Enterprise Linux@5.0 Security Vulnerabilities and Issues — Enterprise Linux@5.0 CVE List

Lucene search

RedhatEnterprise Linux5.0

10 matches found

CVE•added 2007/12/18 1:46 a.m.•83 views

CVE-2007-6283

Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.

4.9CVSS7AI score0.00099EPSS

CVE•added 2007/04/06 1:19 a.m.•77 views

CVE-2007-1351

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

8.5CVSS7.7AI score0.07488EPSS

CVE•added 2007/05/02 10:19 p.m.•70 views

CVE-2007-0771

The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c.

4.9CVSS5.8AI score0.0013EPSS

CVE•added 2007/12/13 6:46 p.m.•69 views

CVE-2007-5964

The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 5, omits the nosuid option for the hosts (/net filesystem) map, which allows local users to gain privileges via a setuid program on a remote NFS server.

6.9CVSS6.2AI score0.00132EPSS

CVE•added 2007/09/14 1:17 a.m.•64 views

CVE-2007-3739

mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors.

4.7CVSS5.6AI score0.00091EPSS

CVE•added 2007/12/20 10:46 p.m.•55 views

CVE-2007-6285

The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special dev...

6.2CVSS6AI score0.00138EPSS

CVE•added 2007/06/14 7:30 p.m.•54 views

CVE-2007-3099

usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss)...

2.1CVSS6.2AI score0.00226EPSS

CVE•added 2007/09/05 1:17 a.m.•54 views

CVE-2007-3849

Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intrusion Detection Environment (AIDE) before 0.13.1 with a database that lacks checksum information, which allows context-dependent attackers to bypass file integrity checks and modify certain files.

1.9CVSS6.3AI score0.0009EPSS

CVE•added 2007/10/23 10:46 a.m.•54 views

CVE-2007-4574

Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, when running on AMD64 and Intel 64, allows local users to cause a denial of service via unknown vectors.

4.7CVSS5.6AI score0.00045EPSS

CVE•added 2007/11/30 2:46 a.m.•54 views

CVE-2007-5494

Memory leak in the Red Hat Content Accelerator kernel patch in Red Hat Enterprise Linux (RHEL) 4 and 5 allows local users to cause a denial of service (memory consumption) via a large number of open requests involving O_ATOMICLOOKUP.

4.9CVSS5.6AI score0.00043EPSS