Lucene search

K

7 matches found

CVE
CVE
added 2014/06/05 9:55 p.m.423 views

CVE-2014-0224

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions...

7.4CVSS7.5AI score0.93022EPSS
CVE
CVE
added 2019/11/04 7:15 p.m.77 views

CVE-2005-4890

There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.

7.8CVSS7.5AI score0.00163EPSS
CVE
CVE
added 2006/10/10 4:6 a.m.72 views

CVE-2006-4997

The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).

7.5CVSS7AI score0.35021EPSS
CVE
CVE
added 2013/01/18 11:48 a.m.63 views

CVE-2012-2124

functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading ...

5CVSS6.4AI score0.05549EPSS
CVE
CVE
added 2010/03/16 7:30 p.m.58 views

CVE-2010-0729

A certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 4 on the ia64 platform allows local users to use ptrace on an arbitrary process, and consequently gain privileges, via vectors related to a missing ptrace_check_attach call.

6.9CVSS6.3AI score0.00048EPSS
CVE
CVE
added 2011/02/24 9:0 p.m.53 views

CVE-2011-1011

The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit t...

6.9CVSS6.7AI score0.00044EPSS
CVE
CVE
added 2008/06/25 12:36 p.m.50 views

CVE-2008-1951

Untrusted search path vulnerability in a certain Red Hat build script for Standards Based Linux Instrumentation for Manageability (sblim) libraries before 1-13a.el4_6.1 in Red Hat Enterprise Linux (RHEL) 4, and before 1-31.el5_2.1 in RHEL 5, allows local users to gain privileges via a malicious lib...

4.6CVSS6.2AI score0.00071EPSS