Lucene search
K
SlackwareSlackware Linux

54 matches found

CVE
CVE
added 2013/07/26 11:0 p.m.466 views

CVE-2013-4854

CVE-2013-4854 affects ISC BIND, where the RFC 5011 RDATA handling in rdata.c can trigger an assertion failure during log message construction when processing a malformed RDATA, allowing remote DoS with named exiting. Vulnerable ranges include BIND 9.7.x and 9.8.x before 9.8.5-P2 and 9.8.6b1, 9.9....

7.8CVSS5.6AI score0.3415EPSS
CVE
CVE
added 2016/06/09 4:0 p.m.222 views

CVE-2016-4448

CVE-2016-4448 is a format-string vulnerability in libxml2 (pre-2.9.4). The connected F5 advisory confirms libxml2 is the vulnerable component across multiple BIG-IP products and lists specific BIG-IP families/versions as vulnerable, with a table guiding upgrades to non‑vulnerable releases. Impact...

10CVSS9.5AI score0.07039EPSS
CVE
CVE
added 2018/03/06 8:0 p.m.203 views

CVE-2018-7184

CVE-2018-7184 affects ntpd 4.2.8p4 through 4.2.8p10, where a zero-origin timestamp in certain packets can disrupt the association and cause DoS. This is described as a result of an incomplete fix for CVE-2015-7704. Remediation available: upgrade to ntpd 4.2.8p11 or later; several advisories (e.g....

7.5CVSS7.5AI score0.08862EPSS
CVE
CVE
added 2004/10/26 4:0 a.m.178 views

CVE-2004-0940

CVE-2004-0940 is a confirmed vulnerability: a buffer overflow in mod_include.get_tag() affects Apache 1.3.x up to 1.3.32, allowing local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. The impact is ...

7.8CVSS8AI score0.0483EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.137 views

CVE-1999-0368

The CVE-1999-0368 issue involves buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD that can lead to remote root access (palmetto). Red Hat’s entry reiterates the same vulnerability. Nessus plugin 10318 (WU-FTPD Multiple Vulnerabilities) and 10318’s description cite the overflow as enabling...

10CVSS6.7AI score0.39233EPSS
CVE
CVE
added 2007/04/06 1:0 a.m.104 views

CVE-2007-1352

The CVE-2007-1352 issue is an integer overflow in the FontFileInitTable function of X.Org libXfont before 20070403. The vulnerability allows remote authenticated users to cause a heap overflow by placing a long first line in the fonts.dir file, potentially enabling arbitrary code execution. Affec...

3.8CVSS7.6AI score0.01524EPSS
CVE
CVE
added 2006/01/06 10:0 p.m.103 views

CVE-2005-3624

CVE-2005-3624 affects multiple PDF tools (xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is in CCITTFaxDecode handling in Stream.cc, where negative or very large integers can trigger integer overflows/underflows, leading to heap corruption. The documented impact...

5CVSS6.3AI score0.02301EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.101 views

CVE-2000-0844

The connected records confirm CVE-2000-0844 affects Unix locale subsystem functions that fail to cleanse user-supplied format strings, enabling local attackers to execute arbitrary commands through gettext, catopen, and related calls. The root cause is improper sanitization of format strings in l...

10CVSS7.7AI score0.15349EPSS
CVE
CVE
added 2006/01/06 10:0 p.m.99 views

CVE-2005-3625

CVE-2005-3625 is confirmed to affect Xpdf and related tools (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is a denial-of-service in PDF stream handling where streams that end prematurely can cause an infinite loop, demonstrated for the CCITTFaxDecode and DCTDecode s...

10CVSS6.2AI score0.03855EPSS
CVE
CVE
added 2006/01/06 10:0 p.m.97 views

CVE-2005-3626

CVE-2005-3626 affects Xpdf and related components (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The vulnerability arises from a crafted FlateDecode stream that triggers a null dereference, leading to a denial of service (crash). The connected Nessus entry (NEWSTART_CGSL_NS-SA...

5CVSS6.1AI score0.0341EPSS
CVE
CVE
added 2006/12/07 11:0 a.m.91 views

CVE-2006-6235

The CVE-2006-6235 vulnerability is a stack overwrite flaw in GnuPG (gpg) affecting 1.x versions before 1.4.6, 2.x before 2.0.2, and 1.9.0–1.9.95. A crafted OpenPGP packet can cause GnuPG to dereference a function pointer from deallocated stack memory, enabling arbitrary code execution. Multiple a...

10CVSS7AI score0.05671EPSS
CVE
CVE
added 2018/05/01 6:0 p.m.89 views

CVE-2018-9336

OpenVPN 2.4.x prior to 2.4.6 is affected by CVE-2018-9336 due to a double-free in the interactive service helper (openvpnserv.exe). A local attacker can trigger memory corruption leading to denial of service and possibly privilege escalation. The fix is in OpenVPN 2.4.6 and later; upgrading to th...

7.8CVSS8AI score0.00608EPSS
CVE
CVE
added 2004/05/05 4:0 a.m.85 views

CVE-2004-0226

CVE-2004-0226 affects Midnight Commander (mc) prior to 4.6.0. The issue is described as multiple buffer overflows that may allow a denial of service or arbitrary code execution. Connected documents corroborate MC-related advisories (e.g., GLSA/DSA entries) and reference related CVEs (CVE-2004-023...

10CVSS7AI score0.03936EPSS
CVE
CVE
added 2004/10/21 4:0 a.m.83 views

CVE-2004-0891

GAIM is affected by CVE-2004-0891: a buffer overflow in the MSN protocol handler (MSNSLP) for gaim versions 0.79 through 1.0.1, caused by an unbounded copy that writes to the wrong buffer during processing of an unexpected MSNSLP sequence. This can cause remote denial of service (crash) and poten...

10CVSS8AI score0.06862EPSS
CVE
CVE
added 2003/12/10 5:0 a.m.82 views

CVE-2003-0962

CVE-2003-0962 is a heap-based/buffer overflow in rsync versions prior to 2.5.7 when run in server mode. The vulnerability could allow a remote attacker to execute arbitrary code on the rsync server, potentially while in a chroot jail. The issue affects servers listening on port 873. Advisories fr...

7.5CVSS7.8AI score0.21157EPSS
CVE
CVE
added 2004/09/24 4:0 a.m.82 views

CVE-2004-0881

CVE-2004-0881 affects getmail up to 4.2.0 (and other versions before 3.2.5). When run as root, getmail could overwrite arbitrary files via a symlink attack on maildir subdirectories, enabling local, privilege-escalating impact. Public advisories from Debian (DSA-553) and Slackware note a root com...

2.1CVSS6AI score0.00392EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.74 views

CVE-1999-0433

XFree86 startx is affected by a symlink attack allowing local users to create files in restricted directories, potentially gaining privileges or causing a denial of service. The provided documents do not specify affected versions or a fix; one PT Security entry notes no information about a newer ...

4.6CVSS7.1AI score0.00713EPSS
CVE
CVE
added 2004/05/05 4:0 a.m.74 views

CVE-2004-0233

CVE-2004-0233 describes a symlink vulnerability in the utempter library, where device names containing .. (dot dot) directory traversal can enable local users to overwrite arbitrary files via a symlink attack when an application trusts utmp/wtmp. Public documents from Slackware, Gentoo, Gentoo GL...

2.1CVSS6AI score0.01095EPSS
CVE
CVE
added 2003/12/10 5:0 a.m.73 views

CVE-2003-0977

CVE-2003-0977 affects the CVS server prior to 1.11.10, where malformed module requests could cause the server to create directories and files in the filesystem root. The issue is documented across multiple advisories (e.g., RHSA-2004:004, MDKSA-2003:112-1, DSA 422-1) with a common remediation: up...

7.5CVSS7.4AI score0.02294EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.72 views

CVE-1999-0242

The CVE describes a vulnerability where remote attackers could access mail files via POP3 on some Linux systems that use shadow passwords. Connected sources corroborate that the issue arises from how mail data is stored/access-controlled in environments with shadow passwords, enabling partial con...

7.5CVSS7.4AI score0.02299EPSS
CVE
CVE
added 2001/01/22 5:0 a.m.71 views

CVE-2000-0867

Kernel logging daemon (klogd) in Linux (sysklogd) is vulnerable due to a 'format bug' that fails to cleanse user-supplied format strings, enabling local users to gain root privileges by triggering malformed kernel messages. Mandrake MDKSA-2000:050-1 describes a patched klogd version; Debian patch...

7.2CVSS6.5AI score0.00406EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.69 views

CVE-1999-0041

Technical details (affected product/version/root cause/patch) are not provided in the connected documents; summaries only note a buffer overflow in NLS. Monitor Red Hat/EUVD/NVD updates for remediation guidance and impact as information becomes available.

7.5CVSS7.7AI score0.09088EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.69 views

CVE-2000-0314

CVE-2000-0314 affects NetBSD 1.3.3 and Linux where traceroute with a large waittime (-w) is not parsed correctly, causing the time delay for sending packets to be zero. This can enable local users to flood other systems. The description covers the affected vectors and impact as stated; no explici...

5CVSS6.7AI score0.01754EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.68 views

CVE-2002-0004

CVE-2002-0004 describes a heap corruption vulnerability in the “at” utility caused by a double-free during execution time handling, enabling a local user to potentially execute arbitrary code. The issue is evidenced in multiple advisories (e.g., Debian DSA 102-1/102-2) noting that the remote host...

7.2CVSS7.2AI score0.01343EPSS
CVE
CVE
added 2004/05/05 4:0 a.m.67 views

CVE-2004-0232

Midnight Commander (mc) is affected by CVE-2004-0232: multiple format string vulnerabilities in versions before 4.6.0 that can cause a denial of service or arbitrary code execution. Exploitation details are not provided in the documents; remediation per description is to upgrade to 4.6.0 or newer.

5CVSS7.1AI score0.02945EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.66 views

CVE-1999-1186

CVE-1999-1186 concerns rxvt (terminal emulator) when compiled with the PRINT_PIPE option on certain Linux distros (e.g., Slackware 3.0, RedHat 2.1). The vulnerability arises from the -print-pipe parameter, which allows a local user to specify a malicious program, potentially gaining root privileg...

7.2CVSS7.5AI score0.004EPSS
CVE
CVE
added 2005/06/28 4:0 a.m.65 views

CVE-2002-1814

Bonobo’s efstools contains a local buffer overflow when installed setuid, allowing a local user to trigger arbitrary code execution through excessively long command line arguments. Affected component: efstools within Bonobo. Root cause: unchecked/buffered input handling leading to overflow when h...

4.6CVSS8AI score0.01116EPSS
CVE
CVE
added 2004/05/05 4:0 a.m.65 views

CVE-2004-0231

CVE-2004-0231 affects Midnight Commander (mc) prior to 4.6.0. The issue is described as insecure temporary file and directory creation in mc. The provided connected documents confirm this CVE against mc, but do not disclose a specific impact assessment or a concrete remediation within the supplie...

2.1CVSS6.4AI score0.0038EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.64 views

CVE-1999-0192

The CVE-1999-0192 issue is a buffer overflow in the telnet daemon tgetent routing that can allow remote attackers to gain root access via the TERMCAP environment variable. Affected component: telnet daemon (tgetent routing). Root access exploitation is stated as the impact. Related material in co...

10CVSS8.1AI score0.10041EPSS
CVE
CVE
added 2004/04/30 4:0 a.m.63 views

CVE-2004-0424

CVE-2004-0424 involves an integer overflow in the Linux kernel’s ip_setsockopt handling of the MCAST_MSFILTER socket option. Affected ranges are Linux kernel 2.4.22–2.4.25 and 2.6.1–2.6.3. The vulnerability allows local users to cause a crash (denial of service) or potentially execute arbitrary c...

7.2CVSS7.1AI score0.01238EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.62 views

CVE-1999-0123

CVE-1999-0123 describes a race condition in the Linux mailx command that allows local users to read user files. The consensus across connected records confirms impact is local escalation via the mailx utility; specific affected versions, root cause details, and exact remediation are not consisten...

3.7CVSS7AI score0.003EPSS
CVE
CVE
added 2003/06/05 4:0 a.m.62 views

CVE-2003-0195

CVE-2003-0195 affects the CUPS print server prior to version 1.1.19. The vulnerability allows remote denial of service via a partial HTTP printing request to the IPP port (631) that does not time out, blocking further printing requests. The issue is triggered by careful crafting of a connection t...

5CVSS6.2AI score0.10613EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.60 views

CVE-1999-0340

Summary (CVE-1999-0340): A buffer overflow in the Linux Slackware crond program allows local users to gain root access . The published data identifies the attack as local with low complexity and no authentication required, and it results in full compromise of confidentiality, integrity, and avail...

7.2CVSS7.6AI score0.004EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.60 views

CVE-2000-0315

Technical specifics (affected products, vulnerable components, root cause, and fixes) are not publicly provided in the connected documents. Monitor for updates.

5CVSS6.6AI score0.01751EPSS
CVE
CVE
added 2004/09/24 4:0 a.m.60 views

CVE-2004-0880

CVE-2004-0880 affects getmail 4.x up to version before 4.2.0. When run with root privileges, local users can exploit a symlink attack on an mbox file to overwrite arbitrary files. The risk is described as a local, likely low-severity issue with partial integrity impact; exploitation details are n...

1.2CVSS6AI score0.00306EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.59 views

CVE-2001-1036

The connected records show a concrete vulnerability in GNU findutils locate prior to version 4.2.31. The flaw is a heap-based buffer overflow in the visit_old_format function (locate/locate.c) that can be triggered by a long pathname stored in a locate database using the old format, potentially a...

7.2CVSS6.5AI score0.00897EPSS
CVE
CVE
added 2000/03/22 5:0 a.m.58 views

CVE-1999-0746

The CVE-1999-0746 entry concerns SuSE Linux’s in.identd service. The core issue is a default configuration that waits 120 seconds between requests, enabling a remote attacker to trigger a denial-of-service condition by saturating or delaying identd responses. The connected Red Hat and CVE listing...

5CVSS6.6AI score0.05639EPSS
CVE
CVE
added 2000/06/02 4:0 a.m.57 views

CVE-1999-0856

CVE-1999-0856 affects Slackware 7.0. The vulnerability arises because remote authentication feedback reveals whether an account exists or is locked by reporting an encryption error, enabling user enumeration. The issue is tied to the login process and causes disclosure of valid user names without...

5CVSS7.1AI score0.01038EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.55 views

CVE-1999-0298

The CVE-1999-0298 issue affects ypbind when the -ypset and -ypsetme options are activated in Linux Slackware and SunOS. The underlying vulnerability is a directory traversal attack (".." path) that allows overwriting files. Reported impact includes local and remote attackers able to modify files....

7.5CVSS7.3AI score0.02032EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.55 views

CVE-1999-1187

Pine mail client (before version 3.94) is affected by a local privilege escalation vulnerability where a symlink attack on the mail-notification lockfile is exploitable when a user receives new mail. The underlying issue is a symlink attack allowing a local user to gain privileges. There is no ex...

4.6CVSS7.3AI score0.00307EPSS
CVE
CVE
added 2019/11/21 1:46 p.m.54 views

CVE-2013-7171

CVE-2013-7171 affects Slackware 14.0/14.1 and Slackware LLVM 3.0-i486-2, 3.3-i486-2, where world-writable /tmp permissions could let a remote attacker execute arbitrary code with root privileges. Root cause identified as improper /tmp directory permissions; no specific patch/version or remediatio...

10CVSS9.7AI score0.06344EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.53 views

CVE-1999-0341

The CVE-1999-0341 entry describes a buffer overflow in the Linux mail program “deliver” that allows local users to gain root access. The connected documents confirm the affected component is the Linux mail utility deliver and identify the root cause as a buffer overflow, leading to privilege esca...

7.2CVSS7.6AI score0.00403EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.51 views

CVE-1999-1299

CVE-1999-1299 concerns rcp on various Linux systems, including Red Hat 4.0. Root cause: UID 65535 is interpreted as -1 by chown and related system calls, causing ownership changes to fail and potentially allow a nobody or UID 65535 to overwrite arbitrary files. Impact: writable/overwritable files...

10CVSS7.4AI score0.0184EPSS
CVE
CVE
added 2007/02/07 8:0 p.m.51 views

CVE-2007-0823

CVE-2007-0823 affects xterm on Slackware Linux 10.2, where information displayed to one user could remain in the same xterm process memory and be readable by subsequent users sharing that interactive process. This could allow local users to bypass file permissions and obtain sensitive information...

1.9CVSS6AI score0.00437EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.50 views

CVE-1999-0421

The CVE-1999-0421 entry concerns Linux Slackware 3.6. During a reboot after installation, a remote attacker could obtain root access by logging in to the root account without a password. Affected software is Slackware 3.6; the underlying issue is unauthorized root login due to an unprotected root...

7.2CVSS7AI score0.01572EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.50 views

CVE-1999-1422

The CVE-1999-1422 entry concerns Slackware 3.4 (and possibly other versions) where the PATH environment variable may include the current directory (.) by default. This enables local users to create Trojan horse programs that could be inadvertently executed by other users, due to execution precede...

7.2CVSS6.8AI score0.00331EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.49 views

CVE-1999-1489

Vulnerability summary: CVE-1999-1489 describes a buffer overflow in the TestChip function of XFree86 SuperProbe used on Slackware Linux 3.1 . The overflow enables local users to obtain root privileges by supplying a long -nopr argument. Nature and impact (as documented): Local privilege escalatio...

7.2CVSS7.6AI score0.01056EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.48 views

CVE-2000-0438

CVE-2000-0438 describes a buffer overflow in the Linux fdmount utility that can be triggered by a long mountpoint parameter. Local users in the floppy group could execute arbitrary commands with the exploit. The vulnerability is due to an inadequate bound check in fdmount, leading to potential co...

7.2CVSS7.7AI score0.01077EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.47 views

CVE-1999-1095

The CVE-1999-1095 entry concerns the sort utility. It describes that sort creates temporary files and follows symbolic links, enabling a local user to modify arbitrary files writable by the user running sort. This impact is observed in updatedb and other programs that invoke sort. The documents d...

7.2CVSS7.2AI score0.00348EPSS
CVE
CVE
added 2003/05/23 4:0 a.m.47 views

CVE-2003-0335

Slackware 9.0’s rc.M invokes quotacheck with the -M option, causing the filesystem to be remounted and potentially resetting security-related mount flags such as nosuid, nodev, and noexec. Root cause: rc.M behavior triggers a remount via quotacheck. Impact stated: possible changes to mount flags ...

7.5CVSS7AI score0.01144EPSS
Total number of security vulnerabilities54