Enterprise Linux Security Vulnerabilities and Issues — Enterprise Linux CVE List

Lucene search

RedhatEnterprise Linux

9 matches found

CVE•added 2005/02/09 5:0 a.m.•89 views

CVE-2004-0968

The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.

2.1CVSS5.8AI score0.00072EPSS

CVE•added 2005/02/09 5:0 a.m.•76 views

CVE-2004-0977

The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.

2.1CVSS5.7AI score0.00088EPSS

CVE•added 2005/02/07 5:0 a.m.•64 views

CVE-2005-0156

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.

2.1CVSS7AI score0.00386EPSS

CVE•added 2005/02/20 5:0 a.m.•61 views

CVE-2004-1613

Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.

5CVSS6.7AI score0.01798EPSS

CVE•added 2005/02/09 5:0 a.m.•60 views

CVE-2004-0957

Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.

6.8CVSS5.9AI score0.00386EPSS

CVE•added 2005/02/06 5:0 a.m.•55 views

CVE-2004-0491

The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit.

2.1CVSS6.2AI score0.00087EPSS

CVE•added 2005/02/09 5:0 a.m.•49 views

CVE-2004-0961

Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets with (1) Ascend-Send-Secret, (2) Ascend-Recv-Secret, or (3) Tunnel-Password attributes.

5CVSS6.2AI score0.02641EPSS

CVE•added 2005/02/09 5:0 a.m.•46 views

CVE-2004-0960

FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause a memcpy operation with a -1 argument.

5CVSS6.3AI score0.02641EPSS

CVE•added 2005/02/21 5:0 a.m.•43 views

CVE-2005-0092

Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to cause a denial of service (crash).

2.1CVSS6AI score0.00058EPSS