Linux Security Vulnerabilities and Issues — Linux CVE List

Lucene search

GentooLinux

20 matches found

CVE•added 2004/08/06 4:0 a.m.•100 views

CVE-2004-0554

Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.

2.1CVSS5.9AI score0.00665EPSS

CVE•added 2013/12/13 6:7 p.m.•97 views

CVE-2013-0348

thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.

2.1CVSS6AI score0.00037EPSS

CVE•added 2005/02/09 5:0 a.m.•92 views

CVE-2004-0975

The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files.

2.1CVSS5.4AI score0.00077EPSS

CVE•added 2004/08/06 4:0 a.m.•78 views

CVE-2004-0535

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

2.1CVSS5.7AI score0.0009EPSS

CVE•added 2005/01/10 5:0 a.m.•77 views

CVE-2004-0996

main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.

2.1CVSS6AI score0.00393EPSS

CVE•added 2004/12/06 5:0 a.m.•69 views

CVE-2004-0497

Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.

2.1CVSS5.7AI score0.00293EPSS

CVE•added 2005/01/27 5:0 a.m.•69 views

CVE-2004-0881

getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.

2.1CVSS6AI score0.00071EPSS

CVE•added 2004/12/06 5:0 a.m.•62 views

CVE-2004-0565

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

2.1CVSS5.7AI score0.00074EPSS

CVE•added 2005/02/09 5:0 a.m.•60 views

CVE-2004-0972

The lvmcreate_initrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

2.1CVSS5.8AI score0.0008EPSS

CVE•added 2005/01/10 5:0 a.m.•58 views

CVE-2004-1110

The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file.

2.1CVSS6.2AI score0.00064EPSS

CVE•added 2005/01/10 5:0 a.m.•57 views

CVE-2004-1108

qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory.

2.1CVSS6.3AI score0.00072EPSS

CVE•added 2005/05/02 4:0 a.m.•54 views

CVE-2005-0077

The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.

2.1CVSS6AI score0.00074EPSS

CVE•added 2005/03/01 5:0 a.m.•50 views

CVE-2004-1033

Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.

2.1CVSS6AI score0.00071EPSS

CVE•added 2004/08/18 4:0 a.m.•48 views

CVE-2004-0231

Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."

2.1CVSS6.4AI score0.00092EPSS

CVE•added 2005/02/09 5:0 a.m.•48 views

CVE-2004-0969

The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.

2.1CVSS8.6AI score0.00122EPSS

CVE•added 2005/03/01 5:0 a.m.•48 views

CVE-2004-1030

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.

2.1CVSS6AI score0.00071EPSS

CVE•added 2005/01/06 5:0 a.m.•44 views

CVE-2004-1336

The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack.

2.1CVSS6.3AI score0.00064EPSS

CVE•added 2005/03/01 5:0 a.m.•43 views

CVE-2004-1032

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the res...

2.1CVSS6.2AI score0.00059EPSS

CVE•added 2005/05/10 4:0 a.m.•40 views

CVE-2004-1983

The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.

2.1CVSS6AI score0.00211EPSS

CVE•added 2005/01/10 5:0 a.m.•37 views

CVE-2004-1107

dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.

2.1CVSS6.3AI score0.00072EPSS