Filtered by vendor Redhat
Subscribe
Total
5603 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0643 | 3 Debian, Mit, Redhat | 5 Debian Linux, Kerberos 5, Enterprise Linux Desktop and 2 more | 2024-02-28 | 4.6 MEDIUM | N/A |
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code. | |||||
CVE-2000-0666 | 5 Conectiva, Debian, Redhat and 2 more | 5 Linux, Debian Linux, Linux and 2 more | 2024-02-28 | 10.0 HIGH | N/A |
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. | |||||
CVE-2002-2204 | 1 Redhat | 1 Redhat Package Manager | 2024-02-28 | 7.5 HIGH | N/A |
The default --checksig setting in RPM Package Manager 4.0.4 checks that a package's signature is valid without listing who signed it, which can allow remote attackers to make it appear that a malicious package comes from a trusted source. | |||||
CVE-2001-0142 | 5 Immunix, Mandrakesoft, National Science Foundation and 2 more | 5 Immunix, Mandrake Linux, Squid Web Proxy and 2 more | 2024-02-28 | 1.2 LOW | N/A |
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. | |||||
CVE-2004-0461 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2024-02-28 | 10.0 HIGH | N/A |
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. | |||||
CVE-2000-1213 | 3 Immunix, Iputils, Redhat | 3 Immunix, Iputils, Linux | 2024-02-28 | 7.5 HIGH | N/A |
ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges. | |||||
CVE-2001-0233 | 3 Debian, Matthew Smith, Redhat | 3 Debian Linux, Micq, Linux | 2024-02-28 | 10.0 HIGH | N/A |
Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field. | |||||
CVE-2001-1028 | 1 Redhat | 1 Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges. | |||||
CVE-1999-1288 | 4 Caldera, Redhat, Samba and 1 more | 4 Openlinux, Linux, Samba and 1 more | 2024-02-28 | 4.6 MEDIUM | N/A |
Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program. | |||||
CVE-2004-0554 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2024-02-28 | 2.1 LOW | N/A |
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. | |||||
CVE-1999-0010 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. | |||||
CVE-2000-0314 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2024-02-28 | 5.0 MEDIUM | N/A |
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||||
CVE-2004-0077 | 4 Linux, Netwosix, Redhat and 1 more | 7 Linux Kernel, Netwosix Linux, Bigmem Kernel and 4 more | 2024-02-28 | 7.2 HIGH | N/A |
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985. | |||||
CVE-1999-0768 | 2 Redhat, Suse | 2 Linux, Suse Linux | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable. | |||||
CVE-1999-0434 | 5 Caldera, Debian, Netbsd and 2 more | 5 Openlinux, Debian Linux, Netbsd and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
XFree86 xfs command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service. | |||||
CVE-2001-1375 | 2 Conectiva, Redhat | 2 Linux, Linux | 2024-02-28 | 4.6 MEDIUM | N/A |
tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory. | |||||
CVE-2000-0031 | 1 Redhat | 1 Linux | 2024-02-28 | 6.2 MEDIUM | N/A |
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack. | |||||
CVE-2002-1155 | 1 Redhat | 1 Linux | 2024-02-28 | 7.2 HIGH | N/A |
Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument. | |||||
CVE-2001-0923 | 1 Redhat | 1 Redhat Package Manager | 2024-02-28 | 7.2 HIGH | N/A |
RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execute arbitrary code via corrupted data in the RPM file when the file is queried. | |||||
CVE-2000-1221 | 3 Debian, Redhat, Sgi | 3 Debian Linux, Linux, Irix | 2024-02-28 | 10.0 HIGH | N/A |
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP. |