CVE-2024-12085

CVE-2024-12085 affects rsync; a flaw in checksum comparison allows an attacker to manipulate s2length, causing comparisons against uninitialized memory and leaking one byte of uninitialized stack data per interaction. The issue is rated HIGH (CVSS 3.1: 7.5) with network attack vector and no user ...

CVE-2024-12088

CVE-2024-12088 is a path-traversal vulnerability in rsync when using --safe-links, arising from improper verification of symbolic-link destinations on the server side, potentially allowing writes outside the target directory. Concrete remediation details appear in multiple connected advisories: C...

CVE-2024-12087

CVE-2024-12087 affects rsync and is described in connected advisories as a path traversal vulnerability triggered by the --inc-recursive behavior, arising from insufficient symlink verification and per-file-list deduplication checks. The result could allow a server to write files outside the clie...

CVE-2024-12084

CVE-2024-12084: Rsync daemon heap-based buffer overflow caused by improper handling of attacker-controlled checksum lengths (s2length). When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an out-of-bounds write to sum2 is possible. Public advisories confirm this bug affects rsync version...

CVE-2024-12086

The CVE-2024-12086 entry concerns rsync. A flaw in rsync’s checksum-based comparison during client→server file transfer can enable a server to enumerate contents of files on the client by sending crafted checksum values and analyzing responses. The connected documents confirm rsync is affected an...

CVE-2004-0495

Summary: CVE-2004-0495 refers to multiple vulnerabilities in Linux kernel 2.4 and 2.6, identified by the Sparse source-checking tool, that can allow local privilege escalation or access to kernel memory. Affected software: Linux kernel for 2.4 and 2.6 series. Root cause/impact: local attacker cou...

CVE-2004-1036

CVE-2004-1036 affects SquirrelMail prior to versions 1.4.3a and earlier, and 1.5.1-cvs before 23 Oct 2004. The vulnerability is a cross-site scripting (XSS) flaw in the decoding of encoded text in certain headers within mime.php, enabling remote attackers to run arbitrary web script or HTML in th...

CVE-2004-0557

CVE-2004-0557 covers two buffer overflows in SoX (St_WavStartRead in wav.c) affecting 12.17.2–12.17.4. A remote attacker could execute arbitrary code by feeding a specially crafted WAV header. Public docs identify the vulnerable function and the header-field handling as the root cause; affected v...

CVE-2004-0930

CVE-2004-0930 affects Samba 3.0.4, 3.0.7 (and possibly other versions). The issue is in the ms_fnmatch function, allowing remote authenticated users to cause high CPU denial of service via a SAMBA request containing multiple asterisks (*) in the wildcard pattern. The provided documents confirm th...

CVE-2004-0975

The CVE-2004-0975 issue affects the der_chop script in OpenSSL implementations (notably Trustix Secure Linux 1.5–2.1 and other OSes). The vulnerability arises from insecure temporary file handling, enabling a local user to overwrite files via a symlink attack. Documented impact is local privilege...

CVE-2004-0554

CVE-2004-0554 affects the Linux kernel (2.4.x and 2.6.x on x86). The root cause is a local-denial-of-service condition triggered by an infinite loop that abuses a sequence of fsave/frstor instructions in a signal handler (as demonstrated by crash.c). The practical impact is a system crash/DoS wit...

CVE-2013-0348

CVE-2013-0348 affects thttpd/thttpd-derived sthttpd: versions prior to 2.26.4-r2 and 2.25b expose a world-readable /var/log/thttpd.log. The root cause is incorrect file permissions, permitting local users to read sensitive information from the log file. Implication: local information disclosure w...

CVE-2003-0694

CVE-2003-0694 affects Sendmail 8.12.9, where the prescan function (parsing SMTP headers in parseaddr.c) can be exploited remotely via a buffer overflow to execute arbitrary code. Debian DSA-384 also references CAN-2003-0694 in its two vulnerabilities entry. The available documents confirm affecte...

CVE-2004-0700

CVE-2004-0700 describes a format-string vulnerability in the mod_ssl component (ssl_engine_log.c) of Apache’s mod_ssl. Affects Apache before 1.3.31 with mod_ssl up to version 2.8.19; remote attackers could use format specifiers in HTTPS log messages processed by ssl_log to potentially execute arb...

CVE-2005-1267

The CVE-2005-1267 issue affects the BGP dissector in tcpdump (v3.x). The vuln arises when bgp_update_print fails to handle a -1 return from decode_prefix4, enabling a remote attacker to trigger a denial-of-service via an infinite loop by sending a crafted BGP packet. The impact is a DoS on affect...

CVE-2005-0206

Technical details about CVE-2005-0206 are not provided in the connected documents. Available sources reference related issues (CVE-2004-0888) and patch notes without explicit impact, affected products, or fixes for this CVE.

CVE-2004-0889

CVE-2004-0889 involves multiple integer overflows in xpdf 3.0 and in code paths that reuse xpdf (e.g., in CUPS) that can be exploited remotely to crash the service (DoS) and potentially execute arbitrary code. The description confirms a remote impact and the possibility of code execution, tied to...

CVE-2004-0493

The CVE-2004-0493 entry relates to Apache httpd 2.0.x prior to 2.0.50, where long MIME header lines with excessive spaces/tabs can cause memory exhaustion and, on 64-bit systems, a potential heap-based buffer overflow. Connected advisories confirm DoS concerns across Apache 2.0.x and related modu...

CVE-2005-3624

CVE-2005-3624 affects multiple PDF tools (xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is in CCITTFaxDecode handling in Stream.cc, where negative or very large integers can trigger integer overflows/underflows, leading to heap corruption. The documented impact...

CVE-2004-0604

The CVE-2004-0604 issue affects giFT-FastTrack up to version 0.8.6 (and earlier), where the HTTP client and server can be triggered remotely to crash via an empty search query, causing a NULL dereference and Denial of Service. Public sources in the connected documents confirm a remote DoS impact ...

CVE-2004-0981

CVE-2004-0981 affects ImageMagick and concerns a buffer overflow in the TIFF/EXIF parsing routine that can lead to remote code execution via a crafted image file. The initial record states the vulnerability exists in ImageMagick before 6.1.0, with a network-based attack vector and critical impact...

CVE-2005-3625

CVE-2005-3625 is confirmed to affect Xpdf and related tools (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is a denial-of-service in PDF stream handling where streams that end prematurely can cause an infinite loop, demonstrated for the CCITTFaxDecode and DCTDecode s...

CVE-2002-1337

CVE-2002-1337 affects Sendmail 5.79 through 8.12.7, with a buffer overflow in header processing (crackaddr in headers.c) that enables remote code execution, reported as a high-severity issue. Public advisories and patches exist across multiple vendors: HP-UX patches PHNE_35483/35484 (and related ...

CVE-2004-0809

CVE-2004-0809 affects the Apache mod_dav WebDAV module in Apache 2.0.50 and earlier, allowing remote attackers to cause a denial of service (child process crash) via a particular sequence of LOCK requests for locations with WebDAV access. Connected documents in OpenVAS/Tenable references corrobor...

CVE-2005-3626

CVE-2005-3626 affects Xpdf and related components (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The vulnerability arises from a crafted FlateDecode stream that triggers a null dereference, leading to a denial of service (crash). The connected Nessus entry (NEWSTART_CGSL_NS-SA...

CVE-2004-0914

Concrete details: CVE-2004-0914 concerns multiple vulnerabilities in libXpm (as used by XFree86/X.Org) including integer overflows, out-of-bounds reads, directory traversal, shell metacharacter issues, endless loops, and memory leaks in parsing XPM images. If exploited via a crafted XPM file, rem...

CVE-2004-0888

CVE-2004-0888 : Multiple integer overflows in xpdf (v2.0/v3.0) and in code that uses xpdf (e.g., CUPS, gpdf, kdegraphics) allow remote attackers to crash services and possibly execute arbitrary code. Some reports note 64-bit builds can exacerbate the overflow (pdftops/filter path). Remediation is...

CVE-2004-0535

CVE-2004-0535 relates to the Linux kernel's e1000 NIC driver (2.4.x and earlier) where memory used by the driver was not properly initialized before access. This could permit a local attacker to read portions of kernel memory. The issue is documented and linked to several vendor advisories (e.g.,...

CVE-2004-0996

CVE-2004-0996 affects cscope 15-4 and 15-5 where main.c creates temporary files with predictable names, enabling local symlink attacks to overwrite arbitrary files. The issue is a local-security vulnerability arising from insecure temporary file creation. Publicly documented fixes show upgrades t...

CVE-2005-0005

CVE-2005-0005 is a heap-based buffer overflow in ImageMagick’s psd.c that affects ImageMagick 6.1.0, 6.1.7, and possibly earlier versions. An attacker can trigger remote code execution by supplying a PSD image with a large number of layers. Connected documents confirm the vulnerability and link t...

CVE-2003-0681

CVE-2003-0681 relates to a potential buffer overflow in Sendmail 8.12.x rule-set parsing when nonstandard rulesets (recipient, final, or mailer-specific envelope recipients) are used. Public documents indicate vulnerable Sendmail variants across platforms (notably HP-UX patches PHNE_35483/PHNE_35...

CVE-2004-1026

CVE-2004-1026 involves multiple integer overflows in the image handler of the imlib library (versions up to 1.9.14 and earlier) that is used by gkrellm and several window managers. The issue, documented across OpenVAS and Gentoo GLSA entries, is rooted in the image processing code and can be trig...

CVE-2004-1106

CVE-2004-1106 affects Gallery up to version 1.4.4-pl3, with the vulnerability located in index.php include handling. The issue is a cross-site scripting (XSS) flaw that lets remote attackers provide specially formed URLs to inject arbitrary web script or HTML, via the include parameter, potential...

CVE-2004-0456

CVE-2004-0456 affects Pavuk (versions including 0.9pl28 and 0.9pl27) where processing a long HTTP Location header can trigger a stack-based overflow, potentially allowing remote code execution. The OpenVAS/Gentoo advisories (GLSA 200406-22, GLSA 200411-19, and related entries) document the vulner...

CVE-2004-0497

CVE-2004-0497 describes a local privilege escalation in the Linux kernel 2.x family (notably 2.4/2.6-rc3) due to missing DAC controls in sys_chown, enabling a local user to modify the group ownership of files (including NFS-exported files) they do not own. The underlying issue allows changing fil...

CVE-2005-0988

CVE-2005-0988 describes a race condition in gzip prior to 1.3.5 that affects permission handling during decompression. Specifically, when decompressing a file, a local attacker could exploit a hard-link or timing issue to change the permissions of an arbitrary file (or overwrite it) in the target...

CVE-2004-0226

CVE-2004-0226 affects Midnight Commander (mc) prior to 4.6.0. The issue is described as multiple buffer overflows that may allow a denial of service or arbitrary code execution. Connected documents corroborate MC-related advisories (e.g., GLSA/DSA entries) and reference related CVEs (CVE-2004-023...

CVE-2004-0496

The CVE-2004-0496 entry refers to multiple local vulnerabilities in the Linux kernel 2.6, distinct from CVE-2004-0495, discovered via Sparse. Connected sources (Gentoo GLSA advisories GLSA-200407-02 and GLSA-200407-16, OpenVAS NASLs, and NVD/NVD-style listings) corroborate that CAN-2004-0496 conc...

CVE-2005-0077

CVE-2005-0077 affects the perl-DBI (libdbi-perl) library. The issue is insecure handling of temporary files via a symlink attack on a temporary PID file, enabling local users to overwrite arbitrary files. Multiple connected advisories reference updates or patches addressing this vulnerability (e....

CVE-2004-0990

CVE-2004-0990 describes an integer overflow in the GD Graphics Library (libgd) 2.0.28 (and possibly earlier/other versions) that can be triggered by PNG image files with large image row values. This leads to a heap-based buffer overflow in gdImageCreateFromPngCtx, enabling remote denial of servic...

CVE-2004-1025

CVE-2004-1025 concerns multiple heap-based buffer overflows in imlib 1.9.14 and earlier, a library used by gkrellm and several window managers. The vulnerability allows remote attackers to crash the application and, per the description, to execute arbitrary code via crafted image files, effective...

CVE-2004-1304

CVE-2004-1304 affects the file utility; a stack-based buffer overflow in the ELF header parsing code (in file before 4.12) could allow arbitrary code execution when processing a crafted ELF file. Impact: arbitrary code execution with full privileges as described in the vulnerability entry. Remedi...

CVE-2004-0548

CVE-2004-0548 describes multiple stack-based buffer overflows in Aspell’s word-list-compress utility (compress.c) that allow a local user to execute arbitrary code via a long wordlist entry. The overflow is triggered when using the (1) “c” compress option or (2) “d” decompress option, due to lack...

CVE-2004-0565

CVE-2004-0565 affects Linux 2.4.x kernel code where the MFH bit is checked without verifying the FPH owner in the context switch path. This enables local attackers to read register values of other processes, exposing partial confidentiality. The vulnerability description explicitly states the iss...

CVE-2004-0881

CVE-2004-0881 affects getmail up to 4.2.0 (and other versions before 3.2.5). When run as root, getmail could overwrite arbitrary files via a symlink attack on maildir subdirectories, enabling local, privilege-escalating impact. Public advisories from Debian (DSA-553) and Slackware note a root com...

CVE-2004-0891

GAIM is affected by CVE-2004-0891: a buffer overflow in the MSN protocol handler (MSNSLP) for gaim versions 0.79 through 1.0.1, caused by an unbounded copy that writes to the wrong buffer during processing of an unexpected MSNSLP sequence. This can cause remote denial of service (crash) and poten...

CVE-2004-0918

CVE-2004-0918: Squid’s SNMP parser (asn_parse_header in asn1.c) before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) by sending SNMP packets with negative length fields that trigger a memory allocation error. The issue yields a partial availability impact and i...

CVE-2004-0972

CVE-2004-0972 concerns the lvmcreate_initrd helper in the Trustix/ lvm package (lvm1) where a temporary-directory creation flaw enables a local attacker to perform a symlink-based overwrite of arbitrary files. The described root cause is insecure handling of temporary files by the script, allowin...

CVE-2004-1052

CVE-2004-1052: A buffer overflow in the getnickuserhost function of BNC (notably version 2.8.9 and possibly older/newer variants) can be triggered by an IRC server response containing a sequence of many ! or @ characters, allowing remote code execution. Public sources (NVD entry and security advi...

CVE-2004-0418

CVE-2004-0418 describes an out-of-bounds write vulnerability in CVS servers caused by improper handling of empty data lines in the serve_notify path. Affected CVS versions include CVS 1.12.x (up to 1.12.8) and 1.11.x (up to 1.11.16). The issue could enable remote attackers to execute arbitrary co...