522" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-12-15T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20041215 fun with linux kernel", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "name": "20041215 [USN-47-1] Linux kernel vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "name": "11956", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11956" }, { "name": "linux-ipoptionsget-dos(18522)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18522" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1334", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20041215 fun with linux kernel", "refsource": "FULLDISC", "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "name": "20041215 [USN-47-1] Linux kernel vulnerabilities", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2" }, { "name": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html", "refsource": "MISC", "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "name": "11956", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11956" }, { "name": "linux-ipoptionsget-dos(18522)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18522" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1334", "datePublished": "2005-01-06T05:00:00", "dateReserved": "2005-01-06T00:00:00", "dateUpdated": "2024-08-08T00:46:12.329Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0219 (GCVE-0-2000-0219)
Vulnerability from cvelistv5
Published
2000-03-22 05:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:05:54.111Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000223 redhat 6.0: single user boot security hole", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=200002230248.NAA19185%40cairo.anu.edu.au" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053" }, { "name": "1005", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1005" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-02-23T00:00:00", "descriptions": [ { "lang": "en", "value": "Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-11-01T22:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000223 redhat 6.0: single user boot security hole", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=200002230248.NAA19185%40cairo.anu.edu.au" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053" }, { "name": "1005", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1005" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0219", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000223 redhat 6.0: single user boot security hole", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=200002230248.NAA19185@cairo.anu.edu.au" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10053" }, { "name": "1005", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1005" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0219", "datePublished": "2000-03-22T05:00:00", "dateReserved": "2000-03-22T00:00:00", "dateUpdated": "2024-08-08T05:05:54.111Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0829 (GCVE-0-2000-0829)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:28:41.660Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "linux-tmpwatch-fork-dos(5217)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5217" }, { "name": "20000909 tmpwatch: local DoS : fork()bomb as root", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/81364" }, { "name": "RHSA-2000:080", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-080.html" }, { "name": "1664", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1664" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-09-09T00:00:00", "descriptions": [ { "lang": "en", "value": "The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "linux-tmpwatch-fork-dos(5217)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5217" }, { "name": "20000909 tmpwatch: local DoS : fork()bomb as root", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/81364" }, { "name": "RHSA-2000:080", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-080.html" }, { "name": "1664", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1664" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0829", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "linux-tmpwatch-fork-dos(5217)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5217" }, { "name": "20000909 tmpwatch: local DoS : fork()bomb as root", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/81364" }, { "name": "RHSA-2000:080", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-080.html" }, { "name": "1664", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1664" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0829", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2000-10-15T00:00:00", "dateUpdated": "2024-08-08T05:28:41.660Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-3430 (GCVE-0-2023-3430)
Vulnerability from cvelistv5
Published
2023-12-18 13:40
Modified
2024-08-02 06:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
► | n/a | OpenImageIO | ||
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:55:03.301Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHBZ#2218380", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218380" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "OpenImageIO", "vendor": "n/a", "versions": [ { "status": "unaffected", "version": "2.4.12.0" } ] }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "OpenImageIO", "product": "Extra Packages for Enterprise Linux", "vendor": "Fedora" }, { "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected", "packageName": "OpenImageIO", "product": "Fedora", "vendor": "Fedora" } ], "datePublic": "2023-05-15T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-18T13:40:05.145Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHBZ#2218380", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218380" } ], "timeline": [ { "lang": "en", "time": "2023-02-27T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-05-15T00:00:00+00:00", "value": "Made public." } ], "title": "Openimageio: heap-buffer-overflow in file src/gif.imageio/gifinput.cpp", "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-3430", "datePublished": "2023-12-18T13:40:05.145Z", "dateReserved": "2023-06-27T13:55:43.943Z", "dateUpdated": "2024-08-02T06:55:03.301Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0531 (GCVE-0-2000-0531)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:21:31.163Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000620 Bug in gpm", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl" }, { "name": "1377", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1377" }, { "name": "RHSA-2000:045", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-045.html" }, { "name": "linux-gpm-gpmctl-dos(5010)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010" }, { "name": "20000728 MDKSA:2000-025 gpm update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-06-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-18T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000620 Bug in gpm", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000%40apollo.aci.com.pl" }, { "name": "1377", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1377" }, { "name": "RHSA-2000:045", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-045.html" }, { "name": "linux-gpm-gpmctl-dos(5010)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010" }, { "name": "20000728 MDKSA:2000-025 gpm update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0531", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000620 Bug in gpm", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.10.10006201453090.1812-200000@apollo.aci.com.pl" }, { "name": "1377", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1377" }, { "name": "RHSA-2000:045", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-045.html" }, { "name": "linux-gpm-gpmctl-dos(5010)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5010" }, { "name": "20000728 MDKSA:2000-025 gpm update", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0409.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0531", "datePublished": "2000-07-12T04:00:00", "dateReserved": "2000-07-11T00:00:00", "dateUpdated": "2024-08-08T05:21:31.163Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0194 (GCVE-0-2003-0194)
Vulnerability from cvelistv5
Published
2003-05-17 04:00
Modified
2024-08-08 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
tcpdump does not properly drop privileges to the pcap user when starting up.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:43:36.028Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2003:174", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-174.html" }, { "name": "RHSA-2003:151", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-151.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-05-15T00:00:00", "descriptions": [ { "lang": "en", "value": "tcpdump does not properly drop privileges to the pcap user when starting up." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-06-10T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2003:174", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-174.html" }, { "name": "RHSA-2003:151", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-151.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0194", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "tcpdump does not properly drop privileges to the pcap user when starting up." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2003:174", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-174.html" }, { "name": "RHSA-2003:151", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-151.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0194", "datePublished": "2003-05-17T04:00:00", "dateReserved": "2003-04-01T00:00:00", "dateUpdated": "2024-08-08T01:43:36.028Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0619 (GCVE-0-2004-0619)
Vulnerability from cvelistv5
Published
2004-06-30 04:00
Modified
2024-08-08 00:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow.
References
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:24:26.849Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2" }, { "name": "RHSA-2005:283", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html" }, { "name": "RHSA-2004:549", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-549.html" }, { "name": "P-047", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/p-047.shtml" }, { "name": "10599", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10599" }, { "name": "oval:org.mitre.oval:def:9773", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773" }, { "name": "11936", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11936" }, { "name": "bcm5820-adddsabufbytes-integer-bo(16459)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-06-23T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2" }, { "name": "RHSA-2005:283", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html" }, { "name": "RHSA-2004:549", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-549.html" }, { "name": "P-047", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/p-047.shtml" }, { "name": "10599", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10599" }, { "name": "oval:org.mitre.oval:def:9773", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773" }, { "name": "11936", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11936" }, { "name": "bcm5820-adddsabufbytes-integer-bo(16459)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0619", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the ubsec_keysetup function for Linux Broadcom 5820 cryptonet driver allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a negative add_dsa_buf_bytes variable, which leads to a buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20040623 Linux Broadcom 5820 Cryptonet Driver Integer Overflow", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108802653409053\u0026w=2" }, { "name": "RHSA-2005:283", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html" }, { "name": "RHSA-2004:549", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-549.html" }, { "name": "P-047", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/p-047.shtml" }, { "name": "10599", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10599" }, { "name": "oval:org.mitre.oval:def:9773", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9773" }, { "name": "11936", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11936" }, { "name": "bcm5820-adddsabufbytes-integer-bo(16459)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16459" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0619", "datePublished": "2004-06-30T04:00:00", "dateReserved": "2004-06-29T00:00:00", "dateUpdated": "2024-08-08T00:24:26.849Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0118 (GCVE-0-2001-0118)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.433Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "MDKSA-2001-005", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-005.php3" }, { "name": "2195", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2195" }, { "name": "rdist-symlink(5925)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5925" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "MDKSA-2001-005", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-005.php3" }, { "name": "2195", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2195" }, { "name": "rdist-symlink(5925)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5925" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0118", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "MDKSA-2001-005", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-005.php3" }, { "name": "2195", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2195" }, { "name": "rdist-symlink(5925)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5925" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0118", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.433Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0080 (GCVE-0-2002-0080)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:35:17.589Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "linux-rsync-inherit-privileges(8463)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/8463.php" }, { "name": "MDKSA-2002:024", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-024.php3" }, { "name": "CSSA-2002-014.1", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.caldera.com/support/security/advisories/CSSA-2002-014.1.txt" }, { "name": "4285", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/4285" }, { "name": "RHSA-2002:026", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-026.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-03-11T00:00:00", "descriptions": [ { "lang": "en", "value": "rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-06-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "linux-rsync-inherit-privileges(8463)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/8463.php" }, { "name": "MDKSA-2002:024", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-024.php3" }, { "name": "CSSA-2002-014.1", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.caldera.com/support/security/advisories/CSSA-2002-014.1.txt" }, { "name": "4285", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/4285" }, { "name": "RHSA-2002:026", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-026.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0080", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "linux-rsync-inherit-privileges(8463)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8463.php" }, { "name": "MDKSA-2002:024", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-024.php3" }, { "name": "CSSA-2002-014.1", "refsource": "CALDERA", "url": "http://www.caldera.com/support/security/advisories/CSSA-2002-014.1.txt" }, { "name": "4285", "refsource": "BID", "url": "http://www.securityfocus.com/bid/4285" }, { "name": "RHSA-2002:026", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-026.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0080", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-02-21T00:00:00", "dateUpdated": "2024-08-08T02:35:17.589Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0217 (GCVE-0-2004-0217)
Vulnerability from cvelistv5
Published
2004-03-16 05:00
Modified
2024-08-08 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.826Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "9662", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9662" }, { "name": "symantec-scanengine-race-condition(15215)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15215" }, { "name": "20040216 Possible race condition in Symantec AntiVirus Scan Engine for Red", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=107694800908164\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-02-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "9662", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9662" }, { "name": "symantec-scanengine-race-condition(15215)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15215" }, { "name": "20040216 Possible race condition in Symantec AntiVirus Scan Engine for Red", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=107694800908164\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0217", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "9662", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9662" }, { "name": "symantec-scanengine-race-condition(15215)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15215" }, { "name": "20040216 Possible race condition in Symantec AntiVirus Scan Engine for Red", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=107694800908164\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0217", "datePublished": "2004-03-16T05:00:00", "dateReserved": "2004-03-12T00:00:00", "dateUpdated": "2024-08-08T00:10:03.826Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0461 (GCVE-0-2003-0461)
Vulnerability from cvelistv5
Published
2003-07-25 04:00
Modified
2024-08-08 01:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
References
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:58:10.326Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2003:238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "DSA-423", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "name": "oval:org.mitre.oval:def:304", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A304" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html" }, { "name": "oval:org.mitre.oval:def:997", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A997" }, { "name": "RHSA-2004:188", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-188.html" }, { "name": "DSA-358", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-358" }, { "name": "oval:org.mitre.oval:def:9330", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9330" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-07-21T00:00:00", "descriptions": [ { "lang": "en", "value": "/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2003:238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "DSA-423", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "name": "oval:org.mitre.oval:def:304", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A304" }, { "tags": [ "x_refsource_MISC" ], "url": "http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html" }, { "name": "oval:org.mitre.oval:def:997", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A997" }, { "name": "RHSA-2004:188", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-188.html" }, { "name": "DSA-358", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-358" }, { "name": "oval:org.mitre.oval:def:9330", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9330" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0461", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2003:238", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "DSA-423", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-423" }, { "name": "oval:org.mitre.oval:def:304", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A304" }, { "name": "http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html", "refsource": "MISC", "url": "http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html" }, { "name": "oval:org.mitre.oval:def:997", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A997" }, { "name": "RHSA-2004:188", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-188.html" }, { "name": "DSA-358", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-358" }, { "name": "oval:org.mitre.oval:def:9330", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9330" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0461", "datePublished": "2003-07-25T04:00:00", "dateReserved": "2003-06-26T00:00:00", "dateUpdated": "2024-08-08T01:58:10.326Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0169 (GCVE-0-2001-0169)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.519Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SuSE-SA:2001:01", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html" }, { "name": "DSA-039", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2001/dsa-039" }, { "name": "linux-glibc-preload-overwrite(5971)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5971" }, { "name": "2223", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2223" }, { "name": "20010121 Trustix Security Advisory - glibc", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/157650" }, { "name": "MDKSA-2001:012", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2" }, { "name": "RHSA-2001:002", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-002.html" }, { "name": "TLSA2000021-2", "tags": [ "vendor-advisory", "x_refsource_TURBO", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html" }, { "name": "CSSA-2001-007", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-16T00:00:00", "descriptions": [ { "lang": "en", "value": "When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "SuSE-SA:2001:01", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html" }, { "name": "DSA-039", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2001/dsa-039" }, { "name": "linux-glibc-preload-overwrite(5971)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5971" }, { "name": "2223", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2223" }, { "name": "20010121 Trustix Security Advisory - glibc", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/157650" }, { "name": "MDKSA-2001:012", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2" }, { "name": "RHSA-2001:002", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-002.html" }, { "name": "TLSA2000021-2", "tags": [ "vendor-advisory", "x_refsource_TURBO" ], "url": "http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html" }, { "name": "CSSA-2001-007", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0169", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SuSE-SA:2001:01", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html" }, { "name": "DSA-039", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2001/dsa-039" }, { "name": "linux-glibc-preload-overwrite(5971)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5971" }, { "name": "2223", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2223" }, { "name": "20010121 Trustix Security Advisory - glibc", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/157650" }, { "name": "MDKSA-2001:012", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2" }, { "name": "RHSA-2001:002", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-002.html" }, { "name": "TLSA2000021-2", "refsource": "TURBO", "url": "http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html" }, { "name": "CSSA-2001-007", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0169", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-03-08T00:00:00", "dateUpdated": "2024-08-08T04:06:55.519Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0552 (GCVE-0-2003-0552)
Vulnerability from cvelistv5
Published
2003-07-25 04:00
Modified
2024-08-08 01:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:58:11.026Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2003:238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "DSA-423", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "name": "RHSA-2003:198", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "name": "RHSA-2003:239", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "name": "DSA-358", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-358" }, { "name": "oval:org.mitre.oval:def:385", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-07-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2003:238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "DSA-423", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "name": "RHSA-2003:198", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "name": "RHSA-2003:239", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "name": "DSA-358", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-358" }, { "name": "oval:org.mitre.oval:def:385", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A385" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0552", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2003:238", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "DSA-423", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-423" }, { "name": "RHSA-2003:198", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "name": "RHSA-2003:239", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "name": "DSA-358", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-358" }, { "name": "oval:org.mitre.oval:def:385", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A385" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0552", "datePublished": "2003-07-25T04:00:00", "dateReserved": "2003-07-14T00:00:00", "dateUpdated": "2024-08-08T01:58:11.026Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0370 (GCVE-0-2003-0370)
Vulnerability from cvelistv5
Published
2003-06-05 04:00
Modified
2024-08-08 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.
References
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:50:47.981Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2003:192", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-192.html" }, { "name": "20030510 [forward]Apple Safari and Konqueror Embedded Common Name Verification Vulnerability", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html" }, { "name": "TLSA-2003-36", "tags": [ "vendor-advisory", "x_refsource_TURBO", "x_transferred" ], "url": "http://www.turbolinux.com/security/TLSA-2003-36.txt" }, { "name": "RHSA-2003:193", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-193.html" }, { "name": "20030507 Problem: Multiple Web Browsers do not do not validate CN on certificates.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/320707" }, { "name": "DSA-361", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-361" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20030602-1.txt" }, { "name": "7520", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/7520" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-05-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-06-06T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2003:192", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-192.html" }, { "name": "20030510 [forward]Apple Safari and Konqueror Embedded Common Name Verification Vulnerability", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html" }, { "name": "TLSA-2003-36", "tags": [ "vendor-advisory", "x_refsource_TURBO" ], "url": "http://www.turbolinux.com/security/TLSA-2003-36.txt" }, { "name": "RHSA-2003:193", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-193.html" }, { "name": "20030507 Problem: Multiple Web Browsers do not do not validate CN on certificates.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/320707" }, { "name": "DSA-361", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-361" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20030602-1.txt" }, { "name": "7520", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/7520" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0370", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2003:192", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-192.html" }, { "name": "20030510 [forward]Apple Safari and Konqueror Embedded Common Name Verification Vulnerability", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/004983.html" }, { "name": "TLSA-2003-36", "refsource": "TURBO", "url": "http://www.turbolinux.com/security/TLSA-2003-36.txt" }, { "name": "RHSA-2003:193", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-193.html" }, { "name": "20030507 Problem: Multiple Web Browsers do not do not validate CN on certificates.", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/320707" }, { "name": "DSA-361", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-361" }, { "name": "http://www.kde.org/info/security/advisory-20030602-1.txt", "refsource": "CONFIRM", "url": "http://www.kde.org/info/security/advisory-20030602-1.txt" }, { "name": "7520", "refsource": "BID", "url": "http://www.securityfocus.com/bid/7520" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0370", "datePublished": "2003-06-05T04:00:00", "dateReserved": "2003-06-03T00:00:00", "dateUpdated": "2024-08-08T01:50:47.981Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0140 (GCVE-0-2001-0140)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.442Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2183", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2183" }, { "name": "MDKSA-2001:002", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-002.php3" }, { "name": "tcpdump-arpwatch-symlink(5922)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5922" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2183", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2183" }, { "name": "MDKSA-2001:002", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-002.php3" }, { "name": "tcpdump-arpwatch-symlink(5922)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5922" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0140", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2183", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2183" }, { "name": "MDKSA-2001:002", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-002.php3" }, { "name": "tcpdump-arpwatch-symlink(5922)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5922" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0140", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.442Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1331 (GCVE-0-1999-1331)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:02.977Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#netcfg" }, { "name": "netcfg-ethernet-dos(7245)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/7245.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1997-10-31T00:00:00", "descriptions": [ { "lang": "en", "value": "netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-20T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#netcfg" }, { "name": "netcfg-ethernet-dos(7245)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/7245.php" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1331", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "netcfg 2.16-1 in Red Hat Linux 4.2 allows the Ethernet interface to be controlled by users on reboot when an option is set, which allows local users to cause a denial of service by shutting down the interface." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.redhat.com/support/errata/rh42-errata-general.html#netcfg", "refsource": "CONFIRM", "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#netcfg" }, { "name": "netcfg-ethernet-dos(7245)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7245.php" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1331", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:02.977Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0009 (GCVE-0-1999-0009)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:27:56.971Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19980603-01-PX", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "name": "134", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/134" }, { "name": "HPSBUX9808-083", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" }, { "name": "00180", "tags": [ "vendor-advisory", "x_refsource_SUN", "x_transferred" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2009-03-02T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19980603-01-PX", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "name": "134", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/134" }, { "name": "HPSBUX9808-083", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" }, { "name": "00180", "tags": [ "vendor-advisory", "x_refsource_SUN" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0009", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19980603-01-PX", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "name": "134", "refsource": "BID", "url": "http://www.securityfocus.com/bid/134" }, { "name": "HPSBUX9808-083", "refsource": "HP", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" }, { "name": "00180", "refsource": "SUN", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0009", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:27:56.971Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1208 (GCVE-0-2000-1208)
Vulnerability from cvelistv5
Published
2002-08-01 04:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.340Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000925 Format strings: bug #1: BSD-lpr", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2" }, { "name": "lpr-checkremote-format-string(5286)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/5286.php" }, { "name": "1711", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1711" }, { "name": "20001004 Immunix OS Security Update for lpr", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://online.securityfocus.com/archive/1/137555" }, { "name": "RHSA-2000:066", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-066.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-05-31T00:00:00", "descriptions": [ { "lang": "en", "value": "Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000925 Format strings: bug #1: BSD-lpr", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2" }, { "name": "lpr-checkremote-format-string(5286)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/5286.php" }, { "name": "1711", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1711" }, { "name": "20001004 Immunix OS Security Update for lpr", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://online.securityfocus.com/archive/1/137555" }, { "name": "RHSA-2000:066", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-066.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1208", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000925 Format strings: bug #1: BSD-lpr", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=96994604300675\u0026w=2" }, { "name": "lpr-checkremote-format-string(5286)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/5286.php" }, { "name": "1711", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1711" }, { "name": "20001004 Immunix OS Security Update for lpr", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/137555" }, { "name": "RHSA-2000:066", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-066.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1208", "datePublished": "2002-08-01T04:00:00", "dateReserved": "2002-07-31T00:00:00", "dateUpdated": "2024-08-08T05:45:37.340Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0263 (GCVE-0-2000-0263)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:20.610Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1111", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1111" }, { "name": "20000416 xfs", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1111", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1111" }, { "name": "20000416 xfs", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0263", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1111", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1111" }, { "name": "20000416 xfs", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0263", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-04-26T00:00:00", "dateUpdated": "2024-08-08T05:14:20.610Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0068 (GCVE-0-2002-0068)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:35:17.488Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" }, { "name": "CLA-2002:464", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "name": "SuSE-SA:2002:008", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2002_008_squid_txt.html" }, { "name": "MDKSA-2002:016", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "name": "20020222 Squid buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101440163111826\u0026w=2" }, { "name": "20020222 TSLSA-2002-0031 - squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "name": "FreeBSD-SA-02:12", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "name": "CSSA-2002-SCO.7", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "name": "20020221 Squid HTTP Proxy Security Update Advisory 2002:1", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "name": "RHSA-2002:029", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "name": "CSSA-2002-010.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.caldera.com/support/security/advisories/CSSA-2002-010.0.txt" }, { "name": "5378", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/5378" }, { "name": "squid-ftpbuildtitleurl-bo(8258)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/8258.php" }, { "name": "4148", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/4148" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-02-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-03-19T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" }, { "name": "CLA-2002:464", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "name": "SuSE-SA:2002:008", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2002_008_squid_txt.html" }, { "name": "MDKSA-2002:016", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "name": "20020222 Squid buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101440163111826\u0026w=2" }, { "name": "20020222 TSLSA-2002-0031 - squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "name": "FreeBSD-SA-02:12", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "name": "CSSA-2002-SCO.7", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "name": "20020221 Squid HTTP Proxy Security Update Advisory 2002:1", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "name": "RHSA-2002:029", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "name": "CSSA-2002-010.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.caldera.com/support/security/advisories/CSSA-2002-010.0.txt" }, { "name": "5378", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/5378" }, { "name": "squid-ftpbuildtitleurl-bo(8258)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/8258.php" }, { "name": "4148", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/4148" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0068", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.squid-cache.org/Versions/v2/2.4/bugs/", "refsource": "CONFIRM", "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" }, { "name": "CLA-2002:464", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "name": "SuSE-SA:2002:008", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2002_008_squid_txt.html" }, { "name": "MDKSA-2002:016", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "name": "20020222 Squid buffer overflow", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101440163111826\u0026w=2" }, { "name": "20020222 TSLSA-2002-0031 - squid", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "name": "FreeBSD-SA-02:12", "refsource": "FREEBSD", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "name": "CSSA-2002-SCO.7", "refsource": "CALDERA", "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "name": "20020221 Squid HTTP Proxy Security Update Advisory 2002:1", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "name": "RHSA-2002:029", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "name": "CSSA-2002-010.0", "refsource": "CALDERA", "url": "http://www.caldera.com/support/security/advisories/CSSA-2002-010.0.txt" }, { "name": "5378", "refsource": "OSVDB", "url": "http://www.osvdb.org/5378" }, { "name": "squid-ftpbuildtitleurl-bo(8258)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8258.php" }, { "name": "4148", "refsource": "BID", "url": "http://www.securityfocus.com/bid/4148" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0068", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2002-02-19T00:00:00", "dateUpdated": "2024-08-08T02:35:17.488Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1496 (GCVE-0-1999-1496)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:18:07.475Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19990608 unneeded information in sudo", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/14665" }, { "name": "321", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/321" }, { "name": "sudo-file-exists(2277)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2277" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-06-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-18T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19990608 unneeded information in sudo", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/14665" }, { "name": "321", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/321" }, { "name": "sudo-file-exists(2277)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2277" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1496", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program, which generates a different error message when the file does not exist." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19990608 unneeded information in sudo", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/14665" }, { "name": "321", "refsource": "BID", "url": "http://www.securityfocus.com/bid/321" }, { "name": "sudo-file-exists(2277)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2277" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1496", "datePublished": "2001-09-12T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:18:07.475Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0638 (GCVE-0-2002-0638)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:56:38.516Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "CSSA-2002-043.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt" }, { "name": "5344", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/5344" }, { "name": "utillinux-chfn-race-condition(9709)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/9709.php" }, { "name": "MDKSA-2002:047", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php" }, { "name": "RHSA-2002:132", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html" }, { "name": "VU#405955", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/405955" }, { "name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability", "tags": [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html" }, { "name": "CLA-2002:523", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523" }, { "name": "HPSBTL0207-054", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://online.securityfocus.com/advisories/4320" }, { "name": "20020730 TSLSA-2002-0064 - util-linux", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html" }, { "name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2" }, { "name": "RHSA-2002:137", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html" }, { "name": "5164", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/5164" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-07-29T00:00:00", "descriptions": [ { "lang": "en", "value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-03-21T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "CSSA-2002-043.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt" }, { "name": "5344", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/5344" }, { "name": "utillinux-chfn-race-condition(9709)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/9709.php" }, { "name": "MDKSA-2002:047", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php" }, { "name": "RHSA-2002:132", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html" }, { "name": "VU#405955", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/405955" }, { "name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability", "tags": [ "mailing-list", "x_refsource_VULNWATCH" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html" }, { "name": "CLA-2002:523", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523" }, { "name": "HPSBTL0207-054", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://online.securityfocus.com/advisories/4320" }, { "name": "20020730 TSLSA-2002-0064 - util-linux", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html" }, { "name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2" }, { "name": "RHSA-2002:137", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html" }, { "name": "5164", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/5164" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0638", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "CSSA-2002-043.0", "refsource": "CALDERA", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt" }, { "name": "5344", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5344" }, { "name": "utillinux-chfn-race-condition(9709)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/9709.php" }, { "name": "MDKSA-2002:047", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php" }, { "name": "RHSA-2002:132", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html" }, { "name": "VU#405955", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/405955" }, { "name": "20020729 [VulnWatch] RAZOR advisory: Linux util-linux chfn local root vulnerability", "refsource": "VULNWATCH", "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html" }, { "name": "CLA-2002:523", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523" }, { "name": "HPSBTL0207-054", "refsource": "HP", "url": "http://online.securityfocus.com/advisories/4320" }, { "name": "20020730 TSLSA-2002-0064 - util-linux", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html" }, { "name": "20020729 RAZOR advisory: Linux util-linux chfn local root vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2" }, { "name": "RHSA-2002:137", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html" }, { "name": "5164", "refsource": "OSVDB", "url": "http://www.osvdb.org/5164" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0638", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2002-06-27T00:00:00", "dateUpdated": "2024-08-08T02:56:38.516Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-38319 (GCVE-0-2024-38319)
Vulnerability from cvelistv5
Published
2024-06-22 18:56
Modified
2024-08-02 04:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted script. IBM X-Force ID: 294830.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
IBM | Security SOAR |
Version: 51.0.2.0 cpe:2.3:a:ibm:soar:51.0.2.0:*:*:*:*:*:*:* |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-38319", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-24T13:43:32.356762Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-24T13:44:06.541Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T04:04:25.264Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/7158261" }, { "tags": [ "vdb-entry", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/294830" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:ibm:soar:51.0.2.0:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "Security SOAR", "vendor": "IBM", "versions": [ { "status": "affected", "version": "51.0.2.0" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Julien Champoux" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted script. IBM X-Force ID: 294830." } ], "value": "IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted script. IBM X-Force ID: 294830." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-06-22T18:56:34.854Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7158261" }, { "tags": [ "vdb-entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/294830" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM Security SOAR code execution", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2024-38319", "datePublished": "2024-06-22T18:56:34.854Z", "dateReserved": "2024-06-13T21:43:46.666Z", "dateUpdated": "2024-08-02T04:04:25.264Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0902 (GCVE-0-2004-0902)
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:31:48.121Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:11201", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11201" }, { "name": "SUSE-SA:2004:036", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "name": "FLSA:2089", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "name": "mozilla-nspop3protocol-bo(17379)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17379" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=256316" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=245066" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=226669" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=258005" }, { "name": "mozilla-netscape-nonascii-bo(17378)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17378" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "name": "GLSA-200409-26", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "name": "TA04-261A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "name": "SSRT4826", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-09-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the \"Send page\" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:11201", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11201" }, { "name": "SUSE-SA:2004:036", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "name": "FLSA:2089", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "name": "mozilla-nspop3protocol-bo(17379)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17379" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=256316" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=245066" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=226669" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=258005" }, { "name": "mozilla-netscape-nonascii-bo(17378)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17378" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "name": "GLSA-200409-26", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "name": "TA04-261A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "name": "SSRT4826", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0902", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the \"Send page\" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:11201", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11201" }, { "name": "SUSE-SA:2004:036", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "name": "FLSA:2089", "refsource": "FEDORA", "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "name": "mozilla-nspop3protocol-bo(17379)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17379" }, { "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=256316", "refsource": "CONFIRM", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=256316" }, { "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=245066", "refsource": "CONFIRM", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=245066" }, { "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=226669", "refsource": "CONFIRM", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=226669" }, { "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=258005", "refsource": "CONFIRM", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=258005" }, { "name": "mozilla-netscape-nonascii-bo(17378)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17378" }, { "name": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3", "refsource": "CONFIRM", "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "name": "GLSA-200409-26", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "name": "TA04-261A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "name": "SSRT4826", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0902", "datePublished": "2004-09-24T04:00:00", "dateReserved": "2004-09-23T00:00:00", "dateUpdated": "2024-08-08T00:31:48.121Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1406 (GCVE-0-1999-1406)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:03.377Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "372", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/372" }, { "name": "19980730 FD\u0027s 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux box)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=90221104526192\u0026w=2" }, { "name": "19980729 Crash a redhat 5.1 linux box", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=90221104526185\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1998-07-29T00:00:00", "descriptions": [ { "lang": "en", "value": "dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "372", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/372" }, { "name": "19980730 FD\u0027s 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux box)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=90221104526192\u0026w=2" }, { "name": "19980729 Crash a redhat 5.1 linux box", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=90221104526185\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1406", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "372", "refsource": "BID", "url": "http://www.securityfocus.com/bid/372" }, { "name": "19980730 FD\u0027s 0..2 and suid/sgid procs (Was: Crash a redhat 5.1 linux box)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=90221104526192\u0026w=2" }, { "name": "19980729 Crash a redhat 5.1 linux box", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=90221104526185\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1406", "datePublished": "2001-09-12T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:03.377Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0093 (GCVE-0-2000-0093)
Vulnerability from cvelistv5
Published
2000-02-08 05:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:05:53.998Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0093" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-01-21T00:00:00", "descriptions": [ { "lang": "en", "value": "An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T08:20:59", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0093" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0093", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0093", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0093" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0093", "datePublished": "2000-02-08T05:00:00", "dateReserved": "2000-02-02T00:00:00", "dateUpdated": "2024-08-08T05:05:53.998Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0607 (GCVE-0-2000-0607)
Vulnerability from cvelistv5
Published
2000-07-19 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:21:31.314Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1371", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1371" }, { "name": "20000619 Problems with \"kon2\" package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006192340340.19998-100000%40ferret.lmh.ox.ac.uk" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-06-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-03-21T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1371", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1371" }, { "name": "20000619 Problems with \"kon2\" package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006192340340.19998-100000%40ferret.lmh.ox.ac.uk" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0607", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1371", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1371" }, { "name": "20000619 Problems with \"kon2\" package", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006192340340.19998-100000@ferret.lmh.ox.ac.uk" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0607", "datePublished": "2000-07-19T04:00:00", "dateReserved": "2000-07-19T00:00:00", "dateUpdated": "2024-08-08T05:21:31.314Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1288 (GCVE-0-1999-1288)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:02.749Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "samba-wsmbconf(1406)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1406" }, { "name": "19981119 Vulnerability in Samba on RedHat, Caldera and PHT TurboLinux", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/11397" }, { "name": "SA-1998.35", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.caldera.com/support/security/advisories/SA-1998.35.txt" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1998-11-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-03-01T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "samba-wsmbconf(1406)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1406" }, { "name": "19981119 Vulnerability in Samba on RedHat, Caldera and PHT TurboLinux", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/11397" }, { "name": "SA-1998.35", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.caldera.com/support/security/advisories/SA-1998.35.txt" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1288", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "samba-wsmbconf(1406)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1406" }, { "name": "19981119 Vulnerability in Samba on RedHat, Caldera and PHT TurboLinux", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/11397" }, { "name": "SA-1998.35", "refsource": "CALDERA", "url": "http://www.caldera.com/support/security/advisories/SA-1998.35.txt" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1288", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:02.749Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0019 (GCVE-0-2003-0019)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:36:25.329Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "linux-umlnet-gain-privileges(11276)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/11276.php" }, { "name": "VU#134025", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/134025" }, { "name": "N-044", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/n-044.shtml" }, { "name": "RHSA-2003:056", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-056.html" }, { "name": "6801", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/6801" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-02-07T00:00:00", "descriptions": [ { "lang": "en", "value": "uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2007-11-13T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "linux-umlnet-gain-privileges(11276)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/11276.php" }, { "name": "VU#134025", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/134025" }, { "name": "N-044", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/n-044.shtml" }, { "name": "RHSA-2003:056", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-056.html" }, { "name": "6801", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/6801" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0019", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "linux-umlnet-gain-privileges(11276)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/11276.php" }, { "name": "VU#134025", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/134025" }, { "name": "N-044", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/n-044.shtml" }, { "name": "RHSA-2003:056", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-056.html" }, { "name": "6801", "refsource": "BID", "url": "http://www.securityfocus.com/bid/6801" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0019", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2003-01-07T00:00:00", "dateUpdated": "2024-08-08T01:36:25.329Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0508 (GCVE-0-2000-0508)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:21:31.106Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000608 Remote DOS in linux rpc.lockd", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0073.html" }, { "name": "1372", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1372" }, { "name": "linux-lockd-remote-dos(5050)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5050" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-06-08T00:00:00", "descriptions": [ { "lang": "en", "value": "rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000608 Remote DOS in linux rpc.lockd", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0073.html" }, { "name": "1372", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1372" }, { "name": "linux-lockd-remote-dos(5050)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5050" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0508", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000608 Remote DOS in linux rpc.lockd", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0073.html" }, { "name": "1372", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1372" }, { "name": "linux-lockd-remote-dos(5050)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5050" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0508", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-07-11T00:00:00", "dateUpdated": "2024-08-08T05:21:31.106Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0044 (GCVE-0-2002-0044)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:35:17.232Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "HPSBTL0201-019", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/advisories/3818" }, { "name": "3920", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3920" }, { "name": "RHSA-2002:012", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-012.html" }, { "name": "DSA-105", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2002/dsa-105" }, { "name": "gnu-enscript-tmpfile-symlink(7932)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7932" }, { "name": "MDKSA-2002:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-01-14T00:00:00", "descriptions": [ { "lang": "en", "value": "GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "HPSBTL0201-019", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/advisories/3818" }, { "name": "3920", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3920" }, { "name": "RHSA-2002:012", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-012.html" }, { "name": "DSA-105", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2002/dsa-105" }, { "name": "gnu-enscript-tmpfile-symlink(7932)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7932" }, { "name": "MDKSA-2002:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0044", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "HPSBTL0201-019", "refsource": "HP", "url": "http://www.securityfocus.com/advisories/3818" }, { "name": "3920", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3920" }, { "name": "RHSA-2002:012", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-012.html" }, { "name": "DSA-105", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-105" }, { "name": "gnu-enscript-tmpfile-symlink(7932)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7932" }, { "name": "MDKSA-2002:010", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-010.php3" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0044", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-01-22T00:00:00", "dateUpdated": "2024-08-08T02:35:17.232Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0506 (GCVE-0-2002-0506)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:49:28.532Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "libnewt-bo(8700)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/8700.php" }, { "name": "20020328 A possible buffer overflow in libnewt", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://online.securityfocus.com/archive/1/264699" }, { "name": "4393", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/4393" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-03-28T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-06-15T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "libnewt-bo(8700)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/8700.php" }, { "name": "20020328 A possible buffer overflow in libnewt", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://online.securityfocus.com/archive/1/264699" }, { "name": "4393", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/4393" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0506", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "libnewt-bo(8700)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8700.php" }, { "name": "20020328 A possible buffer overflow in libnewt", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/264699" }, { "name": "4393", "refsource": "BID", "url": "http://www.securityfocus.com/bid/4393" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0506", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2002-06-07T00:00:00", "dateUpdated": "2024-08-08T02:49:28.532Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0322 (GCVE-0-2000-0322)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.353Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2000:014", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-014.html" }, { "name": "1149", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1149" }, { "name": "20000424 piranha default password/exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Enip.BSO.23.0004241601140.28851-100000%40www.whitehats.com" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-04-24T00:00:00", "descriptions": [ { "lang": "en", "value": "The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-09-15T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2000:014", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-014.html" }, { "name": "1149", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1149" }, { "name": "20000424 piranha default password/exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Enip.BSO.23.0004241601140.28851-100000%40www.whitehats.com" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0322", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2000:014", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-014.html" }, { "name": "1149", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1149" }, { "name": "20000424 piranha default password/exploit", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Enip.BSO.23.0004241601140.28851-100000@www.whitehats.com" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0322", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-05-11T00:00:00", "dateUpdated": "2024-08-08T05:14:21.353Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0357 (GCVE-0-2000-0357)
Vulnerability from cvelistv5
Published
2000-05-24 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.468Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-1999:058-01", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/corp/support/errata/RHSA1999058-01.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-12-12T00:00:00", "descriptions": [ { "lang": "en", "value": "ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-04-20T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-1999:058-01", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/corp/support/errata/RHSA1999058-01.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0357", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-1999:058-01", "refsource": "REDHAT", "url": "http://www.redhat.com/corp/support/errata/RHSA1999058-01.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0357", "datePublished": "2000-05-24T04:00:00", "dateReserved": "2000-05-23T00:00:00", "dateUpdated": "2024-08-08T05:14:21.468Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0112 (GCVE-0-2004-0112)
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2024-08-08 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.359Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "9899", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9899" }, { "name": "SSRT4717", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "name": "RHSA-2004:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "MDKSA-2004:023", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "name": "CLA-2004:834", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "57524", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "SuSE-SA:2004:007", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "name": "NetBSD-SA2004-005", "tags": [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "name": "O-101", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "name": "TA04-078A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "oval:org.mitre.oval:def:1049", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049" }, { "name": "openssl-kerberos-ciphersuites-dos(15508)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508" }, { "name": "VU#484726", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/484726" }, { "name": "GLSA-200403-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "oval:org.mitre.oval:def:9580", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580" }, { "name": "11139", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "name": "APPLE-SA-2005-08-15", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "SSA:2004-077", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "name": "2004-0012", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "name": "APPLE-SA-2005-08-17", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "oval:org.mitre.oval:def:928", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-03-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "9899", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9899" }, { "name": "SSRT4717", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "name": "RHSA-2004:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "MDKSA-2004:023", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "name": "CLA-2004:834", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "57524", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "SuSE-SA:2004:007", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "name": "NetBSD-SA2004-005", "tags": [ "vendor-advisory", "x_refsource_NETBSD" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "name": "O-101", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "name": "TA04-078A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "oval:org.mitre.oval:def:1049", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049" }, { "name": "openssl-kerberos-ciphersuites-dos(15508)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508" }, { "name": "VU#484726", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/484726" }, { "name": "GLSA-200403-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "oval:org.mitre.oval:def:9580", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580" }, { "name": "11139", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "name": "APPLE-SA-2005-08-15", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "SSA:2004-077", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "name": "2004-0012", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "name": "APPLE-SA-2005-08-17", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "oval:org.mitre.oval:def:928", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0112", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "9899", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9899" }, { "name": "SSRT4717", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "name": "RHSA-2004:121", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "MDKSA-2004:023", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "name": "CLA-2004:834", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", "refsource": "MISC", "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "57524", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "SuSE-SA:2004:007", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "name": "http://lists.apple.com/mhonarc/security-announce/msg00045.html", "refsource": "CONFIRM", "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "name": "http://www.openssl.org/news/secadv_20040317.txt", "refsource": "CONFIRM", "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "name": "NetBSD-SA2004-005", "refsource": "NETBSD", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "name": "O-101", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "name": "TA04-078A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "oval:org.mitre.oval:def:1049", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049" }, { "name": "openssl-kerberos-ciphersuites-dos(15508)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508" }, { "name": "VU#484726", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/484726" }, { "name": "GLSA-200403-03", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "oval:org.mitre.oval:def:9580", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580" }, { "name": "11139", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "name": "APPLE-SA-2005-08-15", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "SSA:2004-077", "refsource": "SLACKWARE", "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "name": "2004-0012", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "name": "http://docs.info.apple.com/article.html?artnum=61798", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "name": "APPLE-SA-2005-08-17", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "oval:org.mitre.oval:def:928", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0112", "datePublished": "2004-03-18T05:00:00", "dateReserved": "2004-02-02T00:00:00", "dateUpdated": "2024-08-08T00:10:03.359Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-23827 (GCVE-0-2021-23827)
Vulnerability from cvelistv5
Published
2021-02-22 23:07
Modified
2024-08-03 19:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the "Explode message/Explode now" functionality. Local filesystem access is needed by the attacker.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T19:14:08.885Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/keybase/client/releases" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://johnjhacking.com/blog/cve-2021-23827/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackerone.com/reports/1074930" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the \"Explode message/Explode now\" functionality. Local filesystem access is needed by the attacker." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-02-22T23:07:21", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/keybase/client/releases" }, { "tags": [ "x_refsource_MISC" ], "url": "https://johnjhacking.com/blog/cve-2021-23827/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://hackerone.com/reports/1074930" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-23827", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the \"Explode message/Explode now\" functionality. Local filesystem access is needed by the attacker." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/keybase/client/releases", "refsource": "MISC", "url": "https://github.com/keybase/client/releases" }, { "name": "https://johnjhacking.com/blog/cve-2021-23827/", "refsource": "MISC", "url": "https://johnjhacking.com/blog/cve-2021-23827/" }, { "name": "https://hackerone.com/reports/1074930", "refsource": "MISC", "url": "https://hackerone.com/reports/1074930" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-23827", "datePublished": "2021-02-22T23:07:21", "dateReserved": "2021-01-11T00:00:00", "dateUpdated": "2024-08-03T19:14:08.885Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1207 (GCVE-0-2000-1207)
Vulnerability from cvelistv5
Published
2002-07-31 04:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844).
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.389Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20001003 SuSE: userhelper/usermode", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97063854808796\u0026w=2" }, { "name": "20000930 glibc and userhelper - local root", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97034397026473\u0026w=2" }, { "name": "RHSA-2000:075", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-075.html" }, { "name": "MDKSA-2000:059", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-059.php3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-09-30T00:00:00", "descriptions": [ { "lang": "en", "value": "userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20001003 SuSE: userhelper/usermode", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97063854808796\u0026w=2" }, { "name": "20000930 glibc and userhelper - local root", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97034397026473\u0026w=2" }, { "name": "RHSA-2000:075", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-075.html" }, { "name": "MDKSA-2000:059", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-059.php3" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1207", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20001003 SuSE: userhelper/usermode", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97063854808796\u0026w=2" }, { "name": "20000930 glibc and userhelper - local root", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97034397026473\u0026w=2" }, { "name": "RHSA-2000:075", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-075.html" }, { "name": "MDKSA-2000:059", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2000/MDKSA-2000-059.php3" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1207", "datePublished": "2002-07-31T04:00:00", "dateReserved": "2002-07-29T00:00:00", "dateUpdated": "2024-08-08T05:45:37.389Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0045 (GCVE-0-2002-0045)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:35:17.451Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "HPSBTL0201-020", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0201-020" }, { "name": "CLA-2002:459", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000459" }, { "name": "RHSA-2002:014", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-014.html" }, { "name": "3945", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3945" }, { "name": "CSSA-2002-001.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-001.0.txt" }, { "name": "5395", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/5395" }, { "name": "openldap-slapd-delete-attributes(7978)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7978" }, { "name": "MDKSA-2002:013", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:013" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openldap.org/lists/openldap-announce/200201/msg00002.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-01-14T00:00:00", "descriptions": [ { "lang": "en", "value": "slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a \"replace\" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-06-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "HPSBTL0201-020", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0201-020" }, { "name": "CLA-2002:459", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000459" }, { "name": "RHSA-2002:014", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-014.html" }, { "name": "3945", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3945" }, { "name": "CSSA-2002-001.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-001.0.txt" }, { "name": "5395", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/5395" }, { "name": "openldap-slapd-delete-attributes(7978)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7978" }, { "name": "MDKSA-2002:013", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:013" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openldap.org/lists/openldap-announce/200201/msg00002.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0045", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a \"replace\" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected by ACLs." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "HPSBTL0201-020", "refsource": "HP", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0201-020" }, { "name": "CLA-2002:459", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000459" }, { "name": "RHSA-2002:014", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-014.html" }, { "name": "3945", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3945" }, { "name": "CSSA-2002-001.0", "refsource": "CALDERA", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-001.0.txt" }, { "name": "5395", "refsource": "OSVDB", "url": "http://www.osvdb.org/5395" }, { "name": "openldap-slapd-delete-attributes(7978)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7978" }, { "name": "MDKSA-2002:013", "refsource": "MANDRAKE", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:013" }, { "name": "http://www.openldap.org/lists/openldap-announce/200201/msg00002.html", "refsource": "CONFIRM", "url": "http://www.openldap.org/lists/openldap-announce/200201/msg00002.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0045", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-01-22T00:00:00", "dateUpdated": "2024-08-08T02:35:17.451Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1332 (GCVE-0-1999-1332)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:02.927Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-308", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-308" }, { "name": "7845", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/7845" }, { "name": "gzip-gzexe-tmp-symlink(7241)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/7241.php" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#gzip" }, { "name": "19980128 GZEXE - the big problem", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=88603844115233\u0026w=2" }, { "name": "3812", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/3812" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1998-01-28T00:00:00", "descriptions": [ { "lang": "en", "value": "gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-20T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "DSA-308", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-308" }, { "name": "7845", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/7845" }, { "name": "gzip-gzexe-tmp-symlink(7241)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/7241.php" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#gzip" }, { "name": "19980128 GZEXE - the big problem", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=88603844115233\u0026w=2" }, { "name": "3812", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/3812" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1332", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-308", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-308" }, { "name": "7845", "refsource": "BID", "url": "http://www.securityfocus.com/bid/7845" }, { "name": "gzip-gzexe-tmp-symlink(7241)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7241.php" }, { "name": "http://www.redhat.com/support/errata/rh50-errata-general.html#gzip", "refsource": "CONFIRM", "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#gzip" }, { "name": "19980128 GZEXE - the big problem", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=88603844115233\u0026w=2" }, { "name": "3812", "refsource": "OSVDB", "url": "http://www.osvdb.org/3812" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1332", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:02.927Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0905 (GCVE-0-2004-0905)
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:31:47.854Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "VU#651928", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/651928" }, { "name": "SUSE-SA:2004:036", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=250862" }, { "name": "FLSA:2089", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "name": "oval:org.mitre.oval:def:10378", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10378" }, { "name": "11177", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11177" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "name": "GLSA-200409-26", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "name": "mozilla-netscape-sameorigin-bypass(17374)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17374" }, { "name": "TA04-261A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "name": "SSRT4826", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-09-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "VU#651928", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/651928" }, { "name": "SUSE-SA:2004:036", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=250862" }, { "name": "FLSA:2089", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "name": "oval:org.mitre.oval:def:10378", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10378" }, { "name": "11177", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11177" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "name": "GLSA-200409-26", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "name": "mozilla-netscape-sameorigin-bypass(17374)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17374" }, { "name": "TA04-261A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "name": "SSRT4826", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0905", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "VU#651928", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/651928" }, { "name": "SUSE-SA:2004:036", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=250862", "refsource": "CONFIRM", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=250862" }, { "name": "FLSA:2089", "refsource": "FEDORA", "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "name": "oval:org.mitre.oval:def:10378", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10378" }, { "name": "11177", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11177" }, { "name": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3", "refsource": "CONFIRM", "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "name": "GLSA-200409-26", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "name": "mozilla-netscape-sameorigin-bypass(17374)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17374" }, { "name": "TA04-261A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "name": "SSRT4826", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0905", "datePublished": "2004-09-24T04:00:00", "dateReserved": "2004-09-23T00:00:00", "dateUpdated": "2024-08-08T00:31:47.854Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0143 (GCVE-0-2001-0143)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.591Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linuxconf-vpop3d-symlink(5923)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5923" }, { "name": "MDKSA-2001:011", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-011.php3" }, { "name": "2186", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2186" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linuxconf-vpop3d-symlink(5923)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5923" }, { "name": "MDKSA-2001:011", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-011.php3" }, { "name": "2186", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2186" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0143", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linuxconf-vpop3d-symlink(5923)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5923" }, { "name": "MDKSA-2001:011", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-011.php3" }, { "name": "2186", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2186" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0143", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.591Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0502 (GCVE-0-1999-0502)
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A Unix account has a default, null, blank, or missing password.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:41:45.416Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0502" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A Unix account has a default, null, blank, or missing password." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T07:42:18", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0502" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0502", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A Unix account has a default, null, blank, or missing password." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0502", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0502" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0502", "datePublished": "2000-02-04T05:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:41:45.416Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1189 (GCVE-0-2000-1189)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.338Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2000:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-120.html" }, { "name": "pam-localuser-bo(5747)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5747" }, { "name": "MDKSA-2000:082-1", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-082.php3" }, { "name": "CLA-2000:358", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000358" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-12-01T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2000:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-120.html" }, { "name": "pam-localuser-bo(5747)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5747" }, { "name": "MDKSA-2000:082-1", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-082.php3" }, { "name": "CLA-2000:358", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000358" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1189", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2000:120", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-120.html" }, { "name": "pam-localuser-bo(5747)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5747" }, { "name": "MDKSA-2000:082-1", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-082.php3" }, { "name": "CLA-2000:358", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000358" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1189", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-12-14T00:00:00", "dateUpdated": "2024-08-08T05:45:37.338Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0004 (GCVE-0-2002-0004)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:35:17.414Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "linux-at-exetime-heap-corruption(7909)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909" }, { "name": "HPSBTL0302-034", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://online.securityfocus.com/advisories/3969" }, { "name": "DSA-102", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2002/dsa-102" }, { "name": "RHSA-2002:015", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-015.html" }, { "name": "HPSBTL0201-021", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://online.securityfocus.com/advisories/3833" }, { "name": "20020117 \u0027/usr/bin/at 31337 + vuln\u0027 problem + exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2" }, { "name": "3886", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3886" }, { "name": "SuSE-SA:2002:003", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html" }, { "name": "MDKSA-2002:007", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-01-17T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap corruption vulnerability in the \"at\" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-06-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "linux-at-exetime-heap-corruption(7909)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909" }, { "name": "HPSBTL0302-034", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://online.securityfocus.com/advisories/3969" }, { "name": "DSA-102", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2002/dsa-102" }, { "name": "RHSA-2002:015", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-015.html" }, { "name": "HPSBTL0201-021", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://online.securityfocus.com/advisories/3833" }, { "name": "20020117 \u0027/usr/bin/at 31337 + vuln\u0027 problem + exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2" }, { "name": "3886", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3886" }, { "name": "SuSE-SA:2002:003", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html" }, { "name": "MDKSA-2002:007", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0004", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap corruption vulnerability in the \"at\" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "linux-at-exetime-heap-corruption(7909)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909" }, { "name": "HPSBTL0302-034", "refsource": "HP", "url": "http://online.securityfocus.com/advisories/3969" }, { "name": "DSA-102", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-102" }, { "name": "RHSA-2002:015", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-015.html" }, { "name": "HPSBTL0201-021", "refsource": "HP", "url": "http://online.securityfocus.com/advisories/3833" }, { "name": "20020117 \u0027/usr/bin/at 31337 + vuln\u0027 problem + exploit", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2" }, { "name": "3886", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3886" }, { "name": "SuSE-SA:2002:003", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html" }, { "name": "MDKSA-2002:007", "refsource": "MANDRAKE", "url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0004", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-01-02T00:00:00", "dateUpdated": "2024-08-08T02:35:17.414Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0043 (GCVE-0-1999-0043)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:27:57.295Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:isc:inn:1.4sec:*:*:*:*:*:*:*", "cpe:2.3:a:isc:inn:1.4sec2:*:*:*:*:*:*:*", "cpe:2.3:a:isc:inn:1.4unoff3:*:*:*:*:*:*:*", "cpe:2.3:a:isc:inn:1.4unoff4:*:*:*:*:*:*:*", "cpe:2.3:a:isc:inn:1.5:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "inn", "vendor": "isc", "versions": [ { "status": "affected", "version": "1.4sec" }, { "status": "affected", "version": "1.4sec2" }, { "status": "affected", "version": "1.4unoff3" }, { "status": "affected", "version": "1.4unoff4" }, { "status": "affected", "version": "1.5" } ] }, { "cpes": [ "cpe:2.3:a:netscape:news_server:1.1:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "news_server", "vendor": "netscape", "versions": [ { "status": "affected", "version": "1.1" } ] }, { "cpes": [ "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "bsd_os", "vendor": "bsdi", "versions": [ { "status": "affected", "version": "2.1" } ] }, { "cpes": [ "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "openlinux", "vendor": "caldera", "versions": [ { "status": "affected", "version": "1.0" } ] }, { "cpes": [ "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux", "vendor": "redhat", "versions": [ { "status": "affected", "version": "4.0" } ] }, { "cpes": [ "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "linux", "vendor": "redhat", "versions": [ { "status": "affected", "version": "4.1" } ] }, { "cpes": [ "cpe:2.3:h:nec:goah_intrasv:1.1:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "goah_intrasv", "vendor": "nec", "versions": [ { "status": "affected", "version": "1.1" } ] }, { "cpes": [ "cpe:2.3:h:nec:goah_networksv:1.2:*:*:*:*:*:*:*", "cpe:2.3:h:nec:goah_networksv:2.2:*:*:*:*:*:*:*", "cpe:2.3:h:nec:goah_networksv:3.1:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "goah_networksv", "vendor": "nec", "versions": [ { "status": "affected", "version": "1.2" }, { "status": "affected", "version": "2.2" }, { "status": "affected", "version": "3.1" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-1999-0043", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-01T19:56:17.928328Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-01T20:03:35.981Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Command execution via shell metachars in INN daemon (innd) 1.5 using \"newgroup\" and \"rmgroup\" control messages, and others." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T06:31:06", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0043", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Command execution via shell metachars in INN daemon (innd) 1.5 using \"newgroup\" and \"rmgroup\" control messages, and others." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0043" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0043", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T20:03:35.981Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0392 (GCVE-0-2000-0392)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.512Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FreeBSD-SA-00:20", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "name": "RHSA-2000:025", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "name": "CA-2000-06", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "name": "1220", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1220" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-05-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FreeBSD-SA-00:20", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "name": "RHSA-2000:025", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "name": "CA-2000-06", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "name": "1220", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1220" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0392", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FreeBSD-SA-00:20", "refsource": "FREEBSD", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "name": "RHSA-2000:025", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "name": "CA-2000-06", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "name": "1220", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1220" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0392", "datePublished": "2000-07-12T04:00:00", "dateReserved": "2000-06-14T00:00:00", "dateUpdated": "2024-08-08T05:14:21.512Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-1160 (GCVE-0-2002-1160)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's credentials after root uses su.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T03:19:27.600Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "VU#911505", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/911505" }, { "name": "55760", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55760" }, { "name": "CLA-2003:693", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000693" }, { "name": "20021214 BDT_AV200212140001: Insecure default: Using pam_xauth for su from sh-utils package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=104431622818954\u0026w=2" }, { "name": "linux-pamxauth-gain-privileges(11254)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/11254.php" }, { "name": "RHSA-2003:035", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-035.html" }, { "name": "RHSA-2003:028", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-028.html" }, { "name": "6753", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/6753" }, { "name": "MDKSA-2003:017", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:017" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user\u0027s credentials after root uses su." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2010-05-21T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "VU#911505", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/911505" }, { "name": "55760", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55760" }, { "name": "CLA-2003:693", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000693" }, { "name": "20021214 BDT_AV200212140001: Insecure default: Using pam_xauth for su from sh-utils package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=104431622818954\u0026w=2" }, { "name": "linux-pamxauth-gain-privileges(11254)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/11254.php" }, { "name": "RHSA-2003:035", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-035.html" }, { "name": "RHSA-2003:028", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-028.html" }, { "name": "6753", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/6753" }, { "name": "MDKSA-2003:017", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:017" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1160", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user\u0027s credentials after root uses su." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "VU#911505", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/911505" }, { "name": "55760", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55760" }, { "name": "CLA-2003:693", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000693" }, { "name": "20021214 BDT_AV200212140001: Insecure default: Using pam_xauth for su from sh-utils package", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=104431622818954\u0026w=2" }, { "name": "linux-pamxauth-gain-privileges(11254)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/11254.php" }, { "name": "RHSA-2003:035", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-035.html" }, { "name": "RHSA-2003:028", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-028.html" }, { "name": "6753", "refsource": "BID", "url": "http://www.securityfocus.com/bid/6753" }, { "name": "MDKSA-2003:017", "refsource": "MANDRAKE", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:017" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1160", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-09-26T00:00:00", "dateUpdated": "2024-08-08T03:19:27.600Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2007-4137 (GCVE-0-2007-4137)
Vulnerability from cvelistv5
Published
2007-09-18 19:00
Modified
2024-08-07 14:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T14:46:38.696Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=192472" }, { "name": "MDKSA-2007:183", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183" }, { "name": "SUSE-SR:2007:019", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html" }, { "name": "26868", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26868" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-1751" }, { "name": "26811", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26811" }, { "name": "oval:org.mitre.oval:def:11159", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159" }, { "name": "27053", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27053" }, { "name": "27996", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27996" }, { "name": "27275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27275" }, { "name": "27382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27382" }, { "name": "26857", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26857" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119" }, { "name": "26778", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26778" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001" }, { "name": "26882", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26882" }, { "name": "26987", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26987" }, { "name": "GLSA-200710-28", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200710-28.xml" }, { "name": "ADV-2007-3144", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3144" }, { "name": "20070901-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://dist.trolltech.com/developer/download/175791_4.diff" }, { "name": "39384", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/39384" }, { "name": "26804", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26804" }, { "name": "26782", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26782" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://dist.trolltech.com/developer/download/175791_3.diff" }, { "name": "FEDORA-2007-703", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml" }, { "name": "FEDORA-2007-2216", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml" }, { "name": "GLSA-200712-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml" }, { "name": "28021", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28021" }, { "name": "RHSA-2007:0883", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html" }, { "name": "1018688", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1018688" }, { "name": "20071004 FLEA-2007-0059-1 qt qt-tools", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded" }, { "name": "USN-513-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-513-1" }, { "name": "25657", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/25657" }, { "name": "DSA-1426", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2007/dsa-1426" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-09-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-15T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=192472" }, { "name": "MDKSA-2007:183", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:183" }, { "name": "SUSE-SR:2007:019", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html" }, { "name": "26868", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26868" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-1751" }, { "name": "26811", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26811" }, { "name": "oval:org.mitre.oval:def:11159", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11159" }, { "name": "27053", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27053" }, { "name": "27996", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27996" }, { "name": "27275", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27275" }, { "name": "27382", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27382" }, { "name": "26857", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26857" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://trolltech.com/company/newsroom/announcements/press.2007-09-03.7564032119" }, { "name": "26778", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26778" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=269001" }, { "name": "26882", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26882" }, { "name": "26987", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26987" }, { "name": "GLSA-200710-28", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200710-28.xml" }, { "name": "ADV-2007-3144", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3144" }, { "name": "20070901-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc" }, { "tags": [ "x_refsource_MISC" ], "url": "http://dist.trolltech.com/developer/download/175791_4.diff" }, { "name": "39384", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/39384" }, { "name": "26804", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26804" }, { "name": "26782", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26782" }, { "tags": [ "x_refsource_MISC" ], "url": "http://dist.trolltech.com/developer/download/175791_3.diff" }, { "name": "FEDORA-2007-703", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml" }, { "name": "FEDORA-2007-2216", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://fedoranews.org/updates/FEDORA-2007-221.shtml" }, { "name": "GLSA-200712-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200712-08.xml" }, { "name": "28021", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28021" }, { "name": "RHSA-2007:0883", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html" }, { "name": "1018688", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1018688" }, { "name": "20071004 FLEA-2007-0059-1 qt qt-tools", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/481498/100/0/threaded" }, { "name": "USN-513-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-513-1" }, { "name": "25657", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/25657" }, { "name": "DSA-1426", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2007/dsa-1426" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2007-4137", "datePublished": "2007-09-18T19:00:00", "dateReserved": "2007-08-02T00:00:00", "dateUpdated": "2024-08-07T14:46:38.696Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0904 (GCVE-0-2004-0904)
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:31:47.831Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "mozilla-netscape-bmp-bo(17381)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17381" }, { "name": "SUSE-SA:2004:036", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "name": "FLSA:2089", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=255067" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "name": "GLSA-200409-26", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "name": "11171", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11171" }, { "name": "TA04-261A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "name": "SSRT4826", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" }, { "name": "oval:org.mitre.oval:def:10952", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10952" }, { "name": "VU#847200", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/847200" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-09-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "mozilla-netscape-bmp-bo(17381)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17381" }, { "name": "SUSE-SA:2004:036", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "name": "FLSA:2089", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=255067" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "name": "GLSA-200409-26", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "name": "11171", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11171" }, { "name": "TA04-261A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "name": "SSRT4826", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" }, { "name": "oval:org.mitre.oval:def:10952", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10952" }, { "name": "VU#847200", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/847200" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0904", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "mozilla-netscape-bmp-bo(17381)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17381" }, { "name": "SUSE-SA:2004:036", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "name": "FLSA:2089", "refsource": "FEDORA", "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=255067", "refsource": "CONFIRM", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=255067" }, { "name": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3", "refsource": "CONFIRM", "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "name": "GLSA-200409-26", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "name": "11171", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11171" }, { "name": "TA04-261A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "name": "SSRT4826", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" }, { "name": "oval:org.mitre.oval:def:10952", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10952" }, { "name": "VU#847200", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/847200" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0904", "datePublished": "2004-09-24T04:00:00", "dateReserved": "2004-09-23T00:00:00", "dateUpdated": "2024-08-08T00:31:47.831Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0977 (GCVE-0-2001-0977)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 04:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:37:07.240Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "CA-2001-18", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.cert.org/advisories/CA-2001-18.html" }, { "name": "1905", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/1905" }, { "name": "RHSA-2001:098", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-098.html" }, { "name": "DSA-068", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2001/dsa-068" }, { "name": "MDKSA-2001:069", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3" }, { "name": "VU#935800", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/935800" }, { "name": "3049", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3049" }, { "name": "CLA-2001:417", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000417" }, { "name": "openldap-ldap-protos-dos(6904)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6904" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-07-16T00:00:00", "descriptions": [ { "lang": "en", "value": "slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-06T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "CA-2001-18", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.cert.org/advisories/CA-2001-18.html" }, { "name": "1905", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/1905" }, { "name": "RHSA-2001:098", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-098.html" }, { "name": "DSA-068", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2001/dsa-068" }, { "name": "MDKSA-2001:069", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3" }, { "name": "VU#935800", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/935800" }, { "name": "3049", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3049" }, { "name": "CLA-2001:417", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000417" }, { "name": "openldap-ldap-protos-dos(6904)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6904" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0977", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "CA-2001-18", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2001-18.html" }, { "name": "1905", "refsource": "OSVDB", "url": "http://www.osvdb.org/1905" }, { "name": "RHSA-2001:098", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-098.html" }, { "name": "DSA-068", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2001/dsa-068" }, { "name": "MDKSA-2001:069", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-069.php3" }, { "name": "VU#935800", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/935800" }, { "name": "3049", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3049" }, { "name": "CLA-2001:417", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000417" }, { "name": "openldap-ldap-protos-dos(6904)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6904" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0977", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-01-31T00:00:00", "dateUpdated": "2024-08-08T04:37:07.240Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0606 (GCVE-0-2000-0606)
Vulnerability from cvelistv5
Published
2000-07-19 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:21:31.251Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1371", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1371" }, { "name": "20000619 Problems with \"kon2\" package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006192340340.19998-100000%40ferret.lmh.ox.ac.uk" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-06-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-03-21T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1371", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1371" }, { "name": "20000619 Problems with \"kon2\" package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006192340340.19998-100000%40ferret.lmh.ox.ac.uk" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0606", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1371", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1371" }, { "name": "20000619 Problems with \"kon2\" package", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006192340340.19998-100000@ferret.lmh.ox.ac.uk" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0606", "datePublished": "2000-07-19T04:00:00", "dateReserved": "2000-07-19T00:00:00", "dateUpdated": "2024-08-08T05:21:31.251Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0229 (GCVE-0-2000-0229)
Vulnerability from cvelistv5
Published
2000-06-02 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:05:54.088Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2000:045", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-045.html" }, { "name": "20000322 gpm-root", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html" }, { "name": "1069", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1069" }, { "name": "RHSA-2000:009", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-009.html" }, { "name": "20000405 Security hole in gpm \u003c 1.18.1", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_45.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-03-22T00:00:00", "descriptions": [ { "lang": "en", "value": "gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2000:045", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-045.html" }, { "name": "20000322 gpm-root", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html" }, { "name": "1069", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1069" }, { "name": "RHSA-2000:009", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-009.html" }, { "name": "20000405 Security hole in gpm \u003c 1.18.1", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_45.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0229", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2000:045", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-045.html" }, { "name": "20000322 gpm-root", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html" }, { "name": "1069", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1069" }, { "name": "RHSA-2000:009", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-009.html" }, { "name": "20000405 Security hole in gpm \u003c 1.18.1", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_45.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0229", "datePublished": "2000-06-02T04:00:00", "dateReserved": "2000-04-12T00:00:00", "dateUpdated": "2024-08-08T05:05:54.088Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0364 (GCVE-0-2000-0364)
Vulnerability from cvelistv5
Published
2000-05-24 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.451Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA1999014_01", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/corp/support/errata/RHSA1999014_01.html" }, { "name": "19990607 Re: RedHat 6.0, /dev/pts permissions bug when using xterm", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=92886009012161\u0026w=2" }, { "name": "309", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/309" }, { "name": "19990606 RedHat 6.0, /dev/pts permissions bug when using xterm", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=92877527701347\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-06-06T00:00:00", "descriptions": [ { "lang": "en", "value": "screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-17T17:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA1999014_01", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/corp/support/errata/RHSA1999014_01.html" }, { "name": "19990607 Re: RedHat 6.0, /dev/pts permissions bug when using xterm", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=92886009012161\u0026w=2" }, { "name": "309", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/309" }, { "name": "19990606 RedHat 6.0, /dev/pts permissions bug when using xterm", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=92877527701347\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0364", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA1999014_01", "refsource": "REDHAT", "url": "http://www.redhat.com/corp/support/errata/RHSA1999014_01.html" }, { "name": "19990607 Re: RedHat 6.0, /dev/pts permissions bug when using xterm", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=92886009012161\u0026w=2" }, { "name": "309", "refsource": "BID", "url": "http://www.securityfocus.com/bid/309" }, { "name": "19990606 RedHat 6.0, /dev/pts permissions bug when using xterm", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=92877527701347\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0364", "datePublished": "2000-05-24T04:00:00", "dateReserved": "2000-05-23T00:00:00", "dateUpdated": "2024-08-08T05:14:21.451Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0233 (GCVE-0-2001-0233)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:14:06.475Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2001:005", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-005.html" }, { "name": "micq-sprintf-remote-bo(5962)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5962" }, { "name": "20010118 [PkC] Advisory #003: micq-0.4.6 remote buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0307.html" }, { "name": "FreeBSD-SA-01:14", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:14.micq.asc" }, { "name": "DSA-012", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2001/dsa-012" }, { "name": "20010124 patch Re: [PkC] Advisory #003: micq-0.4.6 remote buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0395.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2001:005", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-005.html" }, { "name": "micq-sprintf-remote-bo(5962)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5962" }, { "name": "20010118 [PkC] Advisory #003: micq-0.4.6 remote buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0307.html" }, { "name": "FreeBSD-SA-01:14", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:14.micq.asc" }, { "name": "DSA-012", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2001/dsa-012" }, { "name": "20010124 patch Re: [PkC] Advisory #003: micq-0.4.6 remote buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0395.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0233", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2001:005", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-005.html" }, { "name": "micq-sprintf-remote-bo(5962)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5962" }, { "name": "20010118 [PkC] Advisory #003: micq-0.4.6 remote buffer overflow", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0307.html" }, { "name": "FreeBSD-SA-01:14", "refsource": "FREEBSD", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:14.micq.asc" }, { "name": "DSA-012", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2001/dsa-012" }, { "name": "20010124 patch Re: [PkC] Advisory #003: micq-0.4.6 remote buffer overflow", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0395.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0233", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-03-08T00:00:00", "dateUpdated": "2024-08-08T04:14:06.475Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0062 (GCVE-0-2002-0062)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:35:17.349Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "2116", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2116" }, { "name": "DSA-113", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2002/dsa-113" }, { "name": "RHSA-2002:020", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-020.html" }, { "name": "gnu-ncurses-window-bo(8222)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/8222.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-02-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to \"routines for moving the physical cursor and scrolling.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-03-19T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "2116", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2116" }, { "name": "DSA-113", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2002/dsa-113" }, { "name": "RHSA-2002:020", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-020.html" }, { "name": "gnu-ncurses-window-bo(8222)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/8222.php" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0062", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to \"routines for moving the physical cursor and scrolling.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "2116", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2116" }, { "name": "DSA-113", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-113" }, { "name": "RHSA-2002:020", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-020.html" }, { "name": "gnu-ncurses-window-bo(8222)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8222.php" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0062", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2002-02-13T00:00:00", "dateUpdated": "2024-08-08T02:35:17.349Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0125 (GCVE-0-1999-0125)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in SGI IRIX mailx program.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:27:57.706Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19980605-01-PX", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/19980605-01-PX" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in SGI IRIX mailx program." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19980605-01-PX", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/19980605-01-PX" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0125", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in SGI IRIX mailx program." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19980605-01-PX", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/19980605-01-PX" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0125", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:27:57.706Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0354 (GCVE-0-2003-0354)
Vulnerability from cvelistv5
Published
2003-06-05 04:00
Modified
2024-08-08 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:50:47.566Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2003:182", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-182.html" }, { "name": "RHSA-2003:181", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-181.html" }, { "name": "MDKSA-2003:065", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:065" }, { "name": "20030603 [OpenPKG-SA-2003.030] OpenPKG Security Advisory (ghostscript)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=105465818929172\u0026w=2" }, { "name": "oval:org.mitre.oval:def:133", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A133" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-05-30T00:00:00", "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2003:182", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-182.html" }, { "name": "RHSA-2003:181", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-181.html" }, { "name": "MDKSA-2003:065", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:065" }, { "name": "20030603 [OpenPKG-SA-2003.030] OpenPKG Security Advisory (ghostscript)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=105465818929172\u0026w=2" }, { "name": "oval:org.mitre.oval:def:133", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A133" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0354", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2003:182", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-182.html" }, { "name": "RHSA-2003:181", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-181.html" }, { "name": "MDKSA-2003:065", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:065" }, { "name": "20030603 [OpenPKG-SA-2003.030] OpenPKG Security Advisory (ghostscript)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=105465818929172\u0026w=2" }, { "name": "oval:org.mitre.oval:def:133", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A133" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0354", "datePublished": "2003-06-05T04:00:00", "dateReserved": "2003-05-29T00:00:00", "dateUpdated": "2024-08-08T01:50:47.566Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-1013 (GCVE-0-2001-1013)
Vulnerability from cvelistv5
Published
2002-02-02 05:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:44:06.462Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "3335", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3335" }, { "name": "20010912 Is there user Anna at your host ?", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/213667" }, { "name": "20000707 Re: your mail", "tags": [ "mailing-list", "x_refsource_VULN-DEV", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0094.html" }, { "name": "20000707 (no subject)", "tags": [ "mailing-list", "x_refsource_VULN-DEV", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0083.html" }, { "name": "linux-apache-username-exists(7129)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7129" }, { "name": "20000707 Re: apache and 404/404 status codes", "tags": [ "mailing-list", "x_refsource_VULN-DEV", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0087.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-09-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-18T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "3335", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3335" }, { "name": "20010912 Is there user Anna at your host ?", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/213667" }, { "name": "20000707 Re: your mail", "tags": [ "mailing-list", "x_refsource_VULN-DEV" ], "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0094.html" }, { "name": "20000707 (no subject)", "tags": [ "mailing-list", "x_refsource_VULN-DEV" ], "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0083.html" }, { "name": "linux-apache-username-exists(7129)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7129" }, { "name": "20000707 Re: apache and 404/404 status codes", "tags": [ "mailing-list", "x_refsource_VULN-DEV" ], "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0087.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-1013", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "3335", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3335" }, { "name": "20010912 Is there user Anna at your host ?", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/213667" }, { "name": "20000707 Re: your mail", "refsource": "VULN-DEV", "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0094.html" }, { "name": "20000707 (no subject)", "refsource": "VULN-DEV", "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0083.html" }, { "name": "linux-apache-username-exists(7129)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7129" }, { "name": "20000707 Re: apache and 404/404 status codes", "refsource": "VULN-DEV", "url": "http://archives.neohapsis.com/archives/vuln-dev/2000-q3/0087.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-1013", "datePublished": "2002-02-02T05:00:00", "dateReserved": "2002-01-31T00:00:00", "dateUpdated": "2024-08-08T04:44:06.462Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1026 (GCVE-0-2004-1026)
Vulnerability from cvelistv5
Published
2004-12-10 05:00
Modified
2024-08-08 00:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:39:00.427Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MDKSA-2005:007", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:007" }, { "name": "oval:org.mitre.oval:def:10771", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10771" }, { "name": "11830", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11830" }, { "name": "RHSA-2004:651", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-651.html" }, { "name": "GLSA-200412-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml" }, { "name": "DSA-628", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-628" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-12-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MDKSA-2005:007", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:007" }, { "name": "oval:org.mitre.oval:def:10771", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10771" }, { "name": "11830", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11830" }, { "name": "RHSA-2004:651", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-651.html" }, { "name": "GLSA-200412-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml" }, { "name": "DSA-628", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-628" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1026", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MDKSA-2005:007", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:007" }, { "name": "oval:org.mitre.oval:def:10771", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10771" }, { "name": "11830", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11830" }, { "name": "RHSA-2004:651", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-651.html" }, { "name": "GLSA-200412-03", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-03.xml" }, { "name": "DSA-628", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-628" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1026", "datePublished": "2004-12-10T05:00:00", "dateReserved": "2004-11-12T00:00:00", "dateUpdated": "2024-08-08T00:39:00.427Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0248 (GCVE-0-2003-0248)
Vulnerability from cvelistv5
Published
2003-06-05 04:00
Modified
2024-08-08 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:50:46.841Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2003:187", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "name": "TLSA-2003-41", "tags": [ "vendor-advisory", "x_refsource_TURBO", "x_transferred" ], "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "name": "RHSA-2003:195", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "name": "MDKSA-2003:074", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074" }, { "name": "DSA-336", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-336" }, { "name": "MDKSA-2003:066", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066" }, { "name": "oval:org.mitre.oval:def:292", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A292" }, { "name": "DSA-311", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-311" }, { "name": "DSA-332", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-332" }, { "name": "DSA-312", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-312" }, { "name": "DSA-442", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-442" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-06-03T00:00:00", "descriptions": [ { "lang": "en", "value": "The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2003:187", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "name": "TLSA-2003-41", "tags": [ "vendor-advisory", "x_refsource_TURBO" ], "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "name": "RHSA-2003:195", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "name": "MDKSA-2003:074", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074" }, { "name": "DSA-336", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-336" }, { "name": "MDKSA-2003:066", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066" }, { "name": "oval:org.mitre.oval:def:292", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A292" }, { "name": "DSA-311", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-311" }, { "name": "DSA-332", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-332" }, { "name": "DSA-312", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-312" }, { "name": "DSA-442", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-442" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0248", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2003:187", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "name": "TLSA-2003-41", "refsource": "TURBO", "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "name": "RHSA-2003:195", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "name": "MDKSA-2003:074", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074" }, { "name": "DSA-336", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-336" }, { "name": "MDKSA-2003:066", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066" }, { "name": "oval:org.mitre.oval:def:292", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A292" }, { "name": "DSA-311", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-311" }, { "name": "DSA-332", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-332" }, { "name": "DSA-312", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-312" }, { "name": "DSA-442", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-442" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0248", "datePublished": "2003-06-05T04:00:00", "dateReserved": "2003-05-06T00:00:00", "dateUpdated": "2024-08-08T01:50:46.841Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0142 (GCVE-0-2001-0142)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.450Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2184", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2184" }, { "name": "DSA-019", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2001/dsa-019" }, { "name": "squid-email-symlink(5921)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5921" }, { "name": "MDKSA-2001:003", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-003.php3" }, { "name": "20010112 Trustix Security Advisory - diffutils squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2184", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2184" }, { "name": "DSA-019", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2001/dsa-019" }, { "name": "squid-email-symlink(5921)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5921" }, { "name": "MDKSA-2001:003", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-003.php3" }, { "name": "20010112 Trustix Security Advisory - diffutils squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0142", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2184", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2184" }, { "name": "DSA-019", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2001/dsa-019" }, { "name": "squid-email-symlink(5921)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5921" }, { "name": "MDKSA-2001:003", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-003.php3" }, { "name": "20010112 Trustix Security Advisory - diffutils squid", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0142", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.450Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-1030 (GCVE-0-2001-1030)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
References
► | URL | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:44:06.644Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010718 Squid httpd acceleration acl bug enables portscanning", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/197727" }, { "name": "squid-http-accelerator-portscanning(6862)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862" }, { "name": "RHSA-2001:097", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html" }, { "name": "IMNX-2001-70-031-01", "tags": [ "vendor-advisory", "x_refsource_IMMUNIX", "x_transferred" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01" }, { "name": "MDKSA-2001:066", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3" }, { "name": "CSSA-2001-029.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt" }, { "name": "20010719 TSLSA-2001-0013 - Squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-07-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-06T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010718 Squid httpd acceleration acl bug enables portscanning", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/197727" }, { "name": "squid-http-accelerator-portscanning(6862)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862" }, { "name": "RHSA-2001:097", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html" }, { "name": "IMNX-2001-70-031-01", "tags": [ "vendor-advisory", "x_refsource_IMMUNIX" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01" }, { "name": "MDKSA-2001:066", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3" }, { "name": "CSSA-2001-029.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt" }, { "name": "20010719 TSLSA-2001-0013 - Squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-1030", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010718 Squid httpd acceleration acl bug enables portscanning", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/197727" }, { "name": "squid-http-accelerator-portscanning(6862)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6862" }, { "name": "RHSA-2001:097", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-097.html" }, { "name": "IMNX-2001-70-031-01", "refsource": "IMMUNIX", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01" }, { "name": "MDKSA-2001:066", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3" }, { "name": "CSSA-2001-029.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt" }, { "name": "20010719 TSLSA-2001-0013 - Squid", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-1030", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-01-31T00:00:00", "dateUpdated": "2024-08-08T04:44:06.644Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0804 (GCVE-0-1999-0804)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:48:38.124Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "302", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/302" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "302", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/302" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0804", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "302", "refsource": "BID", "url": "http://www.securityfocus.com/bid/302" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0804", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-11-25T00:00:00", "dateUpdated": "2024-08-01T16:48:38.124Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0641 (GCVE-0-2001-0641)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:30:05.998Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "man-s-bo(6530)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6530" }, { "name": "RHSA-2001:069", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-069.html" }, { "name": "20010513 RH 7.0:/usr/bin/man exploit: gid man + more", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-05/0087.html" }, { "name": "20010612 man 1.5h10 + man 1.5i-4 exploits", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/190136" }, { "name": "SuSE-SA:2001:019", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2001_019_man_txt.html" }, { "name": "2711", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2711" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-05-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-11T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "man-s-bo(6530)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6530" }, { "name": "RHSA-2001:069", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-069.html" }, { "name": "20010513 RH 7.0:/usr/bin/man exploit: gid man + more", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-05/0087.html" }, { "name": "20010612 man 1.5h10 + man 1.5i-4 exploits", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/190136" }, { "name": "SuSE-SA:2001:019", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2001_019_man_txt.html" }, { "name": "2711", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2711" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0641", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "man-s-bo(6530)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6530" }, { "name": "RHSA-2001:069", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-069.html" }, { "name": "20010513 RH 7.0:/usr/bin/man exploit: gid man + more", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-05/0087.html" }, { "name": "20010612 man 1.5h10 + man 1.5i-4 exploits", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/190136" }, { "name": "SuSE-SA:2001:019", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2001_019_man_txt.html" }, { "name": "2711", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2711" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0641", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-06T00:00:00", "dateUpdated": "2024-08-08T04:30:05.998Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0034 (GCVE-0-1999-0034)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in suidperl (sperl), Perl 4.x and 5.x.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:27:57.611Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0034" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in suidperl (sperl), Perl 4.x and 5.x." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T06:28:37", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0034" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0034", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in suidperl (sperl), Perl 4.x and 5.x." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0034", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0034" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0034", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:27:57.611Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-1002 (GCVE-0-2001-1002)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 04:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:37:06.859Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "3241", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3241" }, { "name": "dvips-lpd-command-execution(16509)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16509" }, { "name": "20010827 LPRng/rhs-printfilters - remote execution of commands", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=99892644616749\u0026w=2" }, { "name": "RHSA-2001:102", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-102.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-08-27T00:00:00", "descriptions": [ { "lang": "en", "value": "The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-06-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "3241", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3241" }, { "name": "dvips-lpd-command-execution(16509)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16509" }, { "name": "20010827 LPRng/rhs-printfilters - remote execution of commands", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=99892644616749\u0026w=2" }, { "name": "RHSA-2001:102", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-102.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-1002", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not run dvips in secure mode when dvips is executed by lpd, which could allow remote attackers to gain privileges by printing a DVI file that contains malicious commands." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "3241", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3241" }, { "name": "dvips-lpd-command-execution(16509)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16509" }, { "name": "20010827 LPRng/rhs-printfilters - remote execution of commands", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=99892644616749\u0026w=2" }, { "name": "RHSA-2001:102", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-102.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-1002", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-01-31T00:00:00", "dateUpdated": "2024-08-08T04:37:06.859Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0894 (GCVE-0-1999-0894)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:55:29.253Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0894" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-10-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T08:09:55", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0894" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0894", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0894", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0894" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0894", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-12-08T00:00:00", "dateUpdated": "2024-08-01T16:55:29.253Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0496 (GCVE-0-2001-0496)
Vulnerability from cvelistv5
Published
2001-05-24 04:00
Modified
2024-08-08 04:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:21:38.588Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2001:059", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-059.html" }, { "name": "kdelibs-kdesu-insecure-tmpfile(6856)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6856" }, { "name": "MDKSA-2001:046", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-046.php3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-04-30T00:00:00", "descriptions": [ { "lang": "en", "value": "kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-18T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2001:059", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-059.html" }, { "name": "kdelibs-kdesu-insecure-tmpfile(6856)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6856" }, { "name": "MDKSA-2001:046", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-046.php3" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0496", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2001:059", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-059.html" }, { "name": "kdelibs-kdesu-insecure-tmpfile(6856)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6856" }, { "name": "MDKSA-2001:046", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-046.php3" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0496", "datePublished": "2001-05-24T04:00:00", "dateReserved": "2001-05-24T00:00:00", "dateUpdated": "2024-08-08T04:21:38.588Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0705 (GCVE-0-1999-0705)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in INN inews program.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:48:37.884Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "616", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/616" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in INN inews program." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "616", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/616" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0705", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in INN inews program." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "616", "refsource": "BID", "url": "http://www.securityfocus.com/bid/616" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0705", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-11-25T00:00:00", "dateUpdated": "2024-08-01T16:48:37.884Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-14657 (GCVE-0-2018-14657)
Vulnerability from cvelistv5
Published
2018-11-13 19:00
Modified
2024-08-05 09:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T09:38:13.017Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2018:3592", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3592" }, { "name": "RHSA-2018:3593", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3593" }, { "name": "RHSA-2018:3595", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3595" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14657" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "keycloak", "vendor": "Red Hat", "versions": [ { "status": "affected", "version": "4.2.1.Final, 4.3.0.Final" } ] } ], "datePublic": "2018-11-13T00:00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-307", "description": "CWE-307", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-12-04T18:00:57", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2018:3592", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3592" }, { "name": "RHSA-2018:3593", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3593" }, { "name": "RHSA-2018:3595", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3595" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14657" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2018-14657", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "keycloak", "version": { "version_data": [ { "version_value": "4.2.1.Final, 4.3.0.Final" } ] } } ] }, "vendor_name": "Red Hat" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures." } ] }, "impact": { "cvss": [ [ { "vectorString": "5.4/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" } ] ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-307" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2018:3592", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3592" }, { "name": "RHSA-2018:3593", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3593" }, { "name": "RHSA-2018:3595", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3595" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14657", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14657" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2018-14657", "datePublished": "2018-11-13T19:00:00", "dateReserved": "2018-07-27T00:00:00", "dateUpdated": "2024-08-05T09:38:13.017Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0963 (GCVE-0-2000-0963)
Vulnerability from cvelistv5
Published
2000-11-29 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:37:31.675Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "gnu-ncurses-term-terminfodirs-bo(44487)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44487" }, { "name": "20001009 ncurses buffer overflows", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/138550" }, { "name": "1142", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1142" }, { "name": "CSSA-2000-036.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "gnu-ncurses-term-terminfodirs-bo(44487)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44487" }, { "name": "20001009 ncurses buffer overflows", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/138550" }, { "name": "1142", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1142" }, { "name": "CSSA-2000-036.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0963", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "gnu-ncurses-term-terminfodirs-bo(44487)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44487" }, { "name": "20001009 ncurses buffer overflows", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/138550" }, { "name": "1142", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1142" }, { "name": "CSSA-2000-036.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-036.0.txt" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0963", "datePublished": "2000-11-29T05:00:00", "dateReserved": "2000-11-24T00:00:00", "dateUpdated": "2024-08-08T05:37:31.675Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-1375 (GCVE-0-2001-1375)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 04:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:51:08.227Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MDKSA-2002:060", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060" }, { "name": "tcltk-insecure-library-search(6869)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/6869.php" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28226" }, { "name": "RHSA-2002:148", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-148.html" }, { "name": "3073", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3073" }, { "name": "CLA-2001:409", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000409" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-07-19T00:00:00", "descriptions": [ { "lang": "en", "value": "tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-03-18T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MDKSA-2002:060", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060" }, { "name": "tcltk-insecure-library-search(6869)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/6869.php" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28226" }, { "name": "RHSA-2002:148", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-148.html" }, { "name": "3073", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3073" }, { "name": "CLA-2001:409", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000409" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-1375", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MDKSA-2002:060", "refsource": "MANDRAKE", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060" }, { "name": "tcltk-insecure-library-search(6869)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/6869.php" }, { "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28226", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28226" }, { "name": "RHSA-2002:148", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-148.html" }, { "name": "3073", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3073" }, { "name": "CLA-2001:409", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000409" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-1375", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2002-06-07T00:00:00", "dateUpdated": "2024-08-08T04:51:08.227Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0116 (GCVE-0-2001-0116)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.490Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linux-gpm-symlink(5917)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5917" }, { "name": "MDKSA-2001:006", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-006.php3" }, { "name": "2188", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2188" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linux-gpm-symlink(5917)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5917" }, { "name": "MDKSA-2001:006", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-006.php3" }, { "name": "2188", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2188" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0116", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linux-gpm-symlink(5917)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5917" }, { "name": "MDKSA-2001:006", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-006.php3" }, { "name": "2188", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2188" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0116", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.490Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2007-3379 (GCVE-0-2007-3379)
Vulnerability from cvelistv5
Published
2007-09-17 17:00
Modified
2024-08-07 14:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T14:14:12.936Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=178981" }, { "name": "RHBA-2007-0304", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHBA-2007-0304.html" }, { "name": "oval:org.mitre.oval:def:10426", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10426" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-05-01T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=178981" }, { "name": "RHBA-2007-0304", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHBA-2007-0304.html" }, { "name": "oval:org.mitre.oval:def:10426", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10426" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2007-3379", "datePublished": "2007-09-17T17:00:00", "dateReserved": "2007-06-25T00:00:00", "dateUpdated": "2024-08-07T14:14:12.936Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0336 (GCVE-0-2000-0336)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.407Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2000:012", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-012.html" }, { "name": "TLSA2000010-1", "tags": [ "vendor-advisory", "x_refsource_TURBO", "x_transferred" ], "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-May/000009.html" }, { "name": "1232", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1232" }, { "name": "CSSA-2000-009.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-009.0.txt" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-04-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2000:012", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-012.html" }, { "name": "TLSA2000010-1", "tags": [ "vendor-advisory", "x_refsource_TURBO" ], "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-May/000009.html" }, { "name": "1232", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1232" }, { "name": "CSSA-2000-009.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-009.0.txt" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0336", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2000:012", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-012.html" }, { "name": "TLSA2000010-1", "refsource": "TURBO", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-May/000009.html" }, { "name": "1232", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1232" }, { "name": "CSSA-2000-009.0", "refsource": "CALDERA", "url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-009.0.txt" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0336", "datePublished": "2000-07-12T04:00:00", "dateReserved": "2000-05-11T00:00:00", "dateUpdated": "2024-08-08T05:14:21.407Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0832 (GCVE-0-1999-0832)
Vulnerability from cvelistv5
Published
2000-06-02 04:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:48:38.151Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "CSSA-1999-033.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-033.0.txt" }, { "name": "RHSA-1999:053-01", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#NFS" }, { "name": "19991111 buffer overflow in nfs server", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/1999/19991111" }, { "name": "19991110 Security hole in nfs-server \u003c 2.2beta47 within nkita", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_29.html" }, { "name": "19991109 undocumented bugs - nfsd", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.20.9911091058140.12964-100000%40mail.zigzag.pl" }, { "name": "782", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/782" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-11-30T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "CSSA-1999-033.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-033.0.txt" }, { "name": "RHSA-1999:053-01", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#NFS" }, { "name": "19991111 buffer overflow in nfs server", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/1999/19991111" }, { "name": "19991110 Security hole in nfs-server \u003c 2.2beta47 within nkita", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_29.html" }, { "name": "19991109 undocumented bugs - nfsd", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.20.9911091058140.12964-100000%40mail.zigzag.pl" }, { "name": "782", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/782" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0832", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "CSSA-1999-033.0", "refsource": "CALDERA", "url": "ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-1999-033.0.txt" }, { "name": "RHSA-1999:053-01", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#NFS" }, { "name": "19991111 buffer overflow in nfs server", "refsource": "DEBIAN", "url": "http://www.debian.org/security/1999/19991111" }, { "name": "19991110 Security hole in nfs-server \u003c 2.2beta47 within nkita", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_29.html" }, { "name": "19991109 undocumented bugs - nfsd", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.20.9911091058140.12964-100000@mail.zigzag.pl" }, { "name": "782", "refsource": "BID", "url": "http://www.securityfocus.com/bid/782" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0832", "datePublished": "2000-06-02T04:00:00", "dateReserved": "1999-12-07T00:00:00", "dateUpdated": "2024-08-01T16:48:38.151Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0315 (GCVE-0-2000-0315)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:20.567Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "7575", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/7575" }, { "name": "19990213 traceroute as a flooder", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2" }, { "name": "NetBSD-SA1999-004", "tags": [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred" ], "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-02-13T00:00:00", "descriptions": [ { "lang": "en", "value": "traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "7575", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/7575" }, { "name": "19990213 traceroute as a flooder", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2" }, { "name": "NetBSD-SA1999-004", "tags": [ "vendor-advisory", "x_refsource_NETBSD" ], "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0315", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "7575", "refsource": "OSVDB", "url": "http://www.osvdb.org/7575" }, { "name": "19990213 traceroute as a flooder", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2" }, { "name": "NetBSD-SA1999-004", "refsource": "NETBSD", "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0315", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2000-05-11T00:00:00", "dateUpdated": "2024-08-08T05:14:20.567Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0604 (GCVE-0-2000-0604)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:21:31.249Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1383", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1383" }, { "name": "20000621 rh 6.2 - gid compromises, etc", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006211209500.22969-100000%40nimue.tpi.pl" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-06-21T00:00:00", "descriptions": [ { "lang": "en", "value": "gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1383", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1383" }, { "name": "20000621 rh 6.2 - gid compromises, etc", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006211209500.22969-100000%40nimue.tpi.pl" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0604", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1383", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1383" }, { "name": "20000621 rh 6.2 - gid compromises, etc", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.4.21.0006211209500.22969-100000@nimue.tpi.pl" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0604", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-07-19T00:00:00", "dateUpdated": "2024-08-08T05:21:31.249Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0079 (GCVE-0-2004-0079)
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2025-01-16 17:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:01:23.689Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "9899", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9899" }, { "name": "FEDORA-2005-1042", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html" }, { "name": "ESA-20040317-003", "tags": [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "name": "SSRT4717", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "name": "RHSA-2004:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "MDKSA-2004:023", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "name": "oval:org.mitre.oval:def:2621", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621" }, { "name": "CLA-2004:834", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "17381", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17381" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "FEDORA-2004-095", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "name": "oval:org.mitre.oval:def:9779", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779" }, { "name": "oval:org.mitre.oval:def:975", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975" }, { "name": "57524", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "SuSE-SA:2004:007", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "name": "FreeBSD-SA-04:05", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc" }, { "name": "NetBSD-SA2004-005", "tags": [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "name": "O-101", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "name": "TA04-078A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "17401", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17401" }, { "name": "RHSA-2005:829", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm" }, { "name": "oval:org.mitre.oval:def:870", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870" }, { "name": "RHSA-2005:830", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html" }, { "name": "GLSA-200403-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "11139", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US" }, { "name": "APPLE-SA-2005-08-15", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "17398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17398" }, { "name": "SSA:2004-077", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "name": "RHSA-2004:139", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "name": "openssl-dochangecipherspec-dos(15505)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505" }, { "name": "2004-0012", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "name": "VU#288574", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/288574" }, { "name": "DSA-465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-465" }, { "name": "APPLE-SA-2005-08-17", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "18247", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18247" }, { "name": "oval:org.mitre.oval:def:5770", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2004-0079", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-01-08T16:21:54.985893Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-16T17:33:22.869Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-03-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "9899", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9899" }, { "name": "FEDORA-2005-1042", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html" }, { "name": "ESA-20040317-003", "tags": [ "vendor-advisory", "x_refsource_ENGARDE" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "name": "SSRT4717", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "name": "RHSA-2004:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "MDKSA-2004:023", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "name": "oval:org.mitre.oval:def:2621", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621" }, { "name": "CLA-2004:834", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "17381", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17381" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "FEDORA-2004-095", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "name": "oval:org.mitre.oval:def:9779", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779" }, { "name": "oval:org.mitre.oval:def:975", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975" }, { "name": "57524", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "SuSE-SA:2004:007", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "name": "FreeBSD-SA-04:05", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc" }, { "name": "NetBSD-SA2004-005", "tags": [ "vendor-advisory", "x_refsource_NETBSD" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "name": "O-101", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "name": "TA04-078A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "17401", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17401" }, { "name": "RHSA-2005:829", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm" }, { "name": "oval:org.mitre.oval:def:870", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870" }, { "name": "RHSA-2005:830", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html" }, { "name": "GLSA-200403-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "11139", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US" }, { "name": "APPLE-SA-2005-08-15", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "17398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17398" }, { "name": "SSA:2004-077", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "name": "RHSA-2004:139", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "name": "openssl-dochangecipherspec-dos(15505)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505" }, { "name": "2004-0012", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "name": "VU#288574", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/288574" }, { "name": "DSA-465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-465" }, { "name": "APPLE-SA-2005-08-17", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "18247", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18247" }, { "name": "oval:org.mitre.oval:def:5770", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0079", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "9899", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9899" }, { "name": "FEDORA-2005-1042", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html" }, { "name": "ESA-20040317-003", "refsource": "ENGARDE", "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "name": "SSRT4717", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "name": "RHSA-2004:121", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "MDKSA-2004:023", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "name": "oval:org.mitre.oval:def:2621", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621" }, { "name": "CLA-2004:834", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "17381", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17381" }, { "name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", "refsource": "MISC", "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "FEDORA-2004-095", "refsource": "FEDORA", "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "name": "oval:org.mitre.oval:def:9779", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779" }, { "name": "oval:org.mitre.oval:def:975", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975" }, { "name": "57524", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "SuSE-SA:2004:007", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "name": "http://lists.apple.com/mhonarc/security-announce/msg00045.html", "refsource": "CONFIRM", "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "name": "http://www.openssl.org/news/secadv_20040317.txt", "refsource": "CONFIRM", "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "name": "FreeBSD-SA-04:05", "refsource": "FREEBSD", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc" }, { "name": "NetBSD-SA2004-005", "refsource": "NETBSD", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "name": "O-101", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "name": "TA04-078A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "17401", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17401" }, { "name": "RHSA-2005:829", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html" }, { "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm" }, { "name": "oval:org.mitre.oval:def:870", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870" }, { "name": "RHSA-2005:830", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html" }, { "name": "GLSA-200403-03", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "11139", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "name": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US", "refsource": "CONFIRM", "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US" }, { "name": "APPLE-SA-2005-08-15", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "17398", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17398" }, { "name": "SSA:2004-077", "refsource": "SLACKWARE", "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "name": "RHSA-2004:139", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "name": "openssl-dochangecipherspec-dos(15505)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505" }, { "name": "2004-0012", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "name": "http://docs.info.apple.com/article.html?artnum=61798", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "name": "VU#288574", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/288574" }, { "name": "DSA-465", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-465" }, { "name": "APPLE-SA-2005-08-17", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "18247", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18247" }, { "name": "oval:org.mitre.oval:def:5770", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0079", "datePublished": "2004-03-18T05:00:00", "dateReserved": "2004-01-19T00:00:00", "dateUpdated": "2025-01-16T17:33:22.869Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0002 (GCVE-0-2002-0002)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
References
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:35:17.067Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2" }, { "name": "3748", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3748" }, { "name": "MDKSA-2002:004", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3" }, { "name": "20020102 Stunnel: Format String Bug update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://online.securityfocus.com/archive/1/248149" }, { "name": "stunnel-client-format-string(7741)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7741" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://stunnel.mirt.net/news.html" }, { "name": "RHSA-2002:002", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-002.html" }, { "name": "20011227 Stunnel: Format String Bug in versions \u003c3.22", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://online.securityfocus.com/archive/1/247427" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-12-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2007-11-13T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2" }, { "name": "3748", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3748" }, { "name": "MDKSA-2002:004", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3" }, { "name": "20020102 Stunnel: Format String Bug update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://online.securityfocus.com/archive/1/248149" }, { "name": "stunnel-client-format-string(7741)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7741" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://stunnel.mirt.net/news.html" }, { "name": "RHSA-2002:002", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-002.html" }, { "name": "20011227 Stunnel: Format String Bug in versions \u003c3.22", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://online.securityfocus.com/archive/1/247427" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0002", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2", "refsource": "MISC", "url": "http://marc.info/?l=stunnel-users\u0026m=100869449828705\u0026w=2" }, { "name": "3748", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3748" }, { "name": "MDKSA-2002:004", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3" }, { "name": "20020102 Stunnel: Format String Bug update", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/248149" }, { "name": "stunnel-client-format-string(7741)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7741" }, { "name": "http://stunnel.mirt.net/news.html", "refsource": "CONFIRM", "url": "http://stunnel.mirt.net/news.html" }, { "name": "RHSA-2002:002", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-002.html" }, { "name": "20011227 Stunnel: Format String Bug in versions \u003c3.22", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/247427" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0002", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-01-02T00:00:00", "dateUpdated": "2024-08-08T02:35:17.067Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2008-2427 (GCVE-0-2008-2427)
Vulnerability from cvelistv5
Published
2008-06-24 19:00
Modified
2024-08-07 08:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file.
References
► | URL | Tags | ||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T08:58:02.381Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ADV-2008-1897", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/1897" }, { "name": "ADV-2008-1896", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/1896" }, { "name": "30789", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30789" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://secunia.com/secunia_research/2008-24/advisory/" }, { "name": "29851", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/29851" }, { "name": "1020340", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1020340" }, { "name": "20080620 Secunia Research: XnView, NConvert, and GFL SDK Sun TAAC Buffer Overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/493505/100/0/threaded" }, { "name": "3956", "tags": [ "third-party-advisory", "x_refsource_SREASON", "x_transferred" ], "url": "http://securityreason.com/securityalert/3956" }, { "name": "30416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30416" }, { "name": "5951", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/5951" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2008-06-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-11T19:57:01", "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "shortName": "flexera" }, "references": [ { "name": "ADV-2008-1897", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/1897" }, { "name": "ADV-2008-1896", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/1896" }, { "name": "30789", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30789" }, { "tags": [ "x_refsource_MISC" ], "url": "http://secunia.com/secunia_research/2008-24/advisory/" }, { "name": "29851", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/29851" }, { "name": "1020340", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1020340" }, { "name": "20080620 Secunia Research: XnView, NConvert, and GFL SDK Sun TAAC Buffer Overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/493505/100/0/threaded" }, { "name": "3956", "tags": [ "third-party-advisory", "x_refsource_SREASON" ], "url": "http://securityreason.com/securityalert/3956" }, { "name": "30416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30416" }, { "name": "5951", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/5951" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", "ID": "CVE-2008-2427", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "ADV-2008-1897", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1897" }, { "name": "ADV-2008-1896", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1896" }, { "name": "30789", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30789" }, { "name": "http://secunia.com/secunia_research/2008-24/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2008-24/advisory/" }, { "name": "29851", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29851" }, { "name": "1020340", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1020340" }, { "name": "20080620 Secunia Research: XnView, NConvert, and GFL SDK Sun TAAC Buffer Overflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/493505/100/0/threaded" }, { "name": "3956", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3956" }, { "name": "30416", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30416" }, { "name": "5951", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/5951" } ] } } } }, "cveMetadata": { "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab", "assignerShortName": "flexera", "cveId": "CVE-2008-2427", "datePublished": "2008-06-24T19:00:00", "dateReserved": "2008-05-27T00:00:00", "dateUpdated": "2024-08-07T08:58:02.381Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0139 (GCVE-0-2001-0139)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.545Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linux-inn-symlink(5916)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916" }, { "name": "MDKSA-2001:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3" }, { "name": "2190", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2190" }, { "name": "CSSA-2001-001.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linux-inn-symlink(5916)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916" }, { "name": "MDKSA-2001:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3" }, { "name": "2190", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2190" }, { "name": "CSSA-2001-001.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0139", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "linux-inn-symlink(5916)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916" }, { "name": "MDKSA-2001:010", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3" }, { "name": "2190", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2190" }, { "name": "CSSA-2001-001.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0139", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.545Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0170 (GCVE-0-2001-0170)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:14:06.578Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "linux-glibc-read-files(5907)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5907" }, { "name": "RHSA-2001:001", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-001.html" }, { "name": "20010110 [slackware-security] glibc 2.2 local vulnerability on setuid binaries", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html" }, { "name": "20010110 Glibc Local Root Exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html" }, { "name": "2181", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2181" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "linux-glibc-read-files(5907)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5907" }, { "name": "RHSA-2001:001", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-001.html" }, { "name": "20010110 [slackware-security] glibc 2.2 local vulnerability on setuid binaries", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html" }, { "name": "20010110 Glibc Local Root Exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html" }, { "name": "2181", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2181" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0170", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "linux-glibc-read-files(5907)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5907" }, { "name": "RHSA-2001:001", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-001.html" }, { "name": "20010110 [slackware-security] glibc 2.2 local vulnerability on setuid binaries", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0186.html" }, { "name": "20010110 Glibc Local Root Exploit", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0131.html" }, { "name": "2181", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2181" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0170", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-03-08T00:00:00", "dateUpdated": "2024-08-08T04:14:06.578Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0798 (GCVE-0-1999-0798)
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:48:38.129Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19981204 bootpd remote vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=91278867118128\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19981204 bootpd remote vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=91278867118128\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0798", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19981204 bootpd remote vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=91278867118128\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0798", "datePublished": "2000-02-04T05:00:00", "dateReserved": "1999-11-25T00:00:00", "dateUpdated": "2024-08-01T16:48:38.129Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0886 (GCVE-0-2001-0886)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 04:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:37:06.682Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-103", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2002/dsa-103" }, { "name": "MDKSA-2001:095", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-095.php3" }, { "name": "RHSA-2001:160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-160.html" }, { "name": "ESA-20011217-01", "tags": [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred" ], "url": "http://www.linuxsecurity.com/advisories/other_advisory-1752.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://sources.redhat.com/ml/bug-glibc/2001-11/msg00109.html" }, { "name": "HPSBTL0112-008", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0112-008" }, { "name": "CLA-2002:447", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000447" }, { "name": "IMNX-2001-70-037-01", "tags": [ "vendor-advisory", "x_refsource_IMMUNIX", "x_transferred" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-037-01" }, { "name": "20011217 [Global InterSec 2001121001] glibc globbing issues.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/245956" }, { "name": "M-029", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/m-029.shtml" }, { "name": "3707", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3707" }, { "name": "glibc-glob-bo(7705)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7705" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-12-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace \"{\" character." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2001-12-20T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "DSA-103", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2002/dsa-103" }, { "name": "MDKSA-2001:095", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-095.php3" }, { "name": "RHSA-2001:160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-160.html" }, { "name": "ESA-20011217-01", "tags": [ "vendor-advisory", "x_refsource_ENGARDE" ], "url": "http://www.linuxsecurity.com/advisories/other_advisory-1752.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://sources.redhat.com/ml/bug-glibc/2001-11/msg00109.html" }, { "name": "HPSBTL0112-008", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0112-008" }, { "name": "CLA-2002:447", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000447" }, { "name": "IMNX-2001-70-037-01", "tags": [ "vendor-advisory", "x_refsource_IMMUNIX" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-037-01" }, { "name": "20011217 [Global InterSec 2001121001] glibc globbing issues.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/245956" }, { "name": "M-029", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/m-029.shtml" }, { "name": "3707", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3707" }, { "name": "glibc-glob-bo(7705)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7705" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0886", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace \"{\" character." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-103", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-103" }, { "name": "MDKSA-2001:095", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-095.php3" }, { "name": "RHSA-2001:160", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-160.html" }, { "name": "ESA-20011217-01", "refsource": "ENGARDE", "url": "http://www.linuxsecurity.com/advisories/other_advisory-1752.html" }, { "name": "http://sources.redhat.com/ml/bug-glibc/2001-11/msg00109.html", "refsource": "MISC", "url": "http://sources.redhat.com/ml/bug-glibc/2001-11/msg00109.html" }, { "name": "HPSBTL0112-008", "refsource": "HP", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0112-008" }, { "name": "CLA-2002:447", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000447" }, { "name": "IMNX-2001-70-037-01", "refsource": "IMMUNIX", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-037-01" }, { "name": "20011217 [Global InterSec 2001121001] glibc globbing issues.", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/245956" }, { "name": "M-029", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/m-029.shtml" }, { "name": "3707", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3707" }, { "name": "glibc-glob-bo(7705)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7705" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0886", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2001-12-14T00:00:00", "dateUpdated": "2024-08-08T04:37:06.682Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0017 (GCVE-0-2000-0017)
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-08 04:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:58:11.855Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://marc.info/?l=bugtraq\u0026m=94580196627059\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-12-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T05:30:31", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://marc.info/?l=bugtraq\u0026m=94580196627059\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0017", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://marc.info/?l=bugtraq\u0026m=94580196627059\u0026w=2", "refsource": "MISC", "url": "https://marc.info/?l=bugtraq\u0026m=94580196627059\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0017", "datePublished": "2000-02-04T05:00:00", "dateReserved": "2000-01-11T00:00:00", "dateUpdated": "2024-08-08T04:58:11.855Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-0206 (GCVE-0-2005-0206)
Vulnerability from cvelistv5
Published
2005-02-15 05:00
Modified
2024-08-07 21:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:05:25.397Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:11107", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" }, { "name": "MDKSA-2005:041", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "name": "11501", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11501" }, { "name": "RHSA-2005:034", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "MDKSA-2005:056", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "name": "MDKSA-2005:043", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "name": "RHSA-2005:213", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "name": "MDKSA-2005:044", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "name": "RHSA-2005:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "xpdf-pdf-bo(17818)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "name": "MDKSA-2005:052", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "name": "RHSA-2005:132", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "name": "MDKSA-2005:042", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "name": "RHSA-2005:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-02-15T00:00:00", "descriptions": [ { "lang": "en", "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:11107", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" }, { "name": "MDKSA-2005:041", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "name": "11501", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11501" }, { "name": "RHSA-2005:034", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "MDKSA-2005:056", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "name": "MDKSA-2005:043", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "name": "RHSA-2005:213", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "name": "MDKSA-2005:044", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "name": "RHSA-2005:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "xpdf-pdf-bo(17818)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "name": "MDKSA-2005:052", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "name": "RHSA-2005:132", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "name": "MDKSA-2005:042", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "name": "RHSA-2005:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-0206", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:11107", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" }, { "name": "MDKSA-2005:041", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "name": "11501", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11501" }, { "name": "RHSA-2005:034", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "MDKSA-2005:056", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "name": "MDKSA-2005:043", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "name": "RHSA-2005:213", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "name": "MDKSA-2005:044", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "name": "RHSA-2005:053", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "xpdf-pdf-bo(17818)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "name": "MDKSA-2005:052", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "name": "RHSA-2005:132", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "name": "MDKSA-2005:042", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "name": "RHSA-2005:057", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-0206", "datePublished": "2005-02-15T05:00:00", "dateReserved": "2005-02-01T00:00:00", "dateUpdated": "2024-08-07T21:05:25.397Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-1374 (GCVE-0-2001-1374)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 04:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.
References
► | URL | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:51:08.224Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "3074", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3074" }, { "name": "MDKSA-2002:060", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060" }, { "name": "RHSA-2002:148", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-148.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187" }, { "name": "expect-insecure-library-search(6870)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6870" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224" }, { "name": "CLA-2001:409", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000409" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-07-19T00:00:00", "descriptions": [ { "lang": "en", "value": "expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-03-18T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "3074", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3074" }, { "name": "MDKSA-2002:060", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060" }, { "name": "RHSA-2002:148", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-148.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187" }, { "name": "expect-insecure-library-search(6870)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6870" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224" }, { "name": "CLA-2001:409", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000409" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-1374", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "3074", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3074" }, { "name": "MDKSA-2002:060", "refsource": "MANDRAKE", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060" }, { "name": "RHSA-2002:148", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-148.html" }, { "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187" }, { "name": "expect-insecure-library-search(6870)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6870" }, { "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224" }, { "name": "CLA-2001:409", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000409" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-1374", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2002-06-07T00:00:00", "dateUpdated": "2024-08-08T04:51:08.224Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0188 (GCVE-0-2003-0188)
Vulnerability from cvelistv5
Published
2003-05-17 04:00
Modified
2024-08-08 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:43:36.027Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:430", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A430" }, { "name": "RHSA-2003:169", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-169.html" }, { "name": "DSA-304", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-304" }, { "name": "RHSA-2003:167", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-167.html" }, { "name": "TLSA-2003-35", "tags": [ "vendor-advisory", "x_refsource_TURBO", "x_transferred" ], "url": "http://www.turbolinux.com/security/TLSA-2003-35.txt" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-05-16T00:00:00", "descriptions": [ { "lang": "en", "value": "lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:430", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A430" }, { "name": "RHSA-2003:169", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-169.html" }, { "name": "DSA-304", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-304" }, { "name": "RHSA-2003:167", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-167.html" }, { "name": "TLSA-2003-35", "tags": [ "vendor-advisory", "x_refsource_TURBO" ], "url": "http://www.turbolinux.com/security/TLSA-2003-35.txt" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0188", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:430", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A430" }, { "name": "RHSA-2003:169", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-169.html" }, { "name": "DSA-304", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-304" }, { "name": "RHSA-2003:167", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-167.html" }, { "name": "TLSA-2003-35", "refsource": "TURBO", "url": "http://www.turbolinux.com/security/TLSA-2003-35.txt" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0188", "datePublished": "2003-05-17T04:00:00", "dateReserved": "2003-04-01T00:00:00", "dateUpdated": "2024-08-08T01:43:36.027Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0736 (GCVE-0-2001-0736)
Vulnerability from cvelistv5
Published
2001-10-12 04:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:30:06.075Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010416 Immunix OS Security update for pine", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2" }, { "name": "20010527 [ESA-20010509-01] pine temporary file handling vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2" }, { "name": "MDKSA-2001:047", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0" }, { "name": "RHSA-2001:042", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html" }, { "name": "pine-tmp-file-symlink(6367)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-03-31T00:00:00", "descriptions": [ { "lang": "en", "value": "Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-18T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010416 Immunix OS Security update for pine", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2" }, { "name": "20010527 [ESA-20010509-01] pine temporary file handling vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2" }, { "name": "MDKSA-2001:047", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0" }, { "name": "RHSA-2001:042", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html" }, { "name": "pine-tmp-file-symlink(6367)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0736", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010416 Immunix OS Security update for pine", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=98749102621604\u0026w=2" }, { "name": "20010527 [ESA-20010509-01] pine temporary file handling vulnerabilities", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=99106787825229\u0026w=2" }, { "name": "MDKSA-2001:047", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0" }, { "name": "RHSA-2001:042", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-042.html" }, { "name": "pine-tmp-file-symlink(6367)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6367" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0736", "datePublished": "2001-10-12T04:00:00", "dateReserved": "2001-10-12T00:00:00", "dateUpdated": "2024-08-08T04:30:06.075Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0551 (GCVE-0-2003-0551)
Vulnerability from cvelistv5
Published
2003-07-25 04:00
Modified
2024-08-08 01:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:58:11.128Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2003:238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "DSA-423", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "name": "RHSA-2003:198", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "name": "RHSA-2003:239", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "name": "DSA-358", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-358" }, { "name": "oval:org.mitre.oval:def:384", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A384" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-07-21T00:00:00", "descriptions": [ { "lang": "en", "value": "The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2003:238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "DSA-423", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-423" }, { "name": "RHSA-2003:198", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "name": "RHSA-2003:239", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "name": "DSA-358", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-358" }, { "name": "oval:org.mitre.oval:def:384", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A384" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0551", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2003:238", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "DSA-423", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-423" }, { "name": "RHSA-2003:198", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "name": "RHSA-2003:239", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-239.html" }, { "name": "DSA-358", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-358" }, { "name": "oval:org.mitre.oval:def:384", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A384" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0551", "datePublished": "2003-07-25T04:00:00", "dateReserved": "2003-07-14T00:00:00", "dateUpdated": "2024-08-08T01:58:11.128Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3626 (GCVE-0-2005-3626)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.446Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18373" }, { "name": "oval:org.mitre.oval:def:9992", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "xpdf-flatedecode-dos(24026)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18373" }, { "name": "oval:org.mitre.oval:def:9992", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "xpdf-flatedecode-dos(24026)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3626", "datePublished": "2006-01-06T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.446Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0433 (GCVE-0-1999-0433)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:41:44.834Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T07:33:31", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0433", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0433", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:41:44.834Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0814 (GCVE-0-1999-0814)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:48:38.135Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-1999:027", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-1999-027.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Red Hat pump DHCP client allows remote attackers to gain root access in some configurations." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-1999:027", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-1999-027.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0814", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Red Hat pump DHCP client allows remote attackers to gain root access in some configurations." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-1999:027", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-1999-027.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0814", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-11-25T00:00:00", "dateUpdated": "2024-08-01T16:48:38.135Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1214 (GCVE-0-2000-1214)
Vulnerability from cvelistv5
Published
2002-08-31 04:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.335Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ping-buf-bo(5431)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/5431.php" }, { "name": "RHSA-2000:087", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "name": "20001025 Immunix OS Security Update for ping package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "name": "1813", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1813" }, { "name": "20001020 Re: [RHSA-2000:087-02] Potential security problems in ping fixed.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97208562830613\u0026w=2" }, { "name": "20001030 Trustix Security Advisory - ping gnupg ypbind", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "ping-buf-bo(5431)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/5431.php" }, { "name": "RHSA-2000:087", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "name": "20001025 Immunix OS Security Update for ping package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "name": "1813", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1813" }, { "name": "20001020 Re: [RHSA-2000:087-02] Potential security problems in ping fixed.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97208562830613\u0026w=2" }, { "name": "20001030 Trustix Security Advisory - ping gnupg ypbind", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1214", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "ping-buf-bo(5431)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/5431.php" }, { "name": "RHSA-2000:087", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "name": "20001025 Immunix OS Security Update for ping package", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "name": "1813", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1813" }, { "name": "20001020 Re: [RHSA-2000:087-02] Potential security problems in ping fixed.", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97208562830613\u0026w=2" }, { "name": "20001030 Trustix Security Advisory - ping gnupg ypbind", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1214", "datePublished": "2002-08-31T04:00:00", "dateReserved": "2002-08-30T00:00:00", "dateUpdated": "2024-08-08T05:45:37.335Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0309 (GCVE-0-2001-0309)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:14:07.392Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "inetd-internal-socket-dos(6380)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6380" }, { "name": "RHSA-2001:006", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-006.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-30T00:00:00", "descriptions": [ { "lang": "en", "value": "inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "inetd-internal-socket-dos(6380)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6380" }, { "name": "RHSA-2001:006", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-006.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0309", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "inetd-internal-socket-dos(6380)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6380" }, { "name": "RHSA-2001:006", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-006.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0309", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-04-04T00:00:00", "dateUpdated": "2024-08-08T04:14:07.392Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1328 (GCVE-0-1999-1328)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:02.947Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf" }, { "name": "19980823 Security concerns in linuxconf shipped w/RedHat 5.1", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=90383955231511\u0026w=2" }, { "name": "6068", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/6068" }, { "name": "linuxconf-symlink-gain-privileges(7232)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/7232.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1998-08-23T00:00:00", "descriptions": [ { "lang": "en", "value": "linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-20T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf" }, { "name": "19980823 Security concerns in linuxconf shipped w/RedHat 5.1", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=90383955231511\u0026w=2" }, { "name": "6068", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/6068" }, { "name": "linuxconf-symlink-gain-privileges(7232)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/7232.php" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1328", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf", "refsource": "CONFIRM", "url": "http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf" }, { "name": "19980823 Security concerns in linuxconf shipped w/RedHat 5.1", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=90383955231511\u0026w=2" }, { "name": "6068", "refsource": "OSVDB", "url": "http://www.osvdb.org/6068" }, { "name": "linuxconf-symlink-gain-privileges(7232)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7232.php" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1328", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:02.947Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-1041 (GCVE-0-2018-1041)
Vulnerability from cvelistv5
Published
2018-02-15 17:00
Modified
2024-08-05 03:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.
References
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Red Hat, Inc. | jboss-remoting |
Version: since 3.3.10 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T03:44:11.948Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "44099", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/44099/" }, { "name": "RHSA-2018:0269", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0269" }, { "name": "RHSA-2018:0270", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0270" }, { "name": "RHSA-2018:0271", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0271" }, { "name": "RHSA-2018:0268", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0268" }, { "name": "RHSA-2018:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:0275" }, { "name": "1040323", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1040323" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "jboss-remoting", "vendor": "Red Hat, Inc.", "versions": [ { "status": "affected", "version": "since 3.3.10" } ] } ], "datePublic": "2018-02-05T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-835", "description": "CWE-835", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2018-02-18T10:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "44099", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/44099/" }, { "name": "RHSA-2018:0269", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0269" }, { "name": "RHSA-2018:0270", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0270" }, { "name": "RHSA-2018:0271", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0271" }, { "name": "RHSA-2018:0268", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0268" }, { "name": "RHSA-2018:0275", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:0275" }, { "name": "1040323", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1040323" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530457" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2018-1041", "datePublished": "2018-02-15T17:00:00Z", "dateReserved": "2017-12-04T00:00:00", "dateUpdated": "2024-08-05T03:44:11.948Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-17962 (GCVE-0-2018-17962)
Vulnerability from cvelistv5
Published
2018-10-09 22:00
Modified
2024-08-05 11:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T11:01:14.671Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[oss-security] 20181008 Qemu: integer overflow issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2018/10/08/1" }, { "name": "DSA-4338", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2018/dsa-4338" }, { "name": "USN-3826-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3826-1/" }, { "name": "[qemu-devel] 20180926 [PULL 23/25] pcnet: fix possible buffer overflow", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html" }, { "name": "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html" }, { "name": "RHSA-2019:2892", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2892" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2018-09-26T00:00:00", "descriptions": [ { "lang": "en", "value": "Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-09-24T15:06:17", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "[oss-security] 20181008 Qemu: integer overflow issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2018/10/08/1" }, { "name": "DSA-4338", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2018/dsa-4338" }, { "name": "USN-3826-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3826-1/" }, { "name": "[qemu-devel] 20180926 [PULL 23/25] pcnet: fix possible buffer overflow", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html" }, { "name": "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html" }, { "name": "RHSA-2019:2892", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2892" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-17962", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[oss-security] 20181008 Qemu: integer overflow issues", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2018/10/08/1" }, { "name": "DSA-4338", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4338" }, { "name": "USN-3826-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3826-1/" }, { "name": "[qemu-devel] 20180926 [PULL 23/25] pcnet: fix possible buffer overflow", "refsource": "MLIST", "url": "https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html" }, { "name": "[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html" }, { "name": "RHSA-2019:2892", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2892" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-17962", "datePublished": "2018-10-09T22:00:00", "dateReserved": "2018-10-03T00:00:00", "dateUpdated": "2024-08-05T11:01:14.671Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1134 (GCVE-0-2000-1134)
Vulnerability from cvelistv5
Published
2000-12-19 05:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.043Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20001111a", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2000/20001111a" }, { "name": "1926", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1926" }, { "name": "CLA-2000:350", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350" }, { "name": "oval:org.mitre.oval:def:4047", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047" }, { "name": "SSRT1-41U", "tags": [ "vendor-advisory", "x_refsource_COMPAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html" }, { "name": "2006", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2006" }, { "name": "MDKSA-2000-069", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3" }, { "name": "CSSA-2000-042.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt" }, { "name": "RHSA-2000:117", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-117.html" }, { "name": "VU#10277", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/10277" }, { "name": "20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2" }, { "name": "FreeBSD-SA-00:76", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc" }, { "name": "20001028 tcsh: unsafe tempfile in \u003c\u003c redirects", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html" }, { "name": "MDKSA-2000:075", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3" }, { "name": "CSSA-2000-043.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt" }, { "name": "20011103-02-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P" }, { "name": "20001128 /bin/sh creates insecure tmp files", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/146657" }, { "name": "CLSA-2000:354", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354" }, { "name": "RHSA-2000:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-121.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-28T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing \u003c\u003c redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-18T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20001111a", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2000/20001111a" }, { "name": "1926", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1926" }, { "name": "CLA-2000:350", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350" }, { "name": "oval:org.mitre.oval:def:4047", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047" }, { "name": "SSRT1-41U", "tags": [ "vendor-advisory", "x_refsource_COMPAQ" ], "url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html" }, { "name": "2006", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2006" }, { "name": "MDKSA-2000-069", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3" }, { "name": "CSSA-2000-042.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt" }, { "name": "RHSA-2000:117", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-117.html" }, { "name": "VU#10277", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/10277" }, { "name": "20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2" }, { "name": "FreeBSD-SA-00:76", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc" }, { "name": "20001028 tcsh: unsafe tempfile in \u003c\u003c redirects", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html" }, { "name": "MDKSA-2000:075", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3" }, { "name": "CSSA-2000-043.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt" }, { "name": "20011103-02-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P" }, { "name": "20001128 /bin/sh creates insecure tmp files", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/146657" }, { "name": "CLSA-2000:354", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354" }, { "name": "RHSA-2000:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-121.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1134", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing \u003c\u003c redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20001111a", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2000/20001111a" }, { "name": "1926", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1926" }, { "name": "CLA-2000:350", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000350" }, { "name": "oval:org.mitre.oval:def:4047", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4047" }, { "name": "SSRT1-41U", "refsource": "COMPAQ", "url": "http://archives.neohapsis.com/archives/tru64/2002-q1/0009.html" }, { "name": "2006", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2006" }, { "name": "MDKSA-2000-069", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-069.php3" }, { "name": "CSSA-2000-042.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-042.0.txt" }, { "name": "RHSA-2000:117", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-117.html" }, { "name": "VU#10277", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/10277" }, { "name": "20001130 [ADV/EXP]: RH6.x root from bash /tmp vuln + MORE", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97561816504170\u0026w=2" }, { "name": "FreeBSD-SA-00:76", "refsource": "FREEBSD", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:76.tcsh-csh.asc" }, { "name": "20001028 tcsh: unsafe tempfile in \u003c\u003c redirects", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0418.html" }, { "name": "MDKSA-2000:075", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-075.php3" }, { "name": "CSSA-2000-043.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-043.0.txt" }, { "name": "20011103-02-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20011103-02-P" }, { "name": "20001128 /bin/sh creates insecure tmp files", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/146657" }, { "name": "CLSA-2000:354", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000354" }, { "name": "RHSA-2000:121", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-121.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1134", "datePublished": "2000-12-19T05:00:00", "dateReserved": "2000-12-14T00:00:00", "dateUpdated": "2024-08-08T05:45:37.043Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0836 (GCVE-0-2002-0836)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T03:03:49.020Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20021018 GLSA: tetex", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2" }, { "name": "5978", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/5978" }, { "name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2" }, { "name": "CLA-2002:537", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537" }, { "name": "VU#169841", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/169841" }, { "name": "DSA-207", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2002/dsa-207" }, { "name": "HPSBTL0210-073", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www.securityfocus.com/advisories/4567" }, { "name": "RHSA-2002:195", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-195.html" }, { "name": "dvips-system-execute-commands(10365)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/10365.php" }, { "name": "RHSA-2002:194", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-194.html" }, { "name": "MDKSA-2002:070", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-10-14T00:00:00", "descriptions": [ { "lang": "en", "value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-07-25T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20021018 GLSA: tetex", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2" }, { "name": "5978", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/5978" }, { "name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2" }, { "name": "CLA-2002:537", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537" }, { "name": "VU#169841", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/169841" }, { "name": "DSA-207", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2002/dsa-207" }, { "name": "HPSBTL0210-073", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www.securityfocus.com/advisories/4567" }, { "name": "RHSA-2002:195", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-195.html" }, { "name": "dvips-system-execute-commands(10365)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/10365.php" }, { "name": "RHSA-2002:194", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-194.html" }, { "name": "MDKSA-2002:070", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0836", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20021018 GLSA: tetex", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=103497852330838\u0026w=2" }, { "name": "5978", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5978" }, { "name": "20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=104005975415582\u0026w=2" }, { "name": "CLA-2002:537", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000537" }, { "name": "VU#169841", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/169841" }, { "name": "DSA-207", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-207" }, { "name": "HPSBTL0210-073", "refsource": "HP", "url": "http://www.securityfocus.com/advisories/4567" }, { "name": "RHSA-2002:195", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-195.html" }, { "name": "dvips-system-execute-commands(10365)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/10365.php" }, { "name": "RHSA-2002:194", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-194.html" }, { "name": "MDKSA-2002:070", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0836", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-08-08T00:00:00", "dateUpdated": "2024-08-08T03:03:49.020Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-20346 (GCVE-0-2018-20346)
Vulnerability from cvelistv5
Published
2018-12-21 21:00
Modified
2024-08-05 11:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T11:58:19.161Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://worthdoingbadly.com/sqlitebug/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT209446" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659379" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659677" }, { "name": "[debian-lts-announce] 20181222 [SECURITY] [DLA 1613-1] sqlite3 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.synology.com/security/advisory/Synology_SA_18_61" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://access.redhat.com/articles/3758321" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT209443" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://blade.tencent.com/magellan/index_en.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT209451" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://news.ycombinator.com/item?id=18685296" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT209450" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://sqlite.org/src/info/940f2adc8541a838" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT209448" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg113218.html" }, { "name": "106323", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/106323" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://crbug.com/900910" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://sqlite.org/src/info/d44318f59044162e" }, { "name": "FreeBSD-EN-19:03", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.sqlite.org/releaselog/3_25_3.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT209447" }, { "name": "openSUSE-SU-2019:1159", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html" }, { "name": "openSUSE-SU-2019:1222", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html" }, { "name": "GLSA-201904-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201904-21" }, { "name": "USN-4019-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4019-1/" }, { "name": "USN-4019-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4019-2/" }, { "name": "FEDORA-2019-49f80a78bc", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "name": "[debian-lts-announce] 20200822 [SECURITY] [DLA 2340-1] sqlite3 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2018-12-21T00:00:00", "descriptions": [ { "lang": "en", "value": "SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-31T07:06:25", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://worthdoingbadly.com/sqlitebug/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT209446" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659379" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659677" }, { "name": "[debian-lts-announce] 20181222 [SECURITY] [DLA 1613-1] sqlite3 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.synology.com/security/advisory/Synology_SA_18_61" }, { "tags": [ "x_refsource_MISC" ], "url": "https://access.redhat.com/articles/3758321" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT209443" }, { "tags": [ "x_refsource_MISC" ], "url": "https://blade.tencent.com/magellan/index_en.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT209451" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://news.ycombinator.com/item?id=18685296" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT209450" }, { "tags": [ "x_refsource_MISC" ], "url": "https://sqlite.org/src/info/940f2adc8541a838" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT209448" }, { "tags": [ "x_refsource_MISC" ], "url": "https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg113218.html" }, { "name": "106323", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/106323" }, { "tags": [ "x_refsource_MISC" ], "url": "https://crbug.com/900910" }, { "tags": [ "x_refsource_MISC" ], "url": "https://sqlite.org/src/info/d44318f59044162e" }, { "name": "FreeBSD-EN-19:03", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc" }, { "tags": [ "x_refsource_MISC" ], "url": "https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.sqlite.org/releaselog/3_25_3.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT209447" }, { "name": "openSUSE-SU-2019:1159", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html" }, { "name": "openSUSE-SU-2019:1222", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html" }, { "name": "GLSA-201904-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201904-21" }, { "name": "USN-4019-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4019-1/" }, { "name": "USN-4019-2", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4019-2/" }, { "name": "FEDORA-2019-49f80a78bc", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "name": "[debian-lts-announce] 20200822 [SECURITY] [DLA 2340-1] sqlite3 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20346", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://worthdoingbadly.com/sqlitebug/", "refsource": "MISC", "url": "https://worthdoingbadly.com/sqlitebug/" }, { "name": "https://support.apple.com/HT209446", "refsource": "CONFIRM", "url": "https://support.apple.com/HT209446" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1659379", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659379" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1659677", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659677" }, { "name": "[debian-lts-announce] 20181222 [SECURITY] [DLA 1613-1] sqlite3 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00012.html" }, { "name": "https://www.synology.com/security/advisory/Synology_SA_18_61", "refsource": "CONFIRM", "url": "https://www.synology.com/security/advisory/Synology_SA_18_61" }, { "name": "https://access.redhat.com/articles/3758321", "refsource": "MISC", "url": "https://access.redhat.com/articles/3758321" }, { "name": "https://support.apple.com/HT209443", "refsource": "CONFIRM", "url": "https://support.apple.com/HT209443" }, { "name": "https://blade.tencent.com/magellan/index_en.html", "refsource": "MISC", "url": "https://blade.tencent.com/magellan/index_en.html" }, { "name": "https://support.apple.com/HT209451", "refsource": "CONFIRM", "url": "https://support.apple.com/HT209451" }, { "name": "https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html", "refsource": "MISC", "url": "https://github.com/zhuowei/worthdoingbadly.com/blob/master/_posts/2018-12-14-sqlitebug.html" }, { "name": "https://news.ycombinator.com/item?id=18685296", "refsource": "MISC", "url": "https://news.ycombinator.com/item?id=18685296" }, { "name": "https://support.apple.com/HT209450", "refsource": "CONFIRM", "url": "https://support.apple.com/HT209450" }, { "name": "https://sqlite.org/src/info/940f2adc8541a838", "refsource": "MISC", "url": "https://sqlite.org/src/info/940f2adc8541a838" }, { "name": "https://support.apple.com/HT209448", "refsource": "CONFIRM", "url": "https://support.apple.com/HT209448" }, { "name": "https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e", "refsource": "MISC", "url": "https://chromium.googlesource.com/chromium/src/+/c368e30ae55600a1c3c9cb1710a54f9c55de786e" }, { "name": "https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg113218.html", "refsource": "MISC", "url": "https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg113218.html" }, { "name": "106323", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106323" }, { "name": "https://crbug.com/900910", "refsource": "MISC", "url": "https://crbug.com/900910" }, { "name": "https://sqlite.org/src/info/d44318f59044162e", "refsource": "MISC", "url": "https://sqlite.org/src/info/d44318f59044162e" }, { "name": "FreeBSD-EN-19:03", "refsource": "FREEBSD", "url": "https://www.freebsd.org/security/advisories/FreeBSD-EN-19:03.sqlite.asc" }, { "name": "https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html", "refsource": "MISC", "url": "https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop.html" }, { "name": "https://www.sqlite.org/releaselog/3_25_3.html", "refsource": "MISC", "url": "https://www.sqlite.org/releaselog/3_25_3.html" }, { "name": "https://support.apple.com/HT209447", "refsource": "CONFIRM", "url": "https://support.apple.com/HT209447" }, { "name": "openSUSE-SU-2019:1159", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00040.html" }, { "name": "openSUSE-SU-2019:1222", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00070.html" }, { "name": "GLSA-201904-21", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201904-21" }, { "name": "USN-4019-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4019-1/" }, { "name": "USN-4019-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4019-2/" }, { "name": "FEDORA-2019-49f80a78bc", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PU4NZ6DDU4BEM3ACM3FM6GLEPX56ZQXK/" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "name": "[debian-lts-announce] 20200822 [SECURITY] [DLA 2340-1] sqlite3 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-20346", "datePublished": "2018-12-21T21:00:00", "dateReserved": "2018-12-21T00:00:00", "dateUpdated": "2024-08-05T11:58:19.161Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1542 (GCVE-0-1999-1542)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:18:07.504Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19991006 Fwd: [Re: RH6.0 local/remote command execution]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=93923853105687\u0026w=2" }, { "name": "19991004 RH6.0 local/remote command execution", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=93915641729415\u0026w=2" }, { "name": "linux-rh-rpmmail(3353)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3353" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-10-04T00:00:00", "descriptions": [ { "lang": "en", "value": "RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the \"MAIL FROM\" command." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2001-11-28T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19991006 Fwd: [Re: RH6.0 local/remote command execution]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=93923853105687\u0026w=2" }, { "name": "19991004 RH6.0 local/remote command execution", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=93915641729415\u0026w=2" }, { "name": "linux-rh-rpmmail(3353)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3353" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1542", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the \"MAIL FROM\" command." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19991006 Fwd: [Re: RH6.0 local/remote command execution]", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=93923853105687\u0026w=2" }, { "name": "19991004 RH6.0 local/remote command execution", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=93915641729415\u0026w=2" }, { "name": "linux-rh-rpmmail(3353)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3353" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1542", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:18:07.504Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0067 (GCVE-0-2002-0067)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:35:17.437Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" }, { "name": "CLA-2002:464", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "name": "MDKSA-2002:016", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "name": "20020222 TSLSA-2002-0031 - squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "name": "FreeBSD-SA-02:12", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "name": "CSSA-2002-SCO.7", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "name": "squid-htcp-enabled(8261)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/8261.php" }, { "name": "4150", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/4150" }, { "name": "20020221 Squid HTTP Proxy Security Update Advisory 2002:1", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "name": "RHSA-2002:029", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "name": "5379", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/5379" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-02-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when \"htcp_port 0\" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-08-17T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" }, { "name": "CLA-2002:464", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "name": "MDKSA-2002:016", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "name": "20020222 TSLSA-2002-0031 - squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "name": "FreeBSD-SA-02:12", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "name": "CSSA-2002-SCO.7", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "name": "squid-htcp-enabled(8261)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/8261.php" }, { "name": "4150", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/4150" }, { "name": "20020221 Squid HTTP Proxy Security Update Advisory 2002:1", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "name": "RHSA-2002:029", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "name": "5379", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/5379" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0067", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when \"htcp_port 0\" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.squid-cache.org/Versions/v2/2.4/bugs/", "refsource": "CONFIRM", "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" }, { "name": "CLA-2002:464", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "name": "MDKSA-2002:016", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "name": "20020222 TSLSA-2002-0031 - squid", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "name": "FreeBSD-SA-02:12", "refsource": "FREEBSD", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "name": "CSSA-2002-SCO.7", "refsource": "CALDERA", "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "name": "squid-htcp-enabled(8261)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8261.php" }, { "name": "4150", "refsource": "BID", "url": "http://www.securityfocus.com/bid/4150" }, { "name": "20020221 Squid HTTP Proxy Security Update Advisory 2002:1", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "name": "RHSA-2002:029", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "name": "5379", "refsource": "OSVDB", "url": "http://www.osvdb.org/5379" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0067", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2002-02-19T00:00:00", "dateUpdated": "2024-08-08T02:35:17.437Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0434 (GCVE-0-2003-0434)
Vulnerability from cvelistv5
Published
2003-06-18 04:00
Modified
2024-08-08 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:50:48.159Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "9038", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/9038" }, { "name": "MDKSA-2003:071", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071" }, { "name": "VU#200132", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/200132" }, { "name": "20030613 -10Day CERT Advisory on PDF Files", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html" }, { "name": "RHSA-2003:196", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html" }, { "name": "9037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/9037" }, { "name": "RHSA-2003:197", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html" }, { "name": "20030709 xpdf vulnerability - CAN-2003-0434", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2" }, { "name": "oval:org.mitre.oval:def:664", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-06-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "9038", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/9038" }, { "name": "MDKSA-2003:071", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071" }, { "name": "VU#200132", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/200132" }, { "name": "20030613 -10Day CERT Advisory on PDF Files", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html" }, { "name": "RHSA-2003:196", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html" }, { "name": "9037", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/9037" }, { "name": "RHSA-2003:197", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html" }, { "name": "20030709 xpdf vulnerability - CAN-2003-0434", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2" }, { "name": "oval:org.mitre.oval:def:664", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0434", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "9038", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/9038" }, { "name": "MDKSA-2003:071", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:071" }, { "name": "VU#200132", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/200132" }, { "name": "20030613 -10Day CERT Advisory on PDF Files", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html" }, { "name": "RHSA-2003:196", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-196.html" }, { "name": "9037", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/9037" }, { "name": "RHSA-2003:197", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-197.html" }, { "name": "20030709 xpdf vulnerability - CAN-2003-0434", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=105777963019186\u0026w=2" }, { "name": "oval:org.mitre.oval:def:664", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A664" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0434", "datePublished": "2003-06-18T04:00:00", "dateReserved": "2003-06-16T00:00:00", "dateUpdated": "2024-08-08T01:50:48.159Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0390 (GCVE-0-2000-0390)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.484Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FreeBSD-SA-00:20", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "name": "RHSA-2000:025", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "name": "4884", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/4884" }, { "name": "CA-2000-06", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "name": "1220", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1220" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-05-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FreeBSD-SA-00:20", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "name": "RHSA-2000:025", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "name": "4884", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/4884" }, { "name": "CA-2000-06", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "name": "1220", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1220" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0390", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FreeBSD-SA-00:20", "refsource": "FREEBSD", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "name": "RHSA-2000:025", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "name": "4884", "refsource": "OSVDB", "url": "http://www.osvdb.org/4884" }, { "name": "CA-2000-06", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "name": "1220", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1220" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0390", "datePublished": "2000-07-12T04:00:00", "dateReserved": "2000-06-14T00:00:00", "dateUpdated": "2024-08-08T05:14:21.484Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2009-0714 (GCVE-0-2009-0714)
Vulnerability from cvelistv5
Published
2009-05-14 17:00
Modified
2024-08-07 04:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T04:48:51.687Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1022220", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1022220" }, { "name": "HPSBMA02417", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543" }, { "name": "SSRT090031", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543" }, { "name": "9007", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/9007" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://ivizsecurity.com/security-advisory-iviz-sr-09002.html" }, { "name": "35084", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35084" }, { "name": "34955", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/34955" }, { "name": "ADV-2009-1309", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1309" }, { "name": "9006", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/9006" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-05-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1022220", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1022220" }, { "name": "HPSBMA02417", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543" }, { "name": "SSRT090031", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543" }, { "name": "9007", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/9007" }, { "tags": [ "x_refsource_MISC" ], "url": "http://ivizsecurity.com/security-advisory-iviz-sr-09002.html" }, { "name": "35084", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35084" }, { "name": "34955", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/34955" }, { "name": "ADV-2009-1309", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1309" }, { "name": "9006", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/9006" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0714", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1022220", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022220" }, { "name": "HPSBMA02417", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543" }, { "name": "SSRT090031", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543" }, { "name": "9007", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/9007" }, { "name": "http://ivizsecurity.com/security-advisory-iviz-sr-09002.html", "refsource": "MISC", "url": "http://ivizsecurity.com/security-advisory-iviz-sr-09002.html" }, { "name": "35084", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35084" }, { "name": "34955", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34955" }, { "name": "ADV-2009-1309", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1309" }, { "name": "9006", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/9006" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0714", "datePublished": "2009-05-14T17:00:00", "dateReserved": "2009-02-24T00:00:00", "dateUpdated": "2024-08-07T04:48:51.687Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1048 (GCVE-0-1999-1048)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 16:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \w option in the PS1 environmental variable when another user changes into that directory.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:55:29.537Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "8345", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/8345" }, { "name": "linux-bash-bo(3414)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3414" }, { "name": "19970821 Buffer overflow in /bin/bash", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602746719555\u0026w=2" }, { "name": "19980909 problem with very long pathnames", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/1998/19980909" }, { "name": "19980905 BASH buffer overflow, LiNUX x86 exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/10542" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1997-08-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \\w option in the PS1 environmental variable when another user changes into that directory." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-03-01T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "8345", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/8345" }, { "name": "linux-bash-bo(3414)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3414" }, { "name": "19970821 Buffer overflow in /bin/bash", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602746719555\u0026w=2" }, { "name": "19980909 problem with very long pathnames", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/1998/19980909" }, { "name": "19980905 BASH buffer overflow, LiNUX x86 exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/10542" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1048", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via the \\w option in the PS1 environmental variable when another user changes into that directory." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "8345", "refsource": "OSVDB", "url": "http://www.osvdb.org/8345" }, { "name": "linux-bash-bo(3414)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3414" }, { "name": "19970821 Buffer overflow in /bin/bash", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=87602746719555\u0026w=2" }, { "name": "19980909 problem with very long pathnames", "refsource": "DEBIAN", "url": "http://www.debian.org/security/1998/19980909" }, { "name": "19980905 BASH buffer overflow, LiNUX x86 exploit", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/10542" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1048", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T16:55:29.537Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3624 (GCVE-0-2005-3624)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.457Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "xpdf-ccitt-faxstream-bo(24022)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "oval:org.mitre.oval:def:9437", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "xpdf-ccitt-faxstream-bo(24022)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "oval:org.mitre.oval:def:9437", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3624", "datePublished": "2006-01-06T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.457Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0289 (GCVE-0-2000-0289)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.124Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000327 Security Problems with Linux 2.2.x IP Masquerading", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0284.html" }, { "name": "1078", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1078" }, { "name": "20000520 Security hole in kernel \u003c 2.2.15", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_48.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-03-27T00:00:00", "descriptions": [ { "lang": "en", "value": "IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000327 Security Problems with Linux 2.2.x IP Masquerading", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0284.html" }, { "name": "1078", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1078" }, { "name": "20000520 Security hole in kernel \u003c 2.2.15", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_48.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0289", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000327 Security Problems with Linux 2.2.x IP Masquerading", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0284.html" }, { "name": "1078", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1078" }, { "name": "20000520 Security hole in kernel \u003c 2.2.15", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_48.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0289", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-04-26T00:00:00", "dateUpdated": "2024-08-08T05:14:21.124Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0037 (GCVE-0-1999-0037)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:27:57.203Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0037" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Arbitrary command execution via metamail package using message headers, when user processes attacker\u0027s message using metamail." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T06:29:13", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0037" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0037", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Arbitrary command execution via metamail package using message headers, when user processes attacker\u0027s message using metamail." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0037", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0037" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0037", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:27:57.203Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-1437 (GCVE-0-2003-1437)
Vulnerability from cvelistv5
Published
2007-10-23 01:00
Modified
2024-08-08 02:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:28:03.573Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "BEA03-25.00", "tags": [ "vendor-advisory", "x_refsource_BEA", "x_transferred" ], "url": "http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-25.jsp" }, { "name": "6719", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/6719" }, { "name": "weblogic-keystore-plaintext-passwords(11220)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11220" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-01-28T00:00:00", "descriptions": [ { "lang": "en", "value": "BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "BEA03-25.00", "tags": [ "vendor-advisory", "x_refsource_BEA" ], "url": "http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-25.jsp" }, { "name": "6719", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/6719" }, { "name": "weblogic-keystore-plaintext-passwords(11220)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11220" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-1437", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "BEA03-25.00", "refsource": "BEA", "url": "http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-25.jsp" }, { "name": "6719", "refsource": "BID", "url": "http://www.securityfocus.com/bid/6719" }, { "name": "weblogic-keystore-plaintext-passwords(11220)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11220" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-1437", "datePublished": "2007-10-23T01:00:00", "dateReserved": "2007-10-22T00:00:00", "dateUpdated": "2024-08-08T02:28:03.573Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0356 (GCVE-0-2000-0356)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.349Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-1999:040", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.securityfocus.com/templates/advisory.html?id=1789" }, { "name": "697", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/697" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-10-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-1999:040", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.securityfocus.com/templates/advisory.html?id=1789" }, { "name": "697", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/697" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0356", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-1999:040", "refsource": "REDHAT", "url": "http://www.securityfocus.com/templates/advisory.html?id=1789" }, { "name": "697", "refsource": "BID", "url": "http://www.securityfocus.com/bid/697" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0356", "datePublished": "2000-07-12T04:00:00", "dateReserved": "2000-05-23T00:00:00", "dateUpdated": "2024-08-08T05:14:21.349Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0138 (GCVE-0-2001-0138)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.458Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2189", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2189" }, { "name": "MDKSA-2001-001", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3" }, { "name": "linux-wuftpd-privatepw-symlink(5915)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915" }, { "name": "DSA-016", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2001/dsa-016" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2007-05-21T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2189", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2189" }, { "name": "MDKSA-2001-001", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3" }, { "name": "linux-wuftpd-privatepw-symlink(5915)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915" }, { "name": "DSA-016", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2001/dsa-016" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0138", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2189", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2189" }, { "name": "MDKSA-2001-001", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3" }, { "name": "linux-wuftpd-privatepw-symlink(5915)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5915" }, { "name": "DSA-016", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2001/dsa-016" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0138", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.458Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1327 (GCVE-0-1999-1327)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:03.125Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19980601 Re: SECURITY: Red Hat Linux 5.1 linuxconf bug (fwd)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=90221103125826\u0026w=2" }, { "name": "6065", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/6065" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf" }, { "name": "linuxconf-lang-bo(7239)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/7239.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1998-05-28T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-20T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19980601 Re: SECURITY: Red Hat Linux 5.1 linuxconf bug (fwd)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=90221103125826\u0026w=2" }, { "name": "6065", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/6065" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf" }, { "name": "linuxconf-lang-bo(7239)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/7239.php" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1327", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19980601 Re: SECURITY: Red Hat Linux 5.1 linuxconf bug (fwd)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=90221103125826\u0026w=2" }, { "name": "6065", "refsource": "OSVDB", "url": "http://www.osvdb.org/6065" }, { "name": "http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf", "refsource": "CONFIRM", "url": "http://www.redhat.com/support/errata/rh51-errata-general.html#linuxconf" }, { "name": "linuxconf-lang-bo(7239)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7239.php" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1327", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:03.125Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0768 (GCVE-0-1999-0768)
Vulnerability from cvelistv5
Published
2000-01-18 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:48:37.717Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "602", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/602" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "602", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/602" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0768", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "602", "refsource": "BID", "url": "http://www.securityfocus.com/bid/602" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0768", "datePublished": "2000-01-18T05:00:00", "dateReserved": "1999-11-25T00:00:00", "dateUpdated": "2024-08-01T16:48:37.717Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1330 (GCVE-0-1999-1330)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:02.989Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "linux-libdb-snprintf-bo(7244)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/7244.php" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#db" }, { "name": "19970709 [linux-security] so-called snprintf() in db-1.85.4 (fwd)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602661419259\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://lists.openresources.com/Debian/debian-bugs-closed/msg00581.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1997-07-09T00:00:00", "descriptions": [ { "lang": "en", "value": "The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-20T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "linux-libdb-snprintf-bo(7244)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/7244.php" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#db" }, { "name": "19970709 [linux-security] so-called snprintf() in db-1.85.4 (fwd)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602661419259\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://lists.openresources.com/Debian/debian-bugs-closed/msg00581.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1330", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "linux-libdb-snprintf-bo(7244)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7244.php" }, { "name": "http://www.redhat.com/support/errata/rh42-errata-general.html#db", "refsource": "CONFIRM", "url": "http://www.redhat.com/support/errata/rh42-errata-general.html#db" }, { "name": "19970709 [linux-security] so-called snprintf() in db-1.85.4 (fwd)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=87602661419259\u0026w=2" }, { "name": "http://lists.openresources.com/Debian/debian-bugs-closed/msg00581.html", "refsource": "CONFIRM", "url": "http://lists.openresources.com/Debian/debian-bugs-closed/msg00581.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1330", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:02.989Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0787 (GCVE-0-2001-0787)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:30:06.129Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "2865", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2865" }, { "name": "L-096", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/l-096.shtml" }, { "name": "RHSA-2001:077", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-077.html" }, { "name": "lprng-supplementary-groups(6703)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6703" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-06-12T00:00:00", "descriptions": [ { "lang": "en", "value": "LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-26T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "2865", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2865" }, { "name": "L-096", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/l-096.shtml" }, { "name": "RHSA-2001:077", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-077.html" }, { "name": "lprng-supplementary-groups(6703)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6703" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0787", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "2865", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2865" }, { "name": "L-096", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/l-096.shtml" }, { "name": "RHSA-2001:077", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-077.html" }, { "name": "lprng-supplementary-groups(6703)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6703" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0787", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-10-12T00:00:00", "dateUpdated": "2024-08-08T04:30:06.129Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0748 (GCVE-0-1999-0748)
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflows in Red Hat net-tools package.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:48:37.981Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA1999017_01.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflows in Red Hat net-tools package." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T05:32:33", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.redhat.com/support/errata/RHSA1999017_01.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0748", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflows in Red Hat net-tools package." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.redhat.com/support/errata/RHSA1999017_01.html", "refsource": "MISC", "url": "http://www.redhat.com/support/errata/RHSA1999017_01.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0748", "datePublished": "2000-02-04T05:00:00", "dateReserved": "1999-11-25T00:00:00", "dateUpdated": "2024-08-01T16:48:37.981Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0889 (GCVE-0-2001-0889)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 04:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:37:06.964Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "3728", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3728" }, { "name": "exim-pipe-hostname-commands(7738)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7738" }, { "name": "DSA-097", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2002/dsa-097" }, { "name": "20011219 [ph10@cus.cam.ac.uk: [Exim] Potential security problem]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=100877978506387\u0026w=2" }, { "name": "VU#283723", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/283723" }, { "name": "RHSA-2001:176", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-176.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-01-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-06-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "3728", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3728" }, { "name": "exim-pipe-hostname-commands(7738)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7738" }, { "name": "DSA-097", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2002/dsa-097" }, { "name": "20011219 [ph10@cus.cam.ac.uk: [Exim] Potential security problem]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=100877978506387\u0026w=2" }, { "name": "VU#283723", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/283723" }, { "name": "RHSA-2001:176", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-176.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0889", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "3728", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3728" }, { "name": "exim-pipe-hostname-commands(7738)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7738" }, { "name": "DSA-097", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-097" }, { "name": "20011219 [ph10@cus.cam.ac.uk: [Exim] Potential security problem]", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=100877978506387\u0026w=2" }, { "name": "VU#283723", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/283723" }, { "name": "RHSA-2001:176", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-176.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0889", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2001-12-21T00:00:00", "dateUpdated": "2024-08-08T04:37:06.964Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0633 (GCVE-0-2000-0633)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:28:40.443Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1489", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1489" }, { "name": "linux-usermode-dos(4944)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4944" }, { "name": "RHSA-2000:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-053.html" }, { "name": "20000718 MDKSA-2000:020 usermode update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0251.html" }, { "name": "20000812 Conectiva Linux security announcement - usermode", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0117.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-07-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1489", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1489" }, { "name": "linux-usermode-dos(4944)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4944" }, { "name": "RHSA-2000:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-053.html" }, { "name": "20000718 MDKSA-2000:020 usermode update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0251.html" }, { "name": "20000812 Conectiva Linux security announcement - usermode", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0117.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0633", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1489", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1489" }, { "name": "linux-usermode-dos(4944)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4944" }, { "name": "RHSA-2000:053", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-053.html" }, { "name": "20000718 MDKSA-2000:020 usermode update", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0251.html" }, { "name": "20000812 Conectiva Linux security announcement - usermode", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0117.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0633", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-08-02T00:00:00", "dateUpdated": "2024-08-08T05:28:40.443Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1335 (GCVE-0-1999-1335)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:02.973Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp" }, { "name": "cmusnmp-read-write(7251)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7251" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1997-03-23T00:00:00", "descriptions": [ { "lang": "en", "value": "snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-20T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp" }, { "name": "cmusnmp-read-write(7251)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7251" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1335", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp", "refsource": "CONFIRM", "url": "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp" }, { "name": "cmusnmp-read-write(7251)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7251" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1335", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:02.973Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0710 (GCVE-0-1999-0710)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
References
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:48:37.717Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FEDORA-2005-373", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html" }, { "name": "FLSA-2006:152809", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://fedoranews.org/updates/FEDORA--.shtml" }, { "name": "RHSA-2005:489", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-489.html" }, { "name": "2059", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2059" }, { "name": "DSA-576", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-576" }, { "name": "RHSA-1999:025", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-1999-025.html" }, { "name": "http-cgi-cachemgr(2385)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2385" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/support/errata/archives/rh52-errata-general.html#squid" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2011-07-17T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FEDORA-2005-373", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html" }, { "name": "FLSA-2006:152809", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://fedoranews.org/updates/FEDORA--.shtml" }, { "name": "RHSA-2005:489", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-489.html" }, { "name": "2059", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2059" }, { "name": "DSA-576", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-576" }, { "name": "RHSA-1999:025", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-1999-025.html" }, { "name": "http-cgi-cachemgr(2385)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2385" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/support/errata/archives/rh52-errata-general.html#squid" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0710", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FEDORA-2005-373", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html" }, { "name": "FLSA-2006:152809", "refsource": "FEDORA", "url": "http://fedoranews.org/updates/FEDORA--.shtml" }, { "name": "RHSA-2005:489", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-489.html" }, { "name": "2059", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2059" }, { "name": "DSA-576", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-576" }, { "name": "RHSA-1999:025", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-1999-025.html" }, { "name": "http-cgi-cachemgr(2385)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2385" }, { "name": "http://www.redhat.com/support/errata/archives/rh52-errata-general.html#squid", "refsource": "CONFIRM", "url": "http://www.redhat.com/support/errata/archives/rh52-errata-general.html#squid" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0710", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-11-25T00:00:00", "dateUpdated": "2024-08-01T16:48:37.717Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0186 (GCVE-0-2000-0186)
Vulnerability from cvelistv5
Published
2000-04-10 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:05:54.163Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1020", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1020" }, { "name": "RHSA-2000:100", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-100.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-02-28T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1020", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1020" }, { "name": "RHSA-2000:100", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-100.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0186", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1020", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1020" }, { "name": "RHSA-2000:100", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-100.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0186", "datePublished": "2000-04-10T04:00:00", "dateReserved": "2000-03-22T00:00:00", "dateUpdated": "2024-08-08T05:05:54.163Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0130 (GCVE-0-1999-0130)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Local users can start Sendmail in daemon mode and gain root privileges.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:27:57.542Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "716", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/716" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Local users can start Sendmail in daemon mode and gain root privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "716", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/716" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0130", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Local users can start Sendmail in daemon mode and gain root privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "716", "refsource": "BID", "url": "http://www.securityfocus.com/bid/716" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0130", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:27:57.542Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0120 (GCVE-0-2001-0120)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.313Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "shadow-utils-useradd-symlink(5927)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5927" }, { "name": "MDKSA-2001:007", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-007.php3" }, { "name": "2196", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2196" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "shadow-utils-useradd-symlink(5927)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5927" }, { "name": "MDKSA-2001:007", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-007.php3" }, { "name": "2196", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2196" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0120", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "shadow-utils-useradd-symlink(5927)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5927" }, { "name": "MDKSA-2001:007", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-007.php3" }, { "name": "2196", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2196" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0120", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.313Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0170 (GCVE-0-2000-0170)
Vulnerability from cvelistv5
Published
2000-04-10 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:05:54.100Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1011", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1011" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-02-26T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1011", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1011" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0170", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1011", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1011" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0170", "datePublished": "2000-04-10T04:00:00", "dateReserved": "2000-03-22T00:00:00", "dateUpdated": "2024-08-08T05:05:54.100Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0934 (GCVE-0-2000-0934)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:37:31.697Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "glint-symlink(5271)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5271" }, { "name": "RHSA-2000:062", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-062.html" }, { "name": "1703", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1703" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-09-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "glint-symlink(5271)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5271" }, { "name": "RHSA-2000:062", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-062.html" }, { "name": "1703", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1703" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0934", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of service via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "glint-symlink(5271)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5271" }, { "name": "RHSA-2000:062", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-062.html" }, { "name": "1703", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1703" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0934", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-11-24T00:00:00", "dateUpdated": "2024-08-08T05:37:31.697Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0903 (GCVE-0-2004-0903)
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:31:47.989Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SA:2004:036", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "name": "mozilla-netscape-nsvcardobj-bo(17380)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17380" }, { "name": "FLSA:2089", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "name": "VU#414240", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/414240" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=257314" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "name": "GLSA-200409-26", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "name": "11174", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11174" }, { "name": "oval:org.mitre.oval:def:10873", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10873" }, { "name": "TA04-261A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "name": "SSRT4826", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-09-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "SUSE-SA:2004:036", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "name": "mozilla-netscape-nsvcardobj-bo(17380)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17380" }, { "name": "FLSA:2089", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "name": "VU#414240", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/414240" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=257314" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "name": "GLSA-200409-26", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "name": "11174", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11174" }, { "name": "oval:org.mitre.oval:def:10873", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10873" }, { "name": "TA04-261A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "name": "SSRT4826", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0903", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SA:2004:036", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" }, { "name": "mozilla-netscape-nsvcardobj-bo(17380)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17380" }, { "name": "FLSA:2089", "refsource": "FEDORA", "url": "http://marc.info/?l=bugtraq\u0026m=109900315219363\u0026w=2" }, { "name": "VU#414240", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/414240" }, { "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=257314", "refsource": "CONFIRM", "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=257314" }, { "name": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3", "refsource": "CONFIRM", "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3" }, { "name": "GLSA-200409-26", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200409-26.xml" }, { "name": "11174", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11174" }, { "name": "oval:org.mitre.oval:def:10873", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10873" }, { "name": "TA04-261A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-261A.html" }, { "name": "SSRT4826", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=109698896104418\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0903", "datePublished": "2004-09-24T04:00:00", "dateReserved": "2004-09-23T00:00:00", "dateUpdated": "2024-08-08T00:31:47.989Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1329 (GCVE-0-1999-1329)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:02.759Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#SysVinit" }, { "name": "sysvinit-root-bo(7250)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/7250.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1998-07-30T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-20T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#SysVinit" }, { "name": "sysvinit-root-bo(7250)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/7250.php" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1329", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.redhat.com/support/errata/rh50-errata-general.html#SysVinit", "refsource": "CONFIRM", "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#SysVinit" }, { "name": "sysvinit-root-bo(7250)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7250.php" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1329", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:02.759Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0230 (GCVE-0-2000-0230)
Vulnerability from cvelistv5
Published
2000-06-02 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:05:54.115Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000316 TESO \u0026 C-Skills development advisory -- imwheel", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0168.html" }, { "name": "1060", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1060" }, { "name": "RHSA-2000:016", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-016.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-03-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000316 TESO \u0026 C-Skills development advisory -- imwheel", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0168.html" }, { "name": "1060", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1060" }, { "name": "RHSA-2000:016", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-016.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0230", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000316 TESO \u0026 C-Skills development advisory -- imwheel", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0168.html" }, { "name": "1060", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1060" }, { "name": "RHSA-2000:016", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-016.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0230", "datePublished": "2000-06-02T04:00:00", "dateReserved": "2000-04-12T00:00:00", "dateUpdated": "2024-08-08T05:05:54.115Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0031 (GCVE-0-2000-0031)
Vulnerability from cvelistv5
Published
2000-03-22 05:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:05:53.805Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0031" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-11-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T08:19:34", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0031" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0031", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0031", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0031" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0031", "datePublished": "2000-03-22T05:00:00", "dateReserved": "2000-01-11T00:00:00", "dateUpdated": "2024-08-08T05:05:53.805Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0248 (GCVE-0-2000-0248)
Vulnerability from cvelistv5
Published
2000-04-26 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:20.630Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000424 Backdoor Password in Red Hat Linux Virtual Server Package", "tags": [ "third-party-advisory", "x_refsource_ISS", "x_transferred" ], "url": "http://xforce.iss.net/alerts/advise46.php3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-04-24T00:00:00", "descriptions": [ { "lang": "en", "value": "The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-07-23T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000424 Backdoor Password in Red Hat Linux Virtual Server Package", "tags": [ "third-party-advisory", "x_refsource_ISS" ], "url": "http://xforce.iss.net/alerts/advise46.php3" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0248", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000424 Backdoor Password in Red Hat Linux Virtual Server Package", "refsource": "ISS", "url": "http://xforce.iss.net/alerts/advise46.php3" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0248", "datePublished": "2000-04-26T04:00:00", "dateReserved": "2000-04-20T00:00:00", "dateUpdated": "2024-08-08T05:14:20.630Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-3250 (GCVE-0-2014-3250)
Vulnerability from cvelistv5
Published
2017-12-11 17:00
Modified
2024-08-06 10:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T10:35:57.093Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://puppet.com/security/cve/CVE-2014-3250" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101347" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-05-26T00:00:00", "descriptions": [ { "lang": "en", "value": "The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-11T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://puppet.com/security/cve/CVE-2014-3250" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101347" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-3250", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://puppet.com/security/cve/CVE-2014-3250", "refsource": "CONFIRM", "url": "https://puppet.com/security/cve/CVE-2014-3250" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1101347", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101347" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-3250", "datePublished": "2017-12-11T17:00:00", "dateReserved": "2014-05-07T00:00:00", "dateUpdated": "2024-08-06T10:35:57.093Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0052 (GCVE-0-2000-0052)
Vulnerability from cvelistv5
Published
2000-04-18 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:05:53.530Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2000:001", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-001.html" }, { "name": "913", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/913" }, { "name": "20000104 PamSlam", "tags": [ "vendor-advisory", "x_refsource_L0PHT", "x_transferred" ], "url": "http://www.l0pht.com/advisories/pam_advisory" }, { "name": "linux-pam-userhelper", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://xforce.iss.net/search.php3?type=2\u0026pattern=linux-pam-userhelper" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-01-04T00:00:00", "descriptions": [ { "lang": "en", "value": "Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2000:001", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-001.html" }, { "name": "913", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/913" }, { "name": "20000104 PamSlam", "tags": [ "vendor-advisory", "x_refsource_L0PHT" ], "url": "http://www.l0pht.com/advisories/pam_advisory" }, { "name": "linux-pam-userhelper", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://xforce.iss.net/search.php3?type=2\u0026pattern=linux-pam-userhelper" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0052", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2000:001", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-001.html" }, { "name": "913", "refsource": "BID", "url": "http://www.securityfocus.com/bid/913" }, { "name": "20000104 PamSlam", "refsource": "L0PHT", "url": "http://www.l0pht.com/advisories/pam_advisory" }, { "name": "linux-pam-userhelper", "refsource": "XF", "url": "http://xforce.iss.net/search.php3?type=2\u0026pattern=linux-pam-userhelper" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0052", "datePublished": "2000-04-18T04:00:00", "dateReserved": "2000-01-22T00:00:00", "dateUpdated": "2024-08-08T05:05:53.530Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2007-1352 (GCVE-0-2007-1352)
Vulnerability from cvelistv5
Published
2007-04-06 01:00
Modified
2024-08-07 12:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T12:50:35.267Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred" ], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502" }, { "name": "24745", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24745" }, { "name": "oval:org.mitre.oval:def:10523", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523" }, { "name": "33937", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/33937" }, { "name": "24771", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24771" }, { "name": "24770", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24770" }, { "name": "25006", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25006" }, { "name": "24756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24756" }, { "name": "23283", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/23283" }, { "name": "RHSA-2007:0126", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html" }, { "name": "23300", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/23300" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT3438" }, { "name": "GLSA-200705-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml" }, { "name": "USN-448-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-448-1" }, { "name": "APPLE-SA-2009-02-12", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html" }, { "name": "MDKSA-2007:080", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080" }, { "name": "24758", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24758" }, { "name": "1017857", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1017857" }, { "name": "oval:org.mitre.oval:def:13243", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm" }, { "name": "25195", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25195" }, { "name": "RHSA-2007:0125", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html" }, { "name": "24741", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24741" }, { "name": "APPLE-SA-2007-11-14", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html" }, { "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html" }, { "name": "24791", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24791" }, { "name": "SUSE-SA:2007:027", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html" }, { "name": "DSA-1294", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2007/dsa-1294" }, { "name": "24765", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24765" }, { "name": "25216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25216" }, { "name": "xorg-fontsdir-bo(33419)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419" }, { "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded" }, { "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded" }, { "name": "ADV-2007-1548", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/1548" }, { "name": "102886", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1" }, { "name": "ADV-2007-1217", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/1217" }, { "name": "[4.0] 011: SECURITY FIX: April 4, 2007", "tags": [ "vendor-advisory", "x_refsource_OPENBSD", "x_transferred" ], "url": "http://www.openbsd.org/errata40.html#011_xorg" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-1213" }, { "name": "25004", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25004" }, { "name": "25305", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25305" }, { "name": "RHSA-2007:0132", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html" }, { "name": "24772", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24772" }, { "name": "[3.9] 021: SECURITY FIX: April 4, 2007", "tags": [ "vendor-advisory", "x_refsource_OPENBSD", "x_transferred" ], "url": "http://www.openbsd.org/errata39.html#021_xorg" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://issues.foresightlinux.org/browse/FL-223" }, { "name": "MDKSA-2007:079", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-04-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-16T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE" ], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502" }, { "name": "24745", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24745" }, { "name": "oval:org.mitre.oval:def:10523", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523" }, { "name": "33937", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/33937" }, { "name": "24771", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24771" }, { "name": "24770", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24770" }, { "name": "25006", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25006" }, { "name": "24756", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24756" }, { "name": "23283", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/23283" }, { "name": "RHSA-2007:0126", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html" }, { "name": "23300", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/23300" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT3438" }, { "name": "GLSA-200705-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml" }, { "name": "USN-448-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-448-1" }, { "name": "APPLE-SA-2009-02-12", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html" }, { "name": "MDKSA-2007:080", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080" }, { "name": "24758", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24758" }, { "name": "1017857", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1017857" }, { "name": "oval:org.mitre.oval:def:13243", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm" }, { "name": "25195", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25195" }, { "name": "RHSA-2007:0125", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html" }, { "name": "24741", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24741" }, { "name": "APPLE-SA-2007-11-14", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html" }, { "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html" }, { "name": "24791", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24791" }, { "name": "SUSE-SA:2007:027", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html" }, { "name": "DSA-1294", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2007/dsa-1294" }, { "name": "24765", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24765" }, { "name": "25216", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25216" }, { "name": "xorg-fontsdir-bo(33419)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419" }, { "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded" }, { "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded" }, { "name": "ADV-2007-1548", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/1548" }, { "name": "102886", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1" }, { "name": "ADV-2007-1217", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/1217" }, { "name": "[4.0] 011: SECURITY FIX: April 4, 2007", "tags": [ "vendor-advisory", "x_refsource_OPENBSD" ], "url": "http://www.openbsd.org/errata40.html#011_xorg" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-1213" }, { "name": "25004", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25004" }, { "name": "25305", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25305" }, { "name": "RHSA-2007:0132", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html" }, { "name": "24772", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24772" }, { "name": "[3.9] 021: SECURITY FIX: April 4, 2007", "tags": [ "vendor-advisory", "x_refsource_OPENBSD" ], "url": "http://www.openbsd.org/errata39.html#021_xorg" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://issues.foresightlinux.org/browse/FL-223" }, { "name": "MDKSA-2007:079", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2007-1352", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502" }, { "name": "24745", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24745" }, { "name": "oval:org.mitre.oval:def:10523", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523" }, { "name": "33937", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33937" }, { "name": "24771", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24771" }, { "name": "24770", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24770" }, { "name": "25006", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25006" }, { "name": "24756", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24756" }, { "name": "23283", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23283" }, { "name": "RHSA-2007:0126", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html" }, { "name": "23300", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23300" }, { "name": "http://support.apple.com/kb/HT3438", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3438" }, { "name": "GLSA-200705-10", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200705-10.xml" }, { "name": "USN-448-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-448-1" }, { "name": "APPLE-SA-2009-02-12", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html" }, { "name": "MDKSA-2007:080", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080" }, { "name": "24758", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24758" }, { "name": "1017857", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017857" }, { "name": "oval:org.mitre.oval:def:13243", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243" }, { "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm" }, { "name": "25195", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25195" }, { "name": "RHSA-2007:0125", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html" }, { "name": "24741", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24741" }, { "name": "APPLE-SA-2007-11-14", "refsource": "APPLE", "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html" }, { "name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont", "refsource": "MLIST", "url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html" }, { "name": "24791", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24791" }, { "name": "SUSE-SA:2007:027", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_27_x.html" }, { "name": "DSA-1294", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1294" }, { "name": "24765", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24765" }, { "name": "25216", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25216" }, { "name": "xorg-fontsdir-bo(33419)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419" }, { "name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded" }, { "name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded" }, { "name": "ADV-2007-1548", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1548" }, { "name": "102886", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1" }, { "name": "ADV-2007-1217", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1217" }, { "name": "[4.0] 011: SECURITY FIX: April 4, 2007", "refsource": "OPENBSD", "url": "http://www.openbsd.org/errata40.html#011_xorg" }, { "name": "https://issues.rpath.com/browse/RPL-1213", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1213" }, { "name": "25004", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25004" }, { "name": "25305", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25305" }, { "name": "RHSA-2007:0132", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html" }, { "name": "24772", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24772" }, { "name": "[3.9] 021: SECURITY FIX: April 4, 2007", "refsource": "OPENBSD", "url": "http://www.openbsd.org/errata39.html#021_xorg" }, { "name": "http://issues.foresightlinux.org/browse/FL-223", "refsource": "CONFIRM", "url": "http://issues.foresightlinux.org/browse/FL-223" }, { "name": "MDKSA-2007:079", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2007-1352", "datePublished": "2007-04-06T01:00:00", "dateReserved": "2007-03-08T00:00:00", "dateUpdated": "2024-08-07T12:50:35.267Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3625 (GCVE-0-2005-3625)
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.366Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "oval:org.mitre.oval:def:9575", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "oval:org.mitre.oval:def:9575", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3625", "datePublished": "2006-01-06T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.366Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0701 (GCVE-0-2000-0701)
Vulnerability from cvelistv5
Published
2000-09-21 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:28:41.187Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000801 Advisory: mailman local compromise", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/73220" }, { "name": "RHSA-2000:030", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-030.html" }, { "name": "20000802 MDKSA-2000:030 - Linux-Mandrake not affected by mailman problem", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0479.html" }, { "name": "20000802 CONECTIVA LINUX SECURITY ANNOUNCEMENT - mailman", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0474.html" }, { "name": "1539", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1539" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000802105050.A11733%40rak.isternet.sk" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-08-01T00:00:00", "descriptions": [ { "lang": "en", "value": "The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-08-18T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000801 Advisory: mailman local compromise", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/73220" }, { "name": "RHSA-2000:030", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-030.html" }, { "name": "20000802 MDKSA-2000:030 - Linux-Mandrake not affected by mailman problem", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0479.html" }, { "name": "20000802 CONECTIVA LINUX SECURITY ANNOUNCEMENT - mailman", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0474.html" }, { "name": "1539", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1539" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000802105050.A11733%40rak.isternet.sk" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0701", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000801 Advisory: mailman local compromise", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/73220" }, { "name": "RHSA-2000:030", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-030.html" }, { "name": "20000802 MDKSA-2000:030 - Linux-Mandrake not affected by mailman problem", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0479.html" }, { "name": "20000802 CONECTIVA LINUX SECURITY ANNOUNCEMENT - mailman", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0474.html" }, { "name": "1539", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1539" }, { "name": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000802105050.A11733@rak.isternet.sk", "refsource": "CONFIRM", "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000802105050.A11733@rak.isternet.sk" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0701", "datePublished": "2000-09-21T04:00:00", "dateReserved": "2000-09-19T00:00:00", "dateUpdated": "2024-08-08T05:28:41.187Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0358 (GCVE-0-2000-0358)
Vulnerability from cvelistv5
Published
2000-05-24 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.419Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-1999:058-01", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/corp/support/errata/RHSA1999058-01.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-12-12T00:00:00", "descriptions": [ { "lang": "en", "value": "ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-04-20T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-1999:058-01", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/corp/support/errata/RHSA1999058-01.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0358", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-1999:058-01", "refsource": "REDHAT", "url": "http://www.redhat.com/corp/support/errata/RHSA1999058-01.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0358", "datePublished": "2000-05-24T04:00:00", "dateReserved": "2000-05-23T00:00:00", "dateUpdated": "2024-08-08T05:14:21.419Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0844 (GCVE-0-2000-0844)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:37:30.623Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2000:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html" }, { "name": "20000906 glibc locale security problem", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html" }, { "name": "20000902 Conectiva Linux Security Announcement - glibc", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html" }, { "name": "SSRT0689U", "tags": [ "vendor-advisory", "x_refsource_COMPAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html" }, { "name": "TLSA2000020-1", "tags": [ "vendor-advisory", "x_refsource_TURBO", "x_transferred" ], "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html" }, { "name": "20000902 glibc: local root exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2000/20000902" }, { "name": "20000904 UNIX locale format string vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html" }, { "name": "IY13753", "tags": [ "vendor-advisory", "x_refsource_AIXAPAR", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html" }, { "name": "1634", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1634" }, { "name": "CSSA-2000-030.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt" }, { "name": "unix-locale-format-string(5176)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176" }, { "name": "20000901-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-09-04T00:00:00", "descriptions": [ { "lang": "en", "value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2000:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html" }, { "name": "20000906 glibc locale security problem", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html" }, { "name": "20000902 Conectiva Linux Security Announcement - glibc", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html" }, { "name": "SSRT0689U", "tags": [ "vendor-advisory", "x_refsource_COMPAQ" ], "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html" }, { "name": "TLSA2000020-1", "tags": [ "vendor-advisory", "x_refsource_TURBO" ], "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html" }, { "name": "20000902 glibc: local root exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2000/20000902" }, { "name": "20000904 UNIX locale format string vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html" }, { "name": "IY13753", "tags": [ "vendor-advisory", "x_refsource_AIXAPAR" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html" }, { "name": "1634", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1634" }, { "name": "CSSA-2000-030.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt" }, { "name": "unix-locale-format-string(5176)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176" }, { "name": "20000901-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0844", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2000:057", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-057.html" }, { "name": "20000906 glibc locale security problem", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html" }, { "name": "20000902 Conectiva Linux Security Announcement - glibc", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html" }, { "name": "SSRT0689U", "refsource": "COMPAQ", "url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html" }, { "name": "TLSA2000020-1", "refsource": "TURBO", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html" }, { "name": "20000902 glibc: local root exploit", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2000/20000902" }, { "name": "20000904 UNIX locale format string vulnerability", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html" }, { "name": "IY13753", "refsource": "AIXAPAR", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html" }, { "name": "1634", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1634" }, { "name": "CSSA-2000-030.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt" }, { "name": "unix-locale-format-string(5176)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176" }, { "name": "20000901-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0844", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-10-18T00:00:00", "dateUpdated": "2024-08-08T05:37:30.623Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1333 (GCVE-0-1999-1333)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:02.854Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "ncftp-autodownload-command-execution(7240)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/7240.php" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp" }, { "name": "6111", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/6111" }, { "name": "19980319 ncftp 2.4.2 MkDirs bug", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=89042322924057\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1998-03-19T00:00:00", "descriptions": [ { "lang": "en", "value": "automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-20T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "ncftp-autodownload-command-execution(7240)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/7240.php" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp" }, { "name": "6111", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/6111" }, { "name": "19980319 ncftp 2.4.2 MkDirs bug", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=89042322924057\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1333", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "ncftp-autodownload-command-execution(7240)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7240.php" }, { "name": "http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp", "refsource": "CONFIRM", "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp" }, { "name": "6111", "refsource": "OSVDB", "url": "http://www.osvdb.org/6111" }, { "name": "19980319 ncftp 2.4.2 MkDirs bug", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=89042322924057\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1333", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:02.854Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-1028 (GCVE-0-2001-1028)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 04:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:44:06.602Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "man-ultimate-source-bo(8622)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/8622.php" }, { "name": "RHSA-2001:072", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-072.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-09-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-08-17T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "man-ultimate-source-bo(8622)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/8622.php" }, { "name": "RHSA-2001:072", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-072.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-1028", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "man-ultimate-source-bo(8622)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8622.php" }, { "name": "RHSA-2001:072", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-072.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-1028", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2002-01-31T00:00:00", "dateUpdated": "2024-08-08T04:44:06.602Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0464 (GCVE-0-2003-0464)
Vulnerability from cvelistv5
Published
2003-07-25 04:00
Modified
2024-08-08 01:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:58:10.145Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2003:238", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "oval:org.mitre.oval:def:311", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A311" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-07-21T00:00:00", "descriptions": [ { "lang": "en", "value": "The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2003:238", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "oval:org.mitre.oval:def:311", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A311" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0464", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2003:238", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-238.html" }, { "name": "oval:org.mitre.oval:def:311", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A311" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0464", "datePublished": "2003-07-25T04:00:00", "dateReserved": "2003-06-26T00:00:00", "dateUpdated": "2024-08-08T01:58:10.145Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1095 (GCVE-0-2000-1095)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters.
References
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:36.993Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1936", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1936" }, { "name": "RHSA-2000:108", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-108.html" }, { "name": "MDKSA-2000:071", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-071-1.php3?dis=7.1" }, { "name": "SuSE-SA:2000:44", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0596.html" }, { "name": "20001112 RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0179.html" }, { "name": "CLSA-2000:340", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000340" }, { "name": "20001120 modutils: local exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2000/20001120" }, { "name": "linux-modprobe-execute-code(5516)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5516" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-11-12T00:00:00", "descriptions": [ { "lang": "en", "value": "modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1936", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1936" }, { "name": "RHSA-2000:108", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-108.html" }, { "name": "MDKSA-2000:071", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-071-1.php3?dis=7.1" }, { "name": "SuSE-SA:2000:44", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0596.html" }, { "name": "20001112 RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0179.html" }, { "name": "CLSA-2000:340", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000340" }, { "name": "20001120 modutils: local exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2000/20001120" }, { "name": "linux-modprobe-execute-code(5516)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5516" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1095", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1936", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1936" }, { "name": "RHSA-2000:108", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-108.html" }, { "name": "MDKSA-2000:071", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-071-1.php3?dis=7.1" }, { "name": "SuSE-SA:2000:44", "refsource": "SUSE", "url": "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0596.html" }, { "name": "20001112 RedHat 7.0 (and SuSE): modutils + netkit = root compromise. (fwd)", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0179.html" }, { "name": "CLSA-2000:340", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000340" }, { "name": "20001120 modutils: local exploit", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2000/20001120" }, { "name": "linux-modprobe-execute-code(5516)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5516" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1095", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-12-14T00:00:00", "dateUpdated": "2024-08-08T05:45:36.993Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0041 (GCVE-0-1999-0041)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-09-17 14:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in NLS (Natural Language Service).
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:27:57.067Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-1999-0041", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-04T14:09:51.440131Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-17T14:25:15.473Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in NLS (Natural Language Service)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T06:30:20", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0041", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in NLS (Natural Language Service)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0041", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-09-17T14:25:15.473Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0872 (GCVE-0-1999-0872)
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:55:29.003Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "611", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/611" }, { "name": "759", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/759" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-03-21T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "611", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/611" }, { "name": "759", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/759" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0872", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "611", "refsource": "BID", "url": "http://www.securityfocus.com/bid/611" }, { "name": "759", "refsource": "BID", "url": "http://www.securityfocus.com/bid/759" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0872", "datePublished": "2000-02-04T05:00:00", "dateReserved": "1999-12-08T00:00:00", "dateUpdated": "2024-08-01T16:55:29.003Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0042 (GCVE-0-1999-0042)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in University of Washington's implementation of IMAP and POP servers.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:27:57.030Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in University of Washington\u0027s implementation of IMAP and POP servers." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T06:30:41", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0042", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in University of Washington\u0027s implementation of IMAP and POP servers." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0042" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0042", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:27:57.030Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0740 (GCVE-0-1999-0740)
Vulnerability from cvelistv5
Published
2000-03-22 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:48:37.796Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "594", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/594" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "594", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/594" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0740", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "594", "refsource": "BID", "url": "http://www.securityfocus.com/bid/594" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0740", "datePublished": "2000-03-22T05:00:00", "dateReserved": "1999-11-25T00:00:00", "dateUpdated": "2024-08-01T16:48:37.796Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0439 (GCVE-0-2001-0439)
Vulnerability from cvelistv5
Published
2001-09-18 04:00
Modified
2024-08-08 04:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
References
► | URL | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:21:38.535Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FreeBSD-SA-01:35", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html" }, { "name": "licq-url-execute-commands(6261)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6261" }, { "name": "MDKSA-2001:032", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3" }, { "name": "RHSA-2001:023", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-023.html" }, { "name": "5641", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/5641" }, { "name": "RHSA-2001:022", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-022.html" }, { "name": "CLA-2001:389", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000389" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-03-20T00:00:00", "descriptions": [ { "lang": "en", "value": "licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FreeBSD-SA-01:35", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html" }, { "name": "licq-url-execute-commands(6261)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6261" }, { "name": "MDKSA-2001:032", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3" }, { "name": "RHSA-2001:023", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-023.html" }, { "name": "5641", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/5641" }, { "name": "RHSA-2001:022", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-022.html" }, { "name": "CLA-2001:389", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000389" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0439", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FreeBSD-SA-01:35", "refsource": "FREEBSD", "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0607.html" }, { "name": "licq-url-execute-commands(6261)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6261" }, { "name": "MDKSA-2001:032", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-032.php3" }, { "name": "RHSA-2001:023", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-023.html" }, { "name": "5641", "refsource": "OSVDB", "url": "http://www.osvdb.org/5641" }, { "name": "RHSA-2001:022", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-022.html" }, { "name": "CLA-2001:389", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000389" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0439", "datePublished": "2001-09-18T04:00:00", "dateReserved": "2001-05-24T00:00:00", "dateUpdated": "2024-08-08T04:21:38.535Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-14655 (GCVE-0-2018-14655)
Vulnerability from cvelistv5
Published
2018-11-13 19:00
Modified
2024-08-05 09:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. When using 'response_mode=form_post' it is possible to inject arbitrary Javascript-Code via the 'state'-parameter in the authentication URL. This allows an XSS-Attack upon succesfully login.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T09:38:13.384Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655" }, { "name": "RHSA-2018:3592", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3592" }, { "name": "RHSA-2018:3593", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3593" }, { "name": "RHSA-2018:3595", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2018:3595" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "keycloak", "vendor": "Red Hat", "versions": [ { "status": "affected", "version": "3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final" } ] } ], "datePublic": "2018-11-13T00:00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. When using \u0027response_mode=form_post\u0027 it is possible to inject arbitrary Javascript-Code via the \u0027state\u0027-parameter in the authentication URL. This allows an XSS-Attack upon succesfully login." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2018-11-14T10:57:02", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655" }, { "name": "RHSA-2018:3592", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3592" }, { "name": "RHSA-2018:3593", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3593" }, { "name": "RHSA-2018:3595", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2018:3595" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2018-14655", "datePublished": "2018-11-13T19:00:00", "dateReserved": "2018-07-27T00:00:00", "dateUpdated": "2024-08-05T09:38:13.384Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1407 (GCVE-0-1999-1407)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:03.141Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "initscripts-ifdhcpdone-dhcplog-symlink(7294)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/7294.php" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts" }, { "name": "19980309 *sigh* another RH5 /tmp problem", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=88950856416985\u0026w=2" }, { "name": "368", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/368" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1998-03-09T00:00:00", "descriptions": [ { "lang": "en", "value": "ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-20T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "initscripts-ifdhcpdone-dhcplog-symlink(7294)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/7294.php" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts" }, { "name": "19980309 *sigh* another RH5 /tmp problem", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=88950856416985\u0026w=2" }, { "name": "368", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/368" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1407", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "initscripts-ifdhcpdone-dhcplog-symlink(7294)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/7294.php" }, { "name": "http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts", "refsource": "CONFIRM", "url": "http://www.redhat.com/support/errata/rh50-errata-general.html#initscripts" }, { "name": "19980309 *sigh* another RH5 /tmp problem", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=88950856416985\u0026w=2" }, { "name": "368", "refsource": "BID", "url": "http://www.securityfocus.com/bid/368" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1407", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:03.141Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2008-6560 (GCVE-0-2008-6560)
Vulnerability from cvelistv5
Published
2009-03-31 10:00
Modified
2024-08-07 11:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this issue crosses privilege boundaries in realistic uses of the product.
References
► | URL | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T11:34:47.082Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "cman-clusterconf-dos(49832)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49832" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.fedorahosted.org/git/cluster.git?p=cluster.git%3Ba=commitdiff%3Bh=67fee9128e54c6c3fc3eae306b5b501f3029c3be" }, { "name": "FEDORA-2008-9458", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html" }, { "name": "USN-875-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-875-1" }, { "name": "FEDORA-2008-9458", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=468966" }, { "name": "FEDORA-2008-9458", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2008-11-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this issue crosses privilege boundaries in realistic uses of the product." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "cman-clusterconf-dos(49832)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49832" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.fedorahosted.org/git/cluster.git?p=cluster.git%3Ba=commitdiff%3Bh=67fee9128e54c6c3fc3eae306b5b501f3029c3be" }, { "name": "FEDORA-2008-9458", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html" }, { "name": "USN-875-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-875-1" }, { "name": "FEDORA-2008-9458", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=468966" }, { "name": "FEDORA-2008-9458", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-6560", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this issue crosses privilege boundaries in realistic uses of the product." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "cman-clusterconf-dos(49832)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49832" }, { "name": "http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=67fee9128e54c6c3fc3eae306b5b501f3029c3be", "refsource": "CONFIRM", "url": "http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=67fee9128e54c6c3fc3eae306b5b501f3029c3be" }, { "name": "FEDORA-2008-9458", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html" }, { "name": "USN-875-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-875-1" }, { "name": "FEDORA-2008-9458", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=468966", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=468966" }, { "name": "FEDORA-2008-9458", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-6560", "datePublished": "2009-03-31T10:00:00", "dateReserved": "2009-03-30T00:00:00", "dateUpdated": "2024-08-07T11:34:47.082Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1491 (GCVE-0-1999-1491)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:18:07.449Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "354", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/354" }, { "name": "19960202 abuse Red Hat 2.1 security hole", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602167418994\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1996-02-02T00:00:00", "descriptions": [ { "lang": "en", "value": "abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "354", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/354" }, { "name": "19960202 abuse Red Hat 2.1 security hole", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602167418994\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1491", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "354", "refsource": "BID", "url": "http://www.securityfocus.com/bid/354" }, { "name": "19960202 abuse Red Hat 2.1 security hole", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=87602167418994\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1491", "datePublished": "2001-09-12T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:18:07.449Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1186 (GCVE-0-1999-1186)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:02:53.866Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19960102 rxvt security hole", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602167418966\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1996-01-02T00:00:00", "descriptions": [ { "lang": "en", "value": "rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19960102 rxvt security hole", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602167418966\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1186", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19960102 rxvt security hole", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=87602167418966\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1186", "datePublished": "2001-09-12T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:02:53.866Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-1155 (GCVE-0-2002-1155)
Vulnerability from cvelistv5
Published
2003-06-05 04:00
Modified
2024-08-08 03:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T03:12:17.057Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20030616 Next kon2root - Redhat 9", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=105577912106710\u0026w=2" }, { "name": "RHSA-2003:050", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-050.html" }, { "name": "MDKSA-2003:064", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:064" }, { "name": "RHSA-2003:047", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-047.html" }, { "name": "20030603 kon2_exploit!!", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=105474080512376\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-06-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20030616 Next kon2root - Redhat 9", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=105577912106710\u0026w=2" }, { "name": "RHSA-2003:050", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-050.html" }, { "name": "MDKSA-2003:064", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:064" }, { "name": "RHSA-2003:047", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-047.html" }, { "name": "20030603 kon2_exploit!!", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=105474080512376\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1155", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20030616 Next kon2root - Redhat 9", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=105577912106710\u0026w=2" }, { "name": "RHSA-2003:050", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-050.html" }, { "name": "MDKSA-2003:064", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:064" }, { "name": "RHSA-2003:047", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-047.html" }, { "name": "20030603 kon2_exploit!!", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=105474080512376\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1155", "datePublished": "2003-06-05T04:00:00", "dateReserved": "2002-09-26T00:00:00", "dateUpdated": "2024-08-08T03:12:17.057Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2007-3103 (GCVE-0-2007-3103)
Vulnerability from cvelistv5
Published
2007-07-15 22:00
Modified
2024-08-07 14:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T14:05:29.094Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:10802", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10802" }, { "name": "35674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35674" }, { "name": "24888", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/24888" }, { "name": "RHSA-2007:0520", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0520.html" }, { "name": "26081", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26081" }, { "name": "DSA-1342", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2007/dsa-1342" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-1485" }, { "name": "27240", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27240" }, { "name": "26056", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26056" }, { "name": "20070717 rPSA-2007-0141-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/473869/100/0/threaded" }, { "name": "5167", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/5167" }, { "name": "1018375", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1018375" }, { "name": "GLSA-200710-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200710-11.xml" }, { "name": "FEDORA-2009-3666", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00095.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugzilla.redhat.com/242903" }, { "name": "redhat-xfs-privilege-escalation(35375)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35375" }, { "name": "20070712 Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred" ], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=557" }, { "name": "26282", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26282" }, { "name": "RHSA-2007:0519", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0519.html" }, { "name": "40945", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/40945" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=185660" }, { "name": "FEDORA-2009-3651", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00096.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-07-12T00:00:00", "descriptions": [ { "lang": "en", "value": "The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-16T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "oval:org.mitre.oval:def:10802", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10802" }, { "name": "35674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35674" }, { "name": "24888", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/24888" }, { "name": "RHSA-2007:0520", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0520.html" }, { "name": "26081", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26081" }, { "name": "DSA-1342", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2007/dsa-1342" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-1485" }, { "name": "27240", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27240" }, { "name": "26056", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26056" }, { "name": "20070717 rPSA-2007-0141-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/473869/100/0/threaded" }, { "name": "5167", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/5167" }, { "name": "1018375", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1018375" }, { "name": "GLSA-200710-11", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200710-11.xml" }, { "name": "FEDORA-2009-3666", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00095.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugzilla.redhat.com/242903" }, { "name": "redhat-xfs-privilege-escalation(35375)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35375" }, { "name": "20070712 Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE" ], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=557" }, { "name": "26282", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26282" }, { "name": "RHSA-2007:0519", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0519.html" }, { "name": "40945", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/40945" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=185660" }, { "name": "FEDORA-2009-3651", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00096.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2007-3103", "datePublished": "2007-07-15T22:00:00", "dateReserved": "2007-06-07T00:00:00", "dateUpdated": "2024-08-07T14:05:29.094Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0859 (GCVE-0-2001-0859)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:37:06.738Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2001:148", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-148.html" }, { "name": "3527", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3527" }, { "name": "HPSBTL0112-006", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://online.securityfocus.com/advisories/3725" }, { "name": "linux-korean-default-umask(7549)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7549" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-11-13T00:00:00", "descriptions": [ { "lang": "en", "value": "2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-26T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2001:148", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-148.html" }, { "name": "3527", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3527" }, { "name": "HPSBTL0112-006", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://online.securityfocus.com/advisories/3725" }, { "name": "linux-korean-default-umask(7549)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7549" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0859", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2001:148", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-148.html" }, { "name": "3527", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3527" }, { "name": "HPSBTL0112-006", "refsource": "HP", "url": "http://online.securityfocus.com/advisories/3725" }, { "name": "linux-korean-default-umask(7549)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7549" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0859", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-11-22T00:00:00", "dateUpdated": "2024-08-08T04:37:06.738Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0751 (GCVE-0-2000-0751)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:28:41.411Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FreeBSD-SA-00:40", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html" }, { "name": "RHSA-2000:050", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-050.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h" }, { "name": "20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html" }, { "name": "20000705 Mopd contained a buffer overflow.", "tags": [ "vendor-advisory", "x_refsource_OPENBSD", "x_transferred" ], "url": "http://www.openbsd.org/errata.html#mopd" }, { "name": "1559", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1559" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-08-08T00:00:00", "descriptions": [ { "lang": "en", "value": "mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FreeBSD-SA-00:40", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html" }, { "name": "RHSA-2000:050", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-050.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h" }, { "name": "20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html" }, { "name": "20000705 Mopd contained a buffer overflow.", "tags": [ "vendor-advisory", "x_refsource_OPENBSD" ], "url": "http://www.openbsd.org/errata.html#mopd" }, { "name": "1559", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1559" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0751", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FreeBSD-SA-00:40", "refsource": "FREEBSD", "url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html" }, { "name": "RHSA-2000:050", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-050.html" }, { "name": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h", "refsource": "MISC", "url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h" }, { "name": "20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html" }, { "name": "20000705 Mopd contained a buffer overflow.", "refsource": "OPENBSD", "url": "http://www.openbsd.org/errata.html#mopd" }, { "name": "1559", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1559" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0751", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-09-19T00:00:00", "dateUpdated": "2024-08-08T05:28:41.411Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2007-1462 (GCVE-0-2007-1462)
Vulnerability from cvelistv5
Published
2007-03-15 20:00
Modified
2024-08-07 12:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The luci server component in conga preserves the password between page loads for the Add System/Cluster task flow by storing the password in the Value attribute of a password entry field, which allows attackers to steal the password by performing a "view source" or other operation to obtain the web page. NOTE: there are limited circumstances under which such an attack is feasible.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T12:59:08.998Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "35086", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/35086" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228637" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-02-14T00:00:00", "descriptions": [ { "lang": "en", "value": "The luci server component in conga preserves the password between page loads for the Add System/Cluster task flow by storing the password in the Value attribute of a password entry field, which allows attackers to steal the password by performing a \"view source\" or other operation to obtain the web page. NOTE: there are limited circumstances under which such an attack is feasible." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2008-11-15T10:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "35086", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/35086" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228637" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2007-1462", "datePublished": "2007-03-15T20:00:00", "dateReserved": "2007-03-15T00:00:00", "dateUpdated": "2024-08-07T12:59:08.998Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1348 (GCVE-0-1999-1348)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:03.121Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19990630 linuxconf doesn\u0027t seem to deal correctly with /etc/pam.d/reboot", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=93220073515880\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-06-30T00:00:00", "descriptions": [ { "lang": "en", "value": "Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19990630 linuxconf doesn\u0027t seem to deal correctly with /etc/pam.d/reboot", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=93220073515880\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1348", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19990630 linuxconf doesn\u0027t seem to deal correctly with /etc/pam.d/reboot", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=93220073515880\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1348", "datePublished": "2001-09-12T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:03.121Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1125 (GCVE-0-2000-1125)
Vulnerability from cvelistv5
Published
2000-12-19 05:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.323Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1914", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1914" }, { "name": "20001104 Redhat 6.2 restore exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97336034309944\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-11-04T00:00:00", "descriptions": [ { "lang": "en", "value": "restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1914", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1914" }, { "name": "20001104 Redhat 6.2 restore exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97336034309944\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1125", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1914", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1914" }, { "name": "20001104 Redhat 6.2 restore exploit", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97336034309944\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1125", "datePublished": "2000-12-19T05:00:00", "dateReserved": "2000-12-14T00:00:00", "dateUpdated": "2024-08-08T05:45:37.323Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1213 (GCVE-0-2000-1213)
Vulnerability from cvelistv5
Published
2002-08-31 04:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.360Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2000:087", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "name": "20001025 Immunix OS Security Update for ping package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "name": "20001030 Trustix Security Advisory - ping gnupg ypbind", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-18T00:00:00", "descriptions": [ { "lang": "en", "value": "ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping\u0027s exposure to bugs that otherwise would occur at lower privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2000:087", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "name": "20001025 Immunix OS Security Update for ping package", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "name": "20001030 Trustix Security Advisory - ping gnupg ypbind", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1213", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping\u0027s exposure to bugs that otherwise would occur at lower privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2000:087", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-087.html" }, { "name": "20001025 Immunix OS Security Update for ping package", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97249980727834\u0026w=2" }, { "name": "20001030 Trustix Security Advisory - ping gnupg ypbind", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0429.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1213", "datePublished": "2002-08-31T04:00:00", "dateReserved": "2002-08-30T00:00:00", "dateUpdated": "2024-08-08T05:45:37.360Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0197 (GCVE-0-2001-0197)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:14:06.751Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2001:004", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-004.html" }, { "name": "20010121 [pkc] format bugs in icecast 1.3.8b2 and prior", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0348.html" }, { "name": "2264", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2264" }, { "name": "CLA-2001:374", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000374" }, { "name": "icecast-format-string(5978)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5978" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2001:004", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-004.html" }, { "name": "20010121 [pkc] format bugs in icecast 1.3.8b2 and prior", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0348.html" }, { "name": "2264", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2264" }, { "name": "CLA-2001:374", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000374" }, { "name": "icecast-format-string(5978)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5978" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0197", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2001:004", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-004.html" }, { "name": "20010121 [pkc] format bugs in icecast 1.3.8b2 and prior", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-01/0348.html" }, { "name": "2264", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2264" }, { "name": "CLA-2001:374", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000374" }, { "name": "icecast-format-string(5978)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5978" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0197", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-03-08T00:00:00", "dateUpdated": "2024-08-08T04:14:06.751Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0473 (GCVE-0-2001-0473)
Vulnerability from cvelistv5
Published
2001-09-18 04:00
Modified
2024-08-08 04:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.
References
► | URL | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:21:38.677Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010320 Trustix Security Advisory - mutt", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0246.html" }, { "name": "5615", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/5615" }, { "name": "RHSA-2001:029", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-029.html" }, { "name": "20010315 Immunix OS Security update for mutt", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=98473109630421\u0026w=2" }, { "name": "mutt-imap-format-string(6235)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6235" }, { "name": "CLA-2001:385", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000385" }, { "name": "MDKSA-2001-031", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-031.php3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-03-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010320 Trustix Security Advisory - mutt", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0246.html" }, { "name": "5615", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/5615" }, { "name": "RHSA-2001:029", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-029.html" }, { "name": "20010315 Immunix OS Security update for mutt", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=98473109630421\u0026w=2" }, { "name": "mutt-imap-format-string(6235)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6235" }, { "name": "CLA-2001:385", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000385" }, { "name": "MDKSA-2001-031", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-031.php3" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0473", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010320 Trustix Security Advisory - mutt", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-03/0246.html" }, { "name": "5615", "refsource": "OSVDB", "url": "http://www.osvdb.org/5615" }, { "name": "RHSA-2001:029", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-029.html" }, { "name": "20010315 Immunix OS Security update for mutt", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=98473109630421\u0026w=2" }, { "name": "mutt-imap-format-string(6235)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6235" }, { "name": "CLA-2001:385", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000385" }, { "name": "MDKSA-2001-031", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-031.php3" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0473", "datePublished": "2001-09-18T04:00:00", "dateReserved": "2001-05-24T00:00:00", "dateUpdated": "2024-08-08T04:21:38.677Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1299 (GCVE-0-1999-1299)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:01.725Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19970203 Linux rcp bug", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602167420509\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1997-02-03T00:00:00", "descriptions": [ { "lang": "en", "value": "rcp on various Linux systems including Red Hat 4.0 allows a \"nobody\" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19970203 Linux rcp bug", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602167420509\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1299", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "rcp on various Linux systems including Red Hat 4.0 allows a \"nobody\" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19970203 Linux rcp bug", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=87602167420509\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1299", "datePublished": "2001-09-12T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:01.725Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0011 (GCVE-0-1999-0011)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2025-04-09 18:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:27:56.479Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19980603-01-PX", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "name": "HPSBUX9808-083", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" }, { "name": "00180", "tags": [ "vendor-advisory", "x_refsource_SUN", "x_transferred" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1" } }, { "other": { "content": { "id": "CVE-1999-0011", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-04-07T18:22:05.623556Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1067", "description": "CWE-1067 Excessive Execution of Sequential Searches of Data Resource", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-09T18:29:26.012Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2009-03-02T00:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19980603-01-PX", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "name": "HPSBUX9808-083", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" }, { "name": "00180", "tags": [ "vendor-advisory", "x_refsource_SUN" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0011", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19980603-01-PX", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "name": "HPSBUX9808-083", "refsource": "HP", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" }, { "name": "00180", "refsource": "SUN", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll\u0026doc=secbull/180" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0011", "datePublished": "1999-09-29T04:00:00.000Z", "dateReserved": "1999-06-07T00:00:00.000Z", "dateUpdated": "2025-04-09T18:29:26.012Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1490 (GCVE-0-1999-1490)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-01 17:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:18:07.464Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19980529 Re: Tiresome security hole in \"xosview\" (xosexp.c)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=90221101926034\u0026w=2" }, { "name": "19980528 ALERT: Tiresome security hole in \"xosview\", RedHat5.1?", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=90221101926021\u0026w=2" }, { "name": "362", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/362" }, { "name": "linux-xosview-bo(8787)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/8787.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-05-28T00:00:00", "descriptions": [ { "lang": "en", "value": "xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-03-18T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19980529 Re: Tiresome security hole in \"xosview\" (xosexp.c)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=90221101926034\u0026w=2" }, { "name": "19980528 ALERT: Tiresome security hole in \"xosview\", RedHat5.1?", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=90221101926021\u0026w=2" }, { "name": "362", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/362" }, { "name": "linux-xosview-bo(8787)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/8787.php" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1490", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "xosview 1.5.1 in Red Hat 5.1 allows local users to gain root access via a long HOME environmental variable." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19980529 Re: Tiresome security hole in \"xosview\" (xosexp.c)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=90221101926034\u0026w=2" }, { "name": "19980528 ALERT: Tiresome security hole in \"xosview\", RedHat5.1?", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=90221101926021\u0026w=2" }, { "name": "362", "refsource": "BID", "url": "http://www.securityfocus.com/bid/362" }, { "name": "linux-xosview-bo(8787)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8787.php" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1490", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:18:07.464Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0318 (GCVE-0-1999-0318)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:34:51.883Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0318" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T07:16:08", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0318" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0318", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0318", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0318" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0318", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:34:51.883Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0690 (GCVE-0-2001-0690)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:30:06.024Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "exim-syntax-format-string(6671)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6671" }, { "name": "20010606 lil\u0027 exim format bug", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-06/0041.html" }, { "name": "2828", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2828" }, { "name": "DSA-058", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2001/dsa-058" }, { "name": "RHSA-2001:078", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-078.html" }, { "name": "CLA-2001:402", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000402" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-06-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-25T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "exim-syntax-format-string(6671)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6671" }, { "name": "20010606 lil\u0027 exim format bug", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-06/0041.html" }, { "name": "2828", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2828" }, { "name": "DSA-058", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2001/dsa-058" }, { "name": "RHSA-2001:078", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-078.html" }, { "name": "CLA-2001:402", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000402" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0690", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "exim-syntax-format-string(6671)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6671" }, { "name": "20010606 lil\u0027 exim format bug", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2001-06/0041.html" }, { "name": "2828", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2828" }, { "name": "DSA-058", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2001/dsa-058" }, { "name": "RHSA-2001:078", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-078.html" }, { "name": "CLA-2001:402", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000402" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0690", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-08-29T00:00:00", "dateUpdated": "2024-08-08T04:30:06.024Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0041 (GCVE-0-2003-0041)
Vulnerability from cvelistv5
Published
2003-02-01 05:00
Modified
2024-08-08 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:43:35.114Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "8114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/8114" }, { "name": "7979", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/7979" }, { "name": "20030128 MIT Kerberos FTP client remote shell commands execution", "tags": [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html" }, { "name": "RHSA-2003:020", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-020.html" }, { "name": "MDKSA-2003:021", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:021" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-01-31T00:00:00", "descriptions": [ { "lang": "en", "value": "Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2007-11-13T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "8114", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/8114" }, { "name": "7979", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/7979" }, { "name": "20030128 MIT Kerberos FTP client remote shell commands execution", "tags": [ "mailing-list", "x_refsource_VULNWATCH" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html" }, { "name": "RHSA-2003:020", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-020.html" }, { "name": "MDKSA-2003:021", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:021" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0041", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "8114", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/8114" }, { "name": "7979", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/7979" }, { "name": "20030128 MIT Kerberos FTP client remote shell commands execution", "refsource": "VULNWATCH", "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html" }, { "name": "RHSA-2003:020", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-020.html" }, { "name": "MDKSA-2003:021", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:021" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0041", "datePublished": "2003-02-01T05:00:00", "dateReserved": "2003-01-27T00:00:00", "dateUpdated": "2024-08-08T01:43:35.114Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0117 (GCVE-0-2001-0117)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
References
► | URL | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.471Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "IMNX-2000-70-028-01", "tags": [ "vendor-advisory", "x_refsource_IMMUNIX", "x_transferred" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01" }, { "name": "linux-diffutils-sdiff-symlink(5914)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914" }, { "name": "2191", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2191" }, { "name": "VU#579928", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/579928" }, { "name": "MDKSA-2001:008-1", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3" }, { "name": "RHSA-2001:116", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "IMNX-2000-70-028-01", "tags": [ "vendor-advisory", "x_refsource_IMMUNIX" ], "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01" }, { "name": "linux-diffutils-sdiff-symlink(5914)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914" }, { "name": "2191", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2191" }, { "name": "VU#579928", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/579928" }, { "name": "MDKSA-2001:008-1", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3" }, { "name": "RHSA-2001:116", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0117", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "IMNX-2000-70-028-01", "refsource": "IMMUNIX", "url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01" }, { "name": "linux-diffutils-sdiff-symlink(5914)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5914" }, { "name": "2191", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2191" }, { "name": "VU#579928", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/579928" }, { "name": "MDKSA-2001:008-1", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-008.php3" }, { "name": "RHSA-2001:116", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-116.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0117", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.471Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0234 (GCVE-0-1999-0234)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Bash treats any character with a value of 255 as a command separator.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:34:50.903Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Bash treats any character with a value of 255 as a command separator." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T06:59:51", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0234", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Bash treats any character with a value of 255 as a command separator." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0234" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0234", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:34:50.903Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0364 (GCVE-0-2003-0364)
Vulnerability from cvelistv5
Published
2003-06-05 04:00
Modified
2024-08-08 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.
References
► | URL | Tags | ||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:50:47.925Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2003:187", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "name": "TLSA-2003-41", "tags": [ "vendor-advisory", "x_refsource_TURBO", "x_transferred" ], "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "name": "RHSA-2003:195", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "name": "RHSA-2003:198", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "name": "DSA-336", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-336" }, { "name": "DSA-311", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-311" }, { "name": "DSA-332", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-332" }, { "name": "oval:org.mitre.oval:def:295", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A295" }, { "name": "DSA-312", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-312" }, { "name": "DSA-442", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-442" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-06-03T00:00:00", "descriptions": [ { "lang": "en", "value": "The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2003:187", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "name": "TLSA-2003-41", "tags": [ "vendor-advisory", "x_refsource_TURBO" ], "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "name": "RHSA-2003:195", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "name": "RHSA-2003:198", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "name": "DSA-336", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-336" }, { "name": "DSA-311", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-311" }, { "name": "DSA-332", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-332" }, { "name": "oval:org.mitre.oval:def:295", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A295" }, { "name": "DSA-312", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-312" }, { "name": "DSA-442", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-442" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0364", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2003:187", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "name": "TLSA-2003-41", "refsource": "TURBO", "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "name": "RHSA-2003:195", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "name": "RHSA-2003:198", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "name": "DSA-336", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-336" }, { "name": "DSA-311", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-311" }, { "name": "DSA-332", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-332" }, { "name": "oval:org.mitre.oval:def:295", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A295" }, { "name": "DSA-312", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-312" }, { "name": "DSA-442", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-442" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0364", "datePublished": "2003-06-05T04:00:00", "dateReserved": "2003-05-30T00:00:00", "dateUpdated": "2024-08-08T01:50:47.925Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2007-5079 (GCVE-0-2007-5079)
Vulnerability from cvelistv5
Published
2007-09-25 01:00
Modified
2024-08-07 15:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T15:17:28.205Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2010:0657", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0657.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=181302" }, { "name": "rhel-tcpwrapper-security-bypass(36791)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36791" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-05-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2010:0657", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2010-0657.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=181302" }, { "name": "rhel-tcpwrapper-security-bypass(36791)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36791" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2007-5079", "datePublished": "2007-09-25T01:00:00", "dateReserved": "2007-09-24T00:00:00", "dateUpdated": "2024-08-07T15:17:28.205Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0868 (GCVE-0-1999-0868)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
References
► | URL | Tags |
---|---|---|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:55:29.019Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.cs.ait.ac.th/joomla3/index.php/security-advisories?CERT/CA97/msg00027.shtml" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T05:30:19", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.cs.ait.ac.th/joomla3/index.php/security-advisories?CERT/CA97/msg00027.shtml" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0868", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.cs.ait.ac.th/joomla3/index.php/security-advisories?CERT/CA97/msg00027.shtml", "refsource": "MISC", "url": "https://www.cs.ait.ac.th/joomla3/index.php/security-advisories?CERT/CA97/msg00027.shtml" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0868", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-12-08T00:00:00", "dateUpdated": "2024-08-01T16:55:29.019Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0247 (GCVE-0-2003-0247)
Vulnerability from cvelistv5
Published
2003-06-05 04:00
Modified
2024-08-08 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops").
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:50:47.158Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2003:187", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "name": "oval:org.mitre.oval:def:284", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A284" }, { "name": "TLSA-2003-41", "tags": [ "vendor-advisory", "x_refsource_TURBO", "x_transferred" ], "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "name": "RHSA-2003:195", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "name": "RHSA-2003:198", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "name": "MDKSA-2003:074", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074" }, { "name": "DSA-336", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-336" }, { "name": "MDKSA-2003:066", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066" }, { "name": "DSA-311", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-311" }, { "name": "DSA-332", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-332" }, { "name": "DSA-312", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-312" }, { "name": "DSA-442", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-442" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-06-03T00:00:00", "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service (\"kernel oops\")." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2003:187", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "name": "oval:org.mitre.oval:def:284", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A284" }, { "name": "TLSA-2003-41", "tags": [ "vendor-advisory", "x_refsource_TURBO" ], "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "name": "RHSA-2003:195", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "name": "RHSA-2003:198", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "name": "MDKSA-2003:074", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074" }, { "name": "DSA-336", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-336" }, { "name": "MDKSA-2003:066", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066" }, { "name": "DSA-311", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-311" }, { "name": "DSA-332", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-332" }, { "name": "DSA-312", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-312" }, { "name": "DSA-442", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-442" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0247", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service (\"kernel oops\")." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2003:187", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-187.html" }, { "name": "oval:org.mitre.oval:def:284", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A284" }, { "name": "TLSA-2003-41", "refsource": "TURBO", "url": "http://www.turbolinux.com/security/TLSA-2003-41.txt" }, { "name": "RHSA-2003:195", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-195.html" }, { "name": "RHSA-2003:198", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-198.html" }, { "name": "MDKSA-2003:074", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:074" }, { "name": "DSA-336", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-336" }, { "name": "MDKSA-2003:066", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:066" }, { "name": "DSA-311", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-311" }, { "name": "DSA-332", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-332" }, { "name": "DSA-312", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-312" }, { "name": "DSA-442", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-442" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0247", "datePublished": "2003-06-05T04:00:00", "dateReserved": "2003-05-06T00:00:00", "dateUpdated": "2024-08-08T01:50:47.158Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0869 (GCVE-0-2001-0869)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 04:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:37:06.965Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2001:150", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-150.html" }, { "name": "CSSA-2001-040.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt" }, { "name": "RHSA-2001:151", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-151.html" }, { "name": "3498", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3498" }, { "name": "SuSE-SA:2001:042", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3" }, { "name": "cyrus-sasl-format-string(7443)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7443" }, { "name": "FreeBSD-SA-02:15", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc" }, { "name": "CLA-2001:444", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000444" }, { "name": "MDKSA-2002:018", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-11-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-06-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2001:150", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-150.html" }, { "name": "CSSA-2001-040.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt" }, { "name": "RHSA-2001:151", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-151.html" }, { "name": "3498", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3498" }, { "name": "SuSE-SA:2001:042", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3" }, { "name": "cyrus-sasl-format-string(7443)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7443" }, { "name": "FreeBSD-SA-02:15", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc" }, { "name": "CLA-2001:444", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000444" }, { "name": "MDKSA-2002:018", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0869", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2001:150", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-150.html" }, { "name": "CSSA-2001-040.0", "refsource": "CALDERA", "url": "http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt" }, { "name": "RHSA-2001:151", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-151.html" }, { "name": "3498", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3498" }, { "name": "SuSE-SA:2001:042", "refsource": "SUSE", "url": "http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3" }, { "name": "cyrus-sasl-format-string(7443)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7443" }, { "name": "FreeBSD-SA-02:15", "refsource": "FREEBSD", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc" }, { "name": "CLA-2001:444", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000444" }, { "name": "MDKSA-2002:018", "refsource": "MANDRAKE", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0869", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2001-11-29T00:00:00", "dateUpdated": "2024-08-08T04:37:06.965Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0917 (GCVE-0-2000-0917)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
References
► | URL | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:37:31.427Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FreeBSD-SA-00:56", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc" }, { "name": "CSSA-2000-033.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt" }, { "name": "CA-2000-22", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.cert.org/advisories/CA-2000-22.html" }, { "name": "20000925 Format strings: bug #2: LPRng", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html" }, { "name": "RHSA-2000:065", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-065.html" }, { "name": "lprng-format-string(5287)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287" }, { "name": "1712", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1712" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-09-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FreeBSD-SA-00:56", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc" }, { "name": "CSSA-2000-033.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt" }, { "name": "CA-2000-22", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.cert.org/advisories/CA-2000-22.html" }, { "name": "20000925 Format strings: bug #2: LPRng", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html" }, { "name": "RHSA-2000:065", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-065.html" }, { "name": "lprng-format-string(5287)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287" }, { "name": "1712", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1712" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0917", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FreeBSD-SA-00:56", "refsource": "FREEBSD", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:56.lprng.asc" }, { "name": "CSSA-2000-033.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-033.0.txt" }, { "name": "CA-2000-22", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2000-22.html" }, { "name": "20000925 Format strings: bug #2: LPRng", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0293.html" }, { "name": "RHSA-2000:065", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-065.html" }, { "name": "lprng-format-string(5287)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5287" }, { "name": "1712", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1712" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0917", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-11-24T00:00:00", "dateUpdated": "2024-08-08T05:37:31.427Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1333 (GCVE-0-2004-1333)
Vulnerability from cvelistv5
Published
2005-01-06 05:00
Modified
2024-08-08 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:46:12.344Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20163", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20163" }, { "name": "20041215 fun with linux kernel", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "name": "USN-47-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/47-1/" }, { "name": "linux-vcresize-dos(18523)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18523" }, { "name": "DSA-1082", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1082" }, { "name": "SUSE-SA:2005:018", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html" }, { "name": "DSA-1070", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1070" }, { "name": "20162", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20162" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "name": "11956", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11956" }, { "name": "MDKSA-2005:218", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:218" }, { "name": "DSA-1067", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1067" }, { "name": "DSA-1069", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1069" }, { "name": "17826", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17826" }, { "name": "FLSA:152532", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532" }, { "name": "MDKSA-2005:219", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219" }, { "name": "20202", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20202" }, { "name": "20338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20338" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-12-15T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-03T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20163", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20163" }, { "name": "20041215 fun with linux kernel", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "name": "USN-47-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/47-1/" }, { "name": "linux-vcresize-dos(18523)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18523" }, { "name": "DSA-1082", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1082" }, { "name": "SUSE-SA:2005:018", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html" }, { "name": "DSA-1070", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1070" }, { "name": "20162", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20162" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "name": "11956", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11956" }, { "name": "MDKSA-2005:218", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:218" }, { "name": "DSA-1067", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1067" }, { "name": "DSA-1069", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1069" }, { "name": "17826", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17826" }, { "name": "FLSA:152532", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532" }, { "name": "MDKSA-2005:219", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219" }, { "name": "20202", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20202" }, { "name": "20338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20338" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1333", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20163", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20163" }, { "name": "20041215 fun with linux kernel", "refsource": "FULLDISC", "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "name": "USN-47-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/47-1/" }, { "name": "linux-vcresize-dos(18523)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18523" }, { "name": "DSA-1082", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1082" }, { "name": "SUSE-SA:2005:018", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2005_18_kernel.html" }, { "name": "DSA-1070", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1070" }, { "name": "20162", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20162" }, { "name": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html", "refsource": "MISC", "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "name": "11956", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11956" }, { "name": "MDKSA-2005:218", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:218" }, { "name": "DSA-1067", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1067" }, { "name": "DSA-1069", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1069" }, { "name": "17826", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17826" }, { "name": "FLSA:152532", "refsource": "FEDORA", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532" }, { "name": "MDKSA-2005:219", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:219" }, { "name": "20202", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20202" }, { "name": "20338", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20338" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1333", "datePublished": "2005-01-06T05:00:00", "dateReserved": "2005-01-06T00:00:00", "dateUpdated": "2024-08-08T00:46:12.344Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0566 (GCVE-0-2000-0566)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:21:31.202Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "CSSA-2000-021.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-021.0.txt" }, { "name": "MDKSA-2000:015", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:015" }, { "name": "RHSA-2000:041", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-041.html" }, { "name": "linux-man-makewhatis-tmp(4900)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4900" }, { "name": "20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - MAN", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0390.html" }, { "name": "1434", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1434" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-07-03T00:00:00", "descriptions": [ { "lang": "en", "value": "makewhatis in Linux man package allows local users to overwrite files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "CSSA-2000-021.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-021.0.txt" }, { "name": "MDKSA-2000:015", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:015" }, { "name": "RHSA-2000:041", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-041.html" }, { "name": "linux-man-makewhatis-tmp(4900)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4900" }, { "name": "20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - MAN", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0390.html" }, { "name": "1434", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1434" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0566", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "makewhatis in Linux man package allows local users to overwrite files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "CSSA-2000-021.0", "refsource": "CALDERA", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-021.0.txt" }, { "name": "MDKSA-2000:015", "refsource": "MANDRAKE", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:015" }, { "name": "RHSA-2000:041", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-041.html" }, { "name": "linux-man-makewhatis-tmp(4900)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4900" }, { "name": "20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - MAN", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0390.html" }, { "name": "1434", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1434" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0566", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-07-12T00:00:00", "dateUpdated": "2024-08-08T05:21:31.202Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1095 (GCVE-0-1999-1095)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:02:53.649Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19971006 KSR[T] Advisory #3: updatedb / crontabs", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=87619953510834\u0026w=2" }, { "name": "19980302 overwrite any file with updatedb", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=88886870129518\u0026w=2" }, { "name": "19980303 updatedb stuff", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=88890116304676\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1997-10-06T00:00:00", "descriptions": [ { "lang": "en", "value": "sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19971006 KSR[T] Advisory #3: updatedb / crontabs", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=87619953510834\u0026w=2" }, { "name": "19980302 overwrite any file with updatedb", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=88886870129518\u0026w=2" }, { "name": "19980303 updatedb stuff", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=88890116304676\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1095", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19971006 KSR[T] Advisory #3: updatedb / crontabs", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=87619953510834\u0026w=2" }, { "name": "19980302 overwrite any file with updatedb", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=88886870129518\u0026w=2" }, { "name": "19980303 updatedb stuff", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=88890116304676\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1095", "datePublished": "2001-09-12T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:02:53.649Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0816 (GCVE-0-2000-0816)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:28:41.647Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MDKSA-2000:056", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-056.php3?dis=7.1" }, { "name": "RHSA-2000:080", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-080.html" }, { "name": "linux-tmpwatch-fuser(5320)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5320" }, { "name": "20001006 Insecure call of external programs in Red Hat Linux tmpwatch", "tags": [ "third-party-advisory", "x_refsource_ISS", "x_transferred" ], "url": "http://xforce.iss.net/alerts/advise64.php" }, { "name": "1785", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1785" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MDKSA-2000:056", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-056.php3?dis=7.1" }, { "name": "RHSA-2000:080", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-080.html" }, { "name": "linux-tmpwatch-fuser(5320)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5320" }, { "name": "20001006 Insecure call of external programs in Red Hat Linux tmpwatch", "tags": [ "third-party-advisory", "x_refsource_ISS" ], "url": "http://xforce.iss.net/alerts/advise64.php" }, { "name": "1785", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1785" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0816", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MDKSA-2000:056", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-056.php3?dis=7.1" }, { "name": "RHSA-2000:080", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-080.html" }, { "name": "linux-tmpwatch-fuser(5320)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5320" }, { "name": "20001006 Insecure call of external programs in Red Hat Linux tmpwatch", "refsource": "ISS", "url": "http://xforce.iss.net/alerts/advise64.php" }, { "name": "1785", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1785" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0816", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2000-09-29T00:00:00", "dateUpdated": "2024-08-08T05:28:41.647Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0135 (GCVE-0-2003-0135)
Vulnerability from cvelistv5
Published
2003-04-03 05:00
Modified
2024-08-08 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:43:35.855Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "7253", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/7253" }, { "name": "oval:org.mitre.oval:def:634", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A634" }, { "name": "RHSA-2003:084", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-084.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-04-01T00:00:00", "descriptions": [ { "lang": "en", "value": "vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "7253", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/7253" }, { "name": "oval:org.mitre.oval:def:634", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A634" }, { "name": "RHSA-2003:084", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-084.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0135", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "7253", "refsource": "BID", "url": "http://www.securityfocus.com/bid/7253" }, { "name": "oval:org.mitre.oval:def:634", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A634" }, { "name": "RHSA-2003:084", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-084.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0135", "datePublished": "2003-04-03T05:00:00", "dateReserved": "2003-03-13T00:00:00", "dateUpdated": "2024-08-08T01:43:35.855Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0635 (GCVE-0-2001-0635)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Red Hat Linux 7.1 sets insecure permissions on swap files created during installation, which can allow a local attacker to gain additional privileges by reading sensitive information from the swap file, such as passwords.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:30:05.969Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "5564", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/5564" }, { "name": "mount-swap-world-readable(6493)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6493" }, { "name": "RHSA-2001:058", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-058.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-05-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Red Hat Linux 7.1 sets insecure permissions on swap files created during installation, which can allow a local attacker to gain additional privileges by reading sensitive information from the swap file, such as passwords." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-03-01T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "5564", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/5564" }, { "name": "mount-swap-world-readable(6493)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6493" }, { "name": "RHSA-2001:058", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-058.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0635", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Red Hat Linux 7.1 sets insecure permissions on swap files created during installation, which can allow a local attacker to gain additional privileges by reading sensitive information from the swap file, such as passwords." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "5564", "refsource": "OSVDB", "url": "http://www.osvdb.org/5564" }, { "name": "mount-swap-world-readable(6493)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6493" }, { "name": "RHSA-2001:058", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-058.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0635", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-07-27T00:00:00", "dateUpdated": "2024-08-08T04:30:05.969Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0986 (GCVE-0-1999-0986)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:55:29.429Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "870", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/870" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-12-09T00:00:00", "descriptions": [ { "lang": "en", "value": "The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "870", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/870" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0986", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "870", "refsource": "BID", "url": "http://www.securityfocus.com/bid/870" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0986", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-12-14T00:00:00", "dateUpdated": "2024-08-01T16:55:29.429Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0365 (GCVE-0-2000-0365)
Vulnerability from cvelistv5
Published
2000-05-24 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.505Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA1999014_01", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/corp/support/errata/RHSA1999014_01.html" }, { "name": "308", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/308" }, { "name": "19990607 Re: RedHat 6.0, /dev/pts permissions bug when using xterm", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=92886009012161\u0026w=2" }, { "name": "19990606 RedHat 6.0, /dev/pts permissions bug when using xterm", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=92877527701347\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-06-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-11-17T17:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA1999014_01", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/corp/support/errata/RHSA1999014_01.html" }, { "name": "308", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/308" }, { "name": "19990607 Re: RedHat 6.0, /dev/pts permissions bug when using xterm", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=92886009012161\u0026w=2" }, { "name": "19990606 RedHat 6.0, /dev/pts permissions bug when using xterm", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=92877527701347\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0365", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA1999014_01", "refsource": "REDHAT", "url": "http://www.redhat.com/corp/support/errata/RHSA1999014_01.html" }, { "name": "308", "refsource": "BID", "url": "http://www.securityfocus.com/bid/308" }, { "name": "19990607 Re: RedHat 6.0, /dev/pts permissions bug when using xterm", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=92886009012161\u0026w=2" }, { "name": "19990606 RedHat 6.0, /dev/pts permissions bug when using xterm", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=92877527701347\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0365", "datePublished": "2000-05-24T04:00:00", "dateReserved": "2000-05-23T00:00:00", "dateUpdated": "2024-08-08T05:14:21.505Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-0223 (GCVE-0-2019-0223)
Vulnerability from cvelistv5
Published
2019-04-23 15:57
Modified
2024-08-04 17:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Man-in-the-middle Attack
Summary
While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0. This means that an undetected man in the middle attack could be constructed if an attacker can arrange to intercept TLS traffic.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Apache Software Foundation | Apache Qpid Proton |
Version: 0.9 to 0.27.0 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T17:44:15.919Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[qpid-dev] 20190423 [jira] [Updated] (PROTON-2014) [CVE-2019-0223] TLS Man in the Middle Vulnerability", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/49c83f0acce5ceaeffca51714ec2ba0f0199bcb8f99167181bba441b%40%3Cdev.qpid.apache.org%3E" }, { "name": "[qpid-dev] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/3adb2f020f705b4fd453982992a68cd10f9d5ac728b699efdb73c1f5%40%3Cdev.qpid.apache.org%3E" }, { "name": "[oss-security] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2019/04/23/4" }, { "name": "[announce] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/d9c9a882a292e2defaed1f954528c916fb64497ce57db652727e39b0%40%3Cannounce.apache.org%3E" }, { "name": "[SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/008ee5e78e5a090e1fcc5f6617f425e4e51d59f03d3eda2dd006df9f%40%3Cusers.qpid.apache.org%3E" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://issues.apache.org/jira/browse/PROTON-2014?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel" }, { "name": "qpid-commits] 20190423 [qpid-site] branch asf-site updated: update site content for CVE-2019-0223", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d%40%3Ccommits.qpid.apache.org%3E" }, { "name": "108044", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/108044" }, { "name": "RHSA-2019:0886", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:0886" }, { "name": "RHSA-2019:1399", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1399" }, { "name": "RHSA-2019:1400", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1400" }, { "name": "RHSA-2019:1398", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1398" }, { "name": "RHSA-2019:2777", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2777" }, { "name": "RHSA-2019:2778", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2778" }, { "name": "RHSA-2019:2779", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2779" }, { "name": "RHSA-2019:2780", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2780" }, { "name": "RHSA-2019:2781", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2781" }, { "name": "RHSA-2019:2782", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2782" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Apache Qpid Proton", "vendor": "Apache Software Foundation", "versions": [ { "status": "affected", "version": "0.9 to 0.27.0" } ] } ], "datePublic": "2019-03-06T00:00:00", "descriptions": [ { "lang": "en", "value": "While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0. This means that an undetected man in the middle attack could be constructed if an attacker can arrange to intercept TLS traffic." } ], "problemTypes": [ { "descriptions": [ { "description": "Man-in-the-middle Attack", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-09-20T13:06:22", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "name": "[qpid-dev] 20190423 [jira] [Updated] (PROTON-2014) [CVE-2019-0223] TLS Man in the Middle Vulnerability", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/49c83f0acce5ceaeffca51714ec2ba0f0199bcb8f99167181bba441b%40%3Cdev.qpid.apache.org%3E" }, { "name": "[qpid-dev] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/3adb2f020f705b4fd453982992a68cd10f9d5ac728b699efdb73c1f5%40%3Cdev.qpid.apache.org%3E" }, { "name": "[oss-security] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2019/04/23/4" }, { "name": "[announce] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/d9c9a882a292e2defaed1f954528c916fb64497ce57db652727e39b0%40%3Cannounce.apache.org%3E" }, { "name": "[SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/008ee5e78e5a090e1fcc5f6617f425e4e51d59f03d3eda2dd006df9f%40%3Cusers.qpid.apache.org%3E" }, { "tags": [ "x_refsource_MISC" ], "url": "https://issues.apache.org/jira/browse/PROTON-2014?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel" }, { "name": "qpid-commits] 20190423 [qpid-site] branch asf-site updated: update site content for CVE-2019-0223", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d%40%3Ccommits.qpid.apache.org%3E" }, { "name": "108044", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/108044" }, { "name": "RHSA-2019:0886", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:0886" }, { "name": "RHSA-2019:1399", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1399" }, { "name": "RHSA-2019:1400", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1400" }, { "name": "RHSA-2019:1398", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1398" }, { "name": "RHSA-2019:2777", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2777" }, { "name": "RHSA-2019:2778", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2778" }, { "name": "RHSA-2019:2779", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2779" }, { "name": "RHSA-2019:2780", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2780" }, { "name": "RHSA-2019:2781", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2781" }, { "name": "RHSA-2019:2782", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2782" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@apache.org", "ID": "CVE-2019-0223", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Apache Qpid Proton", "version": { "version_data": [ { "version_value": "0.9 to 0.27.0" } ] } } ] }, "vendor_name": "Apache Software Foundation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0. This means that an undetected man in the middle attack could be constructed if an attacker can arrange to intercept TLS traffic." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Man-in-the-middle Attack" } ] } ] }, "references": { "reference_data": [ { "name": "[qpid-dev] 20190423 [jira] [Updated] (PROTON-2014) [CVE-2019-0223] TLS Man in the Middle Vulnerability", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/49c83f0acce5ceaeffca51714ec2ba0f0199bcb8f99167181bba441b@%3Cdev.qpid.apache.org%3E" }, { "name": "[qpid-dev] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/3adb2f020f705b4fd453982992a68cd10f9d5ac728b699efdb73c1f5@%3Cdev.qpid.apache.org%3E" }, { "name": "[oss-security] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/04/23/4" }, { "name": "[announce] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/d9c9a882a292e2defaed1f954528c916fb64497ce57db652727e39b0@%3Cannounce.apache.org%3E" }, { "name": "[SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/008ee5e78e5a090e1fcc5f6617f425e4e51d59f03d3eda2dd006df9f@%3Cusers.qpid.apache.org%3E" }, { "name": "https://issues.apache.org/jira/browse/PROTON-2014?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel", "refsource": "MISC", "url": "https://issues.apache.org/jira/browse/PROTON-2014?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel" }, { "name": "qpid-commits] 20190423 [qpid-site] branch asf-site updated: update site content for CVE-2019-0223", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d@%3Ccommits.qpid.apache.org%3E" }, { "name": "108044", "refsource": "BID", "url": "http://www.securityfocus.com/bid/108044" }, { "name": "RHSA-2019:0886", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:0886" }, { "name": "RHSA-2019:1399", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1399" }, { "name": "RHSA-2019:1400", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1400" }, { "name": "RHSA-2019:1398", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1398" }, { "name": "RHSA-2019:2777", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2777" }, { "name": "RHSA-2019:2778", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2778" }, { "name": "RHSA-2019:2779", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2779" }, { "name": "RHSA-2019:2780", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2780" }, { "name": "RHSA-2019:2781", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2781" }, { "name": "RHSA-2019:2782", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2782" } ] } } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2019-0223", "datePublished": "2019-04-23T15:57:07", "dateReserved": "2018-11-14T00:00:00", "dateUpdated": "2024-08-04T17:44:15.919Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2016-3699 (GCVE-0-2016-3699)
Vulnerability from cvelistv5
Published
2016-10-07 14:00
Modified
2024-08-06 00:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:03:34.433Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1329653" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76" }, { "name": "[oss-security] 20160922 kernel: ACPI table override is allowed when securelevel is enabled", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2016/09/22/4" }, { "name": "RHSA-2016:2584", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html" }, { "name": "RHSA-2016:2574", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html" }, { "name": "93114", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/93114" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-04-22T00:00:00", "descriptions": [ { "lang": "en", "value": "The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T19:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1329653" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76" }, { "name": "[oss-security] 20160922 kernel: ACPI table override is allowed when securelevel is enabled", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2016/09/22/4" }, { "name": "RHSA-2016:2584", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html" }, { "name": "RHSA-2016:2574", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html" }, { "name": "93114", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/93114" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-3699", "datePublished": "2016-10-07T14:00:00", "dateReserved": "2016-03-30T00:00:00", "dateUpdated": "2024-08-06T00:03:34.433Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0997 (GCVE-0-1999-0997)
Vulnerability from cvelistv5
Published
2000-04-25 04:00
Modified
2024-08-01 16:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:55:29.389Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-377", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-377" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-12-20T00:00:00", "descriptions": [ { "lang": "en", "value": "wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "DSA-377", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-377" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0997", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-377", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-377" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0997", "datePublished": "2000-04-25T04:00:00", "dateReserved": "1999-12-21T00:00:00", "dateUpdated": "2024-08-01T16:55:29.389Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-0750 (GCVE-0-2005-0750)
Vulnerability from cvelistv5
Published
2005-04-03 05:00
Modified
2024-08-07 21:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
References
► | URL | Tags | ||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:21:06.748Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "kernel-bluezsockcreate-integer-underflow(19844)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19844" }, { "name": "RHSA-2005:366", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-366.html" }, { "name": "RHSA-2005:283", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html" }, { "name": "20050327 local root security bug in linux \u003e= 2.4.6 \u003c= 2.4.30-rc1 and 2.6.x.y \u003c= 2.6.11.5", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=111204562102633\u0026w=2" }, { "name": "oval:org.mitre.oval:def:11719", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11719" }, { "name": "12911", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/12911" }, { "name": "FLSA:152532", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532" }, { "name": "RHSA-2005:293", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-293.html" }, { "name": "RHSA-2005:284", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-284.html" }, { "name": "20050327 local root security bug in linux \u003e= 2.4.6 \u003c= 2.4.30-rc1 and 2.6.x.y \u003c= 2.6.11.5", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-03-27T00:00:00", "descriptions": [ { "lang": "en", "value": "The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "kernel-bluezsockcreate-integer-underflow(19844)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19844" }, { "name": "RHSA-2005:366", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-366.html" }, { "name": "RHSA-2005:283", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-283.html" }, { "name": "20050327 local root security bug in linux \u003e= 2.4.6 \u003c= 2.4.30-rc1 and 2.6.x.y \u003c= 2.6.11.5", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=111204562102633\u0026w=2" }, { "name": "oval:org.mitre.oval:def:11719", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11719" }, { "name": "12911", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/12911" }, { "name": "FLSA:152532", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532" }, { "name": "RHSA-2005:293", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-293.html" }, { "name": "RHSA-2005:284", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-284.html" }, { "name": "20050327 local root security bug in linux \u003e= 2.4.6 \u003c= 2.4.30-rc1 and 2.6.x.y \u003c= 2.6.11.5", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-0750", "datePublished": "2005-04-03T05:00:00", "dateReserved": "2005-03-17T00:00:00", "dateUpdated": "2024-08-07T21:21:06.748Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1346 (GCVE-0-1999-1346)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:03.000Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19991007 Problems with redhat 6 Xsession and pam.d/rlogin.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=93942774609925\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-10-07T00:00:00", "descriptions": [ { "lang": "en", "value": "PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19991007 Problems with redhat 6 Xsession and pam.d/rlogin.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=93942774609925\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1346", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19991007 Problems with redhat 6 Xsession and pam.d/rlogin.", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=93942774609925\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1346", "datePublished": "2001-09-12T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:03.000Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0750 (GCVE-0-2000-0750)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:28:41.539Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FreeBSD-SA-00:40", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html" }, { "name": "1558", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1558" }, { "name": "RHSA-2000:050", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-050.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h" }, { "name": "20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html" }, { "name": "20000705 Mopd contained a buffer overflow.", "tags": [ "vendor-advisory", "x_refsource_OPENBSD", "x_transferred" ], "url": "http://www.openbsd.org/errata.html#mopd" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-08-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FreeBSD-SA-00:40", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html" }, { "name": "1558", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1558" }, { "name": "RHSA-2000:050", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-050.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h" }, { "name": "20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html" }, { "name": "20000705 Mopd contained a buffer overflow.", "tags": [ "vendor-advisory", "x_refsource_OPENBSD" ], "url": "http://www.openbsd.org/errata.html#mopd" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0750", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FreeBSD-SA-00:40", "refsource": "FREEBSD", "url": "http://archives.neohapsis.com/archives/freebsd/2000-08/0336.html" }, { "name": "1558", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1558" }, { "name": "RHSA-2000:050", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-050.html" }, { "name": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h", "refsource": "MISC", "url": "http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/mopd/mopd/process.c.diff?r1=1.7\u0026r2=1.8\u0026f=h" }, { "name": "20000808 OpenBSD 2.7 / NetBSD 1.4.2 mopd buffer overflow", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0064.html" }, { "name": "20000705 Mopd contained a buffer overflow.", "refsource": "OPENBSD", "url": "http://www.openbsd.org/errata.html#mopd" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0750", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-09-19T00:00:00", "dateUpdated": "2024-08-08T05:28:41.539Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0867 (GCVE-0-2000-0867)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:37:31.337Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "klogd-format-string(5259)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5259" }, { "name": "5824", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/5824" }, { "name": "20000918 Conectiva Linux Security Announcement - sysklogd", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97726239017741\u0026w=2" }, { "name": "TLSA2000022-2", "tags": [ "vendor-advisory", "x_refsource_TURBO", "x_transferred" ], "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html" }, { "name": "MDKSA-2000:050", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050" }, { "name": "20000917 klogd format bug", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html" }, { "name": "RHSA-2000:061", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-061.html" }, { "name": "CSSA-2000-032.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt" }, { "name": "20000920 syslogd + klogd format string parsing error", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-09-17T00:00:00", "descriptions": [ { "lang": "en", "value": "Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2007-07-12T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "klogd-format-string(5259)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5259" }, { "name": "5824", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/5824" }, { "name": "20000918 Conectiva Linux Security Announcement - sysklogd", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97726239017741\u0026w=2" }, { "name": "TLSA2000022-2", "tags": [ "vendor-advisory", "x_refsource_TURBO" ], "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html" }, { "name": "MDKSA-2000:050", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050" }, { "name": "20000917 klogd format bug", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html" }, { "name": "RHSA-2000:061", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-061.html" }, { "name": "CSSA-2000-032.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt" }, { "name": "20000920 syslogd + klogd format string parsing error", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0867", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "klogd-format-string(5259)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5259" }, { "name": "5824", "refsource": "OSVDB", "url": "http://www.osvdb.org/5824" }, { "name": "20000918 Conectiva Linux Security Announcement - sysklogd", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97726239017741\u0026w=2" }, { "name": "TLSA2000022-2", "refsource": "TURBO", "url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html" }, { "name": "MDKSA-2000:050", "refsource": "MANDRAKE", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050" }, { "name": "20000917 klogd format bug", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html" }, { "name": "RHSA-2000:061", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-061.html" }, { "name": "CSSA-2000-032.0", "refsource": "CALDERA", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt" }, { "name": "20000920 syslogd + klogd format string parsing error", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0867", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-10-18T00:00:00", "dateUpdated": "2024-08-08T05:37:31.337Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0083 (GCVE-0-2002-0083)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:35:17.574Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20020311 TSLSA-2002-0039 - openssh", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html" }, { "name": "CSSA-2002-SCO.10", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt" }, { "name": "730", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/730" }, { "name": "4241", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/4241" }, { "name": "20020308 [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2" }, { "name": "CSSA-2002-SCO.11", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt" }, { "name": "HPSBTL0203-029", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://online.securityfocus.com/advisories/3960" }, { "name": "DSA-119", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2002/dsa-119" }, { "name": "SuSE-SA:2002:009", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html" }, { "name": "CSSA-2002-012.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt" }, { "name": "20020310 OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2" }, { "name": "ESA-20020307-007", "tags": [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred" ], "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html" }, { "name": "CLA-2002:467", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467" }, { "name": "NetBSD-SA2002-004", "tags": [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc" }, { "name": "FreeBSD-SA-02:13", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc" }, { "name": "20020307 OpenSSH Security Advisory (adv.channelalloc)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2" }, { "name": "20020307 [PINE-CERT-20020301] OpenSSH off-by-one", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2" }, { "name": "MDKSA-2002:019", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php" }, { "name": "RHSA-2002:043", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html" }, { "name": "openssh-channel-error(8383)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/8383.php" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt" }, { "name": "20020328 OpenSSH channel_lookup() off by one exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://online.securityfocus.com/archive/1/264657" }, { "name": "20020307 [VulnWatch] [PINE-CERT-20020301] OpenSSH off-by-one", "tags": [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-03-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-06-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20020311 TSLSA-2002-0039 - openssh", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html" }, { "name": "CSSA-2002-SCO.10", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt" }, { "name": "730", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/730" }, { "name": "4241", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/4241" }, { "name": "20020308 [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2" }, { "name": "CSSA-2002-SCO.11", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt" }, { "name": "HPSBTL0203-029", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://online.securityfocus.com/advisories/3960" }, { "name": "DSA-119", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2002/dsa-119" }, { "name": "SuSE-SA:2002:009", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html" }, { "name": "CSSA-2002-012.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt" }, { "name": "20020310 OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2" }, { "name": "ESA-20020307-007", "tags": [ "vendor-advisory", "x_refsource_ENGARDE" ], "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html" }, { "name": "CLA-2002:467", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467" }, { "name": "NetBSD-SA2002-004", "tags": [ "vendor-advisory", "x_refsource_NETBSD" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc" }, { "name": "FreeBSD-SA-02:13", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc" }, { "name": "20020307 OpenSSH Security Advisory (adv.channelalloc)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2" }, { "name": "20020307 [PINE-CERT-20020301] OpenSSH off-by-one", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2" }, { "name": "MDKSA-2002:019", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php" }, { "name": "RHSA-2002:043", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html" }, { "name": "openssh-channel-error(8383)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/8383.php" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt" }, { "name": "20020328 OpenSSH channel_lookup() off by one exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://online.securityfocus.com/archive/1/264657" }, { "name": "20020307 [VulnWatch] [PINE-CERT-20020301] OpenSSH off-by-one", "tags": [ "mailing-list", "x_refsource_VULNWATCH" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0083", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20020311 TSLSA-2002-0039 - openssh", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html" }, { "name": "CSSA-2002-SCO.10", "refsource": "CALDERA", "url": "ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt" }, { "name": "730", "refsource": "OSVDB", "url": "http://www.osvdb.org/730" }, { "name": "4241", "refsource": "BID", "url": "http://www.securityfocus.com/bid/4241" }, { "name": "20020308 [OpenPKG-SA-2002.002] OpenPKG Security Advisory (openssh)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2" }, { "name": "CSSA-2002-SCO.11", "refsource": "CALDERA", "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt" }, { "name": "HPSBTL0203-029", "refsource": "HP", "url": "http://online.securityfocus.com/advisories/3960" }, { "name": "DSA-119", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-119" }, { "name": "SuSE-SA:2002:009", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html" }, { "name": "CSSA-2002-012.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt" }, { "name": "20020310 OpenSSH 2.9.9p2 packages for Immunix 6.2 with latest fix", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2" }, { "name": "ESA-20020307-007", "refsource": "ENGARDE", "url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html" }, { "name": "CLA-2002:467", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467" }, { "name": "NetBSD-SA2002-004", "refsource": "NETBSD", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc" }, { "name": "FreeBSD-SA-02:13", "refsource": "FREEBSD", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc" }, { "name": "20020307 OpenSSH Security Advisory (adv.channelalloc)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2" }, { "name": "20020307 [PINE-CERT-20020301] OpenSSH off-by-one", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2" }, { "name": "MDKSA-2002:019", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php" }, { "name": "RHSA-2002:043", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-043.html" }, { "name": "openssh-channel-error(8383)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8383.php" }, { "name": "http://www.openbsd.org/advisories/ssh_channelalloc.txt", "refsource": "CONFIRM", "url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt" }, { "name": "20020328 OpenSSH channel_lookup() off by one exploit", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/264657" }, { "name": "20020307 [VulnWatch] [PINE-CERT-20020301] OpenSSH off-by-one", "refsource": "VULNWATCH", "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0083", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-03-06T00:00:00", "dateUpdated": "2024-08-08T02:35:17.574Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0389 (GCVE-0-2000-0389)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.479Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FreeBSD-SA-00:20", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "name": "RHSA-2000:025", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "name": "CA-2000-06", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "name": "1220", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1220" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-05-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FreeBSD-SA-00:20", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "name": "RHSA-2000:025", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "name": "CA-2000-06", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "name": "1220", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1220" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0389", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FreeBSD-SA-00:20", "refsource": "FREEBSD", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "name": "RHSA-2000:025", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "name": "CA-2000-06", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "name": "1220", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1220" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0389", "datePublished": "2000-07-12T04:00:00", "dateReserved": "2000-06-14T00:00:00", "dateUpdated": "2024-08-08T05:14:21.479Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0668 (GCVE-0-2000-0668)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:28:40.674Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000801 MDKSA-2000:029 pam update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0455.html" }, { "name": "20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - PAM", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0398.html" }, { "name": "linux-pam-console(5001)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5001" }, { "name": "1513", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1513" }, { "name": "RHSA-2000:044", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-044.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-07-21T00:00:00", "descriptions": [ { "lang": "en", "value": "pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000801 MDKSA-2000:029 pam update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0455.html" }, { "name": "20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - PAM", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0398.html" }, { "name": "linux-pam-console(5001)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5001" }, { "name": "1513", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1513" }, { "name": "RHSA-2000:044", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-044.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0668", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000801 MDKSA-2000:029 pam update", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0455.html" }, { "name": "20000727 CONECTIVA LINUX SECURITY ANNOUNCEMENT - PAM", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0398.html" }, { "name": "linux-pam-console(5001)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5001" }, { "name": "1513", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1513" }, { "name": "RHSA-2000:044", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-044.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0668", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-08-02T00:00:00", "dateUpdated": "2024-08-08T05:28:40.674Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0355 (GCVE-0-2000-0355)
Vulnerability from cvelistv5
Published
2000-05-24 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.312Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19990920 Security hole in pbpg", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_21.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-09-20T00:00:00", "descriptions": [ { "lang": "en", "value": "pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-04-20T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19990920 Security hole in pbpg", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_21.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0355", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19990920 Security hole in pbpg", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_21.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0355", "datePublished": "2000-05-24T04:00:00", "dateReserved": "2000-05-23T00:00:00", "dateUpdated": "2024-08-08T05:14:21.312Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1025 (GCVE-0-2004-1025)
Vulnerability from cvelistv5
Published
2004-12-15 05:00
Modified
2024-08-08 00:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:39:00.595Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MDKSA-2005:007", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:007" }, { "name": "11830", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11830" }, { "name": "RHSA-2004:651", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-651.html" }, { "name": "oval:org.mitre.oval:def:10786", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10786" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-12-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MDKSA-2005:007", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:007" }, { "name": "11830", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11830" }, { "name": "RHSA-2004:651", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-651.html" }, { "name": "oval:org.mitre.oval:def:10786", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10786" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1025", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MDKSA-2005:007", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:007" }, { "name": "11830", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11830" }, { "name": "RHSA-2004:651", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-651.html" }, { "name": "oval:org.mitre.oval:def:10786", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10786" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1025", "datePublished": "2004-12-15T05:00:00", "dateReserved": "2004-11-12T00:00:00", "dateUpdated": "2024-08-08T00:39:00.595Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0297 (GCVE-0-1999-0297)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:34:51.897Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T07:12:34", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0297", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0297" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0297", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:34:51.897Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-5981 (GCVE-0-2023-5981)
Vulnerability from cvelistv5
Published
2023-11-28 11:49
Modified
2024-11-23 00:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-203 - Observable Discrepancy
Summary
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
References
► | URL | Tags | ||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
► | Red Hat | Red Hat Enterprise Linux 8 |
Unaffected: 0:3.6.16-8.el8_9 < * cpe:/a:redhat:enterprise_linux:8::appstream cpe:/o:redhat:enterprise_linux:8::baseos |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:14:25.155Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/01/19/3" }, { "name": "RHSA-2024:0155", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0155" }, { "name": "RHSA-2024:0319", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0319" }, { "name": "RHSA-2024:0399", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0399" }, { "name": "RHSA-2024:0451", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0451" }, { "name": "RHSA-2024:0533", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0533" }, { "name": "RHSA-2024:1383", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "name": "RHSA-2024:2094", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5981" }, { "name": "RHBZ#2248445", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248445" }, { "tags": [ "x_transferred" ], "url": "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/o:redhat:enterprise_linux:8::baseos" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.6.16-8.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/o:redhat:enterprise_linux:8::baseos" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.6.16-8.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream", "cpe:/o:redhat:rhel_eus:8.6::baseos" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.6.16-5.el8_6.2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.6.16-7.el8_8.1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.7.6-23.el9_3.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.7.6-23.el9_3.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream", "cpe:/o:redhat:rhel_eus:9.2::baseos" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.7.6-21.el9_2.1", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/cephcsi-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-37", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/mcg-core-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-68", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/mcg-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/mcg-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-39", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/ocs-client-console-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-58", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/ocs-client-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/ocs-client-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-13", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/ocs-metrics-exporter-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-81", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/ocs-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/ocs-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-79", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-cli-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-22", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-console-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-57", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-cosi-sidecar-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-csi-addons-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-csi-addons-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-15", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-csi-addons-sidecar-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-15", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-multicluster-console-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-54", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-multicluster-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-multicluster-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-10", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-must-gather-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-26", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-19", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odr-cluster-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odr-hub-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odr-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-21", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/rook-ceph-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-103", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/cluster-logging-operator-bundle", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-22", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/cluster-logging-rhel9-operator", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-11", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch6-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v6.8.1-407", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-operator-bundle", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-19", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-proxy-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v1.0.0-479", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-rhel9-operator", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/eventrouter-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.4.0-247", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/fluentd-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-5", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/log-file-metric-exporter-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v1.1.0-227", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-curator5-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.1-470", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-loki-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v2.9.6-14", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-view-plugin-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-2", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/loki-operator-bundle", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-24", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/loki-rhel9-operator", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-10", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/lokistack-gateway-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.1.0-525", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/opa-openshift-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.1.0-224", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/vector-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.28.1-56", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" } ], "credits": [ { "lang": "en", "value": "This issue was discovered by Daiki Ueno (Red Hat)." } ], "datePublic": "2023-11-15T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-203", "description": "Observable Discrepancy", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-23T00:09:08.520Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:0155", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0155" }, { "name": "RHSA-2024:0319", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0319" }, { "name": "RHSA-2024:0399", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0399" }, { "name": "RHSA-2024:0451", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0451" }, { "name": "RHSA-2024:0533", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0533" }, { "name": "RHSA-2024:1383", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "name": "RHSA-2024:2094", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5981" }, { "name": "RHBZ#2248445", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248445" }, { "url": "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23" } ], "timeline": [ { "lang": "en", "time": "2023-11-07T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-11-15T00:00:00+00:00", "value": "Made public." } ], "title": "Gnutls: timing side-channel in the rsa-psk authentication", "workarounds": [ { "lang": "en", "value": "To address the issue found upgrade to GnuTLS 3.8.2 or later versions." } ], "x_redhatCweChain": "CWE-1300-\u003eCWE-203: Improper Protection of Physical Side Channels leads to Observable Discrepancy" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-5981", "datePublished": "2023-11-28T11:49:50.138Z", "dateReserved": "2023-11-07T08:05:10.875Z", "dateUpdated": "2024-11-23T00:09:08.520Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0192 (GCVE-0-1999-0192)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:27:57.939Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T06:54:44", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0192", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0192", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:27:57.939Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1221 (GCVE-0-2000-1221)
Vulnerability from cvelistv5
Published
2005-04-21 04:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
References
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:45:37.469Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000109 lpr -- access control problem and root exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2000/20000109" }, { "name": "A010800-v", "tags": [ "vendor-advisory", "x_refsource_ATSTAKE", "x_transferred" ], "url": "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt" }, { "name": "927", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/927" }, { "name": "RHSA-2000:002", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2000-002.html" }, { "name": "VU#30308", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/30308" }, { "name": "20021104-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P" }, { "name": "20000108 Quadruple Inverted Backflip", "tags": [ "vendor-advisory", "x_refsource_L0PHT", "x_transferred" ], "url": "http://www.l0pht.com/advisories/lpd_advisory" }, { "name": "redhat-lpd-auth(3840)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3840" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-01-08T00:00:00", "descriptions": [ { "lang": "en", "value": "The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000109 lpr -- access control problem and root exploit", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2000/20000109" }, { "name": "A010800-v", "tags": [ "vendor-advisory", "x_refsource_ATSTAKE" ], "url": "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt" }, { "name": "927", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/927" }, { "name": "RHSA-2000:002", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2000-002.html" }, { "name": "VU#30308", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/30308" }, { "name": "20021104-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P" }, { "name": "20000108 Quadruple Inverted Backflip", "tags": [ "vendor-advisory", "x_refsource_L0PHT" ], "url": "http://www.l0pht.com/advisories/lpd_advisory" }, { "name": "redhat-lpd-auth(3840)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3840" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1221", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000109 lpr -- access control problem and root exploit", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2000/20000109" }, { "name": "A010800-v", "refsource": "ATSTAKE", "url": "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt" }, { "name": "927", "refsource": "BID", "url": "http://www.securityfocus.com/bid/927" }, { "name": "RHSA-2000:002", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2000-002.html" }, { "name": "VU#30308", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/30308" }, { "name": "20021104-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P" }, { "name": "20000108 Quadruple Inverted Backflip", "refsource": "L0PHT", "url": "http://www.l0pht.com/advisories/lpd_advisory" }, { "name": "redhat-lpd-auth(3840)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3840" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1221", "datePublished": "2005-04-21T04:00:00", "dateReserved": "2005-04-21T00:00:00", "dateUpdated": "2024-08-08T05:45:37.469Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-20567 (GCVE-0-2021-20567)
Vulnerability from cvelistv5
Published
2021-06-16 16:15
Modified
2024-09-17 04:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
IBM | Resilient SOAR |
Version: 38 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:45:44.474Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6464039" }, { "name": "ibm-resilient-cve202120567-info-disc (199239)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199239" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Resilient SOAR", "vendor": "IBM", "versions": [ { "status": "affected", "version": "38" } ] } ], "datePublic": "2021-06-15T00:00:00", "descriptions": [ { "lang": "en", "value": "IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 3.9, "temporalSeverity": "LOW", "userInteraction": "NONE", "vectorString": "CVSS:3.0/PR:H/UI:N/AV:L/C:H/A:N/S:U/AC:L/I:N/RL:O/RC:C/E:U", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Obtain Information", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-16T16:15:22", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6464039" }, { "name": "ibm-resilient-cve202120567-info-disc (199239)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199239" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2021-06-15T00:00:00", "ID": "CVE-2021-20567", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Resilient SOAR", "version": { "version_data": [ { "version_value": "38" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239." } ] }, "impact": { "cvssv3": { "BM": { "A": "N", "AC": "L", "AV": "L", "C": "H", "I": "N", "PR": "H", "S": "U", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Obtain Information" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6464039", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6464039 (Resilient OnPrem)", "url": "https://www.ibm.com/support/pages/node/6464039" }, { "name": "ibm-resilient-cve202120567-info-disc (199239)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199239" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2021-20567", "datePublished": "2021-06-16T16:15:22.901340Z", "dateReserved": "2020-12-17T00:00:00", "dateUpdated": "2024-09-17T04:04:49.071Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0704 (GCVE-0-1999-0704)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:48:37.805Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "614", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/614" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "614", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/614" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0704", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "614", "refsource": "BID", "url": "http://www.securityfocus.com/bid/614" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0704", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-11-25T00:00:00", "dateUpdated": "2024-08-01T16:48:37.805Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-1010 (GCVE-0-2000-1010)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:37:32.395Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1764", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1764" }, { "name": "20001006 talkd [WAS: Re: OpenBSD Security Advisory]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/137890" }, { "name": "linux-talkd-overwrite-root(5344)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5344" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-10-05T00:00:00", "descriptions": [ { "lang": "en", "value": "Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1764", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1764" }, { "name": "20001006 talkd [WAS: Re: OpenBSD Security Advisory]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/137890" }, { "name": "linux-talkd-overwrite-root(5344)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5344" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-1010", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1764", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1764" }, { "name": "20001006 talkd [WAS: Re: OpenBSD Security Advisory]", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/137890" }, { "name": "linux-talkd-overwrite-root(5344)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5344" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-1010", "datePublished": "2001-01-22T05:00:00", "dateReserved": "2000-11-24T00:00:00", "dateUpdated": "2024-08-08T05:37:32.395Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1347 (GCVE-0-1999-1347)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:11:02.874Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19991007 Problems with redhat 6 Xsession and pam.d/rlogin.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=93942774609925\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-10-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19991007 Problems with redhat 6 Xsession and pam.d/rlogin.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=93942774609925\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1347", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19991007 Problems with redhat 6 Xsession and pam.d/rlogin.", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=93942774609925\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1347", "datePublished": "2001-09-12T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:11:02.874Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0119 (GCVE-0-2001-0119)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.434Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2194", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2194" }, { "name": "gettyps-symlink(5924)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5924" }, { "name": "MDKSA-2001:004", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-004.php3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-01-10T00:00:00", "descriptions": [ { "lang": "en", "value": "getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2194", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2194" }, { "name": "gettyps-symlink(5924)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5924" }, { "name": "MDKSA-2001:004", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-004.php3" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0119", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20010110 Immunix OS Security update for lots of temp file problems", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=97916374410647\u0026w=2" }, { "name": "2194", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2194" }, { "name": "gettyps-symlink(5924)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5924" }, { "name": "MDKSA-2001:004", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-004.php3" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0119", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.434Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-4579 (GCVE-0-2019-4579)
Vulnerability from cvelistv5
Published
2020-08-28 14:35
Modified
2024-09-17 02:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Access
Summary
IBM Resilient SOAR 38 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 167236.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
IBM | Resilient SOAR |
Version: 38 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T19:40:47.600Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6323783" }, { "name": "ibm-resilient-cve20194579-input-validation (167236)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167236" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Resilient SOAR", "vendor": "IBM", "versions": [ { "status": "affected", "version": "38" } ] } ], "datePublic": "2020-08-27T00:00:00", "descriptions": [ { "lang": "en", "value": "IBM Resilient SOAR 38 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 167236." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "LOW", "privilegesRequired": "LOW", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 3.8, "temporalSeverity": "LOW", "userInteraction": "NONE", "vectorString": "CVSS:3.0/I:L/PR:L/AV:N/S:U/C:N/AC:L/A:N/UI:N/RL:O/E:U/RC:C", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Gain Access", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-08-28T14:35:19", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6323783" }, { "name": "ibm-resilient-cve20194579-input-validation (167236)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167236" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2020-08-27T00:00:00", "ID": "CVE-2019-4579", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Resilient SOAR", "version": { "version_data": [ { "version_value": "38" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IBM Resilient SOAR 38 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 167236." } ] }, "impact": { "cvssv3": { "BM": { "A": "N", "AC": "L", "AV": "N", "C": "N", "I": "L", "PR": "L", "S": "U", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Gain Access" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6323783", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6323783 (Resilient SOAR)", "url": "https://www.ibm.com/support/pages/node/6323783" }, { "name": "ibm-resilient-cve20194579-input-validation (167236)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167236" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2019-4579", "datePublished": "2020-08-28T14:35:19.709596Z", "dateReserved": "2019-01-03T00:00:00", "dateUpdated": "2024-09-17T02:26:44.851Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-1182 (GCVE-0-1999-1182)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T17:02:53.700Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19980204 An old ld-linux.so hole", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=88661732807795\u0026w=2" }, { "name": "19970722 ld.so vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602661419351\u0026w=2" }, { "name": "19970717 KSR[T] Advisory #2: ld.so", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602661419318\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1997-07-17T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19980204 An old ld-linux.so hole", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=88661732807795\u0026w=2" }, { "name": "19970722 ld.so vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602661419351\u0026w=2" }, { "name": "19970717 KSR[T] Advisory #2: ld.so", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=87602661419318\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-1182", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19980204 An old ld-linux.so hole", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=88661732807795\u0026w=2" }, { "name": "19970722 ld.so vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=87602661419351\u0026w=2" }, { "name": "19970717 KSR[T] Advisory #2: ld.so", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=87602661419318\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-1182", "datePublished": "2001-09-12T04:00:00", "dateReserved": "2001-08-31T00:00:00", "dateUpdated": "2024-08-01T17:02:53.700Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0706 (GCVE-0-1999-0706)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:48:37.646Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "583", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/583" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "583", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/583" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0706", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "583", "refsource": "BID", "url": "http://www.securityfocus.com/bid/583" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0706", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-11-25T00:00:00", "dateUpdated": "2024-08-01T16:48:37.646Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0946 (GCVE-0-2001-0946)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 04:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:37:07.059Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "apmd-apmscript-symlink(8268)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8268" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=56389" }, { "name": "20011204 Symlink attack with apmd of RH 7.2", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=100743394701962\u0026w=2" }, { "name": "5493", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/5493" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-12-04T00:00:00", "descriptions": [ { "lang": "en", "value": "apmscript in Apmd in Red Hat 7.2 \"Enigma\" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-06-16T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "apmd-apmscript-symlink(8268)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8268" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=56389" }, { "name": "20011204 Symlink attack with apmd of RH 7.2", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=100743394701962\u0026w=2" }, { "name": "5493", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/5493" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0946", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "apmscript in Apmd in Red Hat 7.2 \"Enigma\" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "apmd-apmscript-symlink(8268)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8268" }, { "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=56389", "refsource": "MISC", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=56389" }, { "name": "20011204 Symlink attack with apmd of RH 7.2", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=100743394701962\u0026w=2" }, { "name": "5493", "refsource": "OSVDB", "url": "http://www.osvdb.org/5493" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0946", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2002-01-31T00:00:00", "dateUpdated": "2024-08-08T04:37:07.059Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0391 (GCVE-0-2000-0391)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.492Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FreeBSD-SA-00:20", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "name": "4876", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/4876" }, { "name": "RHSA-2000:025", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "name": "CA-2000-06", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "name": "1220", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1220" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-05-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FreeBSD-SA-00:20", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "name": "4876", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/4876" }, { "name": "RHSA-2000:025", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "name": "CA-2000-06", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "name": "1220", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1220" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0391", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FreeBSD-SA-00:20", "refsource": "FREEBSD", "url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html" }, { "name": "4876", "refsource": "OSVDB", "url": "http://www.osvdb.org/4876" }, { "name": "RHSA-2000:025", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-025.html" }, { "name": "CA-2000-06", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2000-06.html" }, { "name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html" }, { "name": "1220", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1220" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0391", "datePublished": "2000-07-12T04:00:00", "dateReserved": "2000-06-14T00:00:00", "dateUpdated": "2024-08-08T05:14:21.492Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-36049 (GCVE-0-2025-36049)
Vulnerability from cvelistv5
Published
2025-06-18 16:06
Modified
2025-06-18 17:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Summary
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15
is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
IBM | webMethods Integration Server |
Version: 10.5, 10.7, 10.11, 10.15 cpe:2.3:a:softwareag:webmethods:10.5:*:*:*:*:*:*:* cpe:2.3:a:softwareag:webmethods:10.7:*:*:*:*:*:*:* cpe:2.3:a:softwareag:webmethods:10.11:*:*:*:*:*:*:* cpe:2.3:a:softwareag:webmethods:10.15:*:*:*:*:*:*:* |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-36049", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-06-18T17:47:53.956675Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-06-18T17:48:11.269Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:a:softwareag:webmethods:10.5:*:*:*:*:*:*:*", "cpe:2.3:a:softwareag:webmethods:10.7:*:*:*:*:*:*:*", "cpe:2.3:a:softwareag:webmethods:10.11:*:*:*:*:*:*:*", "cpe:2.3:a:softwareag:webmethods:10.15:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "webMethods Integration Server", "vendor": "IBM", "versions": [ { "status": "affected", "version": "10.5, 10.7, 10.11, 10.15" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Filip Dragovic" } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eis vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands.\u003c/span\u003e" } ], "value": "IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 \n\nis vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-611", "description": "CWE-611 Improper Restriction of XML External Entity Reference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-06-18T16:06:18.983Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://www.ibm.com/support/pages/node/7237146" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "IBM strongly recommends addressing the vulnerability now by applying the mentioned core fixes or later core fixes for the affected versions and following the respective fix readme document.\u003cbr\u003e\u003cbr\u003eIS_10.5_Core_Fix29 or later\u003cbr\u003eIS_10.7_Core_Fix23 or later\u003cbr\u003eIS_10.11_Core_Fix11 or later\u003cbr\u003eIS_10.15_Core_Fix14 or later\u003cbr\u003e\u003cbr\u003eFixes can be downloaded and installed via IBM webMethods Update Manager. Refer to How to Download webMethods Software\u003cbr\u003e" } ], "value": "IBM strongly recommends addressing the vulnerability now by applying the mentioned core fixes or later core fixes for the affected versions and following the respective fix readme document.\n\nIS_10.5_Core_Fix29 or later\nIS_10.7_Core_Fix23 or later\nIS_10.11_Core_Fix11 or later\nIS_10.15_Core_Fix14 or later\n\nFixes can be downloaded and installed via IBM webMethods Update Manager. Refer to How to Download webMethods Software" } ], "source": { "discovery": "UNKNOWN" }, "title": "IBM webMethods Integration Sever XML external entity injection", "x_generator": { "engine": "Vulnogram 0.2.0" } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2025-36049", "datePublished": "2025-06-18T16:06:18.983Z", "dateReserved": "2025-04-15T21:16:10.569Z", "dateUpdated": "2025-06-18T17:48:11.269Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0002 (GCVE-0-1999-0002)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:07:57.748Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "J-006", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/j-006.shtml" }, { "name": "19981006-01-I", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I" }, { "name": "121", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/121" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "J-006", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/j-006.shtml" }, { "name": "19981006-01-I", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I" }, { "name": "121", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/121" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0002", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "J-006", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/j-006.shtml" }, { "name": "19981006-01-I", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/19981006-01-I" }, { "name": "121", "refsource": "BID", "url": "http://www.securityfocus.com/bid/121" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0002", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:07:57.748Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0286 (GCVE-0-2000-0286)
Vulnerability from cvelistv5
Published
2000-04-26 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
X fontserver xfs allows local users to cause a denial of service via malformed input to the server.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:20.663Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1111", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1111" }, { "name": "20000416 xfs", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "X fontserver xfs allows local users to cause a denial of service via malformed input to the server." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2003-03-21T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1111", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1111" }, { "name": "20000416 xfs", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0286", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "X fontserver xfs allows local users to cause a denial of service via malformed input to the server." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1111", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1111" }, { "name": "20000416 xfs", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0286", "datePublished": "2000-04-26T04:00:00", "dateReserved": "2000-04-26T00:00:00", "dateUpdated": "2024-08-08T05:14:20.663Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0989 (GCVE-0-2003-0989)
Vulnerability from cvelistv5
Published
2004-01-15 05:00
Modified
2024-08-08 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:12:35.646Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20040202-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc" }, { "name": "FEDORA-2004-090", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html" }, { "name": "10718", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/10718" }, { "name": "SCOSA-2004.9", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt" }, { "name": "RHSA-2004:008", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-008.html" }, { "name": "FLSA:1222", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html" }, { "name": "11032", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11032/" }, { "name": "10668", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/10668" }, { "name": "CSSA-2004-008.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt" }, { "name": "[fedora-announce-list] 20040311 Re: [SECURITY] Fedora Core 1 Update: tcpdump-3.7.2-8.fc1.1", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html" }, { "name": "10637", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/10637" }, { "name": "11022", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11022" }, { "name": "10636", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/10636" }, { "name": "9507", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9507" }, { "name": "20040131 [FLSA-2004:1222] Updated tcpdump resolves security vulnerabilites (resend with correct paths)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=107577418225627\u0026w=2" }, { "name": "1008716", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1008716" }, { "name": "ESA-20040119-002", "tags": [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred" ], "url": "http://lwn.net/Alerts/66805/" }, { "name": "12179", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/12179/" }, { "name": "10644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/10644" }, { "name": "VU#738518", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/738518" }, { "name": "MDKSA-2004:008", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:008" }, { "name": "20040119 [ESA-20040119-002] \u0027tcpdump\u0027 multiple vulnerabilities.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/350238/30/21640/threaded" }, { "name": "RHSA-2004:007", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-007.html" }, { "name": "20040103-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc" }, { "name": "oval:org.mitre.oval:def:847", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A847" }, { "name": "DSA-425", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-425" }, { "name": "10652", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/10652" }, { "name": "oval:org.mitre.oval:def:852", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A852" }, { "name": "oval:org.mitre.oval:def:10599", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10599" }, { "name": "APPLE-SA-2004-02-23", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html" }, { "name": "10639", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/10639" }, { "name": "FEDORA-2004-092", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html" }, { "name": "2004-0004", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://lwn.net/Alerts/66445/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-01-13T00:00:00", "descriptions": [ { "lang": "en", "value": "tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20040202-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc" }, { "name": "FEDORA-2004-090", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html" }, { "name": "10718", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/10718" }, { "name": "SCOSA-2004.9", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt" }, { "name": "RHSA-2004:008", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-008.html" }, { "name": "FLSA:1222", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html" }, { "name": "11032", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11032/" }, { "name": "10668", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/10668" }, { "name": "CSSA-2004-008.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt" }, { "name": "[fedora-announce-list] 20040311 Re: [SECURITY] Fedora Core 1 Update: tcpdump-3.7.2-8.fc1.1", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html" }, { "name": "10637", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/10637" }, { "name": "11022", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11022" }, { "name": "10636", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/10636" }, { "name": "9507", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9507" }, { "name": "20040131 [FLSA-2004:1222] Updated tcpdump resolves security vulnerabilites (resend with correct paths)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=107577418225627\u0026w=2" }, { "name": "1008716", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1008716" }, { "name": "ESA-20040119-002", "tags": [ "vendor-advisory", "x_refsource_ENGARDE" ], "url": "http://lwn.net/Alerts/66805/" }, { "name": "12179", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/12179/" }, { "name": "10644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/10644" }, { "name": "VU#738518", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/738518" }, { "name": "MDKSA-2004:008", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:008" }, { "name": "20040119 [ESA-20040119-002] \u0027tcpdump\u0027 multiple vulnerabilities.", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/350238/30/21640/threaded" }, { "name": "RHSA-2004:007", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-007.html" }, { "name": "20040103-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc" }, { "name": "oval:org.mitre.oval:def:847", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A847" }, { "name": "DSA-425", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-425" }, { "name": "10652", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/10652" }, { "name": "oval:org.mitre.oval:def:852", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A852" }, { "name": "oval:org.mitre.oval:def:10599", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10599" }, { "name": "APPLE-SA-2004-02-23", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html" }, { "name": "10639", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/10639" }, { "name": "FEDORA-2004-092", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html" }, { "name": "2004-0004", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://lwn.net/Alerts/66445/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0989", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20040202-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc" }, { "name": "FEDORA-2004-090", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00006.html" }, { "name": "10718", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/10718" }, { "name": "SCOSA-2004.9", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt" }, { "name": "RHSA-2004:008", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-008.html" }, { "name": "FLSA:1222", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-legacy-list/2004-January/msg00726.html" }, { "name": "11032", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11032/" }, { "name": "10668", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/10668" }, { "name": "CSSA-2004-008.0", "refsource": "CALDERA", "url": "ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-008.0.txt" }, { "name": "[fedora-announce-list] 20040311 Re: [SECURITY] Fedora Core 1 Update: tcpdump-3.7.2-8.fc1.1", "refsource": "MLIST", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00015.html" }, { "name": "10637", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/10637" }, { "name": "11022", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11022" }, { "name": "10636", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/10636" }, { "name": "9507", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9507" }, { "name": "20040131 [FLSA-2004:1222] Updated tcpdump resolves security vulnerabilites (resend with correct paths)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=107577418225627\u0026w=2" }, { "name": "1008716", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1008716" }, { "name": "ESA-20040119-002", "refsource": "ENGARDE", "url": "http://lwn.net/Alerts/66805/" }, { "name": "12179", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/12179/" }, { "name": "10644", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/10644" }, { "name": "VU#738518", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/738518" }, { "name": "MDKSA-2004:008", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:008" }, { "name": "20040119 [ESA-20040119-002] \u0027tcpdump\u0027 multiple vulnerabilities.", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/350238/30/21640/threaded" }, { "name": "RHSA-2004:007", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-007.html" }, { "name": "20040103-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc" }, { "name": "oval:org.mitre.oval:def:847", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A847" }, { "name": "DSA-425", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-425" }, { "name": "10652", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/10652" }, { "name": "oval:org.mitre.oval:def:852", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A852" }, { "name": "oval:org.mitre.oval:def:10599", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10599" }, { "name": "APPLE-SA-2004-02-23", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html" }, { "name": "10639", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/10639" }, { "name": "FEDORA-2004-092", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-March/msg00009.html" }, { "name": "2004-0004", "refsource": "TRUSTIX", "url": "http://lwn.net/Alerts/66445/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0989", "datePublished": "2004-01-15T05:00:00", "dateReserved": "2003-12-16T00:00:00", "dateUpdated": "2024-08-08T02:12:35.646Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2021-20566 (GCVE-0-2021-20566)
Vulnerability from cvelistv5
Published
2021-06-16 16:15
Modified
2024-09-16 16:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 199238.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
IBM | Resilient SOAR |
Version: 38 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T17:45:44.335Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6464043" }, { "name": "ibm-resilient-cve202120566-info-disc (199238)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199238" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Resilient SOAR", "vendor": "IBM", "versions": [ { "status": "affected", "version": "38" } ] } ], "datePublic": "2021-06-15T00:00:00", "descriptions": [ { "lang": "en", "value": "IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 199238." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 5.2, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.0/A:N/S:U/AC:H/I:N/PR:N/UI:N/AV:N/C:H/RL:O/RC:C/E:U", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Obtain Information", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-16T16:15:21", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6464043" }, { "name": "ibm-resilient-cve202120566-info-disc (199238)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199238" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2021-06-15T00:00:00", "ID": "CVE-2021-20566", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Resilient SOAR", "version": { "version_data": [ { "version_value": "38" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 199238." } ] }, "impact": { "cvssv3": { "BM": { "A": "N", "AC": "H", "AV": "N", "C": "H", "I": "N", "PR": "N", "S": "U", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Obtain Information" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6464043", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6464043 (Resilient OnPrem)", "url": "https://www.ibm.com/support/pages/node/6464043" }, { "name": "ibm-resilient-cve202120566-info-disc (199238)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/199238" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2021-20566", "datePublished": "2021-06-16T16:15:21.363905Z", "dateReserved": "2020-12-17T00:00:00", "dateUpdated": "2024-09-16T16:33:49.643Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-1814 (GCVE-0-2002-1814)
Vulnerability from cvelistv5
Published
2005-06-28 04:00
Modified
2024-09-17 00:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T03:43:32.782Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.securiteam.com/exploits/5AP0E0K8AO.html" }, { "name": "20020628 efstool local root exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://online.securityfocus.com/archive/1/279676" }, { "name": "5125", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/5125" }, { "name": "linux-efstool-bo(9451)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/9451.php" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-06-28T04:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.securiteam.com/exploits/5AP0E0K8AO.html" }, { "name": "20020628 efstool local root exploit", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://online.securityfocus.com/archive/1/279676" }, { "name": "5125", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/5125" }, { "name": "linux-efstool-bo(9451)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/9451.php" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1814", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.securiteam.com/exploits/5AP0E0K8AO.html", "refsource": "MISC", "url": "http://www.securiteam.com/exploits/5AP0E0K8AO.html" }, { "name": "20020628 efstool local root exploit", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/279676" }, { "name": "5125", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5125" }, { "name": "linux-efstool-bo(9451)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/9451.php" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1814", "datePublished": "2005-06-28T04:00:00Z", "dateReserved": "2005-06-28T04:00:00Z", "dateUpdated": "2024-09-17T00:11:30.420Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1335 (GCVE-0-2004-1335)
Vulnerability from cvelistv5
Published
2005-01-06 05:00
Modified
2024-08-08 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:46:12.321Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20163", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20163" }, { "name": "20041215 fun with linux kernel", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "name": "20041215 [USN-47-1] Linux kernel vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2" }, { "name": "DSA-1082", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1082" }, { "name": "oval:org.mitre.oval:def:11085", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11085" }, { "name": "RHSA-2005:017", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html" }, { "name": "DSA-1070", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1070" }, { "name": "RHSA-2005:016", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "name": "11956", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11956" }, { "name": "DSA-1067", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1067" }, { "name": "DSA-1069", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-1069" }, { "name": "linux-ipoptionsget-memory-leak(18524)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18524" }, { "name": "20202", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20202" }, { "name": "20338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20338" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-12-15T00:00:00", "descriptions": [ { "lang": "en", "value": "Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20163", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20163" }, { "name": "20041215 fun with linux kernel", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "name": "20041215 [USN-47-1] Linux kernel vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2" }, { "name": "DSA-1082", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1082" }, { "name": "oval:org.mitre.oval:def:11085", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11085" }, { "name": "RHSA-2005:017", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html" }, { "name": "DSA-1070", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1070" }, { "name": "RHSA-2005:016", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "name": "11956", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11956" }, { "name": "DSA-1067", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1067" }, { "name": "DSA-1069", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-1069" }, { "name": "linux-ipoptionsget-memory-leak(18524)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18524" }, { "name": "20202", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20202" }, { "name": "20338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20338" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1335", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20163", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20163" }, { "name": "20041215 fun with linux kernel", "refsource": "FULLDISC", "url": "http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html" }, { "name": "20041215 [USN-47-1] Linux kernel vulnerabilities", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=110383108211524\u0026w=2" }, { "name": "DSA-1082", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1082" }, { "name": "oval:org.mitre.oval:def:11085", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11085" }, { "name": "RHSA-2005:017", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-017.html" }, { "name": "DSA-1070", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1070" }, { "name": "RHSA-2005:016", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-016.html" }, { "name": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html", "refsource": "MISC", "url": "http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html" }, { "name": "11956", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11956" }, { "name": "DSA-1067", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1067" }, { "name": "DSA-1069", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1069" }, { "name": "linux-ipoptionsget-memory-leak(18524)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18524" }, { "name": "20202", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20202" }, { "name": "20338", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20338" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1335", "datePublished": "2005-01-06T05:00:00", "dateReserved": "2005-01-06T00:00:00", "dateUpdated": "2024-08-08T00:46:12.321Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-1232 (GCVE-0-2002-1232)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T03:19:28.137Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "HPSBTL0210-074", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://online.securityfocus.com/advisories/4605" }, { "name": "RHSA-2003:229", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-229.html" }, { "name": "CSSA-2002-054.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt" }, { "name": "DSA-180", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2002/dsa-180" }, { "name": "RHSA-2002:224", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-224.html" }, { "name": "MDKSA-2002:078", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php" }, { "name": "ypserv-map-memory-leak(10423)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/10423.php" }, { "name": "CLA-2002:539", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539" }, { "name": "RHSA-2002:223", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-223.html" }, { "name": "6016", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/6016" }, { "name": "20021028 GLSA: ypserv", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-10-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-08-18T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "HPSBTL0210-074", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://online.securityfocus.com/advisories/4605" }, { "name": "RHSA-2003:229", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-229.html" }, { "name": "CSSA-2002-054.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt" }, { "name": "DSA-180", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2002/dsa-180" }, { "name": "RHSA-2002:224", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-224.html" }, { "name": "MDKSA-2002:078", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php" }, { "name": "ypserv-map-memory-leak(10423)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/10423.php" }, { "name": "CLA-2002:539", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539" }, { "name": "RHSA-2002:223", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-223.html" }, { "name": "6016", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/6016" }, { "name": "20021028 GLSA: ypserv", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1232", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "HPSBTL0210-074", "refsource": "HP", "url": "http://online.securityfocus.com/advisories/4605" }, { "name": "RHSA-2003:229", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-229.html" }, { "name": "CSSA-2002-054.0", "refsource": "CALDERA", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-054.0.txt" }, { "name": "DSA-180", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-180" }, { "name": "RHSA-2002:224", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-224.html" }, { "name": "MDKSA-2002:078", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-078.php" }, { "name": "ypserv-map-memory-leak(10423)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/10423.php" }, { "name": "CLA-2002:539", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000539" }, { "name": "RHSA-2002:223", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-223.html" }, { "name": "6016", "refsource": "BID", "url": "http://www.securityfocus.com/bid/6016" }, { "name": "20021028 GLSA: ypserv", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=103582692228894\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1232", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-10-22T00:00:00", "dateUpdated": "2024-08-08T03:19:28.137Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0314 (GCVE-0-2000-0314)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.287Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19990213 traceroute as a flooder", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2" }, { "name": "7574", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/7574" }, { "name": "NetBSD-SA1999-004", "tags": [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred" ], "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "1999-02-13T00:00:00", "descriptions": [ { "lang": "en", "value": "traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19990213 traceroute as a flooder", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2" }, { "name": "7574", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/7574" }, { "name": "NetBSD-SA1999-004", "tags": [ "vendor-advisory", "x_refsource_NETBSD" ], "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0314", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19990213 traceroute as a flooder", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2" }, { "name": "7574", "refsource": "OSVDB", "url": "http://www.osvdb.org/7574" }, { "name": "NetBSD-SA1999-004", "refsource": "NETBSD", "url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0314", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2000-05-11T00:00:00", "dateUpdated": "2024-08-08T05:14:21.287Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0196 (GCVE-0-2000-0196)
Vulnerability from cvelistv5
Published
2000-04-10 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:05:54.115Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2000:006", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-006.html" }, { "name": "1018", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1018" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-02-28T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2000:006", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-006.html" }, { "name": "1018", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1018" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0196", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2000:006", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-006.html" }, { "name": "1018", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1018" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0196", "datePublished": "2000-04-10T04:00:00", "dateReserved": "2000-03-22T00:00:00", "dateUpdated": "2024-08-08T05:05:54.115Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0666 (GCVE-0-2000-0666)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
References
► | URL | Tags | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:28:40.705Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2000:043", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-043.html" }, { "name": "20000716 Lots and lots of fun with rpc.statd", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html" }, { "name": "1480", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1480" }, { "name": "20000717 CONECTIVA LINUX SECURITY ANNOUNCEMENT - nfs-utils", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html" }, { "name": "20000718 Trustix Security Advisory - nfs-utils", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html" }, { "name": "linux-rpcstatd-format-overwrite(4939)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4939" }, { "name": "CSSA-2000-025.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt" }, { "name": "CA-2000-17", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.cert.org/advisories/CA-2000-17.html" }, { "name": "20000718 [Security Announce] MDKSA-2000:021 nfs-utils update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-07-16T00:00:00", "descriptions": [ { "lang": "en", "value": "rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2000:043", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-043.html" }, { "name": "20000716 Lots and lots of fun with rpc.statd", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html" }, { "name": "1480", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1480" }, { "name": "20000717 CONECTIVA LINUX SECURITY ANNOUNCEMENT - nfs-utils", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html" }, { "name": "20000718 Trustix Security Advisory - nfs-utils", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html" }, { "name": "linux-rpcstatd-format-overwrite(4939)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4939" }, { "name": "CSSA-2000-025.0", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt" }, { "name": "CA-2000-17", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.cert.org/advisories/CA-2000-17.html" }, { "name": "20000718 [Security Announce] MDKSA-2000:021 nfs-utils update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0666", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2000:043", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-043.html" }, { "name": "20000716 Lots and lots of fun with rpc.statd", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0206.html" }, { "name": "1480", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1480" }, { "name": "20000717 CONECTIVA LINUX SECURITY ANNOUNCEMENT - nfs-utils", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0230.html" }, { "name": "20000718 Trustix Security Advisory - nfs-utils", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0236.html" }, { "name": "linux-rpcstatd-format-overwrite(4939)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4939" }, { "name": "CSSA-2000-025.0", "refsource": "CALDERA", "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-025.0.txt" }, { "name": "CA-2000-17", "refsource": "CERT", "url": "http://www.cert.org/advisories/CA-2000-17.html" }, { "name": "20000718 [Security Announce] MDKSA-2000:021 nfs-utils update", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0260.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0666", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-08-02T00:00:00", "dateUpdated": "2024-08-08T05:28:40.705Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0010 (GCVE-0-1999-0010)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:27:56.711Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19980603-01-PX", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "name": "HPSBUX9808-083", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2009-03-02T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "19980603-01-PX", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "name": "HPSBUX9808-083", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0010", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19980603-01-PX", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/19980603-01-PX" }, { "name": "HPSBUX9808-083", "refsource": "HP", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9808-083" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0010", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:27:56.711Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0852 (GCVE-0-2001-0852)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:37:06.651Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "tux-http-host-dos(7464)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7464" }, { "name": "20011105 RH Linux Tux HTTPD DoS", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=100498100112191\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://marc.info/?l=tux-list\u0026m=100584714702328\u0026w=2" }, { "name": "RHSA-2001:142", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-142.html" }, { "name": "3506", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3506" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-11-02T00:00:00", "descriptions": [ { "lang": "en", "value": "TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-26T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "tux-http-host-dos(7464)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7464" }, { "name": "20011105 RH Linux Tux HTTPD DoS", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=100498100112191\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://marc.info/?l=tux-list\u0026m=100584714702328\u0026w=2" }, { "name": "RHSA-2001:142", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-142.html" }, { "name": "3506", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3506" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0852", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "tux-http-host-dos(7464)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7464" }, { "name": "20011105 RH Linux Tux HTTPD DoS", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=100498100112191\u0026w=2" }, { "name": "http://marc.info/?l=tux-list\u0026m=100584714702328\u0026w=2", "refsource": "CONFIRM", "url": "http://marc.info/?l=tux-list\u0026m=100584714702328\u0026w=2" }, { "name": "RHSA-2001:142", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-142.html" }, { "name": "3506", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3506" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0852", "datePublished": "2002-03-09T05:00:00", "dateReserved": "2001-11-22T00:00:00", "dateUpdated": "2024-08-08T04:37:06.651Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0442 (GCVE-0-2003-0442)
Vulnerability from cvelistv5
Published
2003-06-20 04:00
Modified
2024-08-08 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:50:48.183Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MDKSA-2003:082", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:082" }, { "name": "1008653", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1008653" }, { "name": "7761", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/7761" }, { "name": "CLSA-2003:691", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000691" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://shh.thathost.com/secadv/2003-05-11-php.txt" }, { "name": "DSA-351", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2003/dsa-351" }, { "name": "php-session-id-xss(12259)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12259" }, { "name": "20030707 [OpenPKG-SA-2003.032] OpenPKG Security Advisory (php)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=105760591228031\u0026w=2" }, { "name": "TLSA-2003-47", "tags": [ "vendor-advisory", "x_refsource_TURBO", "x_transferred" ], "url": "http://www.turbolinux.co.jp/security/2003/TLSA-2003-47j.txt" }, { "name": "oval:org.mitre.oval:def:485", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A485" }, { "name": "20030530 PHP Trans SID XSS (Was: New php release with security fixes)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=105449314612963\u0026w=2" }, { "name": "4758", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/4758" }, { "name": "N-112", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/n-112.shtml" }, { "name": "RHSA-2003:204", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-204.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-05-30T00:00:00", "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MDKSA-2003:082", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:082" }, { "name": "1008653", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1008653" }, { "name": "7761", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/7761" }, { "name": "CLSA-2003:691", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000691" }, { "tags": [ "x_refsource_MISC" ], "url": "http://shh.thathost.com/secadv/2003-05-11-php.txt" }, { "name": "DSA-351", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2003/dsa-351" }, { "name": "php-session-id-xss(12259)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12259" }, { "name": "20030707 [OpenPKG-SA-2003.032] OpenPKG Security Advisory (php)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=105760591228031\u0026w=2" }, { "name": "TLSA-2003-47", "tags": [ "vendor-advisory", "x_refsource_TURBO" ], "url": "http://www.turbolinux.co.jp/security/2003/TLSA-2003-47j.txt" }, { "name": "oval:org.mitre.oval:def:485", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A485" }, { "name": "20030530 PHP Trans SID XSS (Was: New php release with security fixes)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=105449314612963\u0026w=2" }, { "name": "4758", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/4758" }, { "name": "N-112", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/n-112.shtml" }, { "name": "RHSA-2003:204", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-204.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0442", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MDKSA-2003:082", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:082" }, { "name": "1008653", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1008653" }, { "name": "7761", "refsource": "BID", "url": "http://www.securityfocus.com/bid/7761" }, { "name": "CLSA-2003:691", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000691" }, { "name": "http://shh.thathost.com/secadv/2003-05-11-php.txt", "refsource": "MISC", "url": "http://shh.thathost.com/secadv/2003-05-11-php.txt" }, { "name": "DSA-351", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2003/dsa-351" }, { "name": "php-session-id-xss(12259)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12259" }, { "name": "20030707 [OpenPKG-SA-2003.032] OpenPKG Security Advisory (php)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=105760591228031\u0026w=2" }, { "name": "TLSA-2003-47", "refsource": "TURBO", "url": "http://www.turbolinux.co.jp/security/2003/TLSA-2003-47j.txt" }, { "name": "oval:org.mitre.oval:def:485", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A485" }, { "name": "20030530 PHP Trans SID XSS (Was: New php release with security fixes)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=105449314612963\u0026w=2" }, { "name": "4758", "refsource": "OSVDB", "url": "http://www.osvdb.org/4758" }, { "name": "N-112", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/n-112.shtml" }, { "name": "RHSA-2003:204", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-204.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0442", "datePublished": "2003-06-20T04:00:00", "dateReserved": "2003-06-18T00:00:00", "dateUpdated": "2024-08-08T01:50:48.183Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0441 (GCVE-0-2001-0441)
Vulnerability from cvelistv5
Published
2001-05-24 04:00
Modified
2024-08-08 04:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.
References
► | URL | Tags | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:21:38.397Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "CLA-2001:383", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000383" }, { "name": "slrn-wrapping-bo(6213)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6213" }, { "name": "MDKSA-2001:028", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3" }, { "name": "20010316 Immunix OS Security update for slrn", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=98471253131191\u0026w=2" }, { "name": "2493", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/2493" }, { "name": "DSA-040", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2001/dsa-040" }, { "name": "RHSA-2001:028", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-028.html" }, { "name": "FreeBSD-SA-01:37", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-03-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-12-18T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "CLA-2001:383", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000383" }, { "name": "slrn-wrapping-bo(6213)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6213" }, { "name": "MDKSA-2001:028", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3" }, { "name": "20010316 Immunix OS Security update for slrn", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=98471253131191\u0026w=2" }, { "name": "2493", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/2493" }, { "name": "DSA-040", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2001/dsa-040" }, { "name": "RHSA-2001:028", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-028.html" }, { "name": "FreeBSD-SA-01:37", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0441", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "CLA-2001:383", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000383" }, { "name": "slrn-wrapping-bo(6213)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6213" }, { "name": "MDKSA-2001:028", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-028.php3" }, { "name": "20010316 Immunix OS Security update for slrn", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=98471253131191\u0026w=2" }, { "name": "2493", "refsource": "BID", "url": "http://www.securityfocus.com/bid/2493" }, { "name": "DSA-040", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2001/dsa-040" }, { "name": "RHSA-2001:028", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-028.html" }, { "name": "FreeBSD-SA-01:37", "refsource": "FREEBSD", "url": "http://archives.neohapsis.com/archives/freebsd/2001-04/0610.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0441", "datePublished": "2001-05-24T04:00:00", "dateReserved": "2001-05-24T00:00:00", "dateUpdated": "2024-08-08T04:21:38.397Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0872 (GCVE-0-2001-0872)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 04:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
References
► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:37:06.741Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MDKSA-2001:092", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2001:092" }, { "name": "HPSBUX0112-005", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0112-005" }, { "name": "openssh-uselogin-execute-code(7647)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7647" }, { "name": "CSSA-2001-042.1", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-042.1.txt" }, { "name": "688", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/688" }, { "name": "DSA-091", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2001/dsa-091" }, { "name": "20011204 [Fwd: OpenSSH 3.0.2 fixes UseLogin vulnerability]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=100749779131514\u0026w=2" }, { "name": "VU#157447", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/157447" }, { "name": "RHSA-2001:161", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-161.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://marc.info/?l=openssh-unix-dev\u0026m=100747128105913\u0026w=2" }, { "name": "3614", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/3614" }, { "name": "SuSE-SA:2001:045", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archives/suse-security-announce/2001-Dec/0001.html" }, { "name": "CLA-2001:446", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000446" }, { "name": "M-026", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/m-026.shtml" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2001-12-04T00:00:00", "descriptions": [ { "lang": "en", "value": "OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-02-28T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MDKSA-2001:092", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2001:092" }, { "name": "HPSBUX0112-005", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0112-005" }, { "name": "openssh-uselogin-execute-code(7647)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7647" }, { "name": "CSSA-2001-042.1", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-042.1.txt" }, { "name": "688", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/688" }, { "name": "DSA-091", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2001/dsa-091" }, { "name": "20011204 [Fwd: OpenSSH 3.0.2 fixes UseLogin vulnerability]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=100749779131514\u0026w=2" }, { "name": "VU#157447", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/157447" }, { "name": "RHSA-2001:161", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2001-161.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://marc.info/?l=openssh-unix-dev\u0026m=100747128105913\u0026w=2" }, { "name": "3614", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/3614" }, { "name": "SuSE-SA:2001:045", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archives/suse-security-announce/2001-Dec/0001.html" }, { "name": "CLA-2001:446", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000446" }, { "name": "M-026", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/m-026.shtml" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0872", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MDKSA-2001:092", "refsource": "MANDRAKE", "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2001:092" }, { "name": "HPSBUX0112-005", "refsource": "HP", "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0112-005" }, { "name": "openssh-uselogin-execute-code(7647)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7647" }, { "name": "CSSA-2001-042.1", "refsource": "CALDERA", "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-042.1.txt" }, { "name": "688", "refsource": "OSVDB", "url": "http://www.osvdb.org/688" }, { "name": "DSA-091", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2001/dsa-091" }, { "name": "20011204 [Fwd: OpenSSH 3.0.2 fixes UseLogin vulnerability]", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=100749779131514\u0026w=2" }, { "name": "VU#157447", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/157447" }, { "name": "RHSA-2001:161", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2001-161.html" }, { "name": "http://marc.info/?l=openssh-unix-dev\u0026m=100747128105913\u0026w=2", "refsource": "CONFIRM", "url": "http://marc.info/?l=openssh-unix-dev\u0026m=100747128105913\u0026w=2" }, { "name": "3614", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3614" }, { "name": "SuSE-SA:2001:045", "refsource": "SUSE", "url": "http://lists.suse.com/archives/suse-security-announce/2001-Dec/0001.html" }, { "name": "CLA-2001:446", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000446" }, { "name": "M-026", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/m-026.shtml" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0872", "datePublished": "2002-06-25T04:00:00", "dateReserved": "2001-12-03T00:00:00", "dateUpdated": "2024-08-08T04:37:06.741Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-0069 (GCVE-0-2002-0069)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service.
References
► | URL | Tags | ||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:35:17.385Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" }, { "name": "CLA-2002:464", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "name": "MDKSA-2002:016", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "name": "20020222 TSLSA-2002-0031 - squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "name": "FreeBSD-SA-02:12", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "name": "CSSA-2002-SCO.7", "tags": [ "vendor-advisory", "x_refsource_CALDERA", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "name": "squid-snmp-dos(8260)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "http://www.iss.net/security_center/static/8260.php" }, { "name": "20020221 Squid HTTP Proxy Security Update Advisory 2002:1", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "name": "RHSA-2002:029", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "name": "4146", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/4146" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-02-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2002-08-17T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" }, { "name": "CLA-2002:464", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "name": "MDKSA-2002:016", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "name": "20020222 TSLSA-2002-0031 - squid", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "name": "FreeBSD-SA-02:12", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "name": "CSSA-2002-SCO.7", "tags": [ "vendor-advisory", "x_refsource_CALDERA" ], "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "name": "squid-snmp-dos(8260)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "http://www.iss.net/security_center/static/8260.php" }, { "name": "20020221 Squid HTTP Proxy Security Update Advisory 2002:1", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "name": "RHSA-2002:029", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "name": "4146", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/4146" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-0069", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.squid-cache.org/Versions/v2/2.4/bugs/", "refsource": "CONFIRM", "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/" }, { "name": "CLA-2002:464", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000464" }, { "name": "MDKSA-2002:016", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php" }, { "name": "20020222 TSLSA-2002-0031 - squid", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101443252627021\u0026w=2" }, { "name": "FreeBSD-SA-02:12", "refsource": "FREEBSD", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc" }, { "name": "CSSA-2002-SCO.7", "refsource": "CALDERA", "url": "http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html" }, { "name": "squid-snmp-dos(8260)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/8260.php" }, { "name": "20020221 Squid HTTP Proxy Security Update Advisory 2002:1", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=101431040422095\u0026w=2" }, { "name": "RHSA-2002:029", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-029.html" }, { "name": "4146", "refsource": "BID", "url": "http://www.securityfocus.com/bid/4146" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-0069", "datePublished": "2003-04-02T05:00:00", "dateReserved": "2002-02-19T00:00:00", "dateUpdated": "2024-08-08T02:35:17.385Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0081 (GCVE-0-2004-0081)
Vulnerability from cvelistv5
Published
2004-03-18 05:00
Modified
2024-08-08 00:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:01:23.650Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "9899", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9899" }, { "name": "ESA-20040317-003", "tags": [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2" }, { "name": "RHSA-2004:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "CLA-2004:834", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "20040304-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc" }, { "name": "openssl-tls-dos(15509)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "FEDORA-2004-095", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "name": "57524", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "oval:org.mitre.oval:def:871", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871" }, { "name": "oval:org.mitre.oval:def:11755", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755" }, { "name": "VU#465542", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/465542" }, { "name": "TA04-078A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "GLSA-200403-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "11139", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "RHSA-2004:119", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html" }, { "name": "oval:org.mitre.oval:def:902", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902" }, { "name": "RHSA-2004:139", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "name": "2004-0012", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "name": "DSA-465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-465" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-03-17T00:00:00", "descriptions": [ { "lang": "en", "value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "9899", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9899" }, { "name": "ESA-20040317-003", "tags": [ "vendor-advisory", "x_refsource_ENGARDE" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2" }, { "name": "RHSA-2004:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "CLA-2004:834", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "20040304-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc" }, { "name": "openssl-tls-dos(15509)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "FEDORA-2004-095", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "name": "57524", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "oval:org.mitre.oval:def:871", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871" }, { "name": "oval:org.mitre.oval:def:11755", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755" }, { "name": "VU#465542", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/465542" }, { "name": "TA04-078A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "GLSA-200403-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "11139", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "RHSA-2004:119", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html" }, { "name": "oval:org.mitre.oval:def:902", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902" }, { "name": "RHSA-2004:139", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "name": "2004-0012", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "name": "DSA-465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-465" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0081", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "9899", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9899" }, { "name": "ESA-20040317-003", "refsource": "ENGARDE", "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2" }, { "name": "RHSA-2004:121", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "CLA-2004:834", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "20040304-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc" }, { "name": "openssl-tls-dos(15509)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509" }, { "name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", "refsource": "MISC", "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "FEDORA-2004-095", "refsource": "FEDORA", "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "name": "57524", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "oval:org.mitre.oval:def:871", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871" }, { "name": "oval:org.mitre.oval:def:11755", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755" }, { "name": "VU#465542", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/465542" }, { "name": "TA04-078A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "GLSA-200403-03", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "11139", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "RHSA-2004:119", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html" }, { "name": "oval:org.mitre.oval:def:902", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902" }, { "name": "RHSA-2004:139", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "name": "2004-0012", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "name": "DSA-465", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-465" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0081", "datePublished": "2004-03-18T05:00:00", "dateReserved": "2004-01-19T00:00:00", "dateUpdated": "2024-08-08T00:01:23.650Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0118 (GCVE-0-2000-0118)
Vulnerability from cvelistv5
Published
2000-02-08 05:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:05:53.936Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000130 RedHat 6.1 /and others/ PAM", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=94935300520617\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-01-30T00:00:00", "descriptions": [ { "lang": "en", "value": "The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000130 RedHat 6.1 /and others/ PAM", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=94935300520617\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0118", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000130 RedHat 6.1 /and others/ PAM", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=94935300520617\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0118", "datePublished": "2000-02-08T05:00:00", "dateReserved": "2000-02-08T00:00:00", "dateUpdated": "2024-08-08T05:05:53.936Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2000-0378 (GCVE-0-2000-0378)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T05:14:21.493Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20000502 pam_console bug", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0023.html" }, { "name": "1176", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/1176" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-05-03T00:00:00", "descriptions": [ { "lang": "en", "value": "The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20000502 pam_console bug", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0023.html" }, { "name": "1176", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/1176" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0378", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20000502 pam_console bug", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0023.html" }, { "name": "1176", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1176" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0378", "datePublished": "2000-10-13T04:00:00", "dateReserved": "2000-06-14T00:00:00", "dateUpdated": "2024-08-08T05:14:21.493Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2001-0128 (GCVE-0-2001-0128)
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 04:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
References
► | URL | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T04:06:55.324Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "6284", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/6284" }, { "name": "RHSA-2000:127", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-127.html" }, { "name": "zope-calculate-roles(5777)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5777" }, { "name": "MDKSA-2000-083", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-083.php3" }, { "name": "FreeBSD-SA-01:06", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:06.zope.asc" }, { "name": "CLA-2000:365", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000365" }, { "name": "DSA-006-1", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2000/20001219" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2000-12-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "6284", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/6284" }, { "name": "RHSA-2000:127", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2000-127.html" }, { "name": "zope-calculate-roles(5777)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5777" }, { "name": "MDKSA-2000-083", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-083.php3" }, { "name": "FreeBSD-SA-01:06", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:06.zope.asc" }, { "name": "CLA-2000:365", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000365" }, { "name": "DSA-006-1", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2000/20001219" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-0128", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "6284", "refsource": "OSVDB", "url": "http://www.osvdb.org/6284" }, { "name": "RHSA-2000:127", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2000-127.html" }, { "name": "zope-calculate-roles(5777)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5777" }, { "name": "MDKSA-2000-083", "refsource": "MANDRAKE", "url": "http://www.linux-mandrake.com/en/updates/2000/MDKSA-2000-083.php3" }, { "name": "FreeBSD-SA-01:06", "refsource": "FREEBSD", "url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:06.zope.asc" }, { "name": "CLA-2000:365", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000365" }, { "name": "DSA-006-1", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2000/20001219" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-0128", "datePublished": "2001-05-07T04:00:00", "dateReserved": "2001-02-06T00:00:00", "dateUpdated": "2024-08-08T04:06:55.324Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0434 (GCVE-0-1999-0434)
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:41:45.503Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "359", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/359" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-04-20T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "359", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/359" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0434", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "359", "refsource": "BID", "url": "http://www.securityfocus.com/bid/359" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0434", "datePublished": "2000-02-04T05:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:41:45.503Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0769 (GCVE-0-1999-0769)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:48:37.890Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "611", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/611" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-11-02T10:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "611", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/611" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0769", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "611", "refsource": "BID", "url": "http://www.securityfocus.com/bid/611" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0769", "datePublished": "2000-01-04T05:00:00", "dateReserved": "1999-11-25T00:00:00", "dateUpdated": "2024-08-01T16:48:37.890Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0405 (GCVE-0-1999-0405)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A buffer overflow in lsof allows local users to obtain root privilege.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:34:52.138Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "3163", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/3163" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A buffer overflow in lsof allows local users to obtain root privilege." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2004-09-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "3163", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/3163" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0405", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A buffer overflow in lsof allows local users to obtain root privilege." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "3163", "refsource": "OSVDB", "url": "http://www.osvdb.org/3163" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0405", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:34:52.138Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-1999-0368 (GCVE-0-1999-0368)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T16:34:51.941Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-17T07:24:14", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-1999-0368", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-1999-0368", "datePublished": "1999-09-29T04:00:00", "dateReserved": "1999-06-07T00:00:00", "dateUpdated": "2024-08-01T16:34:51.941Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-4533 (GCVE-0-2019-4533)
Vulnerability from cvelistv5
Published
2020-08-28 14:35
Modified
2024-09-16 18:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of Service
Summary
IBM Resilient SOAR V38.0 users may experience a denial of service of the SOAR Platform due to a insufficient input validation. IBM X-Force ID: 165589.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
IBM | Resilient SOAR |
Version: 38 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T19:40:47.323Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/pages/node/6323645" }, { "name": "ibm-resilient-cve20194533-dos (165589)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/165589" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Resilient SOAR", "vendor": "IBM", "versions": [ { "status": "affected", "version": "38" } ] } ], "datePublic": "2020-08-27T00:00:00", "descriptions": [ { "lang": "en", "value": "IBM Resilient SOAR V38.0 users may experience a denial of service of the SOAR Platform due to a insufficient input validation. IBM X-Force ID: 165589." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "NONE", "privilegesRequired": "LOW", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 3.8, "temporalSeverity": "LOW", "userInteraction": "NONE", "vectorString": "CVSS:3.0/I:N/PR:L/AV:N/C:N/S:U/AC:L/A:L/UI:N/RL:O/RC:C/E:U", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "Denial of Service", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-08-28T14:35:19", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/pages/node/6323645" }, { "name": "ibm-resilient-cve20194533-dos (165589)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/165589" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2020-08-27T00:00:00", "ID": "CVE-2019-4533", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Resilient SOAR", "version": { "version_data": [ { "version_value": "38" } ] } } ] }, "vendor_name": "IBM" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "IBM Resilient SOAR V38.0 users may experience a denial of service of the SOAR Platform due to a insufficient input validation. IBM X-Force ID: 165589." } ] }, "impact": { "cvssv3": { "BM": { "A": "L", "AC": "L", "AV": "N", "C": "N", "I": "N", "PR": "L", "S": "U", "UI": "N" }, "TM": { "E": "U", "RC": "C", "RL": "O" } } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Denial of Service" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.ibm.com/support/pages/node/6323645", "refsource": "CONFIRM", "title": "IBM Security Bulletin 6323645 (Resilient SOAR)", "url": "https://www.ibm.com/support/pages/node/6323645" }, { "name": "ibm-resilient-cve20194533-dos (165589)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/165589" } ] } } } }, "cveMetadata": { "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2019-4533", "datePublished": "2020-08-28T14:35:19.141907Z", "dateReserved": "2019-01-03T00:00:00", "dateUpdated": "2024-09-16T18:18:53.865Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2002-2185 (GCVE-0-2002-2185)
Vulnerability from cvelistv5
Published
2005-11-16 21:17
Modified
2024-08-08 03:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
References
► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T03:51:17.597Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2006:0140", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0140.html" }, { "name": "18684", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18684" }, { "name": "igmp-spoofed-report-dos(9436)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9436" }, { "name": "oval:org.mitre.oval:def:10736", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736" }, { "name": "20020901-01-A", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A" }, { "name": "RHSA-2006:0101", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0101.html" }, { "name": "FLSA:157459-2", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/428058/100/0/threaded" }, { "name": "FLSA:157459-4", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427981/100/0/threaded" }, { "name": "5020", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/5020" }, { "name": "20020614 IGMP denial of service vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://online.securityfocus.com/archive/1/276968" }, { "name": "RHSA-2006:0190", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html" }, { "name": "18510", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18510" }, { "name": "FLSA:157459-1", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/428028/100/0/threaded" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.cs.ucsb.edu/~krishna/igmp_dos/" }, { "name": "FLSA:157459-3", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427980/100/0/threaded" }, { "name": "RHSA-2006:0191", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0191.html" }, { "name": "18562", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18562" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2002-06-14T00:00:00", "descriptions": [ { "lang": "en", "value": "The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target\u0027s Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2006:0140", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0140.html" }, { "name": "18684", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18684" }, { "name": "igmp-spoofed-report-dos(9436)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9436" }, { "name": "oval:org.mitre.oval:def:10736", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736" }, { "name": "20020901-01-A", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A" }, { "name": "RHSA-2006:0101", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0101.html" }, { "name": "FLSA:157459-2", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/428058/100/0/threaded" }, { "name": "FLSA:157459-4", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427981/100/0/threaded" }, { "name": "5020", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/5020" }, { "name": "20020614 IGMP denial of service vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://online.securityfocus.com/archive/1/276968" }, { "name": "RHSA-2006:0190", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html" }, { "name": "18510", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18510" }, { "name": "FLSA:157459-1", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/428028/100/0/threaded" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.cs.ucsb.edu/~krishna/igmp_dos/" }, { "name": "FLSA:157459-3", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427980/100/0/threaded" }, { "name": "RHSA-2006:0191", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0191.html" }, { "name": "18562", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18562" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-2185", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target\u0027s Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2006:0140", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0140.html" }, { "name": "18684", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18684" }, { "name": "igmp-spoofed-report-dos(9436)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9436" }, { "name": "oval:org.mitre.oval:def:10736", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10736" }, { "name": "20020901-01-A", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A" }, { "name": "RHSA-2006:0101", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0101.html" }, { "name": "FLSA:157459-2", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/428058/100/0/threaded" }, { "name": "FLSA:157459-4", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/427981/100/0/threaded" }, { "name": "5020", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5020" }, { "name": "20020614 IGMP denial of service vulnerability", "refsource": "BUGTRAQ", "url": "http://online.securityfocus.com/archive/1/276968" }, { "name": "RHSA-2006:0190", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html" }, { "name": "18510", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18510" }, { "name": "FLSA:157459-1", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/428028/100/0/threaded" }, { "name": "http://www.cs.ucsb.edu/~krishna/igmp_dos/", "refsource": "MISC", "url": "http://www.cs.ucsb.edu/~krishna/igmp_dos/" }, { "name": "FLSA:157459-3", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/427980/100/0/threaded" }, { "name": "RHSA-2006:0191", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0191.html" }, { "name": "18562", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18562" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-2185", "datePublished": "2005-11-16T21:17:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-08T03:51:17.597Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }