Lucene search

K
RedhatLinux

26 matches found

CVE
CVE
added 2023/11/28 12:15 p.m.189 views

CVE-2023-5981

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

5.9CVSS6.9AI score0.00561EPSS
CVE
CVE
added 2002/02/02 5:0 a.m.147 views

CVE-2001-1013

Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no public_html directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server.

5CVSS9.3AI score0.71836EPSS
CVE
CVE
added 2004/11/23 5:0 a.m.87 views

CVE-2004-0081

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

5CVSS7.2AI score0.02271EPSS
CVE
CVE
added 2004/11/23 5:0 a.m.87 views

CVE-2004-0112

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-b...

5CVSS7.2AI score0.00942EPSS
CVE
CVE
added 2006/01/06 10:0 p.m.79 views

CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

5CVSS6.3AI score0.07223EPSS
CVE
CVE
added 2006/01/06 10:0 p.m.78 views

CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

5CVSS6.1AI score0.09167EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.75 views

CVE-1999-0010

Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.

5CVSS6.8AI score0.02EPSS
CVE
CVE
added 2003/06/16 4:0 a.m.68 views

CVE-2003-0247

Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops").

5CVSS5.8AI score0.01659EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.63 views

CVE-2001-0852

TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header.

5CVSS6.6AI score0.06941EPSS
CVE
CVE
added 2003/08/27 4:0 a.m.63 views

CVE-2003-0552

Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.

5CVSS6.2AI score0.01517EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.62 views

CVE-2000-0508

rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a malformed request.

5CVSS7.4AI score0.06568EPSS
CVE
CVE
added 2005/02/20 5:0 a.m.61 views

CVE-2004-1613

Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.

5CVSS6.7AI score0.01798EPSS
CVE
CVE
added 2003/08/27 4:0 a.m.60 views

CVE-2003-0551

The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service.

5CVSS6AI score0.00675EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.59 views

CVE-2000-0289

IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.

5CVSS6.7AI score0.00826EPSS
CVE
CVE
added 2003/06/16 4:0 a.m.59 views

CVE-2003-0364

The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.

5CVSS6AI score0.03339EPSS
CVE
CVE
added 2003/08/27 4:0 a.m.59 views

CVE-2003-0550

The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.

5CVSS6.1AI score0.00712EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.56 views

CVE-2000-0314

traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.

5CVSS6.7AI score0.00315EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.56 views

CVE-2001-0977

slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.

5CVSS6.5AI score0.02956EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.55 views

CVE-1999-0986

The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.

5CVSS6.7AI score0.01424EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.50 views

CVE-2000-0315

traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.

5CVSS6.6AI score0.00439EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.49 views

CVE-2002-1232

Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.

5CVSS6.3AI score0.04451EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.46 views

CVE-1999-0804

Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.

5CVSS7AI score0.03718EPSS
CVE
CVE
added 2000/05/24 4:0 a.m.43 views

CVE-2000-0358

ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program.

5CVSS7.1AI score0.00655EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.41 views

CVE-2000-0668

pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.

5CVSS6.9AI score0.04092EPSS
CVE
CVE
added 2001/06/02 4:0 a.m.39 views

CVE-2001-0309

inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services.

5CVSS6.6AI score0.00786EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.38 views

CVE-2001-0859

2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions.

5CVSS6.8AI score0.00471EPSS