CVE-2008-0595

all versions

dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the securi

CVE-2007-6284

all versions

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loo

CVE-2007-0454

all versions

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execu

CVE-2006-0745

all versions

X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if

CVE-2005-3626

all versions

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause

CVE-2005-3625

all versions

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause

CVE-2005-3624

all versions

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and

CVE-2005-2377

all versions

nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not

CVE-2005-1267

all versions

The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which al

CVE-2005-0085

all versions

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web scri

CVE-2005-0020

all versions

Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.

CVE-2005-0003

all versions

The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (vi

CVE-2004-1235

all versions

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and

CVE-2005-0473

all versions

The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malfor

CVE-2005-0472

all versions

Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or

CVE-2005-0605

all versions

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

CVE-2004-1051

all versions

sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions

CVE-2004-0983

all versions

The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop

CVE-2005-0503

all versions

uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local u

CVE-2004-0977

all versions

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on tempo

CVE-2004-0975

all versions

The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users

CVE-2004-0974

all versions

The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrit

CVE-2004-0937

all versions

Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass

CVE-2004-0936

all versions

RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set

CVE-2004-0935

all versions

Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file wi

CVE-2004-0934

all versions

Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global heade

CVE-2004-0933

all versions

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTru

CVE-2004-0932

all versions

McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows re

CVE-2004-0886

all versions

Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corru

CVE-2004-1188

all versions

The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properl

CVE-2004-1187

all versions

Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same cod

CVE-2004-1171

all versions

KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB pro

CVE-2004-1158

all versions

Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting conten

CVE-2004-1098

all versions

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus

CVE-2004-1096

all versions

Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antiv

CVE-2004-1014

all versions

statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of servic

CVE-2004-2395

all versions

Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read

CVE-2004-2394

all versions

Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a pass

CVE-2004-2392

all versions

libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to re

CVE-2004-0817

all versions

Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted

CVE-2004-0802

all versions

Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted

CVE-2004-0834

all versions

Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run,

CVE-2004-0805

all versions

Buffer overflow in layer2.c in mpg123 0.59r and possibly mpg123 0.59s allows remote attackers to execute arbitrary code via a cert

CVE-2004-0803

all versions

Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and

CVE-2004-1307

all versions

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitra

CVE-2004-0635

all versions

The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1

CVE-2004-0634

all versions

The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash)

CVE-2004-0633

all versions

The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an

CVE-2004-0565

all versions

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH own

CVE-2004-0497

all versions

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in ker

CVE-2004-0496

all versions

Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set

CVE-2004-0746

all versions

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.u

CVE-2004-0559

all versions

The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink at

CVE-2004-0500

all versions

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a den

CVE-2004-0827

all versions

Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to

CVE-2004-0809

all versions

The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a c

CVE-2004-0807

all versions

Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain mal

CVE-2004-0587

all versions

Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.

CVE-2004-0581

all versions

ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files vi

CVE-2004-0535

all versions

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users

CVE-2004-0461

all versions

The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf func

CVE-2004-0460

all versions

Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers

CVE-2004-0402

all versions

Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code.

CVE-2004-0386

all versions

Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary co

CVE-2004-1180

all versions

Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a d

CVE-2003-1020

all versions

The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).

CVE-2003-0462

all versions

A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on

CVE-2003-0434

all versions

Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via sh

CVE-2003-0041

all versions

Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by

CVE-2002-2185

all versions

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a t

CVE-2002-2001

all versions

jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary file

CVE-2002-1814

all versions

Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line a

CVE-2002-1713

all versions

The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable p

5.5MEDIUM

CVE-2002-0836

all versions

dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to

CVE-2002-0638

all versions

setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly

CVE-2002-0083

all versions

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privilege

9.8CRITICAL

CVE-2002-0004

all versions

Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, whi

CVE-2002-0002

all versions

Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malic

CVE-2001-1190

all versions

The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level

CVE-2001-0912

all versions

Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory

CVE-2001-1449

all versions

The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote

CVE-2001-0736

all versions

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arb

CVE-2001-1030

all versions

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_ac

CVE-2001-0977

all versions

slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an inv

CVE-2001-0440

all versions

Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execu

CVE-2001-0439

all versions

licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

CVE-2001-0496

all versions

kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gai

CVE-2001-0481

all versions

Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling.

CVE-2001-0474

all versions

Utah-glx in Mesa before 3.3-14 on Mandrake Linux 7.2 allows local users to overwrite arbitrary files via a symlink attack on the /

CVE-2001-0473

all versions

Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.

CVE-2001-0458

all versions

Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.

CVE-2001-0441

all versions

Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute

CVE-2001-0416

all versions

sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read fil

CVE-2001-0388

all versions

time server daemon timed allows remote attackers to cause a denial of service via malformed packets.

CVE-2001-0279

all versions

Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.

CVE-2001-0178

all versions

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, wh

CVE-2001-0169

all versions

When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /

CVE-2001-0142

all versions

squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.

CVE-2001-0140

all versions

arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

CVE-2001-0139

all versions

inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.

CVE-2001-0138

all versions

privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.

CVE-2001-0136

all versions

Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly S

CVE-2001-0128

all versions

Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain

CVE-2001-0125

all versions

exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.

CVE-2001-0120

all versions

useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.

CVE-2001-0119

all versions

getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.

CVE-2001-0118

all versions

rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.

CVE-2001-0117

all versions

sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.

CVE-2001-0116

all versions

gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.

CVE-2001-0108

all versions

PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request o

CVE-2001-1385

all versions

The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PH

CVE-2000-1134

all versions

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processin

CVE-2000-1095

all versions

modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters

CVE-2000-1059

all versions

The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with

CVE-2000-1043

all versions

Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an att

CVE-2000-1042

all versions

Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gai

CVE-2000-0883

all versions

The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be br

CVE-2000-0867

all versions

Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain ro

CVE-2000-0844

all versions

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows loc

CVE-2000-0718

all versions

A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are ins

CVE-2000-0633

all versions

Vulnerability in Mandrake Linux usermode package allows local users to reboot or halt the system.

CVE-2000-0594

all versions

BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attackers to cause a denial of service

CVE-2000-0566

all versions

makewhatis in Linux man package allows local users to overwrite files via a symlink attack.

CVE-2000-0607

all versions

Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an inp

CVE-2000-0606

all versions

Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long

CVE-2000-0454

all versions

Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.

CVE-1999-1008

all versions

xsoldier program allows local users to gain root access via a long argument.

CVE-2000-0336

all versions

Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.

CVE-2000-0184

all versions

Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain p

CVE-2000-0186

all versions

Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command li

CVE-2000-0052

all versions

Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.

CVE-1999-1477

all versions

Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as

CVE-1999-1572

all versions

cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O

CVE-2000-0508

all versions

rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.