207 matches found
CVE-2024-12085
CVE-2024-12085 affects rsync; a flaw in checksum comparison allows an attacker to manipulate s2length, causing comparisons against uninitialized memory and leaking one byte of uninitialized stack data per interaction. The issue is rated HIGH (CVSS 3.1: 7.5) with network attack vector and no user ...
CVE-2002-0083
CVE-2002-0083 is described in the initial document as an off-by-one error in the OpenSSH channel code affecting OpenSSH 2.0–3.0.2 that can allow privilege escalation. The connected F5 advisory (K1648) references CAN-2002-0083 and labels it as an OpenSSH array overflow vulnerability, but does not ...
CVE-2000-0666
CVE-2000-0666 affects the rpc.statd component of the nfs-utils package across various Linux distributions. The vulnerability arises from the rpc.statd daemon failing to cleanse untrusted format strings, with CERT/CC documenting that user-supplied data can be passed to syslog as a format string, e...
CVE-2024-12087
CVE-2024-12087 affects rsync and is described in connected advisories as a path traversal vulnerability triggered by the --inc-recursive behavior, arising from insufficient symlink verification and per-file-list deduplication checks. The result could allow a server to write files outside the clie...
CVE-2004-0940
CVE-2004-0940 is a confirmed vulnerability: a buffer overflow in mod_include.get_tag() affects Apache 1.3.x up to 1.3.32, allowing local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. The impact is ...
CVE-2005-0337
CVE-2005-0337 affects Postfix 2.1.3 where, if /proc/net/if_inet6 is unavailable and permit_mx_backup is enabled in smtpd_recipient_restrictions, remote attackers can bypass email restrictions and perform mail relaying by delivering to an IPv6 hostname. The issue is a flaw in the IPv6 handling pat...
CVE-2024-12086
The CVE-2024-12086 entry concerns rsync. A flaw in rsync’s checksum-based comparison during client→server file transfer can enable a server to enumerate contents of files on the client by sending crafted checksum values and analyzing responses. The connected documents confirm rsync is affected an...
CVE-2004-0495
Summary: CVE-2004-0495 refers to multiple vulnerabilities in Linux kernel 2.4 and 2.6, identified by the Sparse source-checking tool, that can allow local privilege escalation or access to kernel memory. Affected software: Linux kernel for 2.4 and 2.6 series. Root cause/impact: local attacker cou...
CVE-2005-0605
The CVE-2005-0605 issue concerns LibXPM’s scan.c where a negative bitmap_unit value can cause a buffer overflow, allowing arbitrary code execution. Connected sources confirm LibXPM involvement and link to patches/advisories; for Solaris SPARC, patch 119063-01 (libXpm patch) is cited as remediatio...
CVE-2001-0872
Technical details for CVE-2001-0872 are not provided in the connected documents. The initial description notes OpenSSH 3.0.1 with UseLogin and LD_PRELOAD cleansing issue. Monitor for updates.
CVE-2004-1154
Samba vulnerability CVE-2004-1154 affects Samba 2.x and 3.0.x up to 3.0.9. The issue is a heap-based buffer overflow triggered by a Samba request carrying a very large number of security descriptors, leading to remote authentication and potentially code execution via an overflow, with denial of s...
CVE-2004-0554
CVE-2004-0554 affects the Linux kernel (2.4.x and 2.6.x on x86). The root cause is a local-denial-of-service condition triggered by an infinite loop that abuses a sequence of fsave/frstor instructions in a signal handler (as demonstrated by crash.c). The practical impact is a system crash/DoS wit...
CVE-2004-1235
CVE-2004-1235 documents a race condition in the Linux kernel (load_elf_library and binfmt_aout paths used by uselib) affecting 2.4 (through 2.429-rc2) and 2.6 (through 2.6.10). Exploitation allows a local user to execute arbitrary code by manipulating the VMA descriptor. The initial description p...
CVE-2005-0750
CVE-2005-0750 affects the Bluetooth driver in the Linux kernel (2.4.6–2.4.30-rc1 and 2.6–2.6.11.5). The bluez_sock_create function fails to validate a negative protocol value, allowing a local user to gain privileges via a crafted socket or socketpair call. Public details appear in multiple advis...
CVE-2005-3624
CVE-2005-3624 affects multiple PDF tools (xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is in CCITTFaxDecode handling in Stream.cc, where negative or very large integers can trigger integer overflows/underflows, leading to heap corruption. The documented impact...
CVE-2004-0687
CVE-2004-0687 affects OpenMotif (libXpm) with stack-based overflows in xpmParseColors, ParseAndPutPixels, and ParsePixels, allowing remote code execution via malformed XPM images. Evidence in multiple advisories confirms OpenMotif/libXpm as the vulnerable component and that patches/updates exist ...
CVE-2006-0745
The CVE concerns the X.Org X Server (xorg-server) 1.0.0 and later (X11R6.9.0, X11R7.0) where a faulty check tests the address of geteuid instead of the function result, allowing a local user to bypass restrictions and perform a Local Privilege Escalation. Impact described across sources: an unpri...
CVE-2004-0889
CVE-2004-0889 involves multiple integer overflows in xpdf 3.0 and in code paths that reuse xpdf (e.g., in CUPS) that can be exploited remotely to crash the service (DoS) and potentially execute arbitrary code. The description confirms a remote impact and the possibility of code execution, tied to...
CVE-2005-0206
Technical details about CVE-2005-0206 are not provided in the connected documents. Available sources reference related issues (CVE-2004-0888) and patch notes without explicit impact, affected products, or fixes for this CVE.
CVE-2004-0981
CVE-2004-0981 affects ImageMagick and concerns a buffer overflow in the TIFF/EXIF parsing routine that can lead to remote code execution via a crafted image file. The initial record states the vulnerability exists in ImageMagick before 6.1.0, with a network-based attack vector and critical impact...
CVE-2000-0844
The connected records confirm CVE-2000-0844 affects Unix locale subsystem functions that fail to cleanse user-supplied format strings, enabling local attackers to execute arbitrary commands through gettext, catopen, and related calls. The root cause is improper sanitization of format strings in l...
CVE-2004-0803
CVE-2004-0803 affects the libtiff RLE decoders in libtiff 3.6.x and earlier, with buffer overflows and integer overflow issues that could allow a remote attacker to execute arbitrary code by feeding a crafted TIFF file. The connected advisories (RHSA/CESA/CENTA, Slackware/Tenable/NASL entries) in...
CVE-2004-0914
Concrete details: CVE-2004-0914 concerns multiple vulnerabilities in libXpm (as used by XFree86/X.Org) including integer overflows, out-of-bounds reads, directory traversal, shell metacharacter issues, endless loops, and memory leaks in parsing XPM images. If exploited via a crafted XPM file, rem...
CVE-2004-0949
CVE-2004-0949 affects the Samba filesystem smbfs in Linux kernel 2.4/2.6, where smb_recv_trans2 fails to reassemble fragmented packets, allowing a remote attacker via the network to read arbitrary kernel information or to inflate a counter by replaying the first fragment. Public advisories (RHSA,...
CVE-2005-3625
CVE-2005-3625 is confirmed to affect Xpdf and related tools (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The issue is a denial-of-service in PDF stream handling where streams that end prematurely can cause an infinite loop, demonstrated for the CCITTFaxDecode and DCTDecode s...
CVE-2002-2185
The CVE-2002-2185 issue concerns a flaw in IGMP processing in the Linux kernel that could let a local attacker cause a denial of service by sending an IGMP membership report addressed to a target’s Ethernet address rather than the multicast group address. Public advisories (e.g., RHSA-2006:0101 a...
CVE-2004-1073
The CVE-2004-1073 entry affects the Linux kernel (2.4.x up to 2.4.27 and 2.6.x up to 2.6.8). It is caused by the open_exec path of the execve functionality (exec.c), where the interpreter (PT_INTERP) handling can allow local users to read non-readable ELF binaries. The description specifies local...
CVE-2005-3626
CVE-2005-3626 affects Xpdf and related components (gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, etc.). The vulnerability arises from a crafted FlateDecode stream that triggers a null dereference, leading to a denial of service (crash). The connected Nessus entry (NEWSTART_CGSL_NS-SA...
CVE-2004-0883
CVE-2004-0883 concerns multiple vulnerabilities in the Samba filesystem (smbfs) within the Linux kernel (versions 2.4 and 2.6). The description states that remote Samba servers could cause a denial of service (kernel crash) or information disclosure by triggering one of several flawed packet-hand...
CVE-2004-0888
CVE-2004-0888 : Multiple integer overflows in xpdf (v2.0/v3.0) and in code that uses xpdf (e.g., CUPS, gpdf, kdegraphics) allow remote attackers to crash services and possibly execute arbitrary code. Some reports note 64-bit builds can exacerbate the overflow (pdftops/filter path). Remediation is...
CVE-2004-1072
CVE-2004-1072 describes a vulnerability in the Linux kernel where the binfmt_elf loader (binfmt_elf.c) may create an interpreter name string that is not NULL terminated, allowing strings longer than PATH_MAX to be used. This can cause buffer overflows that may lead to a local denial of service (h...
CVE-2005-0005
CVE-2005-0005 is a heap-based buffer overflow in ImageMagick’s psd.c that affects ImageMagick 6.1.0, 6.1.7, and possibly earlier versions. An attacker can trigger remote code execution by supplying a PSD image with a large number of layers. Connected documents confirm the vulnerability and link t...
CVE-2004-0886
CVE-2004-0886 is a libtiff integer overflow issue (v3.6.1 and earlier) that allows a remote attacker to crash or memory-corrupt a target via crafted TIFF images, due to incorrect malloc calls. Multiple advisories (RH/RHSA, CentOS, Slackware, Mandrake) note libtiff-related fixes; updates/patches e...
CVE-2004-1070
Technical details (affected kernel versions, vulnerable component, impact, or remediation) are not publicly available in the provided documents. Monitor for updates.
CVE-2004-0535
CVE-2004-0535 relates to the Linux kernel's e1000 NIC driver (2.4.x and earlier) where memory used by the driver was not properly initialized before access. This could permit a local attacker to read portions of kernel memory. The issue is documented and linked to several vendor advisories (e.g.,...
CVE-2004-0827
CVE-2004-0827 affects ImageMagick 5.x before 5.4.4 and 6.x before 6.0.6.2, with remote denial of service and potential arbitrary code execution via malformed AVI, BMP, or DIB files. Multiple connected advisories (Ubuntu USN-35-1, Debian DSA 547-1, Red Hat RHSA-2004:480/636, etc.) corroborate buff...
CVE-2004-0497
CVE-2004-0497 describes a local privilege escalation in the Linux kernel 2.x family (notably 2.4/2.6-rc3) due to missing DAC controls in sys_chown, enabling a local user to modify the group ownership of files (including NFS-exported files) they do not own. The underlying issue allows changing fil...
CVE-2005-0156
The CVE-2005-0156 issue affects Perl 5.8.0 when built with setuid support (sperl). The vulnerability is a buffer overflow in the PerlIO implementation that can be triggered by setting PERLIO_DEBUG and running a Perl script whose full pathname has a long directory tree. This allows local users to ...
CVE-2004-0496
The CVE-2004-0496 entry refers to multiple local vulnerabilities in the Linux kernel 2.6, distinct from CVE-2004-0495, discovered via Sparse. Connected sources (Gentoo GLSA advisories GLSA-200407-02 and GLSA-200407-16, OpenVAS NASLs, and NVD/NVD-style listings) corroborate that CAN-2004-0496 conc...
CVE-2002-0062
CVE-2002-0062 is a local privilege-escalation in ncurses 5.0 and the ncurses4 compatibility package, caused by a buffer overflow in routines for moving the physical cursor and scrolling. Debian and Red Hat advisories describe the issue and assign CAN-2002-0062. Affected products include ncurses 5...
CVE-2004-0990
CVE-2004-0990 describes an integer overflow in the GD Graphics Library (libgd) 2.0.28 (and possibly earlier/other versions) that can be triggered by PNG image files with large image row values. This leads to a heap-based buffer overflow in gdImageCreateFromPngCtx, enabling remote denial of servic...
CVE-2000-0869
CVE-2000-0869: The default Apache 1.3.12 configuration on SuSE Linux 6.4 enables WebDAV, allowing remote attackers to list arbitrary directories via the PROPFIND method. This results in information disclosure about directory structure. The issue is tied to the WebDAV module being active by defaul...
CVE-2005-0085
The CVE-2005-0085 entry concerns ht://dig (htdig) prior to version 3.1.6-r7, which is vulnerable to cross-site scripting (XSS). The root cause is that the config parameter is not properly sanitized before being displayed in an error message, allowing a remote attacker to trigger arbitrary web scr...
CVE-2005-0398
CVE-2005-0398 affects the racoon daemon in ipsec-tools prior to 0.5. A remote attacker can send malformed ISAKMP packets that trigger a crash, causing a denial of service. The issue is documented in multiple advisories (e.g., Fedora, Ubuntu USN-107-1, Gentoo GLSA) and Red Hat/FreeBSD/OpenVAS entr...
CVE-2001-0834
CVE-2001-0834 affects the htsearch CGI in ht://Dig (htdig)
CVE-2004-0807
Technical details for CVE-2004-0807 are not publicly provided in the connected documents. Affected products, exploit vectors, root cause, and fixes are not specified here. Monitor vendor advisories and security feeds for updates and concrete remediation guidance.
CVE-2004-0817
CVE-2004-0817 describes multiple heap-based buffer overflows in the imlib BMP image handler that allow remote attackers to execute arbitrary code via a crafted BMP file. Connected advisories confirm the affected component is imlib/imlib2 BMP decoding code and reference vendor/security updates (e....
CVE-2004-0867
CVE-2004-0867 affects Mozilla Firefox 0.9.2 by allowing websites to set cookies for country-specific top‑level domains (e.g., .ltd.uk, .plc.uk, .sch.uk), which could enable a session‑fixation attack and session hijack. The note indicates 2.x may also be affected. Technical details in the provided...
CVE-2004-0957
CVE-2004-0957 affects MySQL up to version 3.23.58 and earlier. A local user with privileges on a database whose name contains an underscore could grant privileges to other databases with similar names, enabling unauthorized activities. Connected advisories (e.g., SLES9, Ubuntu USN-32-1) show this...
CVE-2000-1134
CVE-2000-1134 concerns multiple shells (tcsh, csh, sh, bash) that follow symlinks when processing here-documents (<