CAN-2004-1014

CVE-2004-1014 affects nfs-utils (statd) where statd did not ignore the SIGPIPE signal, allowing remote attackers to cause a denial-of-service by terminating a TCP connection prematurely. Documented in NFS-related advisories (Debian DSA 606-1, Red Hat RHSA-2005:014, Ubuntu USN-36-1) and noted by N...

CAN-2004-0990

CVE-2004-0990 is referenced across connected advisories/plugins (e.g., Ubuntu USN-11-1/USN-21-1 and SLES9 updates) as a GD graphics library issue. The documents confirm the CVE association and that updates to the gd package are the proposed remediation, but do not provide detailed root-cause, aff...

CAN-2004-0975

CVE-2004-0975 concerns the der_chop script in the OpenSSL package used by Trustix Secure Linux 1.5–2.1 and other OSes. The vulnerability arises from a symlink-based attack on temporary files, allowing local users to overwrite files. Connected documents confirm der_chop as the affected component a...

CAN-2004-0999

ZGV is affected by CVE-2004-0999. Affected software: zgv (SVGAlib graphics viewer). Vulnerability: remote attacker can cause a denial of service (application crash/segmentation fault) by feeding crafted multiple-image (animated) GIFs. Root cause: described as integer overflows and unsanitised inp...

CAN-2004-1076

CVE-2004-1076 affects the Atari800 emulator. The provided sources describe multiple buffer overflows in the RtConfigLoad function in rt-config.c, affecting versions before 1.3.4, allowing local users to execute arbitrary code via large values in the configuration file. Exploitation details are no...

CAN-2004-0914

CVE-2004-0914 is not a reserved entry in the connected data; multiple advisories reference it. The CVE is associated with OpenMotif/Lesstif components and appears in: Gentoo GLSA 200502-06 (lesstif), Ubuntu USN-83-1/2, Debian DSA-816-1, and Red Hat Satellite/OpenMotif-related advisories (RHSA-200...

CAN-2004-1142

Technical details for CAN-2004-1142 are not provided in the supplied documents; the CVE entry is a reserved placeholder with no public description in the connected materials. Monitor for updates.

CAN-2004-0976

CVE-2004-0976 is referenced across multiple advisories (Debian DSA-620-1, Red Hat RHSA-2005:881, Gentoo GLSA 200412-04, Ubuntu USN-16-1) as a Perl-related issue. Public details in connected documents indicate that Solar Designer reported temporary-file handling bugs in Perl modules, potentially a...

CAN-2004-1165

CVE-2004-1165 is referenced in multiple advisories tied to kdelibs/konqueror. The Red Hat RHSA-2005:065 notes two separate flaws: (1) a sandbox/Java-applets issue in Konqueror that could allow a remote attacker to escalate privileges and access arbitrary files, and (2) an FTP kioslave flaw that c...

CAN-2004-0998

CVE-2004-0998 is a format-string vulnerability in telnetd-ssl (netkit-telnet-ssl) affecting 0.17 and earlier. The Debian security advisory and Debian tracker entries describe remote arbitrary-code execution as the impact. Remediation in these sources is to upgrade to fixed packages (e.g., 0.17.17...

CAN-2004-1179

CVE-2004-1179 affects the debmake package: the debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before 3.7.7 allows local users to overwrite arbitrary files via a symlink attack in temporary directories. The provided documents identify the affected versions and the local access requirement;...

CAN-2004-1125

CVE-2004-1125 is a known issue tied to the Xpdf code used by teTeX/tetex across multiple Linux distributions. The vulnerability arises from buffer overflow flaws in Xpdf code (notably Gfx::doImage, ParseCommand, and Decrypt::makeFileKey2) that teTeX embeds, enabling a crafted PDF to crash the pro...

CAN-2004-1181

CVE-2004-1181 corresponds to Debian htmlheadline: multiple insecure uses of temporary files allow a local user to overwrite arbitrary files via a symlink attack on temporary files. Affected package: htmlheadline prior to version 21.8-3. Impact: local privilege/overwrite possibility. Mitigation: u...

CAN-2004-1106

CVE-2004-1106 affects the gallery web application (PHP4-based photo album). The connected OpenVAS entries and Debian advisory describe a cross-site scripting vulnerability exploitable via specially formed URLs, enabling injection of arbitrary code. Debian’s DSA-642-1 and the linked Gentoo/FreeBSD...

CAN-2004-0555

The CVE CAN-2004-0555 entry corresponds to a buffer overflow in the Debian queue project (queue/queued.c and related files) prior to version 1.30.1, enabling remote code execution. Public sources in the connected documents identify the affected product as the queue load-balancing system, with the...

CAN-2005-0016

CVE-2005-0016 describes a buffer overflow in the exported_display function of xatitv in gatos before 0.0.5, allowing local users to execute arbitrary code. The available sources (NVD/OSV/CVE lists and SUSE/OSVDebian/etc.) confirm the affected component and the local-code-execution impact. The pro...

CAN-2004-1182

HylaFAX contains a vulnerability in hfaxd (CVE-2004-1182) where, if a weak hosts.hfaxd file is used, a remote attacker can authenticate by supplying a crafted username or hostname that matches a regex against the hosts.hfaxd entry without a password. Affected: HylaFAX with weak hosts.hfaxd config...

CAN-2004-1091

CVE-2004-1091 affects Midnight Commander (mc) prior to 4.5.55, allowing remote attackers to cause a denial of service by triggering a null dereference. This is documented in multiple sources (NVD/CVE records) and is part of a set of issues tied to mc as described in OpenVAS and IDS advisories. Th...

CAN-2004-1264

CVE-2004-1264 affects the chbg utility. Debian/DSA-644-1 reports a local buffer overflow in chbg (config.c/simplify_path) that could allow arbitrary code execution when processing a crafted scenario file. The issue is exploitable remotely via a malicious configuration, with Debian indicating patc...

CAN-2005-0072

CVE-2005-0072 affects zhcon (zhcon before 0.2) where the program does not drop privileges before reading a user configuration file, allowing local users to read arbitrary files. The issue is fixed in Debian with DSA-655-1 (zhcon 0.2-4woody3) and arises from reading privileged files while running ...