Filtered by vendor Redhat
Subscribe
Total
5603 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2000-0093 | 1 Redhat | 1 Linux | 2024-02-28 | 10.0 HIGH | N/A |
An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5. | |||||
CVE-2001-0119 | 3 Immunix, Mandrakesoft, Redhat | 3 Immunix, Mandrake Linux, Linux | 2024-02-28 | 1.2 LOW | N/A |
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2003-0019 | 1 Redhat | 1 Linux | 2024-02-28 | 7.2 HIGH | N/A |
uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode. | |||||
CVE-1999-0041 | 5 Cray, Gnu, Ibm and 2 more | 6 Unicos, Unicos Max, Libc and 3 more | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in NLS (Natural Language Service). | |||||
CVE-2000-0230 | 2 Halloween, Redhat | 2 Halloween Linux, Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable. | |||||
CVE-2000-0052 | 3 Mandrakesoft, Redhat, Turbolinux | 3 Mandrake Linux, Linux, Turbolinux | 2024-02-28 | 7.2 HIGH | N/A |
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. | |||||
CVE-2004-0635 | 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more | 5 Ethereal, Linux, Mandrake Linux and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read. | |||||
CVE-2003-0539 | 3 Ddskk, Redhat, Skk | 4 Ddskk, Daredevil Skk, Ddskk-xemacs and 1 more | 2024-02-28 | 4.6 MEDIUM | N/A |
skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based on skk, creates temporary files insecurely, which allows local users to overwrite arbitrary files. | |||||
CVE-1999-1332 | 1 Redhat | 1 Linux | 2024-02-28 | 2.1 LOW | N/A |
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file. | |||||
CVE-2001-0139 | 5 Caldera, Debian, Immunix and 2 more | 7 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver and 4 more | 2024-02-28 | 1.2 LOW | N/A |
inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||||
CVE-2001-0170 | 4 Conectiva, Debian, Immunix and 1 more | 4 Linux, Debian Linux, Immunix and 1 more | 2024-02-28 | 2.1 LOW | N/A |
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. | |||||
CVE-1999-1407 | 1 Redhat | 1 Linux | 2024-02-28 | 2.1 LOW | N/A |
ifdhcpc-done script for configuring DHCP on Red Hat Linux 5 allows local users to append text to arbitrary files via a symlink attack on the dhcplog file. | |||||
CVE-2001-0169 | 4 Mandrakesoft, Redhat, Trustix and 1 more | 5 Mandrake Linux, Mandrake Linux Corporate Server, Linux and 2 more | 2024-02-28 | 2.1 LOW | N/A |
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib. | |||||
CVE-2003-0986 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-02-28 | 1.7 LOW | N/A |
Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service. | |||||
CVE-2001-0859 | 1 Redhat | 1 Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions. | |||||
CVE-1999-0297 | 5 Bsdi, Freebsd, Netbsd and 2 more | 5 Bsd Os, Freebsd, Netbsd and 2 more | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. | |||||
CVE-2004-0104 | 3 Metamail Corporation, Redhat, Sgi | 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more | 2024-02-28 | 7.5 HIGH | N/A |
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. | |||||
CVE-1999-0037 | 2 Freebsd, Redhat | 2 Freebsd, Linux | 2024-02-28 | 7.5 HIGH | N/A |
Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. | |||||
CVE-2003-0550 | 1 Redhat | 1 Linux | 2024-02-28 | 5.0 MEDIUM | N/A |
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology. | |||||
CVE-2004-0111 | 3 Gnome, Redhat, Sgi | 5 Gdkpixbuf, Enterprise Linux, Gdk Pixbuf and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file. |