63 matches found
CVE-2002-0083
CVE-2002-0083 is described in the initial document as an off-by-one error in the OpenSSH channel code affecting OpenSSH 2.0–3.0.2 that can allow privilege escalation. The connected F5 advisory (K1648) references CAN-2002-0083 and labels it as an OpenSSH array overflow vulnerability, but does not ...
CVE-2000-0666
CVE-2000-0666 affects the rpc.statd component of the nfs-utils package across various Linux distributions. The vulnerability arises from the rpc.statd daemon failing to cleanse untrusted format strings, with CERT/CC documenting that user-supplied data can be passed to syslog as a format string, e...
CVE-2004-0495
Summary: CVE-2004-0495 refers to multiple vulnerabilities in Linux kernel 2.4 and 2.6, identified by the Sparse source-checking tool, that can allow local privilege escalation or access to kernel memory. Affected software: Linux kernel for 2.4 and 2.6 series. Root cause/impact: local attacker cou...
CVE-2004-0557
CVE-2004-0557 covers two buffer overflows in SoX (St_WavStartRead in wav.c) affecting 12.17.2–12.17.4. A remote attacker could execute arbitrary code by feeding a specially crafted WAV header. Public docs identify the vulnerable function and the header-field handling as the root cause; affected v...
CVE-2004-0930
CVE-2004-0930 affects Samba 3.0.4, 3.0.7 (and possibly other versions). The issue is in the ms_fnmatch function, allowing remote authenticated users to cause high CPU denial of service via a SAMBA request containing multiple asterisks (*) in the wildcard pattern. The provided documents confirm th...
CVE-2004-0554
CVE-2004-0554 affects the Linux kernel (2.4.x and 2.6.x on x86). The root cause is a local-denial-of-service condition triggered by an infinite loop that abuses a sequence of fsave/frstor instructions in a signal handler (as demonstrated by crash.c). The practical impact is a system crash/DoS wit...
CVE-2004-1235
CVE-2004-1235 documents a race condition in the Linux kernel (load_elf_library and binfmt_aout paths used by uselib) affecting 2.4 (through 2.429-rc2) and 2.6 (through 2.6.10). Exploitation allows a local user to execute arbitrary code by manipulating the VMA descriptor. The initial description p...
CVE-2003-0468
Summary of the CVE-2003-0468 family (Postfix) : The issue affects Postfix versions up to 1.1.11 (and variants discussed in 1.1.x line) and enables a remote attacker to perform bounce-scans or use the MTA as a DoS/DDoS tool by causing SMTP connections to target hosts via crafted addresses. Public ...
CVE-2005-0750
CVE-2005-0750 affects the Bluetooth driver in the Linux kernel (2.4.6–2.4.30-rc1 and 2.6–2.6.11.5). The bluez_sock_create function fails to validate a negative protocol value, allowing a local user to gain privileges via a crafted socket or socketpair call. Public details appear in multiple advis...
CVE-2004-1011
CVE-2004-1011 describes a stack-based overflow in Cyrus IMAP Server 2.2.4–2.2.8 when the imapmagicplus option is enabled. The overflow occurs in handling long PROXY or LOGIN commands, due to copying the username into a small stack buffer without proper length checks, allowing a remote attacker to...
CVE-2000-0844
The connected records confirm CVE-2000-0844 affects Unix locale subsystem functions that fail to cleanse user-supplied format strings, enabling local attackers to execute arbitrary commands through gettext, catopen, and related calls. The root cause is improper sanitization of format strings in l...
CVE-2005-3624
CVE-2005-3624 affects multiple PDF tools (xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is in CCITTFaxDecode handling in Stream.cc, where negative or very large integers can trigger integer overflows/underflows, leading to heap corruption. The documented impact...
CVE-2004-0882
CVE-2004-0882 describes a buffer overflow in Samba 3.0.x through 3.0.7 in the QFILEPATHINFO request handler. The overflow can be triggered by a TRANSACT2_QFILEPATHINFO request with a small maximum data bytes value, potentially allowing a remote attacker to execute arbitrary code on the Samba serv...
CVE-2005-3625
CVE-2005-3625 is confirmed to affect Xpdf and related tools (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is a denial-of-service in PDF stream handling where streams that end prematurely can cause an infinite loop, demonstrated for the CCITTFaxDecode and DCTDecode s...
CVE-2003-0780
CVE-2003-0780 is a buffer overflow in MySQL affecting versions prior to 3.23.58 and 4.0.14-era releases, triggered by a Password field longer than allowed in sql_acl.cc get_salt_from_password. An attacker with ALTER TABLE privileges could potentially execute arbitrary code as the MySQL user. Reme...
CVE-2005-3626
CVE-2005-3626 affects Xpdf and related components (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The vulnerability arises from a crafted FlateDecode stream that triggers a null dereference, leading to a denial of service (crash). The connected Nessus entry (NEWSTART_CGSL_NS-SA...
CVE-2005-0736
CVE-2005-0736 entry is rejected/not used and does not represent an active vulnerability.
CVE-2004-0535
CVE-2004-0535 relates to the Linux kernel's e1000 NIC driver (2.4.x and earlier) where memory used by the driver was not properly initialized before access. This could permit a local attacker to read portions of kernel memory. The issue is documented and linked to several vendor advisories (e.g.,...
CVE-2004-0884
CVE-2004-0884 affects the Cyrus-SASL libraries (libsasl and libsasl2) up to version 2.1.18. The vulnerability arises because these libraries trust the SASL_PATH environment variable to locate SASL plug-ins, allowing a local attacker to cause arbitrary code execution by pointing SASL_PATH to malic...
CVE-2004-0827
CVE-2004-0827 affects ImageMagick 5.x before 5.4.4 and 6.x before 6.0.6.2, with remote denial of service and potential arbitrary code execution via malformed AVI, BMP, or DIB files. Multiple connected advisories (Ubuntu USN-35-1, Debian DSA 547-1, Red Hat RHSA-2004:480/636, etc.) corroborate buff...
CVE-2004-0904
CVE-2004-0904 : Integer overflow in the BMP decoder can trigger heap-based buffer overflows, enabling remote code execution. Affected products are Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8. Remediation is to apply fixes/updates released after the...
CVE-2004-1012
CVE-2004-1012 affects Cyrus IMAP Server 2.2.6 and earlier. The vulnerability arises in the PARTIAL command argument parsing: a command like body[ p is treated as body.peek, triggering an index increment error and out-of-bounds memory corruption that enables remote authenticated code execution. Co...
CVE-2004-0497
CVE-2004-0497 describes a local privilege escalation in the Linux kernel 2.x family (notably 2.4/2.6-rc3) due to missing DAC controls in sys_chown, enabling a local user to modify the group ownership of files (including NFS-exported files) they do not own. The underlying issue allows changing fil...
CVE-2001-0170
Technical specifics (affected product versions, root cause, mitigations, or exploit details) are not publicly provided in the supplied documents; monitor for updates.
CVE-2004-0807
Technical details for CVE-2004-0807 are not publicly provided in the connected documents. Affected products, exploit vectors, root cause, and fixes are not specified here. Monitor vendor advisories and security feeds for updates and concrete remediation guidance.
CVE-2001-0834
CVE-2001-0834 affects the htsearch CGI in ht://Dig (htdig)
CVE-2004-0817
CVE-2004-0817 describes multiple heap-based buffer overflows in the imlib BMP image handler that allow remote attackers to execute arbitrary code via a crafted BMP file. Connected advisories confirm the affected component is imlib/imlib2 BMP decoding code and reference vendor/security updates (e....
CVE-2004-0802
CVE-2004-0802 affects imlib2’s BMP loader and is caused by a buffer overflow in the BMP loading path. The vulnerability allows remote attackers to execute arbitrary code by delivering a specially crafted BMP image, and it is confined to imlib2 versions before 1.1.2 (distinct from CVE-2004-0817). ...
CVE-2004-0902
The CVE-2004-0902 entry refers to multiple heap-based buffer overflows in Mozilla Firefox and Mozilla suite components (Firefox before the Preview Release, Mozilla before 1.7.3, Thunderbird before 0.8). The issues allow remote attackers to cause an application crash (DoS) or execute arbitrary cod...
CVE-2005-1043
CVE-2005-1043 affects PHP before 4.3.11 via exif.c. An EXIF header with a large IFD nesting level triggers significant stack recursion, leading to memory exhaustion and a crash (DoS). Affected component: PHP exif handling; vulnerability type: unchecked recursion/stack depth in EXIF parsing. Remed...
CVE-2000-1134
CVE-2000-1134 concerns multiple shells (tcsh, csh, sh, bash) that follow symlinks when processing here-documents (<
CVE-2004-0903
CVE-2004-0903 describes a stack-based buffer overflow in the writeGroup function of nsVCardObj.cpp, affecting Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8. An attacker could remotely execute arbitrary code by processing malformed VCard attachments d...
CVE-2004-1029
The vulnerability CVE-2004-1029 affects Sun Java Plug-in in JRE 1.4.2_01, 1.4.2_04, and possibly earlier versions, where data transfer between JavaScript and Java applets fails to restrict access. The root cause is improper isolation that allows a remote attacker to use reflection to access priva...
CVE-2000-1095
CVE-2000-1095 affects modprobe in the modutils 2.3.x package. The vulnerability arises because modprobe uses popen() to invoke the echo program with user-supplied input, allowing unescaped shell metacharacters to be processed via /bin/sh when run through kmod-triggered paths. This can enable a lo...
CVE-2004-1013
CVE-2004-1013 affects Cyrus IMAP Server 2.2.x–2.2.8. The argument parser for FETCH can be exploited by remote authenticated users through commands such as body[p or binary[p, triggering an index increment error that causes out-of-bounds memory corruption and allows arbitrary code execution. The v...
CVE-2005-0373
CVE-2005-0373 describes a buffer overflow in Cyrus-SASL’s DIGEST-MD5 implementation (digestmd5.c, CVS release 1.170, also referred to as digestmda5.c) that was not part of official releases. The flaw allows remote attackers to execute arbitrary code by triggering the overflow in the Digest-MMD5 S...
CVE-2005-0699
The CVE-2005-0699 issue affects Ethereal (Wireshark) up to version 0.10.9 and earlier. It arises from multiple buffer overflows in the dissect_a11_radius function of the CDMA A11 dissector (packet-3g-a11.c). This flaw can allow remote attackers to execute arbitrary code by sending crafted RADIUS ...
CVE-2004-1142
CVE-2004-1142 affects Ethereal versions 0.9.0 through 0.10.7, where a remote attacker can trigger a denial of service (CPU consumption) by sending a malformed SMB packet. The OpenVAS/OSS advisories confirm Ethereal-related fixes and security updates across platforms (e.g., SLES9, Gentoo GLSA GLSA...
CVE-2004-1307
CVE-2004-1307 describes a heap-based buffer overflow in libtiff 3.6.1 triggered by a TIFF file using the STRIPOFFSETS flag with many strips, due to an overflow in TIFFFetchStripThing in tif_dirread.c. The vulnerability could allow remote code execution as a result of processing crafted TIFF files...
CVE-2001-0136
ProFTPD 1.2.0rc2 is affected by a memory leak that can be exploited to cause DoS via a sequence of USER commands and, if the server is installed with a writable scoreboard, possibly SIZE commands. Mandrake advisory notes the USER and SIZE leaks (SIZE only when scoreboard is writable) and mentions...
CVE-2004-0801
CVE-2004-0801 affects foomatic-rip in Foomatic prior to 3.0.2 running under CUPS; the flaw allows local users or remote attackers with access to CUPS to execute arbitrary commands. The linked SUSE/OpenVAS entries confirm this CVE and reference patches in related updates (e.g., openSUSE hplip upda...
CVE-2004-0905
CVE-2004-0905 affects Mozilla Firefox (before the Preview Release), Mozilla (before 1.7.3), and Thunderbird (before 0.8). The issue enables remote attackers to perform cross-domain scripting and potentially execute arbitrary code by convincing a user to drag and drop javascript: links to a frame ...
CVE-2005-0754
CVE-2005-0754 affects KDE’s Kommander: KDE 3.2–3.4.0 allows remote attackers to cause arbitrary code execution by Kommander executing data files without user confirmation. The root cause is untrusted data/file handling by Kommander, enabling remote code execution if a user opens a malicious file....
CVE-2004-1145
CVE-2004-1145 affects Konqueror/KDE up to version 3.3.1 where the Java sandbox could be bypassed by JavaScript or Java applets, allowing read/write of arbitrary files. The issue resides in the sandbox restrictions for Java in Konqueror and the FTP kioslave handling in KDE, enabling remote code ex...
CVE-2000-0633
Technical details for CVE-2000-0633 are not publicly available in the provided documents. The description notes a local reboot/halt issue in the Mandrake Linux usermode package, but no specifics on affected versions, root cause, or fixes are supplied. Monitor for updates.
CVE-2004-1139
CVE-2004-1139 corresponds to an unknown vulnerability in Ethereal’s DICOM dissector that affects version 0.10.4 through 0.10.7 and can be exploited remotely to crash the application, causing a denial of service. The connected advisories reference multiple vendor/security pages (Red Hat, Gentoo GL...
CVE-2004-1337
CVE-2004-1337 concerns the POSIX Capability Linux Security Module (LSM) in the Linux kernel 2.6. If a process is launched before the LSM is loaded, credentials handling can fail, enabling local users to gain elevated privileges (effectively root). The vulnerability is discussed across multiple fe...
CVE-2001-0690
CVE-2001-0690 describes a format-string vulnerability in Exim in batched SMTP mode that can let an unauthenticated remote attacker execute arbitrary code via format strings in SMTP headers. The entry specifies affected Exim versions: 3.22-10 (Red Hat), 3.12 (Debian), and 3.16 (Conectiva). Attack ...
CVE-2001-0439
CVE-2001-0439 affects Licq prior to 1.0.3. The vulnerability stems from how Licq parses received URLs: the URL is passed to the web browser via system() without sufficient input validation, allowing a remote attacker to inject shell metacharacters and execute arbitrary commands. Impact is remote ...
CVE-2001-0128
Zope before 2.2.4 contains a bug in how local roles are computed, enabling bypass of access restrictions and privilege escalation. The issue is documented across multiple sources (NVD/CVE entry and Mandrake MDKSA-2000:086) and affects Zope 2.2.4 and earlier. Remediation is to apply the update to ...