13716 matches found
Linux Distros Unpatched Vulnerability : CVE-2011-3323
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service out-of-bounds memory access and daemon crash v...
Linux Distros Unpatched Vulnerability : CVE-2010-4312
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to hijack a...
Linux Distros Unpatched Vulnerability : CVE-2004-2680
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modpython libapache2-mod-python 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to...
Linux Distros Unpatched Vulnerability : CVE-2010-2548
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IcedTea6 before 1.7.4 does not properly check property access, which allows unsigned apps to read and write arbitrary files. CVE-2010-2548 Note that Nessus reli...
Linux Distros Unpatched Vulnerability : CVE-2010-3709
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2011-3656
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7 allows remote attackers to inject arbitrary web script or HTML via...
Linux Distros Unpatched Vulnerability : CVE-2011-4967
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tog-Pegasus has a package hash collision DoS vulnerability CVE-2011-4967 Note that Nessus relies on the presence of the package as reported by the vendor...
Linux Distros Unpatched Vulnerability : CVE-2011-1677
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mount in util-linux 2.19 and earlier does not remove the /etc/mtab lock file after a failed attempt to add a mount entry, which has unspecified impact and local...
Linux Distros Unpatched Vulnerability : CVE-2011-4097
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the oombadness function in mm/oomkill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2011-4922
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive...
Linux Distros Unpatched Vulnerability : CVE-2011-4108
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote...
Linux Distros Unpatched Vulnerability : CVE-2010-4237
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate...
Linux Distros Unpatched Vulnerability : CVE-2010-4334
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IO::Socket::SSL module 1.35 for Perl, when verifymode is not VERIFYNONE, fails open to VERIFYNONE instead of throwing an error when a cafile/capath cannot b...
Linux Distros Unpatched Vulnerability : CVE-2011-3201
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the fil...
Linux Distros Unpatched Vulnerability : CVE-2011-1948
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL. CVE-2011-1948...
Linux Distros Unpatched Vulnerability : CVE-2011-2897
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw CVE-2011-2897 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2011-0541
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows local users to unmount arbitrary directories via a symlink attack...
Linux Distros Unpatched Vulnerability : CVE-2010-1161
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership...
Linux Distros Unpatched Vulnerability : CVE-2011-0523
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users to read otherwise restricted files...
Linux Distros Unpatched Vulnerability : CVE-2011-0543
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypas...