1378 matches found
CAN-2004-0914
CVE-2004-0914 is not a reserved entry in the connected data; multiple advisories reference it. The CVE is associated with OpenMotif/Lesstif components and appears in: Gentoo GLSA 200502-06 (lesstif), Ubuntu USN-83-1/2, Debian DSA-816-1, and Red Hat Satellite/OpenMotif-related advisories (RHSA-200...
CAN-2004-1142
Technical details for CAN-2004-1142 are not provided in the supplied documents; the CVE entry is a reserved placeholder with no public description in the connected materials. Monitor for updates.
CAN-2004-0976
CVE-2004-0976 is referenced across multiple advisories (Debian DSA-620-1, Red Hat RHSA-2005:881, Gentoo GLSA 200412-04, Ubuntu USN-16-1) as a Perl-related issue. Public details in connected documents indicate that Solar Designer reported temporary-file handling bugs in Perl modules, potentially a...
CAN-2004-1165
CVE-2004-1165 is referenced in multiple advisories tied to kdelibs/konqueror. The Red Hat RHSA-2005:065 notes two separate flaws: (1) a sandbox/Java-applets issue in Konqueror that could allow a remote attacker to escalate privileges and access arbitrary files, and (2) an FTP kioslave flaw that c...
CAN-2004-0998
CVE-2004-0998 is a format-string vulnerability in telnetd-ssl (netkit-telnet-ssl) affecting 0.17 and earlier. The Debian security advisory and Debian tracker entries describe remote arbitrary-code execution as the impact. Remediation in these sources is to upgrade to fixed packages (e.g., 0.17.17...
CAN-2004-1179
CVE-2004-1179 affects the debmake package: the debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before 3.7.7 allows local users to overwrite arbitrary files via a symlink attack in temporary directories. The provided documents identify the affected versions and the local access requirement;...
CAN-2004-1125
CVE-2004-1125 is a known issue tied to the Xpdf code used by teTeX/tetex across multiple Linux distributions. The vulnerability arises from buffer overflow flaws in Xpdf code (notably Gfx::doImage, ParseCommand, and Decrypt::makeFileKey2) that teTeX embeds, enabling a crafted PDF to crash the pro...
CAN-2004-1181
CVE-2004-1181 corresponds to Debian htmlheadline: multiple insecure uses of temporary files allow a local user to overwrite arbitrary files via a symlink attack on temporary files. Affected package: htmlheadline prior to version 21.8-3. Impact: local privilege/overwrite possibility. Mitigation: u...
CAN-2004-1106
CVE-2004-1106 affects the gallery web application (PHP4-based photo album). The connected OpenVAS entries and Debian advisory describe a cross-site scripting vulnerability exploitable via specially formed URLs, enabling injection of arbitrary code. Debian’s DSA-642-1 and the linked Gentoo/FreeBSD...
CAN-2004-0555
The CVE CAN-2004-0555 entry corresponds to a buffer overflow in the Debian queue project (queue/queued.c and related files) prior to version 1.30.1, enabling remote code execution. Public sources in the connected documents identify the affected product as the queue load-balancing system, with the...
CAN-2004-1182
HylaFAX contains a vulnerability in hfaxd (CVE-2004-1182) where, if a weak hosts.hfaxd file is used, a remote attacker can authenticate by supplying a crafted username or hostname that matches a regex against the hosts.hfaxd entry without a password. Affected: HylaFAX with weak hosts.hfaxd config...
CAN-2004-1091
CVE-2004-1091 affects Midnight Commander (mc) prior to 4.5.55, allowing remote attackers to cause a denial of service by triggering a null dereference. This is documented in multiple sources (NVD/CVE records) and is part of a set of issues tied to mc as described in OpenVAS and IDS advisories. Th...
CAN-2004-1264
CVE-2004-1264 affects the chbg utility. Debian/DSA-644-1 reports a local buffer overflow in chbg (config.c/simplify_path) that could allow arbitrary code execution when processing a crafted scenario file. The issue is exploitable remotely via a malicious configuration, with Debian indicating patc...
CAN-2005-0072
CVE-2005-0072 affects zhcon (zhcon before 0.2) where the program does not drop privileges before reading a user configuration file, allowing local users to read arbitrary files. The issue is fixed in Debian with DSA-655-1 (zhcon 0.2-4woody3) and arises from reading privileged files while running ...
CAN-2005-0095
CVE-2005-0095 affects Squid: a vulnerability in the Web Cache Communication Protocol (WCCP) message parsing can trigger a memory access exception, potentially causing a denial-of-service. Exploitation is described as using a specially crafted WCCP I_SEE_YOU message to crash the Squid process. Rem...
CAN-2005-0071
The CVE-2005-0071 entry applies to Video Disk Recorder (VDR) prior to version 1.2.6. The vulnerability is that VDR did not securely create files, allowing a local attacker to overwrite arbitrary files via insecure file handling. Public records (OSV OSV-) summarize: vdr before 1.2.6 does not secur...
CAN-2004-1379
The CVE CAN-2004-1379 describes a heap overflow in the DVD subpicture decoder of xine-lib (CVE-2004-1379). Public reports in Debian and OpenVAS indicate this could allow remote code execution by handling a malicious MPEG, with Debian noting the issue affects xine-lib and providing fixed packages ...
CAN-2005-0089
CVE-2005-0089 is reflected in multiple OpenVAS entries tied to Python updates across Linux distributions (Debian DSA-666-1, Gentoo GLSA 200502-09, SLES9 security updates, FreeBSD ports, Ubuntu USN-73-1). Descriptions indicate the remote host requires updates to Python packages; CVSS base score is...
CAN-2004-1120
The CVE CAN-2004-1120 applies to prozilla (a multi-threaded download accelerator). Multiple buffer overflow flaws could be triggered remotely to execute arbitrary code. Public advisories (e.g., Debian DSA-663-1) document remote code execution via these overflows and list fixed versions: prozilla ...
CAN-1999-1572
CVE-1999-1572 is a historic issue in GNU cpio where using the -O option sets a 0 umask, creating output files with mode 0666 (world-readable/writable). Connected advisories across Debian, RHEL, Ubuntu, CentOS, Gentoo, and others confirm the impact on cpio packages and reference CVE-1999-1572 (wit...