All the vulnerabilites related to slackware - slackware_linux
Vulnerability from fkie_nvd
Published
1998-02-02 05:00
Modified
2024-11-20 23:31
Severity ?
Summary
Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 3.3 | |
| slackware | slackware_linux | 3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06F2131E-F9F2-4E65-B95C-B52DB25C69F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords."
}
],
"id": "CVE-1999-1445",
"lastModified": "2024-11-20T23:31:08.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-02-02T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=88637951600184\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=88637951600184\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-02-13 05:00
Modified
2024-11-20 23:27
Severity ?
Summary
Buffer overflow in NLS (Natural Language Service).
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:libc:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E0EE0514-E70B-43D8-ADBA-B0A3BCD8B44D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:libc:5.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB49C49-1AC9-48C5-906E-05E67DC99BB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:libc:5.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "03EFCDE7-4C23-43A5-B34B-EB2EC73481CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cray:unicos:1.5:*:mk:*:*:*:*:*",
"matchCriteriaId": "71CAA155-04D6-4FDF-BE79-EE5AFD0B55A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cray:unicos:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FFB0C892-B2B2-4810-A009-AE1809730FE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cray:unicos:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D4029356-417F-4738-ACE0-B88351EA9010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cray:unicos_max:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "56C16675-1822-4B1B-8BE0-D7FC7FA106D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C00FC9-AD97-4226-A0EA-7DB14AA592DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDBA67D-84A7-42D6-A994-7C967B6306D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in NLS (Natural Language Service)."
}
],
"id": "CVE-1999-0041",
"lastModified": "2024-11-20T23:27:41.540",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-02-13T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-04-06 04:00
Modified
2024-11-20 23:31
Severity ?
Summary
Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/82 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/82 | Exploit, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file."
}
],
"id": "CVE-1999-1498",
"lastModified": "2024-11-20T23:31:15.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-04-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/82"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/82"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-02-09 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proftpd_project | proftpd | 1.2_pre1 | |
| washington_university | wu-ftpd | 2.4.2_beta18 | |
| washington_university | wu-ftpd | 2.4.2_beta18_vr9 | |
| caldera | openlinux | 1.3 | |
| debian | debian_linux | 2.0 | |
| redhat | linux | 5.0 | |
| redhat | linux | 5.1 | |
| sco | openserver | 5.0 | |
| sco | openserver | 5.0.2 | |
| sco | openserver | 5.0.3 | |
| sco | openserver | 5.0.4 | |
| sco | openserver | 5.0.5 | |
| sco | unixware | 7.0 | |
| sco | unixware | 7.0.1 | |
| slackware | slackware_linux | 3.4 | |
| slackware | slackware_linux | 3.5 | |
| slackware | slackware_linux | 3.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proftpd_project:proftpd:1.2_pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE1015CB-9A33-48D5-861A-A1FC0D8D0FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18:*:*:*:*:*:*:*",
"matchCriteriaId": "2D48DE48-5216-42AB-BEA8-EA490C5D4278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr9:*:*:*:*:*:*:*",
"matchCriteriaId": "4989799F-143A-45E5-A30C-9E3203649770",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EED21F27-4ADA-42AC-B28E-F849F47D4043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C19F7B3-9043-4E53-90DE-92A4387858A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0169CBF5-9301-42D2-A6DA-73393BD986D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6236FA51-E996-4E84-A8CC-2635A814CCC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "035FBF8B-EB91-4211-9979-8A9E913A54A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BA72B4-C4AF-41C6-92ED-30B286E00EF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17439B5B-0B66-490B-9B53-2C9D576C879F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:unixware:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EF9FD7BF-97E4-426D-881F-03C9D5B8895D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "125918E7-53BB-407A-8D95-5D95CDF39A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0BBA4F-C61A-4A8E-A7E2-CE0DF76DF592",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto."
}
],
"id": "CVE-1999-0368",
"lastModified": "2024-11-20T23:28:34.363",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-02-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-02-03 05:00
Modified
2024-11-20 23:30
Severity ?
Summary
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | linux | 4.0 | |
| slackware | slackware_linux | 3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDBA67D-84A7-42D6-A994-7C967B6306D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "rcp on various Linux systems including Red Hat 4.0 allows a \"nobody\" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file."
}
],
"id": "CVE-1999-1299",
"lastModified": "2024-11-20T23:30:47.107",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-02-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=87602167420509\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=87602167420509\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1995-03-01 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords."
}
],
"id": "CVE-1999-0242",
"lastModified": "2024-11-20T23:28:13.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1995-03-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0242"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-21 14:15
Modified
2024-11-21 02:00
Severity ?
Summary
Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2013/12/20/1 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7172 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/89916 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://security-tracker.debian.org/tracker/CVE-2013-7172 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/12/20/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7172 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/89916 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2013-7172 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 13.1 | |
| slackware | slackware_linux | 13.37 | |
| slackware | slackware_linux | 14.0 | |
| slackware | slackware_linux | 14.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64DF28B6-C9FE-44AD-9D09-2F154819AFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:13.37:*:*:*:*:*:*:*",
"matchCriteriaId": "1A153230-E0BE-4323-AC73-44E8DCD14A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "936EF68B-2A93-402C-BED4-20E6EDB2F102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1B46F08-93A8-49D9-AC5D-43E19C062FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges."
},
{
"lang": "es",
"value": "Slackware versiones 13.1, 13.37, 14.0 y 14.1, contienen permisos de tipo world-writable en los programas iodbctest y iodbctestw dentro del paquete libiodbc, lo que podr\u00eda permitir a usuarios locales usar informaci\u00f3n de RPATH para ejecutar c\u00f3digo arbitrario con privilegios root."
}
],
"id": "CVE-2013-7172",
"lastModified": "2024-11-21T02:00:25.783",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-21T14:15:12.817",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/20/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7172"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89916"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/20/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7172"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-29 13:59
Modified
2024-11-21 01:56
Severity ?
Summary
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B178BB5-A0DC-4014-A8CC-D89B0E2F9789",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "1BE753CB-A16D-4605-8640-137CD4A2BB16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "5B5F1155-78D6-480B-BC0A-1D36B08D2594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "A11247D0-A33E-4CE5-910A-F38B89C63EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E9478F4E-451D-4B4E-8054-E09522F97C59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "87393BF8-9FE3-4501-94CA-A1AA9E38E771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC642B5-ACA4-4764-A9F2-3C87D5D8E9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "A16CE093-38E0-4274-AD53-B807DE72AF91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.1:p2:*:*:*:*:*:*",
"matchCriteriaId": "2FB97DEB-A0A4-458C-A94B-46B7264AB0F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BFDF6597-7131-4080-BCFC-46032138646C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "881B8C5B-8A66-45AC-85E6-758B8A8153BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "4E2D144E-6A15-4B45-8B15-15B60FB33D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "B5690EC8-66C9-4316-BEAB-C218843F7FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "FBF13572-C341-4FB1-BAFD-AF8F0C5EF510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0B1D9F9C-54C2-485F-9B66-4AEA0573BC2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "423211E8-A08B-4254-977A-1917AED9B794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "3ABE2712-33E9-45EE-890C-E9FC51D19B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "BD79961B-508F-4A20-AD4D-D766DFB928E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5E5510BF-3D22-49DA-A4C6-2D6204EB37C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD1BC4C7-F72B-43DB-B729-018360F4B281",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.4:b1:*:*:*:*:*:*",
"matchCriteriaId": "DB36BD1D-A6AB-4BC8-94C0-FA662622FF26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "DFF83126-E2C8-4156-9C28-7E3005A74E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97D011B3-D9F3-4BC2-9695-A842148EA6BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8BC43BF9-5C34-4DF1-846A-E416DE9C7DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.5:b1:*:*:*:*:*:*",
"matchCriteriaId": "ADD24439-71B4-41AC-85D4-56511445051C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B063AE57-D426-4565-B2D9-ACDB0C16C78E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.5:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CCEA5F9A-A308-4573-BBEB-6B210A61D943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D13D4E84-04EB-4843-A1C4-E3265D1DAC00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "434AA05B-1A22-474B-BEA3-CACAD78955F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "E434E995-F554-45A7-A907-EE2725727B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CC599FF2-080F-4545-BA31-6F431AA558AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "78BEBD36-7BD1-4686-BF9A-60B85EBF6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C3407560-6D54-4B1B-9977-AD4F6EB5D6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:novell:suse_linux:11:*:desktop:*:*:*:*:*",
"matchCriteriaId": "1F04848C-31A0-41DF-815D-C200625D8B2C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:novell:suse_linux:11:*:server:*:*:*:*:*",
"matchCriteriaId": "09D8D0FB-C49A-44AA-B95E-DD82D870A242",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:dnsco_bind:9.9.3:s1:*:*:*:*:*:*",
"matchCriteriaId": "0AD242CA-7077-4D79-B399-C3517921E814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:dnsco_bind:9.9.4:s1b1:*:*:*:*:*:*",
"matchCriteriaId": "23EF52C0-4E1B-4B50-9AF2-39FA3ABEB4F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B96B87-F18C-41EF-9A37-7D0842433A4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:a1:*:*:*:*:*:*",
"matchCriteriaId": "AFA1AA14-4D4A-45D0-9573-D53C0FFFFF78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:a2:*:*:*:*:*:*",
"matchCriteriaId": "F5DE1274-F7A1-4F12-A4F5-1CB1DD5B84E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:a3:*:*:*:*:*:*",
"matchCriteriaId": "401A7E61-AC3D-417D-97B8-E5E736DC6FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "C7C37F7D-DD28-4C70-A534-A3F434DF4273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "B2EC1F99-85C1-4081-A118-790111741246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "85D6C9B7-9D5D-4589-AC83-E6ECB535EBFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "043A5E3F-529B-4A9A-8531-184EE6D1942D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "673057D5-256C-4933-B56F-4BF8848323F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "C2CE371B-E399-4D74-B46C-3606E4BDA53A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A3798A1-134C-4066-A012-10C15F103EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "9CA1AEBE-040C-483A-9850-7DA888FF8075",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.1:p2:*:*:*:*:*:*",
"matchCriteriaId": "B9A33F04-3240-4268-B613-C4876770A30F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91DA33F1-CA29-4EB1-8F95-8CEA71383BF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7BE793-7717-4019-8F50-158C309E48B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:b1:*:*:*:*:*:*",
"matchCriteriaId": "9BE322FB-CC6F-46BA-861C-74C16D7FC791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:b2:*:*:*:*:*:*",
"matchCriteriaId": "9C322F95-B13A-4495-A87E-9295C0169DE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "C267AE8E-A71A-4AE4-BF93-86C43924E477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "38A3F698-5E6C-40AC-9DC6-FF7478E0440C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "C7E1293E-82F4-4401-B3AA-7CB73761E163",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CF1F9EF-01AF-4708-AE02-765360AF3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9899C87E-2C09-46AE-BC24-1ACF012784CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5ECA1A-D9B4-4ED7-95EC-684E7AA2B765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "30C501A1-FE2D-41E7-A5DB-C61D8701B9B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB4C0E8-8E50-44B1-BE0C-4C261D9E9730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BD5BFF-260A-4A9E-B0AA-C8B8386B154E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D78E559A-430D-4D50-8A83-58A37D393471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.1:p4:*:*:*:*:*:*",
"matchCriteriaId": "DD6B2A2E-6E8C-40D7-B29F-1FC9E8B1076B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.1:p5:*:*:*:*:*:*",
"matchCriteriaId": "0ADB3AF3-5E13-4EC3-AE3C-128DF51E1DF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.2:prerelease:*:*:*:*:*:*",
"matchCriteriaId": "213ECCF5-4FE2-4FE8-B84E-A1C9AA98F1F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C52A912B-E7C6-484A-8E15-8208C97B8CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:9.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D4B097BE-2CA1-4236-AB8F-1151FCC845A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandriva:business_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2916CC4D-4C4D-4232-AA24-90458181EC25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:enterprise_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0175F23D-071B-4791-9349-C85ABB37BF50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
"matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EBDD71E-6F17-4EB6-899F-E27A93CDFDF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:a1:*:*:*:*:*:*",
"matchCriteriaId": "811D03B2-96A8-47F9-80BE-54228A4108EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "B3D4393C-1151-49F9-963B-B6FD88E93814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "25855A5C-302F-4A82-AEC1-8C4C9CB70362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "03E68ACA-0288-4EE5-9250-54711B2E6670",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "8D717D3D-F4BF-470B-AC2B-D1234A7303EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "66D259B7-4F9E-43B2-BB1D-3B097D3CDB28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F9DA20E-57EA-49A0-9DB2-E9E0191EC1AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.1:b1:*:*:*:*:*:*",
"matchCriteriaId": "FCC604FD-A834-4BA7-B1E2-1FCB6A583204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.1:b2:*:*:*:*:*:*",
"matchCriteriaId": "479D3C6C-1FD7-4DBE-A841-4B58400A89F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.1:b3:*:*:*:*:*:*",
"matchCriteriaId": "BAF29160-63C2-40D0-BE08-3C8181CD5092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "8DAA3942-0979-4D33-BD52-EF7F0403DFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39D75F93-B6A7-4D25-8147-25F7F867E5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.2:b1:*:*:*:*:*:*",
"matchCriteriaId": "B046CE1D-03E1-462F-9762-9269E59BD554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "DAC9049D-6284-40F7-9E97-596FEDF9EEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "10D06B47-911B-4095-ABD2-DDD38E6306F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59428551-218B-4C32-982F-DCDC894E2954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "961E22DC-1467-4A0C-9450-A2E047FCFCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.3:p2:*:*:*:*:*:*",
"matchCriteriaId": "DF77CAF5-A8D6-4479-9C4D-A698D26BDC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AD318FF1-320B-4311-AF7E-988C023B4938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BDCC8861-0655-4180-A083-1516AC441A3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.5:b1:*:*:*:*:*:*",
"matchCriteriaId": "DB2E6ABE-B1CB-4603-AFC8-BB7BE1AD96B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.5:b2:*:*:*:*:*:*",
"matchCriteriaId": "C8FC8393-5812-4032-A458-80C01248B18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "8DEC5C59-44A6-4B48-A84F-22C080CBE5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "87BAA6BD-4677-451B-B012-F3FF6C95B369",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.5:rc2:*:*:*:*:*:*",
"matchCriteriaId": "0E52B0E7-9392-4B08-906F-C47C5CA41044",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.6:b1:*:*:*:*:*:*",
"matchCriteriaId": "BD8E5645-EAE9-43A5-8845-229C403BF93B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*",
"matchCriteriaId": "E14271AE-1309-48F3-B9C6-D7DEEC488279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
"matchCriteriaId": "5991814D-CA77-4C25-90D2-DB542B17E0AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*",
"matchCriteriaId": "B64BBA96-FB3C-46AC-9A29-50EE02714FE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E752F93D-ED2E-4458-A12E-47EE62C8DCB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F56191B9-387B-4850-BA5F-F73D6AFEFE72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7547FBB1-AFE8-4DCB-9B6D-0EB719D26FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64DF28B6-C9FE-44AD-9D09-2F154819AFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:13.37:*:*:*:*:*:*:*",
"matchCriteriaId": "1A153230-E0BE-4323-AC73-44E8DCD14A1E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013."
},
{
"lang": "es",
"value": "La implementaci\u00f3n RFC en rdata.c en ISC BIND 9.7.x y 9.8.x anterior a 9.8.5-P2, 9.8.6b1, 9.9.x anterior a 9.9.3-P2, y 9.9.4b1, y DNSco BIND 9.9.3-S1 anterior a 9.9.3-S1-P1 y 9.9.4-S1b1, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo de aserci\u00f3n y salida de demonio) a trav\u00e9s de una petici\u00f3n con una secci\u00f3n RDATA manipulada que se maneja adecuadamente durante la contrucci\u00f3n de mensaje de log. Ha sido explotada \"in the wild\" en Julio de 2013."
}
],
"id": "CVE-2013-4854",
"lastModified": "2024-11-21T01:56:33.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-29T13:59:37.537",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"source": "cve@mitre.org",
"url": "http://linux.oracle.com/errata/ELSA-2014-1244"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54134"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54185"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54207"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54211"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54323"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54432"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2013/dsa-2728"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/61479"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1028838"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-1910-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/article/AA-01015"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/article/AA-01016"
},
{
"source": "cve@mitre.org",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/kb/HT6536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/61479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1910-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/article/AA-01015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/article/AA-01016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT6536"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-12-01 06:46
Modified
2024-11-21 00:39
Severity ?
Summary
Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 8.1 | |
| slackware | slackware_linux | 9.0 | |
| slackware | slackware_linux | 9.1 | |
| slackware | slackware_linux | 10.0 | |
| slackware | slackware_linux | 10.1 | |
| slackware | slackware_linux | 10.2 | |
| slackware | slackware_linux | 11.0 | |
| slackware | slackware_linux | 12.0 | |
| rsync | rsync | 2.3.1 | |
| rsync | rsync | 2.3.2 | |
| rsync | rsync | 2.3.2_1.2alpha | |
| rsync | rsync | 2.3.2_1.2arm | |
| rsync | rsync | 2.3.2_1.2intel | |
| rsync | rsync | 2.3.2_1.2m68k | |
| rsync | rsync | 2.3.2_1.2ppc | |
| rsync | rsync | 2.3.2_1.2sparc | |
| rsync | rsync | 2.3.2_1.3 | |
| rsync | rsync | 2.4.0 | |
| rsync | rsync | 2.4.1 | |
| rsync | rsync | 2.4.3 | |
| rsync | rsync | 2.4.4 | |
| rsync | rsync | 2.4.5 | |
| rsync | rsync | 2.4.6 | |
| rsync | rsync | 2.4.8 | |
| rsync | rsync | 2.5.0 | |
| rsync | rsync | 2.5.1 | |
| rsync | rsync | 2.5.2 | |
| rsync | rsync | 2.5.3 | |
| rsync | rsync | 2.5.4 | |
| rsync | rsync | 2.5.5 | |
| rsync | rsync | 2.5.6 | |
| rsync | rsync | 2.5.7 | |
| rsync | rsync | 2.6 | |
| rsync | rsync | 2.6.1 | |
| rsync | rsync | 2.6.2 | |
| rsync | rsync | 2.6.5 | |
| rsync | rsync | 2.6.6 | |
| rsync | rsync | 2.6.7 | |
| rsync | rsync | 2.6.8 | |
| rsync | rsync | 2.6.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57F41B40-75E6-45C8-A5FB-8464C0B2D064",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74022B69-6557-4746-9080-24E4DDA44026",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2081CB54-130C-4A25-A2EE-42249DD6B3EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "393F7E04-2288-45FE-8971-CC1BA036CA95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "60BF457A-B318-475D-950A-9D873C0C667C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.2alpha:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB9C4CB-09D9-4258-846D-D43C0E8E0CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.2arm:*:*:*:*:*:*:*",
"matchCriteriaId": "52CA63EE-0911-44AE-9901-FE46FB659D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.2intel:*:*:*:*:*:*:*",
"matchCriteriaId": "AF678D2B-CD03-4A19-90B4-36448E55943E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.2m68k:*:*:*:*:*:*:*",
"matchCriteriaId": "E454C988-08A3-4269-AC6A-2A975D288C56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.2ppc:*:*:*:*:*:*:*",
"matchCriteriaId": "12BB68EF-28DF-4326-84A3-C215005FD3D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.2sparc:*:*:*:*:*:*:*",
"matchCriteriaId": "41DC890B-3D3D-41DB-8380-5C290B708350",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C0E3499-E90D-40C6-B85A-6CC2312532C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C23042EA-1243-4786-8F76-CDB94E5B909B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31F7C3A4-88F3-454F-9046-CA169FF12106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "63756B36-3D03-4C2E-A1B6-AC45B045F94F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF2B595-4AF1-471E-ADFD-FF8CB6F27EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC820774-2B62-4B91-BC1A-EF6B81DD63C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4329E28A-F133-414B-98E5-F117C1B73711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1E7733-4A97-4817-8192-BDAA539AD2F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB2A38C-5971-4C38-A2A8-7B8FD44C3816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD479A6-7E13-41FB-B6D9-4CBA1459083B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D08AA818-CEF0-4EA8-BF6B-90A4F512E88C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2AE611E6-4959-4011-A57A-6774F28D58D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7DEEFC01-69A5-4760-8052-FB8BA4B125F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A19ACD7B-B36E-42D7-B311-69CD4EF047F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1AA7F4E9-1ED4-4D2F-A0A2-F8D861AD108C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8D9A038C-C0B8-416D-B103-5E66963065EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1BB055-0489-42F7-9FC7-99EDDA7026DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "336FF990-61EE-4F6B-B4BC-D268DADD3D7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "408FDC67-6862-4482-9DC4-E18AFFC3F7C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "65282BE4-26FA-4E16-B1B1-1A4D82E7C6C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84537850-6D26-47D3-9888-810B8305BD3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD67864-2BED-42AD-985E-34058C07FEBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "382AFB02-339D-45BB-A60D-7C751F943762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "32A205AF-8E75-4AD8-BE0F-EC6A9296D127",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en rsync, en versiones anteriores a la 3.0.0pre6, cuando se ejecuta un demonio rsync en modo lectura-escritura. Permite que atacantes remotos vulneren exclude, exclude_from, y filter, adem\u00e1s de poder leer y escribir archivos ocultos usando: (1) symlink, (2) partial-dir, (3) backup-dir, y (4) opciones dest sin especificar."
}
],
"id": "CVE-2007-6200",
"lastModified": "2024-11-21T00:39:35.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-12-01T06:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://rsync.samba.org/security.html#s3_0_0"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27853"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27863"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28412"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28457"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31326"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019012"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0257"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0999.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/487991/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26639"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/4057"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rsync.samba.org/security.html#s3_0_0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0999.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/487991/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/4057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2268"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-6200\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.",
"lastModified": "2007-12-06T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-08-16 04:00
Modified
2024-11-20 23:29
Severity ?
Summary
A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 3.2 | |
| slackware | slackware_linux | 3.6 | |
| suse | suse_linux | 4.4 | |
| suse | suse_linux | 4.4.1 | |
| suse | suse_linux | 5.0 | |
| suse | suse_linux | 5.1 | |
| suse | suse_linux | 5.2 | |
| suse | suse_linux | 5.3 | |
| suse | suse_linux | 6.0 | |
| suse | suse_linux | 6.1 | |
| suse | suse_linux | 6.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "852B55FE-8180-4357-B717-399C16954C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0BBA4F-C61A-4A8E-A7E2-CE0DF76DF592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service."
}
],
"id": "CVE-1999-0746",
"lastModified": "2024-11-20T23:29:22.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-08-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/587"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/587"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| rob_flynn | gaim | 0.10 | |
| rob_flynn | gaim | 0.10.3 | |
| rob_flynn | gaim | 0.50 | |
| rob_flynn | gaim | 0.51 | |
| rob_flynn | gaim | 0.52 | |
| rob_flynn | gaim | 0.53 | |
| rob_flynn | gaim | 0.54 | |
| rob_flynn | gaim | 0.55 | |
| rob_flynn | gaim | 0.56 | |
| rob_flynn | gaim | 0.57 | |
| rob_flynn | gaim | 0.58 | |
| rob_flynn | gaim | 0.59 | |
| rob_flynn | gaim | 0.59.1 | |
| rob_flynn | gaim | 0.60 | |
| rob_flynn | gaim | 0.61 | |
| rob_flynn | gaim | 0.62 | |
| rob_flynn | gaim | 0.63 | |
| rob_flynn | gaim | 0.64 | |
| rob_flynn | gaim | 0.65 | |
| rob_flynn | gaim | 0.66 | |
| rob_flynn | gaim | 0.67 | |
| rob_flynn | gaim | 0.68 | |
| rob_flynn | gaim | 0.69 | |
| rob_flynn | gaim | 0.70 | |
| rob_flynn | gaim | 0.71 | |
| rob_flynn | gaim | 0.72 | |
| rob_flynn | gaim | 0.73 | |
| rob_flynn | gaim | 0.74 | |
| rob_flynn | gaim | 0.75 | |
| rob_flynn | gaim | 0.78 | |
| rob_flynn | gaim | 0.82 | |
| rob_flynn | gaim | 0.82.1 | |
| rob_flynn | gaim | 1.0 | |
| rob_flynn | gaim | 1.0.1 | |
| gentoo | linux | * | |
| gentoo | linux | 1.4 | |
| slackware | slackware_linux | 9.0 | |
| slackware | slackware_linux | 9.1 | |
| slackware | slackware_linux | 10.0 | |
| slackware | slackware_linux | current | |
| ubuntu | ubuntu_linux | 4.1 | |
| ubuntu | ubuntu_linux | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1EE775-471F-4D9F-9635-41CB581168D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E56639E-2F96-4110-8846-0EA887D2967B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A2FDCAE1-0B5D-449F-A83A-5028E7701109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "F984C4C7-6431-48DD-A0E0-0DC5F6052EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E955A141-DAEB-40EA-BE35-A5EED928E030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F02AE7-7A9C-4219-9472-9FAC8CBC637B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E94CDB8A-7120-41C6-95AF-5DBAD74F3204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A3A068-BEBB-4E31-9CAD-4A2008CFBC91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "DA529226-9252-41EE-8543-692F3119CF6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "C6FDD0E8-D0CB-4B4C-8E4C-A4979B116CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "7366C749-E27C-422C-BFE0-DCC4B4D9C8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5622F4C0-43C8-44B1-A7C7-D3A7F1199FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2E8C61-B01A-482A-9B8D-0072AB6BB7DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "30E40E9A-950B-4D6E-A748-5F76F7B97AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C4FF2E49-7561-461A-98BD-4778C6764020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "4168D220-61A9-4E9F-A5A8-4832822E35EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "253631B3-8A0C-48DC-851A-F5A6AB490BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "1266BD64-E19D-4686-9E00-42CC9AF94756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "C62BCA03-A187-432B-B2B3-40DE99A9986C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*",
"matchCriteriaId": "92762951-6F9E-426D-8157-55C65A561417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*",
"matchCriteriaId": "00AFDEF5-5E42-4BF6-8EC6-FE7FCD4DD4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4B3DA2-9ECB-454D-8775-9571B158007F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*",
"matchCriteriaId": "A041E262-E36F-44C3-B83B-2E79653B74EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*",
"matchCriteriaId": "333D0BA1-7676-417D-BB92-AAA1AAED2D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "BF449EC2-A6F2-405F-BEE7-0516E092E6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "840C5668-D951-4A62-B555-EB3D91A08B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "BC715625-C4E7-49AC-9F3E-7306114878D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "C8834643-F682-4FC1-93DE-BE4754E993AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*",
"matchCriteriaId": "42DC59A0-4BD8-42AC-B2E0-BFC32FCE7396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.78:*:*:*:*:*:*:*",
"matchCriteriaId": "5414E26C-C4BD-4E88-A9F4-05312F303BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A65A06-A2D9-4ACD-A19A-5CC0D6636139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:0.82.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EF25C4-A89D-4FBC-8EBE-89B502369A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "43BC7CF5-118A-4127-BA07-749179FA5A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rob_flynn:gaim:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE70BCCA-A025-4F93-A773-8D4FF482540A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an \"unexpected sequence of MSNSLP messages\" that results in an unbounded copy operation that writes to the wrong buffer."
}
],
"id": "CVE-2004-0891",
"lastModified": "2024-11-20T23:49:37.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=9"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-604.html"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2188"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17786"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17787"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17790"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790"
},
{
"source": "cve@mitre.org",
"url": "https://www.ubuntu.com/usn/usn-8-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://gaim.sourceforge.net/security/?id=9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-604.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.ubuntu.com/usn/usn-8-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-05-22 04:00
Modified
2024-11-20 23:44
Severity ?
Summary
rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec."
}
],
"id": "CVE-2003-0335",
"lastModified": "2024-11-20T23:44:30.070",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-05-22T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105361968110719\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105361968110719\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2024-11-20 23:32
Severity ?
Summary
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 2.0.34 | |
| digital | unix | 4.0 | |
| netbsd | netbsd | * | |
| redhat | linux | 2.0.34 | |
| slackware | slackware_linux | 2.0.34 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "89F6AB54-5D9F-4EE2-8AA4-7E61F09C7F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:digital:unix:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E08495-C0C5-40A9-A8FF-834F5F6083B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF5ACB4A-7B75-4B29-813D-EDE7E566A754",
"versionEndIncluding": "1.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F3CA3C2F-739A-4E61-803A-877978D70468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "B35CE11D-53A9-4C69-8AC4-2ECE48468125",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero."
}
],
"id": "CVE-2000-0314",
"lastModified": "2024-11-20T23:32:13.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-03-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7574"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:02
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
"matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
"matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
"matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
"matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
"matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
"matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
"matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
"matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
"matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
"matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
"matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
"matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
"matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
"matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
"matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
"matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
"matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
"matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
"matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\""
}
],
"id": "CVE-2005-3625",
"lastModified": "2024-11-21T00:02:16.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18147"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18303"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18312"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18313"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18329"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18332"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18334"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18335"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18338"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18349"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18373"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18375"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18380"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18385"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18387"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18389"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18398"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18407"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18414"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18416"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18423"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18425"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18428"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18436"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18448"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18463"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18517"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18534"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18554"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18582"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18642"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18644"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18674"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18675"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18679"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18908"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18913"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19230"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19377"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25729"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"source": "secalert@redhat.com",
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/236-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/236-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-07-13 04:00
Modified
2024-11-20 23:31
Severity ?
Summary
login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 3.1 | |
| slackware | slackware_linux | 3.2 | |
| slackware | slackware_linux | 3.3 | |
| slackware | slackware_linux | 3.4 | |
| slackware | slackware_linux | 3.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDBA67D-84A7-42D6-A994-7C967B6306D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "852B55FE-8180-4357-B717-399C16954C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06F2131E-F9F2-4E65-B95C-B52DB25C69F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "125918E7-53BB-407A-8D95-5D95CDF39A88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server."
}
],
"id": "CVE-1999-1434",
"lastModified": "2024-11-20T23:31:06.537",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-07-13T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525951\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525951\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/155"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-12-01 05:00
Modified
2024-11-20 23:29
Severity ?
Summary
login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A9C005-4392-4C95-9B92-98EEC73EFE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist."
}
],
"id": "CVE-1999-0856",
"lastModified": "2024-11-20T23:29:42.200",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-12-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://marc.info/?l=bugtraq\u0026m=94416739411280\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://marc.info/?l=bugtraq\u0026m=94416739411280\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| getmail | getmail | 2.3.7 | |
| getmail | getmail | 3.x | |
| getmail | getmail | 4.0 | |
| getmail | getmail | 4.0.0_b10 | |
| getmail | getmail | 4.0.1 | |
| getmail | getmail | 4.0.2 | |
| getmail | getmail | 4.0.3 | |
| getmail | getmail | 4.0.4 | |
| getmail | getmail | 4.0.5 | |
| getmail | getmail | 4.0.6 | |
| getmail | getmail | 4.0.7 | |
| getmail | getmail | 4.0.8 | |
| getmail | getmail | 4.0.9 | |
| getmail | getmail | 4.0.10 | |
| getmail | getmail | 4.0.11 | |
| getmail | getmail | 4.0.12 | |
| getmail | getmail | 4.0.13 | |
| getmail | getmail | 4.1 | |
| getmail | getmail | 4.1.1 | |
| getmail | getmail | 4.1.2 | |
| getmail | getmail | 4.1.3 | |
| getmail | getmail | 4.1.4 | |
| getmail | getmail | 4.1.5 | |
| gentoo | linux | 1.4 | |
| slackware | slackware_linux | 9.1 | |
| slackware | slackware_linux | 10.0 | |
| slackware | slackware_linux | current |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:getmail:getmail:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "44B9739F-FCF9-4E5F-A9D1-49CB39BBF6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:3.x:*:*:*:*:*:*:*",
"matchCriteriaId": "A22B3445-87A8-471F-8D02-5C7D4659F915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9A2BA9-D5DD-44D9-9BB9-0EC4726B8575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.0_b10:*:*:*:*:*:*:*",
"matchCriteriaId": "8D22BC05-E2FC-4839-A68C-9B36487F9025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB9C751-57B7-45D6-8090-4437A5738B64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEAC0B6-1AFC-44E9-9A99-1E1461A4F7E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E006277E-F1F9-48C6-A558-6CE034FEB8E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2029B8AA-D93F-4728-9D09-7A6292710E56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EA67A71D-96A0-4E94-B323-9BFF8D706555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E29D3B51-4836-495E-9F9D-BCF60C141AB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D23A07F3-9AE4-43F6-86D0-CA1D1562A3F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "45825ACF-8D5C-4DE2-9A59-CEE3BFF32594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E4526FB1-EFC8-42FB-A914-56B570B6DE70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "55930804-2994-4619-8681-B9A23D3782B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2494418A-473A-4261-BC33-D24A78C3F930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1DEF7144-3C41-4435-9411-55E2E9D77FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1F746212-2CBA-48C4-9F8E-4D4088D581A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B258472-0299-4908-8424-D5BD7118A63A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "150DC643-0825-4896-BB98-0579ACC6B9E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2B512C-D0B1-4023-8CE4-AF72B61901F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFF7A4E-7A41-44E0-B220-28E6B907FBFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "85D95386-FBCB-49DE-8691-4043021C8F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE4E384-4964-4E5F-A6BD-F3EF452D0033",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir."
}
],
"id": "CVE-2004-0881",
"lastModified": "2024-11-20T23:49:35.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109571883130372\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200409-32.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-553"
},
{
"source": "cve@mitre.org",
"url": "http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109571883130372\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200409-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17439"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-02-05 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 2.1 | |
| slackware | slackware_linux | 2.2 | |
| slackware | slackware_linux | 2.3 | |
| sun | sunos | 4.1.3 | |
| sun | sunos | 4.1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F3698FC7-C9A6-4AA5-8569-CF96128A63AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A8D289-2310-4583-95F0-0CB940B6CBF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6325268D-C355-4DD3-A839-6C3CF5435B0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "615FA6E4-4DE0-422A-9220-F747D95192C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1070749A-65E9-439A-A7CC-3CE529A5D5E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack."
}
],
"id": "CVE-1999-0298",
"lastModified": "2024-11-20T23:28:21.647",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-02-05T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-03-06 20:29
Modified
2025-01-14 19:29
Severity ?
Summary
ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| ntp | ntp | 4.2.8 | |
| synology | router_manager | 1.1 | |
| synology | skynas | - | |
| synology | virtual_diskstation_manager | - | |
| synology | diskstation_manager | 5.2 | |
| synology | diskstation_manager | 6.0 | |
| synology | diskstation_manager | 6.1 | |
| synology | vs960hd_firmware | - | |
| slackware | slackware_linux | 14.0 | |
| slackware | slackware_linux | 14.1 | |
| slackware | slackware_linux | 14.2 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.10 | |
| canonical | ubuntu_linux | 18.04 | |
| netapp | cloud_backup | - | |
| netapp | steelstore_cloud_integrated_storage | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p10:*:*:*:*:*:*",
"matchCriteriaId": "0BC62D4E-D519-458C-BE4E-10DDB73A97D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*",
"matchCriteriaId": "99C71C00-7222-483B-AEFB-159337BD3C92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*",
"matchCriteriaId": "75A9AA28-1B20-44BB-815C-7294A53E910E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*",
"matchCriteriaId": "8C213794-111D-41F3-916C-AD97F731D600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*",
"matchCriteriaId": "50811A7B-0379-4437-8737-B4C1ACBC9EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*",
"matchCriteriaId": "F12E4CF5-536C-416B-AD8D-6AE7CBE22C71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*",
"matchCriteriaId": "EE002C76-406D-4F22-B738-E17BDEA70BCC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synology:router_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46261C28-E276-4639-BA3D-A735B02599F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C997777-BE79-4F77-90D7-E1A71D474D88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synology:virtual_diskstation_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5342AD6-8273-4215-BA0F-1457A628DB14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:synology:diskstation_manager:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "01527614-8A68-48DC-B0A0-F4AA99489221",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:synology:diskstation_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "65372FA7-B54B-4298-99BF-483E9FEBA253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:synology:diskstation_manager:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D04EA1A-F8E0-415B-8786-1C8C0F08E132",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D0C5120-B961-440F-B454-584BC54B549C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "936EF68B-2A93-402C-BED4-20E6EDB2F102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1B46F08-93A8-49D9-AC5D-43E19C062FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D65ED7B3-FD80-4D2B-B11D-AAABB34C49CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the \"received\" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704."
},
{
"lang": "es",
"value": "ntpd en ntp, en versiones 4.2.8p4 anteriores a la 4.2.8p11, env\u00eda paquetes malos antes de actualizar la marca de tiempo \"received\". Esto permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (interrupci\u00f3n) mediante el env\u00edo de un paquete con una marca de tiempo zero-origin que provoca que la asociaci\u00f3n se restablezca y establezca el contenido del paquete como la marca de tiempo m\u00e1s reciente. Este problema es el resultado de una soluci\u00f3n incompleta para CVE-2015-7704."
}
],
"id": "CVE-2018-7184",
"lastModified": "2025-01-14T19:29:55.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-06T20:29:01.437",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug3453"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541824/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103192"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201805-12"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180626-0001/"
},
{
"source": "cve@mitre.org",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3707-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug3453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541824/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201805-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180626-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3707-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_13"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:02
Severity ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
"matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
"matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
"matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
"matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
"matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
"matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
"matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
"matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
"matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
"matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
"matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
"matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
"matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
"matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
"matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
"matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
"matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
"matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
"matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference."
}
],
"id": "CVE-2005-3626",
"lastModified": "2024-11-21T00:02:17.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18147"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18303"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18312"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18313"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18329"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18332"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18334"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18335"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18338"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18349"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18373"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18375"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18380"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18385"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18387"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18389"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18398"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18407"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18414"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18416"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18423"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18425"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18428"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18436"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18448"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18463"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18517"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18534"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18554"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18582"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18642"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18644"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18674"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18675"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18679"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18908"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18913"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19230"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19377"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25729"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"source": "secalert@redhat.com",
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/236-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/236-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-03-04 05:00
Modified
2024-11-20 23:31
Severity ?
Summary
Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/6384 | Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/364 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/6384 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/364 | Exploit, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDBA67D-84A7-42D6-A994-7C967B6306D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument."
}
],
"id": "CVE-1999-1489",
"lastModified": "2024-11-20T23:31:14.327",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-03-04T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/6384"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/6384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/364"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:utempter:utempter:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E720990E-7705-49FD-9254-88C22F261E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:utempter:utempter:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C4196D87-419F-495F-96AB-4D3CAB37C70D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files."
},
{
"lang": "es",
"value": "Utempter permite nombres de dispositivo que contengan secuencias de cruce de directorios \"..\" (punto punto), lo que permite a usuarios locles sobreesciribir ficheros de su elecci\u00f3n mediante un ataque de enlaces simb\u00f3licos en nombres de dispositivos en combinaci\u00f3n con una aplicaci\u00f3n que conf\u00ede en ficheros utmp o wtmp."
}
],
"id": "CVE-2004-0233",
"lastModified": "2024-11-20T23:48:03.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200405-05.xml"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:031"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-174.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-175.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10178"
},
{
"source": "cve@mitre.org",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404389"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15904"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10115"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200405-05.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-174.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-175.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2024-11-20 23:33
Severity ?
Summary
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_ebuilder:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02719FF-924A-4E96-AE1D-5994A8D4275E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:immunix:immunix:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0F79BE-8EBF-44D8-83A1-9331669BED54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48F068BE-F5B3-4E43-8E6A-24AB4D2DEDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.0es:*:*:*:*:*:*:*",
"matchCriteriaId": "6529EC98-7CF7-47A1-95BB-2F34066FE95D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FFDAB801-AAA0-4B3B-B488-52E7BA8650C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "612AC3B1-8E55-437F-9600-67EA1A8BAD48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "537A5C29-D770-4755-A6AB-8916754E14DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AC05A9-04DA-4ED3-94D8-3254384CB724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECE564D-B4BB-4C05-88CC-CDC3F8E4E366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D59247-56FA-46B4-BB51-2DAE71AFC145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "15BE08F8-5F3F-45DB-BFE0-1F6F2F57A4D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C30D6962-3DBB-4DF8-A04F-8E47AFEDCF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B60E50-4F5A-4404-BEA3-C94F7D27B156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.2m:*:*:*:*:*:*:*",
"matchCriteriaId": "772E3C7E-9947-414F-8642-18653BB048E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6B2E6D1-8C2D-4E15-A6BB-E4FE878ED1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3f:*:*:*:*:*:*:*",
"matchCriteriaId": "8D51EC29-8836-4F87-ABF8-FF7530DECBB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.3m:*:*:*:*:*:*:*",
"matchCriteriaId": "518B7253-7B0F-4A0A-ADA7-F3E3B5AAF877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "440B7208-34DB-4898-8461-4E703F7EDFB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D07AA144-6FD7-4C80-B4F2-D21C1AFC864A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "29113D8E-9618-4A0E-9157-678332082858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sgi:irix:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "313613E9-4837-433C-90EE-84A92E8D24E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC3F7E5-5D49-471B-A705-ADD2642E5B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux_eserver:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE526D3-4CD8-423C-81FA-65B92F862A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "203BDD63-2FA5-42FD-A9CD-6BDBB41A63C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C67BDA1-9451-4026-AC6D-E912C882A757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "58B90124-0543-4226-BFF4-13CCCBCCB243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "618111F3-6608-47F0-AB0D-21547E342871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E55C28A7-CD21-47CD-AA50-E8B2D89A18E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C00FC9-AD97-4226-A0EA-7DB14AA592DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44C6203A-D05B-47B1-8BC2-BA021EBAFDEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3BA7775-30F2-4CA0-BA6E-70ED12A48D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FB038A89-1CA6-4313-B7CE-56C894945FFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3BC86F-5718-4232-BFFF-6244A7C09B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6118CC1-6E51-4E1B-8F58-43B337515222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D3B348-270F-4209-B31A-2B40F5E4A601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91D7C561-4D23-430B-A7D8-137E52B08FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11ACD012-F05F-45CD-A170-96CBAA42FFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55919E74-09E7-44BA-9941-D1B69BB1692F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45F3C5D8-8BC3-44EB-917A-D0BA051D3D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A9C005-4392-4C95-9B92-98EEC73EFE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0297F56-5F41-48FD-AB47-36E3BD2AB7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1370216-93EB-400F-9AA6-CB2DC316DAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5FF2C7C4-6F8D-40DB-9FBC-E7E4D76A2B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84523B48-218B-45F4-9C04-2C103612DCB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF1A678-FEF1-4549-8EDC-518444CFC57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "981A0654-C17D-48BB-A8B3-A728CB159C33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA8956D-F533-42BA-A06B-7CDB0A267B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A0AA1204-D181-4E1C-B795-159FC57E86A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "24740C11-59D0-4071-97BD-8BF7084FC1FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
}
],
"id": "CVE-2000-0844",
"lastModified": "2024-11-20T23:33:24.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-11-14T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2000/20000902"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1634"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2000/20000902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-07-07 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sgi | propack | 3.0 | |
| linux | linux_kernel | 2.4.22 | |
| linux | linux_kernel | 2.4.23 | |
| linux | linux_kernel | 2.4.23 | |
| linux | linux_kernel | 2.4.23_ow2 | |
| linux | linux_kernel | 2.4.24 | |
| linux | linux_kernel | 2.4.24_ow1 | |
| linux | linux_kernel | 2.4.25 | |
| linux | linux_kernel | 2.6.1 | |
| linux | linux_kernel | 2.6.1 | |
| linux | linux_kernel | 2.6.1 | |
| linux | linux_kernel | 2.6.2 | |
| linux | linux_kernel | 2.6.3 | |
| slackware | slackware_linux | 9.1 | |
| slackware | slackware_linux | current |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*",
"matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*",
"matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*",
"matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en la funci\u00f3n ip_setsockopt en el kernel de Linux 2.4.22 a 2.4.25 y 2.6.1 a 2.6.3 permite a usuarios locales causar una denegaci\u00f3n de servicio (ca\u00edda) o ejecutar c\u00f3digo arbitrario mediante la opci\u00f3n de socket MCAST_MSFILTER."
}
],
"id": "CVE-2004-0424",
"lastModified": "2024-11-20T23:48:33.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-07-07T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108253171301153\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:037"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-183.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10179"
},
{
"source": "cve@mitre.org",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.659586"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15907"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11214"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108253171301153\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-183.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.659586"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A939"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-01-02 05:00
Modified
2024-11-20 23:31
Severity ?
Summary
The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 2.0.35 | |
| slackware | slackware_linux | 3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:2.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "82E436BF-6017-4A3F-AD98-683019DCE436",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users."
}
],
"id": "CVE-1999-1422",
"lastModified": "2024-11-20T23:31:04.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-01-02T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=91540043023167\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/211"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=91540043023167\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/211"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-22 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | openlinux | 7.0 | |
| slackware | slackware_linux | 3.3 | |
| slackware | slackware_linux | 3.4 | |
| slackware | slackware_linux | 3.5 | |
| slackware | slackware_linux | 3.6 | |
| slackware | slackware_linux | 3.9 | |
| slackware | slackware_linux | 4.0 | |
| suse | suse_linux | 4.2 | |
| suse | suse_linux | 4.3 | |
| suse | suse_linux | 4.4 | |
| suse | suse_linux | 4.4.1 | |
| suse | suse_linux | 5.0 | |
| suse | suse_linux | 5.1 | |
| suse | suse_linux | 5.2 | |
| suse | suse_linux | 5.3 | |
| suse | suse_linux | 6.0 | |
| suse | suse_linux | 6.1 | |
| suse | suse_linux | 6.2 | |
| suse | suse_linux | 6.3 | |
| suse | suse_linux | 6.4 | |
| suse | suse_linux | 7.0 | |
| turbolinux | turbolinux | 6.0 | |
| turbolinux | turbolinux | 6.0.1 | |
| turbolinux | turbolinux | 6.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:caldera:openlinux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4C973D-1172-4D4C-AF96-9968ED317D36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06F2131E-F9F2-4E65-B95C-B52DB25C69F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "125918E7-53BB-407A-8D95-5D95CDF39A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0BBA4F-C61A-4A8E-A7E2-CE0DF76DF592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "15CB96AA-7CC1-4F01-8E9A-F85CD851594A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC3B1DD9-10B5-40FE-AE56-D068C41653DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "981A0654-C17D-48BB-A8B3-A728CB159C33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA8956D-F533-42BA-A06B-7CDB0A267B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C6619B49-8A89-4600-A47F-A39C8BF54259",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in fdmount on Linux systems allows local users in the \"floppy\" group to execute arbitrary commands via a long mountpoint parameter."
}
],
"id": "CVE-2000-0438",
"lastModified": "2024-11-20T23:32:30.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-22T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1239"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| getmail | getmail | 2.3.7 | |
| getmail | getmail | 3.x | |
| getmail | getmail | 4.0 | |
| getmail | getmail | 4.0.0_b10 | |
| getmail | getmail | 4.0.1 | |
| getmail | getmail | 4.0.2 | |
| getmail | getmail | 4.0.3 | |
| getmail | getmail | 4.0.4 | |
| getmail | getmail | 4.0.5 | |
| getmail | getmail | 4.0.6 | |
| getmail | getmail | 4.0.7 | |
| getmail | getmail | 4.0.8 | |
| getmail | getmail | 4.0.9 | |
| getmail | getmail | 4.0.10 | |
| getmail | getmail | 4.0.11 | |
| getmail | getmail | 4.0.12 | |
| getmail | getmail | 4.0.13 | |
| getmail | getmail | 4.1 | |
| getmail | getmail | 4.1.1 | |
| getmail | getmail | 4.1.2 | |
| getmail | getmail | 4.1.3 | |
| getmail | getmail | 4.1.4 | |
| getmail | getmail | 4.1.5 | |
| gentoo | linux | 1.4 | |
| slackware | slackware_linux | 9.1 | |
| slackware | slackware_linux | 10.0 | |
| slackware | slackware_linux | current |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:getmail:getmail:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "44B9739F-FCF9-4E5F-A9D1-49CB39BBF6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:3.x:*:*:*:*:*:*:*",
"matchCriteriaId": "A22B3445-87A8-471F-8D02-5C7D4659F915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9A2BA9-D5DD-44D9-9BB9-0EC4726B8575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.0_b10:*:*:*:*:*:*:*",
"matchCriteriaId": "8D22BC05-E2FC-4839-A68C-9B36487F9025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB9C751-57B7-45D6-8090-4437A5738B64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEAC0B6-1AFC-44E9-9A99-1E1461A4F7E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E006277E-F1F9-48C6-A558-6CE034FEB8E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2029B8AA-D93F-4728-9D09-7A6292710E56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EA67A71D-96A0-4E94-B323-9BFF8D706555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E29D3B51-4836-495E-9F9D-BCF60C141AB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D23A07F3-9AE4-43F6-86D0-CA1D1562A3F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "45825ACF-8D5C-4DE2-9A59-CEE3BFF32594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E4526FB1-EFC8-42FB-A914-56B570B6DE70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "55930804-2994-4619-8681-B9A23D3782B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2494418A-473A-4261-BC33-D24A78C3F930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1DEF7144-3C41-4435-9411-55E2E9D77FE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1F746212-2CBA-48C4-9F8E-4D4088D581A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B258472-0299-4908-8424-D5BD7118A63A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "150DC643-0825-4896-BB98-0579ACC6B9E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF2B512C-D0B1-4023-8CE4-AF72B61901F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFF7A4E-7A41-44E0-B220-28E6B907FBFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "85D95386-FBCB-49DE-8691-4043021C8F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getmail:getmail:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE4E384-4964-4E5F-A6BD-F3EF452D0033",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file."
}
],
"id": "CVE-2004-0880",
"lastModified": "2024-11-20T23:49:35.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109571883130372\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200409-32.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-553"
},
{
"source": "cve@mitre.org",
"url": "http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109571883130372\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200409-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17437"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-11-14 05:00
Modified
2024-11-20 23:33
Severity ?
Summary
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 2.1 | |
| debian | debian_linux | 2.2 | |
| mandrakesoft | mandrake_linux | 6.0 | |
| mandrakesoft | mandrake_linux | 6.1 | |
| mandrakesoft | mandrake_linux | 7.0 | |
| mandrakesoft | mandrake_linux | 7.1 | |
| redhat | linux | 5.2 | |
| redhat | linux | 6.2 | |
| slackware | slackware_linux | * | |
| trustix | secure_linux | 1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.1:*:slink:*:*:*:*:*",
"matchCriteriaId": "FAB6D992-C0E9-4951-85FD-5FE54045AEAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:potato:*:*:*:*:*",
"matchCriteriaId": "470653CE-3BF8-498E-B673-82AC854B23C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D323A6B7-2741-4F31-B0D6-5D6FB738A2A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ACAAD334-2CA7-4B3B-BA25-302E7610BC2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8EED385-8C39-4A40-A507-2EFE7652FB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0DFB12-B43F-4207-A900-464A97F5124D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages."
}
],
"id": "CVE-2000-0867",
"lastModified": "2024-11-20T23:33:27.387",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-11-14T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html"
},
{
"source": "cve@mitre.org",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=97726239017741\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5824"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-061.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=97726239017741\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-061.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5259"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1996-08-26 04:00
Modified
2024-11-20 23:30
Severity ?
Summary
Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| university_of_washington | pine | * | |
| freebsd | freebsd | 2.1.0 | |
| slackware | slackware_linux | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:university_of_washington:pine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1685EF8F-74A5-40EF-9A7E-200D32AA5C84",
"versionEndIncluding": "3.94",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FFC0D816-7D38-4CE1-B78C-3A02195713D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail."
}
],
"id": "CVE-1999-1187",
"lastModified": "2024-11-20T23:30:31.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1996-08-26T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=87602167419803\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=87602167419803\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/416"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| midnight_commander | midnight_commander | 4.5.40 | |
| midnight_commander | midnight_commander | 4.5.41 | |
| midnight_commander | midnight_commander | 4.5.42 | |
| midnight_commander | midnight_commander | 4.5.43 | |
| midnight_commander | midnight_commander | 4.5.44 | |
| midnight_commander | midnight_commander | 4.5.45 | |
| midnight_commander | midnight_commander | 4.5.46 | |
| midnight_commander | midnight_commander | 4.5.47 | |
| midnight_commander | midnight_commander | 4.5.48 | |
| midnight_commander | midnight_commander | 4.5.49 | |
| midnight_commander | midnight_commander | 4.5.50 | |
| midnight_commander | midnight_commander | 4.5.51 | |
| midnight_commander | midnight_commander | 4.5.52 | |
| midnight_commander | midnight_commander | 4.5.55 | |
| midnight_commander | midnight_commander | 4.6 | |
| sgi | propack | 2.3 | |
| sgi | propack | 2.4 | |
| gentoo | linux | 0.5 | |
| gentoo | linux | 0.7 | |
| gentoo | linux | 1.1a | |
| gentoo | linux | 1.2 | |
| gentoo | linux | 1.4 | |
| gentoo | linux | 1.4 | |
| gentoo | linux | 1.4 | |
| gentoo | linux | 1.4 | |
| slackware | slackware_linux | * | |
| slackware | slackware_linux | 9.0 | |
| slackware | slackware_linux | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
"matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
"matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
"matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
"matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
"matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
"matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
"matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en Midnight Commander (mc) anteriores a 4.6.0 pueden permitir a atacantes causar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2004-0226",
"lastModified": "2024-11-20T23:48:02.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| midnight_commander | midnight_commander | 4.5.40 | |
| midnight_commander | midnight_commander | 4.5.41 | |
| midnight_commander | midnight_commander | 4.5.42 | |
| midnight_commander | midnight_commander | 4.5.43 | |
| midnight_commander | midnight_commander | 4.5.44 | |
| midnight_commander | midnight_commander | 4.5.45 | |
| midnight_commander | midnight_commander | 4.5.46 | |
| midnight_commander | midnight_commander | 4.5.47 | |
| midnight_commander | midnight_commander | 4.5.48 | |
| midnight_commander | midnight_commander | 4.5.49 | |
| midnight_commander | midnight_commander | 4.5.50 | |
| midnight_commander | midnight_commander | 4.5.51 | |
| midnight_commander | midnight_commander | 4.5.52 | |
| midnight_commander | midnight_commander | 4.5.55 | |
| midnight_commander | midnight_commander | 4.6 | |
| sgi | propack | 2.3 | |
| sgi | propack | 2.4 | |
| gentoo | linux | 0.5 | |
| gentoo | linux | 0.7 | |
| gentoo | linux | 1.1a | |
| gentoo | linux | 1.2 | |
| gentoo | linux | 1.4 | |
| gentoo | linux | 1.4 | |
| gentoo | linux | 1.4 | |
| gentoo | linux | 1.4 | |
| slackware | slackware_linux | * | |
| slackware | slackware_linux | 9.0 | |
| slackware | slackware_linux | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
"matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
"matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
"matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
"matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
"matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
"matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
"matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code."
},
{
"lang": "es",
"value": "M\u00fatiples vulnerabilidades de cadena de formato en Midnight Commander (mc) anteriores a 4.6.0 pueden permitir a atacantes causar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo de su elecci\u00f3n."
}
],
"id": "CVE-2004-0232",
"lastModified": "2024-11-20T23:48:03.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-12-01 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
Buffer overflow in Linux Slackware crond program allows local users to gain root access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Linux Slackware crond program allows local users to gain root access."
}
],
"id": "CVE-1999-0340",
"lastModified": "2024-11-20T23:28:28.103",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-12-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0340"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-10-18 04:00
Modified
2024-11-20 23:28
Severity ?
Summary
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | linux | 4.0 | |
| redhat | linux | 4.1 | |
| redhat | linux | 4.2 | |
| redhat | linux | 5.0 | |
| redhat | linux | 5.1 | |
| redhat | linux | 5.2 | |
| redhat | linux | 6.0 | |
| slackware | slackware_linux | 3.2 | |
| slackware | slackware_linux | 3.3 | |
| slackware | slackware_linux | 3.4 | |
| slackware | slackware_linux | 3.5 | |
| slackware | slackware_linux | 3.6 | |
| slackware | slackware_linux | 3.9 | |
| slackware | slackware_linux | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F299301C-6BFC-436C-9CFD-2E291D3702AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF54738-3C44-4FD4-AA9C-CAB2E86B1DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "89F65C9D-BD68-4A86-BFDC-E7CE76F13948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "852B55FE-8180-4357-B717-399C16954C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06F2131E-F9F2-4E65-B95C-B52DB25C69F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "125918E7-53BB-407A-8D95-5D95CDF39A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0BBA4F-C61A-4A8E-A7E2-CE0DF76DF592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "15CB96AA-7CC1-4F01-8E9A-F85CD851594A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC3B1DD9-10B5-40FE-AE56-D068C41653DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable."
}
],
"id": "CVE-1999-0192",
"lastModified": "2024-11-20T23:28:05.617",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-10-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-21 14:15
Modified
2024-11-21 02:00
Severity ?
Summary
Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2013/12/20/1 | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7171 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/89915 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://security-tracker.debian.org/tracker/CVE-2013-7171 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2013/12/20/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7171 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/89915 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2013-7171 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 14.0 | |
| slackware | slackware_linux | 14.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "936EF68B-2A93-402C-BED4-20E6EDB2F102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1B46F08-93A8-49D9-AC5D-43E19C062FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges."
},
{
"lang": "es",
"value": "Slackware versiones 14.0 y 14.1, y Slackware LLVM versiones 3.0-i486-2 y 3.3-i486-2, contienen permisos de tipo world-writable en el directorio /tmp que podr\u00edan permitir a atacantes remotos ejecutar c\u00f3digo arbitrario con privilegios de root."
}
],
"id": "CVE-2013-7171",
"lastModified": "2024-11-21T02:00:25.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-21T14:15:12.740",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/20/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7171"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89915"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/20/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7171"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-09 16:59
Modified
2024-11-21 02:52
Severity ?
Summary
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B3261B40-5CBE-4AA6-990A-0A7BE96E5518",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66612D5A-D83D-4298-8662-C82B19581349",
"versionEndIncluding": "2.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "345C1D2B-0795-4041-BB43-0196DC1A37E9",
"versionEndExcluding": "10.11.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8202643D-7EEC-42CC-B875-B0E4ED35D9B4",
"versionEndIncluding": "2.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05F7F040-914C-440A-933F-D484BFD44EE9",
"versionEndExcluding": "5.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94DFD373-7DC2-45F3-86F0-A005E6F7D533",
"versionEndIncluding": "9.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "21690BAC-2129-4A33-9B48-1F3BF30072A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
"matchCriteriaId": "963C86F8-E143-482B-9458-98DA4068BBE3",
"versionEndIncluding": "12.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "936EF68B-2A93-402C-BED4-20E6EDB2F102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1B46F08-93A8-49D9-AC5D-43E19C062FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D62B2C-40E5-41B7-9DAA-029BCD079054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4BA58099-26F7-4B01-B9FC-275F012FE9C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "41FD9A4E-A5EF-4749-B36E-3C6EE87FD22E",
"versionEndIncluding": "9.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tenable:log_correlation_engine:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25434A9F-1F74-454F-810A-DB90C8FB6C17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DF858E4-4E06-4FD3-B820-79B8A9F435F3",
"versionEndIncluding": "7.5.2.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0CD65F-AF64-40D4-8102-7A351A9E3EBE",
"versionEndIncluding": "7.6.2.3",
"versionStartIncluding": "7.6.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7A498A-A669-4C42-8134-86103C799D13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*",
"matchCriteriaId": "D1137279-81F0-4F6B-8E91-95590106BADF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de formato de cadena en libxml2 en versiones anteriores a 2.9.4 permite a atacantes tener un impacto no especificado a trav\u00e9s de especificadores de formato de cadena en vectores desconocidos."
}
],
"id": "CVE-2016-4448",
"lastModified": "2024-11-21T02:52:13.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-09T16:59:06.813",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/25/2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90856"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036348"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.404722"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "http://xmlsoft.org/news.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1292"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338700"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10170"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "https://support.apple.com/HT206899"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "https://support.apple.com/HT206901"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "https://support.apple.com/HT206902"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "https://support.apple.com/HT206903"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "https://support.apple.com/HT206904"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes"
],
"url": "https://support.apple.com/HT206905"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2016-18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/25/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.404722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "http://xmlsoft.org/news.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://support.apple.com/HT206899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://support.apple.com/HT206901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://support.apple.com/HT206902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://support.apple.com/HT206903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://support.apple.com/HT206904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://support.apple.com/HT206905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2016-18"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:42
Severity ?
Summary
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnome | bonobo | * | |
| mandrakesoft | mandrake_linux | 7.1 | |
| mandrakesoft | mandrake_linux | 8.0 | |
| mandrakesoft | mandrake_linux | 8.0 | |
| mandrakesoft | mandrake_linux | 9.0 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2 | |
| redhat | linux | 6.2 | |
| redhat | linux | 7.0 | |
| redhat | linux | 7.0 | |
| redhat | linux | 7.0 | |
| redhat | linux | 7.1 | |
| redhat | linux | 7.1 | |
| redhat | linux | 7.1 | |
| slackware | slackware_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnome:bonobo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD879CDE-5533-4F50-ADFE-C7780961A03A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "C1DE93B9-1ADD-4B19-BA32-7D9F9CCD293F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*",
"matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78D76664-F4AC-470A-9686-3F708922A340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments."
}
],
"id": "CVE-2002-1814",
"lastModified": "2024-11-20T23:42:11.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/279676"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9451.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securiteam.com/exploits/5AP0E0K8AO.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/279676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9451.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securiteam.com/exploits/5AP0E0K8AO.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5125"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-01-05 05:00
Modified
2024-11-20 23:46
Severity ?
Summary
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62135DD0-140D-42C2-9302-31B5E2DE1A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "37B53C85-AA0E-40DD-B477-058586197714",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*",
"matchCriteriaId": "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6D472B97-F7C2-4973-9D71-AB3CF1F8774D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9D0DCF26-59A8-46AC-99D7-97C203A0D702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B31BAACA-7518-48D2-ADEE-F59F4569D3BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2748A8-5047-4338-A08E-986497AE4B1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "525C4E91-2186-4D3A-9DF0-1C6A75A3F919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57F41B40-75E6-45C8-A5FB-8464C0B2D064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests."
},
{
"lang": "es",
"value": "Vulnerabilidad desconocida en servidores CVS anteriores a 1.11.10 puede permitir a atacantes causar que el servidor CVS cree directorios y ficheros en el directorio ra\u00edz del sistema de ficheros."
}
],
"id": "CVE-2003-0977",
"lastModified": "2024-11-20T23:46:01.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-01-05T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84\u0026JServSessionIdservlets=8u3x1myav1"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000808"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107168035515554\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107540163908129\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10601"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-422"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:112"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-003.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-004.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13929"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11528"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A855"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84\u0026JServSessionIdservlets=8u3x1myav1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000808"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107168035515554\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107540163908129\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A866"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-07 20:28
Modified
2024-11-21 00:26
Severity ?
Summary
xterm on Slackware Linux 10.2 stores information that had been displayed for a different user account using the same xterm process, which might allow local users to bypass file permissions and read other users' files, or obtain other sensitive information, by reading the xterm process memory. NOTE: it could be argued that this is an expected consequence of multiple users sharing the same interactive process, in which case this is not a vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 10.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "xterm on Slackware Linux 10.2 stores information that had been displayed for a different user account using the same xterm process, which might allow local users to bypass file permissions and read other users\u0027 files, or obtain other sensitive information, by reading the xterm process memory. NOTE: it could be argued that this is an expected consequence of multiple users sharing the same interactive process, in which case this is not a vulnerability."
},
{
"lang": "es",
"value": "xterm en Slackware Linux 10.2 almacena informaci\u00f3n que ha sido visualizada por una cuenta de usuario diferente usando el mismo proceso xterm, lo que permite a usuarios locales evitar los permisos del fichero y leer los ficheros de otros usuarios u obtener informaci\u00f3n sensible mediante la lectura de la memoria del proceso xterm. NOTA: puede ser expuesto que esta es una consecuencia esperada de que m\u00faltiples usuarios compartan el mismo proceso interactivo, en cuyo caso esto no ser\u00eda una vulnerabilidad."
}
],
"id": "CVE-2007-0823",
"lastModified": "2024-11-21T00:26:49.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-07T20:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0012.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://gotfault.wordpress.com/2007/02/01/a-funny-case/"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://gotfault.wordpress.com/2007/02/01/a-funny-case/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33651"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat does not consider this issue to be a security vulnerability. It is correct and expected behavior for xterm not to zero-fill its scrollback buffer upon reception of terminal clear excape sequence.",
"lastModified": "2007-02-09T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-31 05:00
Modified
2024-11-21 00:02
Severity ?
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*",
"matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*",
"matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*",
"matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*",
"matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*",
"matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*",
"matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*",
"matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*",
"matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
"matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*",
"matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*",
"matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*",
"matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*",
"matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*",
"matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*",
"matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*",
"matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*",
"matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*",
"matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*",
"matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*",
"matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*",
"matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows."
}
],
"id": "CVE-2005-3624",
"lastModified": "2024-11-21T00:02:16.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18147"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18303"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18312"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18313"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18329"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18332"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18334"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18338"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18349"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18373"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18375"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18380"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18385"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18387"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18389"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18398"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18407"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18414"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18416"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18423"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18425"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18428"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18436"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18448"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18463"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18517"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18534"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18554"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18582"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18642"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18644"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18674"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18675"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18679"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/18908"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18913"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19230"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/19377"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25729"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"source": "secalert@redhat.com",
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/236-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18373"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/236-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-06 01:19
Modified
2024-11-21 00:28
Severity ?
Summary
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AD30B9-8FBA-48B3-B2B2-014C950B9BAA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "279317B9-AF2F-43E9-BEE5-518FC6D23A87",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4177C378-7729-46AB-B49B-C6DAED3200E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*",
"matchCriteriaId": "2164D10D-D1A4-418A-A9C8-CA8FAB1E90A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77FF1412-A7DA-4669-8AE1-5A529AB387FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:x.org:libxfont:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AFADBA5A-8168-40B8-B5CA-0F1F7F9193D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*",
"matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*",
"matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*",
"matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*",
"matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*",
"matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:*:*:*",
"matchCriteriaId": "13B6DE5F-3143-4C63-8D8D-4679CF0F9DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client_workstation:*:*:*:*:*",
"matchCriteriaId": "50988CF6-07E5-44BA-81C2-C33DD8E7151B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*",
"matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia32:*:*:*:*:*",
"matchCriteriaId": "49F400D5-4CA7-4F7D-818B-DEBF58DEB113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*",
"matchCriteriaId": "EF15862D-6108-4791-8817-622123C8D10C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*",
"matchCriteriaId": "F1672825-AB87-4402-A628-B33AE5B7D4C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*",
"matchCriteriaId": "939216D8-9E6C-419E-BC0A-EC7F0F29CE95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "E520564E-964D-4758-945B-5EF0C35E605C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*",
"matchCriteriaId": "2294D5A7-7B36-497A-B0F1-514BC49E1423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:amd64:*:*:*:*:*",
"matchCriteriaId": "AB80939E-8B58-48B6-AFB7-9CF518C0EE1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:i386:*:*:*:*:*",
"matchCriteriaId": "80FF1759-5F86-4046-ABA3-EB7B0038F656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "DF578B64-57E2-4FCD-A6E1-F8F3317FDB88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.10:*:sparc:*:*:*:*:*",
"matchCriteriaId": "61B11116-FA94-4989-89A1-C7B551D5195A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:rpath:linux:1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B66383-4124-4579-BC8E-36DBE7ABB543",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BB6C5D-4C43-4BB8-B1CE-A70BBE650CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC77812C-D84E-493E-9D21-1BA6C2129E70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar c\u00f3digo de su elecci\u00f3n mediante una primera l\u00ednea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de mont\u00f3n."
}
],
"evaluatorSolution": "The vendor has addressed this vulnerability in the following product update: http://xorg.freedesktop.org/archive/X11R7.2/patches/",
"id": "CVE-2007-1352",
"lastModified": "2024-11-21T00:28:05.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-06T01:19:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"source": "secalert@redhat.com",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24741"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24745"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24756"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24765"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24770"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24771"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24772"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/24791"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25004"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25006"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25195"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25216"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25305"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/23283"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24741"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-02-27 05:00
Modified
2024-11-20 23:38
Severity ?
Summary
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:openlinux_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A218B67-B87B-4A5E-B9EF-EF39ADEAD9FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:caldera:openlinux_workstation:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41DE44-C3A1-4CC9-ACA7-4EC171D68910",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:68k:*:*:*:*:*",
"matchCriteriaId": "E040A866-0D2C-40E1-B1FB-DB600B389E27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "CE1C944A-E5F1-49DE-B069-2A358123B535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:arm:*:*:*:*:*",
"matchCriteriaId": "D71083B4-1736-4501-8DE8-BC24AC1447AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "E9D468DB-C4AE-4ACB-B3B7-2FAEA90D6A49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "2A32E486-2598-41B3-B6DB-3CC46D239AFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "AAEE18D8-AA3B-47A3-AA7C-AAFF7591F391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "613A22EC-D93C-48B0-B97C-3E0DDFBD0B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*",
"matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*",
"matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*",
"matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*",
"matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:alpha:*:*:*:*:*",
"matchCriteriaId": "6EAAC51F-9DC5-4026-8147-1B74975D6183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "6A1EF00A-52E9-4FD8-98FD-3998225D8655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*",
"matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A9C005-4392-4C95-9B92-98EEC73EFE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0297F56-5F41-48FD-AB47-36E3BD2AB7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78D76664-F4AC-470A-9686-3F708922A340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*",
"matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*",
"matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*",
"matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*",
"matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*",
"matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "65CB09B5-0DE1-49AE-B87E-3C04EEA3E281",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*",
"matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*",
"matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*",
"matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*",
"matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap corruption vulnerability in the \"at\" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice."
},
{
"lang": "es",
"value": "Corrupci\u00f3n de memoria en el comando \"at\" permite que usuarios locales ejecuten c\u00f3digo arbitrario haciendo uso de un tiempo de ejecuci\u00f3n mal escrito (lo que provoca que at libere la misma memoria dos veces)."
}
],
"id": "CVE-2002-0004",
"lastModified": "2024-11-20T23:38:04.353",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-02-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/advisories/3833"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/advisories/3969"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2002/dsa-102"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-015.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3886"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/advisories/3833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/advisories/3969"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2002/dsa-102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-06 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 8.1 | |
| slackware | slackware_linux | 9.0 | |
| slackware | slackware_linux | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57F41B40-75E6-45C8-A5FB-8464C0B2D064",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path."
},
{
"lang": "es",
"value": "El paquete PHP en Slackware 8.1, 9.0 y 9.1, cuando se enlaza con una librer\u00eda est\u00e1tica, incluye /tmp en la ruta de b\u00fasqueda, lo que permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n como el usuario PHP insertando librer\u00edas compartidas en la ruta apropiada."
}
],
"id": "CVE-2004-0530",
"lastModified": "2024-11-20T23:48:48.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11760"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/10461"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.419765"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16310"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/10461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.419765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16310"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-01-01 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
Buffer overflow in the Linux mail program "deliver" allows local users to gain root access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 1.3.1 | |
| slackware | slackware_linux | 2.1 | |
| slackware | slackware_linux | 2.2 | |
| slackware | slackware_linux | 2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7A632089-47D7-410D-AE12-F801193FA18F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F3698FC7-C9A6-4AA5-8569-CF96128A63AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A8D289-2310-4583-95F0-0CB940B6CBF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6325268D-C355-4DD3-A839-6C3CF5435B0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Linux mail program \"deliver\" allows local users to gain root access."
}
],
"id": "CVE-1999-0341",
"lastModified": "2024-11-20T23:28:28.243",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-01-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0341"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-07 11:28
Modified
2024-11-21 00:22
Severity ?
Summary
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | privacy_guard | 1.2.4 | |
| gnu | privacy_guard | 1.2.5 | |
| gnu | privacy_guard | 1.2.6 | |
| gnu | privacy_guard | 1.2.7 | |
| gnu | privacy_guard | 1.3.3 | |
| gnu | privacy_guard | 1.3.4 | |
| gnu | privacy_guard | 1.4 | |
| gnu | privacy_guard | 1.4.1 | |
| gnu | privacy_guard | 1.4.2 | |
| gnu | privacy_guard | 1.4.2.1 | |
| gnu | privacy_guard | 1.4.2.2 | |
| gnu | privacy_guard | 1.4.3 | |
| gnu | privacy_guard | 1.4.4 | |
| gnu | privacy_guard | 1.4.5 | |
| gnu | privacy_guard | 1.9.10 | |
| gnu | privacy_guard | 1.9.15 | |
| gnu | privacy_guard | 1.9.20 | |
| gnu | privacy_guard | 2.0 | |
| gnu | privacy_guard | 2.0.1 | |
| gpg4win | gpg4win | 1.0.7 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux | 4.0 | |
| redhat | enterprise_linux_desktop | 3.0 | |
| redhat | enterprise_linux_desktop | 4.0 | |
| redhat | fedora_core | core_5.0 | |
| redhat | fedora_core | core6 | |
| redhat | linux_advanced_workstation | 2.1 | |
| rpath | linux | 1 | |
| slackware | slackware_linux | 11.0 | |
| ubuntu | ubuntu_linux | 5.10 | |
| ubuntu | ubuntu_linux | 6.06 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "76CAFD24-E53F-488C-BD9F-BE31D30828AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D3628A-3BDD-4C6F-AE7D-C81FC3EE1630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "74589745-A9A6-44DB-B4F0-B61B663ECA21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BB2B99CB-5950-42E7-ACD5-38457CBE9095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D81AF47A-56BA-4D90-A4D4-D7A37333A117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E55DBB73-EF6C-4C46-9E5A-7C35D7FD190C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "205C014A-236B-44CF-A92D-B4D6392FF9A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F412ECF0-DA84-47B8-98FD-06019C9E63E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CE04D970-A467-4648-B99C-895BA8BEE79B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C79DC753-35CB-46FA-BDE4-650BD1730505",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F54DA969-ABAA-4021-9EC3-C30A45D1A7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B68B13-DC1F-46AB-B360-D04E48A0939F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE65D839-7798-4DE4-AA89-765E91FC6A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B256D201-D3E1-472F-8B4F-8D6D5D763003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5C1151E8-E9D3-4244-9765-B06D07848AFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.9.15:*:*:*:*:*:*:*",
"matchCriteriaId": "345FBFB9-7FA3-4F7D-B605-A38054744F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:1.9.20:*:*:*:*:*:*:*",
"matchCriteriaId": "859126BF-7327-4C54-AE2E-4A961911C937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7461ED0D-1DC2-4019-BEC0-2E9AF2724371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:privacy_guard:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3FA38E-5BF1-4CDA-AB4F-19150FD3EE10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gpg4win:gpg4win:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "047F3D25-1795-494A-93AC-9AF80AC72680",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*",
"matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3B94B6-A5E4-4432-802E-BFAD7F3B5B4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core6:*:*:*:*:*:*:*",
"matchCriteriaId": "E007512B-2A01-4915-82D1-EDDEE8ED3190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*",
"matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:rpath:linux:1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B66383-4124-4579-BC8E-36DBE7ABB543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74022B69-6557-4746-9080-24E4DDA44026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE3B4BE-7B43-47C7-823A-C019DF12498F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9460AD-229A-4DC2-BFBA-818640A464AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A \"stack overwrite\" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory."
},
{
"lang": "es",
"value": "Una vulnerabilidad de \"escritura en pila\" en GnuPG (gpg) 1.x anterior a la 1.4.6, 2.x anterior a la 2.0.2 y 1.9.0 hasta la 1.9.95 permite a atacantes ejecutar c\u00f3digo de su elecci\u00f3n mediante paquetes OpenPGP artesanales que provocan que GnuPG haga referencia a un puntero a funci\u00f3n que est\u00e1 en memoria (en la pila) que ya ha sido liberada."
}
],
"id": "CVE-2006-6235",
"lastModified": "2024-11-21T00:22:13.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-07T11:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc"
},
{
"source": "cve@mitre.org",
"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23245"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23250"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23255"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23259"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23269"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23284"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23290"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23299"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23303"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23329"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23335"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23513"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24047"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200612-03.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017349"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1231"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/427009"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:228"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0754.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/453664/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/453723/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21462"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2006/0070"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-393-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-393-2"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4881"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30711"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-835"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200612-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/427009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0754.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/453664/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/453723/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ubuntu.com/usn/usn-393-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-393-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-835"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-05-01 18:29
Modified
2024-11-21 04:15
Severity ?
Summary
openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openvpn | openvpn | * | |
| slackware | slackware_linux | 13.0 | |
| slackware | slackware_linux | 13.1 | |
| slackware | slackware_linux | 13.37 | |
| slackware | slackware_linux | 14.0 | |
| slackware | slackware_linux | 14.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openvpn:openvpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6562B69D-6751-4915-89C8-4675EFEEBB1A",
"versionEndExcluding": "2.4.6",
"versionStartIncluding": "2.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7547FBB1-AFE8-4DCB-9B6D-0EB719D26FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64DF28B6-C9FE-44AD-9D09-2F154819AFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:13.37:*:*:*:*:*:*:*",
"matchCriteriaId": "1A153230-E0BE-4323-AC73-44E8DCD14A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "936EF68B-2A93-402C-BED4-20E6EDB2F102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1B46F08-93A8-49D9-AC5D-43E19C062FFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation."
},
{
"lang": "es",
"value": "openvpnserv.exe (tambi\u00e9n conocido como interactive service helper) en OpenVPN en versiones 2.4.x anteriores a la 2.4.6 permite que un atacante local provoque una doble liberaci\u00f3n (double free) de memoria enviando una petici\u00f3n mal formada al servicio interactivo. Esto podr\u00eda provocar una denegaci\u00f3n de servicio (DoS) al corromper la memoria o, posiblemente, otro impacto no especificado, incluyendo el escalado de privilegios."
}
],
"id": "CVE-2018-9336",
"lastModified": "2024-11-21T04:15:21.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-01T18:29:00.697",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2018\u0026m=slackware-security.568761"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2018-09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2018\u0026m=slackware-security.568761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2018-09"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-03-12 05:00
Modified
2024-11-20 23:32
Severity ?
Summary
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 2.0.34 | |
| digital | unix | 4.0 | |
| netbsd | netbsd | * | |
| redhat | linux | 2.0.34 | |
| slackware | slackware_linux | 2.0.34 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "89F6AB54-5D9F-4EE2-8AA4-7E61F09C7F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:digital:unix:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E08495-C0C5-40A9-A8FF-834F5F6083B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF5ACB4A-7B75-4B29-813D-EDE7E566A754",
"versionEndIncluding": "1.3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "F3CA3C2F-739A-4E61-803A-877978D70468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:2.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "B35CE11D-53A9-4C69-8AC4-2ECE48468125",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks."
}
],
"id": "CVE-2000-0315",
"lastModified": "2024-11-20T23:32:13.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-03-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7575"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-03-17 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.osvdb.org/981 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/338 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/981 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/338 | Exploit, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 3.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0BBA4F-C61A-4A8E-A7E2-CE0DF76DF592",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password."
}
],
"id": "CVE-1999-0421",
"lastModified": "2024-11-20T23:28:41.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-03-17T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/981"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/338"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-03-21 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xfree86_project | x11r6 | 3.3.3 | |
| netbsd | netbsd | 1.3.2 | |
| netbsd | netbsd | 1.3.3 | |
| redhat | linux | 5.1 | |
| redhat | linux | 5.2 | |
| slackware | slackware_linux | 3.3 | |
| slackware | slackware_linux | 3.4 | |
| slackware | slackware_linux | 3.5 | |
| slackware | slackware_linux | 3.6 | |
| slackware | slackware_linux | 4.0 | |
| suse | suse_linux | 5.1 | |
| suse | suse_linux | 5.2 | |
| suse | suse_linux | 6.0 | |
| suse | suse_linux | 6.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C104B02C-3F3B-4DB4-8A1D-65A7DAA380EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C937A-E9D8-474A-ABEB-A927EF7CC5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8F8DE7-7A84-4350-A6D8-FCCB561D63B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF44364-0F57-4B74-81B0-501EA6B58501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:5.2:*:i386:*:*:*:*:*",
"matchCriteriaId": "363AB7DB-A8BA-4D58-97C4-1DF1F0F43E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06F2131E-F9F2-4E65-B95C-B52DB25C69F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6732144-10D4-4114-A7DA-32157EE3EF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "125918E7-53BB-407A-8D95-5D95CDF39A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0BBA4F-C61A-4A8E-A7E2-CE0DF76DF592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC3B1DD9-10B5-40FE-AE56-D068C41653DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service."
}
],
"id": "CVE-1999-0433",
"lastModified": "2024-11-20T23:28:43.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-03-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1995-12-01 05:00
Modified
2024-11-20 23:27
Severity ?
Summary
Race condition in Linux mailx command allows local users to read user files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FFC0D816-7D38-4CE1-B78C-3A02195713D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in Linux mailx command allows local users to read user files."
}
],
"id": "CVE-1999-0123",
"lastModified": "2024-11-20T23:27:54.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1995-12-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0123"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-15 05:00
Modified
2024-11-20 23:45
Severity ?
Summary
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| andrew_tridgell | rsync | 2.3.1 | |
| andrew_tridgell | rsync | 2.3.2 | |
| andrew_tridgell | rsync | 2.4.0 | |
| andrew_tridgell | rsync | 2.4.1 | |
| andrew_tridgell | rsync | 2.4.3 | |
| andrew_tridgell | rsync | 2.4.4 | |
| andrew_tridgell | rsync | 2.4.5 | |
| andrew_tridgell | rsync | 2.4.6 | |
| andrew_tridgell | rsync | 2.4.8 | |
| andrew_tridgell | rsync | 2.5.0 | |
| andrew_tridgell | rsync | 2.5.1 | |
| andrew_tridgell | rsync | 2.5.2 | |
| andrew_tridgell | rsync | 2.5.3 | |
| andrew_tridgell | rsync | 2.5.4 | |
| andrew_tridgell | rsync | 2.5.5 | |
| andrew_tridgell | rsync | 2.5.6 | |
| redhat | rsync | 2.4.6-2 | |
| redhat | rsync | 2.4.6-5 | |
| redhat | rsync | 2.4.6-5 | |
| redhat | rsync | 2.5.4-2 | |
| redhat | rsync | 2.5.5-1 | |
| redhat | rsync | 2.5.5-4 | |
| engardelinux | secure_community | 1.0.1 | |
| engardelinux | secure_community | 2.0 | |
| engardelinux | secure_linux | 1.1 | |
| engardelinux | secure_linux | 1.2 | |
| engardelinux | secure_linux | 1.5 | |
| slackware | slackware_linux | 8.1 | |
| slackware | slackware_linux | 9.0 | |
| slackware | slackware_linux | 9.1 | |
| slackware | slackware_linux | current |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "138253E8-6342-4A88-89E6-B579782BC273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "06A95770-7838-4D26-98BD-F3C0A264C431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26EB2DBC-F71C-4D86-9436-FA06B7244F1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41681E68-E4D3-4466-8BAF-12F38D670C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C472D33-56FC-4939-A800-00C319D44D45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D57C7AF3-A648-44E3-9ABF-D546B34BDC02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "38450ED2-6642-4ADB-ACBC-702588904B50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FC163657-8FD5-4578-8452-49ABAA1121D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DAFB0E34-5886-454E-9680-640F8FE6A4B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA756243-887B-42FD-9A68-2D54CE44AA0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "502E8AC0-7293-41A0-BA17-873DEE5133DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55E84BFA-DAF8-4842-8542-E244FE16CBD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC02AD4-07B4-4A35-BB74-7228A1CDABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "33B1ECCC-AAF1-4A3A-BDFA-7955E1AA3683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4726E9-246B-4C6F-8253-0F09886749A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:andrew_tridgell:rsync:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "59CAA1CD-09D5-40CC-9A27-738B4028BF05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:rsync:2.4.6-2:*:i386:*:*:*:*:*",
"matchCriteriaId": "C3AC2944-7891-474C-8CEE-FC79129AC6F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:rsync:2.4.6-5:*:i386:*:*:*:*:*",
"matchCriteriaId": "88D09EE3-7737-49EE-B8F6-5775228DA1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:rsync:2.4.6-5:*:ia64:*:*:*:*:*",
"matchCriteriaId": "7F7E7DAE-7D7F-4D3F-A3CE-DF2E3650F145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:rsync:2.5.4-2:*:i386:*:*:*:*:*",
"matchCriteriaId": "151183D0-4807-470D-808B-115AD366BEAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:rsync:2.5.5-1:*:i386:*:*:*:*:*",
"matchCriteriaId": "E7DB4650-6A89-480E-BAFA-C2E3F4521601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:rsync:2.5.5-4:*:i386:*:*:*:*:*",
"matchCriteriaId": "0730AD53-5419-4144-AE01-143142AD6404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:engardelinux:secure_community:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "444E0C0D-5121-4B89-BEF2-7D070AD2C8C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:engardelinux:secure_community:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "835156D0-D0D8-4A82-9342-95E7239E3477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:engardelinux:secure_linux:1.1:*:professional:*:*:*:*:*",
"matchCriteriaId": "E61A9563-ECBE-41DB-A973-E0DEE41BE28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:engardelinux:secure_linux:1.2:*:professional:*:*:*:*:*",
"matchCriteriaId": "E164271C-4A66-4DE2-890A-6A21D45F77D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:engardelinux:secure_linux:1.5:*:professional:*:*:*:*:*",
"matchCriteriaId": "4E62C413-935F-459C-8F11-73F5B483E759",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57F41B40-75E6-45C8-A5FB-8464C0B2D064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el mont\u00f3n en rsync anteriores a 2.5.7, cuando se ejecuta en modo servidor, permite a atacantes remotos ejecutar c\u00f3digo arbitrario y posiblemente escapar del confinamiento chroot."
}
],
"id": "CVE-2003-0962",
"lastModified": "2024-11-20T23:45:57.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-15T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000794"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107055681311602\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107055684711629\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107055702911867\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107056923528423\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10353"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10354"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10355"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10356"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10357"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10358"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10359"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10360"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10361"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10362"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10363"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10364"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10378"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/10474"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/325603"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/2898"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-398.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9153"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107055681311602\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107055684711629\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107055702911867\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107056923528423\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10353"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10359"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10362"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/10474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/325603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/2898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-398.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1996-01-02 05:00
Modified
2024-11-20 23:30
Severity ?
Summary
rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rxvt:rxvt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9305637-EC79-4BD5-82FC-A1DF3A3D32F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:linux:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "674066BB-2576-4AAE-B97F-A4470815F1AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FFC0D816-7D38-4CE1-B78C-3A02195713D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter."
}
],
"id": "CVE-1999-1186",
"lastModified": "2024-11-20T23:30:30.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1996-01-02T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=87602167418966\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=87602167418966\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-31 04:00
Modified
2024-11-20 23:36
Severity ?
Summary
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | findutils | 4.0 | |
| gnu | findutils | 4.1 | |
| slackware | slackware_linux | 7.1 | |
| slackware | slackware_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:findutils:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA98BAA-CDE7-4255-B4A9-926CA2BF9783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:findutils:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82F0B7F9-8A8E-4717-9C78-A26141AC66BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0297F56-5F41-48FD-AB47-36E3BD2AB7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78D76664-F4AC-470A-9686-3F708922A340",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory."
}
],
"id": "CVE-2001-1036",
"lastModified": "2024-11-20T23:36:43.167",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-08-31T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5477"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/200991"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3127"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/200991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6932"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-12-01 06:46
Modified
2024-11-21 00:39
Severity ?
Summary
rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 8.1 | |
| slackware | slackware_linux | 9.0 | |
| slackware | slackware_linux | 9.1 | |
| slackware | slackware_linux | 10.0 | |
| slackware | slackware_linux | 10.1 | |
| slackware | slackware_linux | 10.2 | |
| slackware | slackware_linux | 11.0 | |
| slackware | slackware_linux | 12.0 | |
| rsync | rsync | 2.3.1 | |
| rsync | rsync | 2.3.2 | |
| rsync | rsync | 2.3.2_1.2alpha | |
| rsync | rsync | 2.3.2_1.2arm | |
| rsync | rsync | 2.3.2_1.2intel | |
| rsync | rsync | 2.3.2_1.2m68k | |
| rsync | rsync | 2.3.2_1.2ppc | |
| rsync | rsync | 2.3.2_1.2sparc | |
| rsync | rsync | 2.3.2_1.3 | |
| rsync | rsync | 2.4.0 | |
| rsync | rsync | 2.4.1 | |
| rsync | rsync | 2.4.3 | |
| rsync | rsync | 2.4.4 | |
| rsync | rsync | 2.4.5 | |
| rsync | rsync | 2.4.6 | |
| rsync | rsync | 2.4.8 | |
| rsync | rsync | 2.5.0 | |
| rsync | rsync | 2.5.1 | |
| rsync | rsync | 2.5.2 | |
| rsync | rsync | 2.5.3 | |
| rsync | rsync | 2.5.4 | |
| rsync | rsync | 2.5.5 | |
| rsync | rsync | 2.5.6 | |
| rsync | rsync | 2.5.7 | |
| rsync | rsync | 2.6 | |
| rsync | rsync | 2.6.1 | |
| rsync | rsync | 2.6.2 | |
| rsync | rsync | 2.6.5 | |
| rsync | rsync | 2.6.6 | |
| rsync | rsync | 2.6.7 | |
| rsync | rsync | 2.6.8 | |
| rsync | rsync | 2.6.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57F41B40-75E6-45C8-A5FB-8464C0B2D064",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74022B69-6557-4746-9080-24E4DDA44026",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2081CB54-130C-4A25-A2EE-42249DD6B3EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "393F7E04-2288-45FE-8971-CC1BA036CA95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "60BF457A-B318-475D-950A-9D873C0C667C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.2alpha:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB9C4CB-09D9-4258-846D-D43C0E8E0CEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.2arm:*:*:*:*:*:*:*",
"matchCriteriaId": "52CA63EE-0911-44AE-9901-FE46FB659D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.2intel:*:*:*:*:*:*:*",
"matchCriteriaId": "AF678D2B-CD03-4A19-90B4-36448E55943E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.2m68k:*:*:*:*:*:*:*",
"matchCriteriaId": "E454C988-08A3-4269-AC6A-2A975D288C56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.2ppc:*:*:*:*:*:*:*",
"matchCriteriaId": "12BB68EF-28DF-4326-84A3-C215005FD3D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.2sparc:*:*:*:*:*:*:*",
"matchCriteriaId": "41DC890B-3D3D-41DB-8380-5C290B708350",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.3.2_1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C0E3499-E90D-40C6-B85A-6CC2312532C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C23042EA-1243-4786-8F76-CDB94E5B909B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31F7C3A4-88F3-454F-9046-CA169FF12106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "63756B36-3D03-4C2E-A1B6-AC45B045F94F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF2B595-4AF1-471E-ADFD-FF8CB6F27EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC820774-2B62-4B91-BC1A-EF6B81DD63C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4329E28A-F133-414B-98E5-F117C1B73711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1E7733-4A97-4817-8192-BDAA539AD2F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB2A38C-5971-4C38-A2A8-7B8FD44C3816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD479A6-7E13-41FB-B6D9-4CBA1459083B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D08AA818-CEF0-4EA8-BF6B-90A4F512E88C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2AE611E6-4959-4011-A57A-6774F28D58D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7DEEFC01-69A5-4760-8052-FB8BA4B125F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A19ACD7B-B36E-42D7-B311-69CD4EF047F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1AA7F4E9-1ED4-4D2F-A0A2-F8D861AD108C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8D9A038C-C0B8-416D-B103-5E66963065EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1BB055-0489-42F7-9FC7-99EDDA7026DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "336FF990-61EE-4F6B-B4BC-D268DADD3D7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "408FDC67-6862-4482-9DC4-E18AFFC3F7C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "65282BE4-26FA-4E16-B1B1-1A4D82E7C6C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "84537850-6D26-47D3-9888-810B8305BD3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD67864-2BED-42AD-985E-34058C07FEBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "382AFB02-339D-45BB-A60D-7C751F943762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsync:rsync:2.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "32A205AF-8E75-4AD8-BE0F-EC6A9296D127",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module\u0027s hierarchy."
},
{
"lang": "es",
"value": "rsync, en versiones anteriores a la 3.0.0pre6. Cuando se ejecuta un demonio rsync en modo lectura-escritura que no use chroot, se permite as\u00ed que atacantes remotos accedan a ficheros de acceso restringido, usando vectores desconocidos que provocan que rsync cree un enlace simb\u00f3lico que apunta fuera de la jerarqu\u00eda de ficheros del m\u00f3dulo."
}
],
"id": "CVE-2007-6199",
"lastModified": "2024-11-21T00:39:35.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-12-01T06:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://rsync.samba.org/security.html#s3_0_0"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27853"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27863"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28412"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28457"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31326"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/61005"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019012"
},
{
"source": "cve@mitre.org",
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15549.html"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0257"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/487991/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/26638"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/4057"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rsync.samba.org/security.html#s3_0_0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15549.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/487991/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/26638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/4057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2268"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat does not consider this to be a security issue. Versions of rsync as shipped with Red Hat Enterprise Linux 2.1, 3, 4 and 5 behave as expected and that behavior was well documented.",
"lastModified": "2007-12-06T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-06-16 04:00
Modified
2024-11-20 23:44
Severity ?
Summary
CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| slackware | slackware_linux | 8.1 | |
| slackware | slackware_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57F41B40-75E6-45C8-A5FB-8464C0B2D064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out."
},
{
"lang": "es",
"value": "CUPS anterior a la 1.1.19 permite que atacantes remotos causen una denegaci\u00f3n de servicio por media de una petici\u00f3n parcial de impresi\u00f3n al puerto IPP (631), que nunca finalizar\u00e1."
}
],
"id": "CVE-2003-0195",
"lastModified": "2024-11-20T23:44:11.397",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-06-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000678"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=105427288724449\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-317"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:062"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2003_028.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-171.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/7637"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/security/TLSA-2003-33.txt"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000678"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=105427288724449\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2003/dsa-317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2003_028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-171.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/7637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/security/TLSA-2003-33.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| midnight_commander | midnight_commander | 4.5.40 | |
| midnight_commander | midnight_commander | 4.5.41 | |
| midnight_commander | midnight_commander | 4.5.42 | |
| midnight_commander | midnight_commander | 4.5.43 | |
| midnight_commander | midnight_commander | 4.5.44 | |
| midnight_commander | midnight_commander | 4.5.45 | |
| midnight_commander | midnight_commander | 4.5.46 | |
| midnight_commander | midnight_commander | 4.5.47 | |
| midnight_commander | midnight_commander | 4.5.48 | |
| midnight_commander | midnight_commander | 4.5.49 | |
| midnight_commander | midnight_commander | 4.5.50 | |
| midnight_commander | midnight_commander | 4.5.51 | |
| midnight_commander | midnight_commander | 4.5.52 | |
| midnight_commander | midnight_commander | 4.5.55 | |
| midnight_commander | midnight_commander | 4.6 | |
| sgi | propack | 2.3 | |
| sgi | propack | 2.4 | |
| gentoo | linux | 0.5 | |
| gentoo | linux | 0.7 | |
| gentoo | linux | 1.1a | |
| gentoo | linux | 1.2 | |
| gentoo | linux | 1.4 | |
| gentoo | linux | 1.4 | |
| gentoo | linux | 1.4 | |
| gentoo | linux | 1.4 | |
| slackware | slackware_linux | * | |
| slackware | slackware_linux | 9.0 | |
| slackware | slackware_linux | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*",
"matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*",
"matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*",
"matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*",
"matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*",
"matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*",
"matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*",
"matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to \"Insecure temporary file and directory creations.\""
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en Midnight Commander (mc) anteriores a 4.6.0, con impacto desconocido, relacionadas con \"creaci\u00f3n insegura de ficheros y directorios temporales.\""
}
],
"id": "CVE-2004-0231",
"lastModified": "2024-11-20T23:48:03.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-02-09 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | http_server | * | |
| openpkg | openpkg | 2.0 | |
| openpkg | openpkg | 2.1 | |
| openpkg | openpkg | 2.2 | |
| hp | hp-ux | 11.00 | |
| hp | hp-ux | 11.11 | |
| hp | hp-ux | 11.20 | |
| hp | hp-ux | 11.22 | |
| slackware | slackware_linux | 8.0 | |
| slackware | slackware_linux | 8.1 | |
| slackware | slackware_linux | 9.0 | |
| slackware | slackware_linux | 9.1 | |
| slackware | slackware_linux | 10.0 | |
| slackware | slackware_linux | current | |
| suse | suse_linux | 8.0 | |
| suse | suse_linux | 8.1 | |
| suse | suse_linux | 8.2 | |
| suse | suse_linux | 9.0 | |
| suse | suse_linux | 9.1 | |
| suse | suse_linux | 9.2 | |
| trustix | secure_linux | 1.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E48FC2F5-318B-4460-861D-80314B42F84B",
"versionEndIncluding": "1.3.32",
"versionStartIncluding": "1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48A4B336-2D5B-4D9B-AA87-E5266FED05BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "37042CDE-E4FE-442E-891A-CD84433D36E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openpkg:openpkg:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11F6E348-01DF-4FA4-808E-39A2A7A2B97B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6AB76FE0-BEF3-40D4-B362-0C95CA625A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78D76664-F4AC-470A-9686-3F708922A340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57F41B40-75E6-45C8-A5FB-8464C0B2D064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error."
}
],
"id": "CVE-2004-0940",
"lastModified": "2024-11-20T23:49:44.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2005-02-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109906660225051\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/12898/"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/19073"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1011783"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "http://www.apacheweek.com/features/security-13"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-594"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:134"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-600.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11471"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2006/0789"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17785"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109906660225051\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/12898/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/19073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1011783"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "http://www.apacheweek.com/features/security-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2006/0789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Fixed in Apache HTTP Server 1.3.33:\nhttp://httpd.apache.org/security/vulnerabilities_13.html",
"lastModified": "2008-07-02T00:00:00",
"organization": "Apache"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-131"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-10-06 04:00
Modified
2024-11-20 23:30
Severity ?
Summary
sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | linux | 4.1 | |
| slackware | slackware_linux | 3.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:linux:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8211154-6685-4FF0-B3ED-43A5E5763A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:slackware:slackware_linux:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06F2131E-F9F2-4E65-B95C-B52DB25C69F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort."
}
],
"id": "CVE-1999-1095",
"lastModified": "2024-11-20T23:30:17.353",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-10-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=87619953510834\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=88886870129518\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=88890116304676\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=87619953510834\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=88886870129518\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=88890116304676\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-1999-0242
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:34
Severity ?
EPSS score ?
Summary
Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0242 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:51.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0242"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:01:59",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0242"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0242",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0242"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0242",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:51.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1814
Vulnerability from cvelistv5
Published
2005-06-28 04:00
Modified
2024-09-17 00:11
Severity ?
EPSS score ?
Summary
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securiteam.com/exploits/5AP0E0K8AO.html | x_refsource_MISC | |
| http://online.securityfocus.com/archive/1/279676 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/5125 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/9451.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:32.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/exploits/5AP0E0K8AO.html"
},
{
"name": "20020628 efstool local root exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/279676"
},
{
"name": "5125",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5125"
},
{
"name": "linux-efstool-bo(9451)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9451.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/exploits/5AP0E0K8AO.html"
},
{
"name": "20020628 efstool local root exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/279676"
},
{
"name": "5125",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5125"
},
{
"name": "linux-efstool-bo(9451)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9451.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securiteam.com/exploits/5AP0E0K8AO.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/exploits/5AP0E0K8AO.html"
},
{
"name": "20020628 efstool local root exploit",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/279676"
},
{
"name": "5125",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5125"
},
{
"name": "linux-efstool-bo(9451)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9451.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1814",
"datePublished": "2005-06-28T04:00:00Z",
"dateReserved": "2005-06-28T04:00:00Z",
"dateUpdated": "2024-09-17T00:11:30.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1187
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:02
Severity ?
EPSS score ?
Summary
Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=87602167419803&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/416 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.746Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19960826 [BUG] Vulnerability in PINE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87602167419803\u0026w=2"
},
{
"name": "pine-tmpfile(416)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/416"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1996-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19960826 [BUG] Vulnerability in PINE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87602167419803\u0026w=2"
},
{
"name": "pine-tmpfile(416)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/416"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1187",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19960826 [BUG] Vulnerability in PINE",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=87602167419803\u0026w=2"
},
{
"name": "pine-tmpfile(416)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/416"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1187",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:02:53.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0341
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:34
Severity ?
EPSS score ?
Summary
Buffer overflow in the Linux mail program "deliver" allows local users to gain root access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0341 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:51.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Linux mail program \"deliver\" allows local users to gain root access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:20:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0341",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Linux mail program \"deliver\" allows local users to gain root access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0341",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0341",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:51.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-1036
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 04:44
Severity ?
EPSS score ?
Summary
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/6932 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/3127 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/200991 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/5477 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:44:06.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "locate-command-execution(6932)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6932"
},
{
"name": "3127",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3127"
},
{
"name": "20010801 Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/200991"
},
{
"name": "5477",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5477"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-06T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "locate-command-execution(6932)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6932"
},
{
"name": "3127",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3127"
},
{
"name": "20010801 Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/200991"
},
{
"name": "5477",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5477"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "locate-command-execution(6932)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6932"
},
{
"name": "3127",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3127"
},
{
"name": "20010801 Slackware 8.0, 7.1 Vulnerability: /usr/bin/locate",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/200991"
},
{
"name": "5477",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5477"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1036",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-01-31T00:00:00",
"dateUpdated": "2024-08-08T04:44:06.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0881
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=109571883130372&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.debian.org/security/2004/dsa-553 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG | x_refsource_CONFIRM | |
| http://security.gentoo.org/glsa/glsa-200409-32.xml | vendor-advisory, x_refsource_GENTOO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17439 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040919 Local root compromise possible with getmail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109571883130372\u0026w=2"
},
{
"name": "DSA-553",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-553"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG"
},
{
"name": "GLSA-200409-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-32.xml"
},
{
"name": "getmail-maildir-race-condition(17439)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17439"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040919 Local root compromise possible with getmail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109571883130372\u0026w=2"
},
{
"name": "DSA-553",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-553"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG"
},
{
"name": "GLSA-200409-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-32.xml"
},
{
"name": "getmail-maildir-race-condition(17439)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17439"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040919 Local root compromise possible with getmail",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109571883130372\u0026w=2"
},
{
"name": "DSA-553",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-553"
},
{
"name": "http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG",
"refsource": "CONFIRM",
"url": "http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG"
},
{
"name": "GLSA-200409-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200409-32.xml"
},
{
"name": "getmail-maildir-race-condition(17439)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17439"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0881",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-09-21T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0368
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:34
Severity ?
EPSS score ?
Summary
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:51.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:24:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0368",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0368"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0368",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:51.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0433
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:41
Severity ?
EPSS score ?
Summary
XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:44.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:33:31",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0433",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XFree86 startx command is vulnerable to a symlink attack, allowing local users to create files in restricted directories, possibly allowing them to gain privileges or cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0433"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0433",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:44.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-0004
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 02:35
Severity ?
EPSS score ?
Summary
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/7909 | vdb-entry, x_refsource_XF | |
| http://online.securityfocus.com/advisories/3969 | vendor-advisory, x_refsource_HP | |
| http://www.debian.org/security/2002/dsa-102 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.redhat.com/support/errata/RHSA-2002-015.html | vendor-advisory, x_refsource_REDHAT | |
| http://online.securityfocus.com/advisories/3833 | vendor-advisory, x_refsource_HP | |
| http://marc.info/?l=bugtraq&m=101128661602088&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/3886 | vdb-entry, x_refsource_BID | |
| http://www.novell.com/linux/security/advisories/2002_003_at_txt.html | vendor-advisory, x_refsource_SUSE | |
| http://marc.info/?l=bugtraq&m=101147632721031&w=2 | vendor-advisory, x_refsource_MANDRAKE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:35:17.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "linux-at-exetime-heap-corruption(7909)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909"
},
{
"name": "HPSBTL0302-034",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/3969"
},
{
"name": "DSA-102",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-102"
},
{
"name": "RHSA-2002:015",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-015.html"
},
{
"name": "HPSBTL0201-021",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://online.securityfocus.com/advisories/3833"
},
{
"name": "20020117 \u0027/usr/bin/at 31337 + vuln\u0027 problem + exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2"
},
{
"name": "3886",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3886"
},
{
"name": "SuSE-SA:2002:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html"
},
{
"name": "MDKSA-2002:007",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap corruption vulnerability in the \"at\" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-16T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "linux-at-exetime-heap-corruption(7909)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909"
},
{
"name": "HPSBTL0302-034",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/3969"
},
{
"name": "DSA-102",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-102"
},
{
"name": "RHSA-2002:015",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-015.html"
},
{
"name": "HPSBTL0201-021",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://online.securityfocus.com/advisories/3833"
},
{
"name": "20020117 \u0027/usr/bin/at 31337 + vuln\u0027 problem + exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2"
},
{
"name": "3886",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3886"
},
{
"name": "SuSE-SA:2002:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html"
},
{
"name": "MDKSA-2002:007",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap corruption vulnerability in the \"at\" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "linux-at-exetime-heap-corruption(7909)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7909"
},
{
"name": "HPSBTL0302-034",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/3969"
},
{
"name": "DSA-102",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-102"
},
{
"name": "RHSA-2002:015",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-015.html"
},
{
"name": "HPSBTL0201-021",
"refsource": "HP",
"url": "http://online.securityfocus.com/advisories/3833"
},
{
"name": "20020117 \u0027/usr/bin/at 31337 + vuln\u0027 problem + exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101128661602088\u0026w=2"
},
{
"name": "3886",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3886"
},
{
"name": "SuSE-SA:2002:003",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2002_003_at_txt.html"
},
{
"name": "MDKSA-2002:007",
"refsource": "MANDRAKE",
"url": "http://marc.info/?l=bugtraq\u0026m=101147632721031\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0004",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2002-01-02T00:00:00",
"dateUpdated": "2024-08-08T02:35:17.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-0195
Vulnerability from cvelistv5
Published
2003-06-05 04:00
Modified
2024-08-08 01:43
Severity ?
EPSS score ?
Summary
CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=105427288724449&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.turbolinux.com/security/TLSA-2003-33.txt | vendor-advisory, x_refsource_TURBO | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2003:062 | vendor-advisory, x_refsource_MANDRAKE | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6 | vdb-entry, signature, x_refsource_OVAL | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000678 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.securityfocus.com/bid/7637 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2003/dsa-317 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.novell.com/linux/security/advisories/2003_028.html | vendor-advisory, x_refsource_SUSE | |
| http://www.redhat.com/support/errata/RHSA-2003-171.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030529 [slackware-security] CUPS DoS vulnerability fixed (SSA:2003-149-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105427288724449\u0026w=2"
},
{
"name": "TLSA-2003-33",
"tags": [
"vendor-advisory",
"x_refsource_TURBO",
"x_transferred"
],
"url": "http://www.turbolinux.com/security/TLSA-2003-33.txt"
},
{
"name": "MDKSA-2003:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:062"
},
{
"name": "oval:org.mitre.oval:def:6",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6"
},
{
"name": "CLSA-2003:678",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000678"
},
{
"name": "7637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7637"
},
{
"name": "DSA-317",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-317"
},
{
"name": "SuSE-SA:2003:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_028.html"
},
{
"name": "RHSA-2003:171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-171.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030529 [slackware-security] CUPS DoS vulnerability fixed (SSA:2003-149-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105427288724449\u0026w=2"
},
{
"name": "TLSA-2003-33",
"tags": [
"vendor-advisory",
"x_refsource_TURBO"
],
"url": "http://www.turbolinux.com/security/TLSA-2003-33.txt"
},
{
"name": "MDKSA-2003:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:062"
},
{
"name": "oval:org.mitre.oval:def:6",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6"
},
{
"name": "CLSA-2003:678",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000678"
},
{
"name": "7637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7637"
},
{
"name": "DSA-317",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-317"
},
{
"name": "SuSE-SA:2003:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_028.html"
},
{
"name": "RHSA-2003:171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-171.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030529 [slackware-security] CUPS DoS vulnerability fixed (SSA:2003-149-01)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105427288724449\u0026w=2"
},
{
"name": "TLSA-2003-33",
"refsource": "TURBO",
"url": "http://www.turbolinux.com/security/TLSA-2003-33.txt"
},
{
"name": "MDKSA-2003:062",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:062"
},
{
"name": "oval:org.mitre.oval:def:6",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6"
},
{
"name": "CLSA-2003:678",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000678"
},
{
"name": "7637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7637"
},
{
"name": "DSA-317",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-317"
},
{
"name": "SuSE-SA:2003:028",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_028.html"
},
{
"name": "RHSA-2003:171",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-171.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0195",
"datePublished": "2003-06-05T04:00:00",
"dateReserved": "2003-04-01T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.123Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-7172
Vulnerability from cvelistv5
Published
2019-11-21 13:51
Modified
2024-08-06 18:01
Severity ?
EPSS score ?
Summary
Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-tracker.debian.org/tracker/CVE-2013-7172 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7172 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2013/12/20/1 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/89916 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:01:19.909Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7172"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7172"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/20/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89916"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-21T13:51:18",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7172"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7172"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/20/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89916"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7172",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2013-7172",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7172"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7172",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7172"
},
{
"name": "http://www.openwall.com/lists/oss-security/2013/12/20/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/12/20/1"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89916",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89916"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-7172",
"datePublished": "2019-11-21T13:51:18",
"dateReserved": "2013-12-19T00:00:00",
"dateUpdated": "2024-08-06T18:01:19.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0041
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-09-17 14:25
Severity ?
EPSS score ?
Summary
Buffer overflow in NLS (Natural Language Service).
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-1999-0041",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T14:09:51.440131Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-17T14:25:15.473Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in NLS (Natural Language Service)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:30:20",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0041",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in NLS (Natural Language Service)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0041"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0041",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-09-17T14:25:15.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0880
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=109571883130372&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.debian.org/security/2004/dsa-553 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG | x_refsource_CONFIRM | |
| http://security.gentoo.org/glsa/glsa-200409-32.xml | vendor-advisory, x_refsource_GENTOO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17437 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.817Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040919 Local root compromise possible with getmail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109571883130372\u0026w=2"
},
{
"name": "DSA-553",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-553"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG"
},
{
"name": "GLSA-200409-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-32.xml"
},
{
"name": "getmail-mbox-race-condition(17437)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17437"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040919 Local root compromise possible with getmail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109571883130372\u0026w=2"
},
{
"name": "DSA-553",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-553"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG"
},
{
"name": "GLSA-200409-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200409-32.xml"
},
{
"name": "getmail-mbox-race-condition(17437)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17437"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0880",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040919 Local root compromise possible with getmail",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109571883130372\u0026w=2"
},
{
"name": "DSA-553",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-553"
},
{
"name": "http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG",
"refsource": "CONFIRM",
"url": "http://www.qcc.ca/~charlesc/software/getmail-4/CHANGELOG"
},
{
"name": "GLSA-200409-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200409-32.xml"
},
{
"name": "getmail-mbox-race-condition(17437)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17437"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0880",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-09-21T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6199
Vulnerability from cvelistv5
Published
2007-12-01 01:00
Modified
2024-08-07 15:54
Severity ?
EPSS score ?
Summary
rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:27.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28412"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15549.html"
},
{
"name": "ADV-2007-4057",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4057"
},
{
"name": "APPLE-SA-2008-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
},
{
"name": "ADV-2008-2268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2268"
},
{
"name": "27853",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27853"
},
{
"name": "20080212 FLEA-2008-0004-1 rsync",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487991/100/0/threaded"
},
{
"name": "27863",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27863"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0257"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rsync.samba.org/security.html#s3_0_0"
},
{
"name": "61005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61005"
},
{
"name": "28457",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28457"
},
{
"name": "MDVSA-2008:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011"
},
{
"name": "31326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31326"
},
{
"name": "26638",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26638"
},
{
"name": "1019012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019012"
},
{
"name": "SUSE-SR:2008:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module\u0027s hierarchy."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28412"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15549.html"
},
{
"name": "ADV-2007-4057",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4057"
},
{
"name": "APPLE-SA-2008-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
},
{
"name": "ADV-2008-2268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2268"
},
{
"name": "27853",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27853"
},
{
"name": "20080212 FLEA-2008-0004-1 rsync",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487991/100/0/threaded"
},
{
"name": "27863",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27863"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0257"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rsync.samba.org/security.html#s3_0_0"
},
{
"name": "61005",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61005"
},
{
"name": "28457",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28457"
},
{
"name": "MDVSA-2008:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011"
},
{
"name": "31326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31326"
},
{
"name": "26638",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26638"
},
{
"name": "1019012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019012"
},
{
"name": "SUSE-SR:2008:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module\u0027s hierarchy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28412",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28412"
},
{
"name": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15549.html",
"refsource": "CONFIRM",
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15549.html"
},
{
"name": "ADV-2007-4057",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4057"
},
{
"name": "APPLE-SA-2008-07-31",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
},
{
"name": "ADV-2008-2268",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2268"
},
{
"name": "27853",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27853"
},
{
"name": "20080212 FLEA-2008-0004-1 rsync",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487991/100/0/threaded"
},
{
"name": "27863",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27863"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0257",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0257"
},
{
"name": "http://rsync.samba.org/security.html#s3_0_0",
"refsource": "CONFIRM",
"url": "http://rsync.samba.org/security.html#s3_0_0"
},
{
"name": "61005",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61005"
},
{
"name": "28457",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28457"
},
{
"name": "MDVSA-2008:011",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011"
},
{
"name": "31326",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31326"
},
{
"name": "26638",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26638"
},
{
"name": "1019012",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019012"
},
{
"name": "SUSE-SR:2008:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6199",
"datePublished": "2007-12-01T01:00:00",
"dateReserved": "2007-11-30T00:00:00",
"dateUpdated": "2024-08-07T15:54:27.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0940
Vulnerability from cvelistv5
Published
2004-10-26 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "OpenPKG-SA-2004.047",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109906660225051\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.apacheweek.com/features/security-13"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"
},
{
"name": "MDKSA-2004:134",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:134"
},
{
"name": "apache-modinclude-bo(17785)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17785"
},
{
"name": "11471",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11471"
},
{
"name": "RHSA-2005:816",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "12898",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12898/"
},
{
"name": "DSA-594",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-594"
},
{
"name": "19073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19073"
},
{
"name": "1011783",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011783"
},
{
"name": "RHSA-2004:600",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-600.html"
},
{
"name": "102197",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1"
},
{
"name": "ADV-2006-0789",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0789"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-06T10:08:39",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "OpenPKG-SA-2004.047",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109906660225051\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.apacheweek.com/features/security-13"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"
},
{
"name": "MDKSA-2004:134",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:134"
},
{
"name": "apache-modinclude-bo(17785)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17785"
},
{
"name": "11471",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11471"
},
{
"name": "RHSA-2005:816",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "12898",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12898/"
},
{
"name": "DSA-594",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-594"
},
{
"name": "19073",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19073"
},
{
"name": "1011783",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011783"
},
{
"name": "RHSA-2004:600",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-600.html"
},
{
"name": "102197",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1"
},
{
"name": "ADV-2006-0789",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0789"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "OpenPKG-SA-2004.047",
"refsource": "OPENPKG",
"url": "http://marc.info/?l=bugtraq\u0026m=109906660225051\u0026w=2"
},
{
"name": "http://www.apacheweek.com/features/security-13",
"refsource": "CONFIRM",
"url": "http://www.apacheweek.com/features/security-13"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm"
},
{
"name": "MDKSA-2004:134",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:134"
},
{
"name": "apache-modinclude-bo(17785)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17785"
},
{
"name": "11471",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11471"
},
{
"name": "RHSA-2005:816",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-816.html"
},
{
"name": "12898",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12898/"
},
{
"name": "DSA-594",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-594"
},
{
"name": "19073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19073"
},
{
"name": "1011783",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011783"
},
{
"name": "RHSA-2004:600",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-600.html"
},
{
"name": "102197",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1"
},
{
"name": "ADV-2006-0789",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0789"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0940",
"datePublished": "2004-10-26T04:00:00",
"dateReserved": "2004-10-12T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1352
Vulnerability from cvelistv5
Published
2007-04-06 01:00
Modified
2024-08-07 12:50
Severity ?
EPSS score ?
Summary
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:50:35.267Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"name": "24745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24745"
},
{
"name": "oval:org.mitre.oval:def:10523",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "24771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24771"
},
{
"name": "24770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24756"
},
{
"name": "23283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23300"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "24758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24758"
},
{
"name": "1017857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "oval:org.mitre.oval:def:13243",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "DSA-1294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25216"
},
{
"name": "xorg-fontsdir-bo(33419)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "102886",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "25004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25305"
},
{
"name": "RHSA-2007:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24772"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD",
"x_transferred"
],
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"name": "24745",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24745"
},
{
"name": "oval:org.mitre.oval:def:10523",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "24771",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24771"
},
{
"name": "24770",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24756"
},
{
"name": "23283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23300"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "24758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24758"
},
{
"name": "1017857",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "oval:org.mitre.oval:def:13243",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25195",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "DSA-1294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25216"
},
{
"name": "xorg-fontsdir-bo(33419)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "102886",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "25004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25305"
},
{
"name": "RHSA-2007:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24772"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"tags": [
"vendor-advisory",
"x_refsource_OPENBSD"
],
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-1352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070403 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502"
},
{
"name": "24745",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24745"
},
{
"name": "oval:org.mitre.oval:def:10523",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10523"
},
{
"name": "33937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33937"
},
{
"name": "24771",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24771"
},
{
"name": "24770",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24770"
},
{
"name": "25006",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25006"
},
{
"name": "24756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24756"
},
{
"name": "23283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23283"
},
{
"name": "RHSA-2007:0126",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0126.html"
},
{
"name": "23300",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23300"
},
{
"name": "http://support.apple.com/kb/HT3438",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200705-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-10.xml"
},
{
"name": "USN-448-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-448-1"
},
{
"name": "APPLE-SA-2009-02-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "MDKSA-2007:080",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:080"
},
{
"name": "24758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24758"
},
{
"name": "1017857",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017857"
},
{
"name": "oval:org.mitre.oval:def:13243",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13243"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-178.htm"
},
{
"name": "25195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25195"
},
{
"name": "RHSA-2007:0125",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0125.html"
},
{
"name": "24741",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24741"
},
{
"name": "APPLE-SA-2007-11-14",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "[xorg-announce] 20070403 various integer overflow vulnerabilites in xserver, libX11 and libXfont",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html"
},
{
"name": "24791",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24791"
},
{
"name": "SUSE-SA:2007:027",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_27_x.html"
},
{
"name": "DSA-1294",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1294"
},
{
"name": "24765",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24765"
},
{
"name": "25216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25216"
},
{
"name": "xorg-fontsdir-bo(33419)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33419"
},
{
"name": "20070404 rPSA-2007-0065-1 freetype xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464686/100/0/threaded"
},
{
"name": "20070405 FLEA-2007-0009-1: xorg-x11 freetype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464816/100/0/threaded"
},
{
"name": "ADV-2007-1548",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1548"
},
{
"name": "102886",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102886-1"
},
{
"name": "ADV-2007-1217",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1217"
},
{
"name": "[4.0] 011: SECURITY FIX: April 4, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata40.html#011_xorg"
},
{
"name": "https://issues.rpath.com/browse/RPL-1213",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1213"
},
{
"name": "25004",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25004"
},
{
"name": "25305",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25305"
},
{
"name": "RHSA-2007:0132",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0132.html"
},
{
"name": "24772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24772"
},
{
"name": "[3.9] 021: SECURITY FIX: April 4, 2007",
"refsource": "OPENBSD",
"url": "http://www.openbsd.org/errata39.html#021_xorg"
},
{
"name": "http://issues.foresightlinux.org/browse/FL-223",
"refsource": "CONFIRM",
"url": "http://issues.foresightlinux.org/browse/FL-223"
},
{
"name": "MDKSA-2007:079",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-1352",
"datePublished": "2007-04-06T01:00:00",
"dateReserved": "2007-03-08T00:00:00",
"dateUpdated": "2024-08-07T12:50:35.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6200
Vulnerability from cvelistv5
Published
2007-12-01 01:00
Modified
2024-08-07 15:54
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:27.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28412"
},
{
"name": "ADV-2007-4057",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4057"
},
{
"name": "APPLE-SA-2008-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
},
{
"name": "RHSA-2011:0999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0999.html"
},
{
"name": "26639",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26639"
},
{
"name": "ADV-2008-2268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2268"
},
{
"name": "27853",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27853"
},
{
"name": "20080212 FLEA-2008-0004-1 rsync",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487991/100/0/threaded"
},
{
"name": "27863",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27863"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0257"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rsync.samba.org/security.html#s3_0_0"
},
{
"name": "28457",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28457"
},
{
"name": "MDVSA-2008:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011"
},
{
"name": "31326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31326"
},
{
"name": "1019012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019012"
},
{
"name": "SUSE-SR:2008:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28412"
},
{
"name": "ADV-2007-4057",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4057"
},
{
"name": "APPLE-SA-2008-07-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
},
{
"name": "RHSA-2011:0999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0999.html"
},
{
"name": "26639",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26639"
},
{
"name": "ADV-2008-2268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2268"
},
{
"name": "27853",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27853"
},
{
"name": "20080212 FLEA-2008-0004-1 rsync",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487991/100/0/threaded"
},
{
"name": "27863",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27863"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0257"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rsync.samba.org/security.html#s3_0_0"
},
{
"name": "28457",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28457"
},
{
"name": "MDVSA-2008:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011"
},
{
"name": "31326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31326"
},
{
"name": "1019012",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019012"
},
{
"name": "SUSE-SR:2008:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6200",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28412",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28412"
},
{
"name": "ADV-2007-4057",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4057"
},
{
"name": "APPLE-SA-2008-07-31",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
},
{
"name": "RHSA-2011:0999",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0999.html"
},
{
"name": "26639",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26639"
},
{
"name": "ADV-2008-2268",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2268"
},
{
"name": "27853",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27853"
},
{
"name": "20080212 FLEA-2008-0004-1 rsync",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487991/100/0/threaded"
},
{
"name": "27863",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27863"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0257",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0257"
},
{
"name": "http://rsync.samba.org/security.html#s3_0_0",
"refsource": "CONFIRM",
"url": "http://rsync.samba.org/security.html#s3_0_0"
},
{
"name": "28457",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28457"
},
{
"name": "MDVSA-2008:011",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:011"
},
{
"name": "31326",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31326"
},
{
"name": "1019012",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019012"
},
{
"name": "SUSE-SR:2008:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6200",
"datePublished": "2007-12-01T01:00:00",
"dateReserved": "2007-11-30T00:00:00",
"dateUpdated": "2024-08-07T15:54:27.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3625
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.366Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "oval:org.mitre.oval:def:9575",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18335"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18908"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18385"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "oval:org.mitre.oval:def:9575",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18335"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18908"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18385"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-3625",
"datePublished": "2006-01-06T22:00:00",
"dateReserved": "2005-11-16T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0530
Vulnerability from cvelistv5
Published
2004-06-08 04:00
Modified
2024-08-08 00:24
Severity ?
EPSS score ?
Summary
The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/11760 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/10461 | vdb-entry, x_refsource_BID | |
| http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.419765 | vendor-advisory, x_refsource_SLACKWARE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16310 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:25.794Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11760"
},
{
"name": "10461",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10461"
},
{
"name": "SSA:2004-154",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.419765"
},
{
"name": "linux-php-gain-privileges(16310)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16310"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11760"
},
{
"name": "10461",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10461"
},
{
"name": "SSA:2004-154",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.419765"
},
{
"name": "linux-php-gain-privileges(16310)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16310"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0530",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11760",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11760"
},
{
"name": "10461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10461"
},
{
"name": "SSA:2004-154",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.419765"
},
{
"name": "linux-php-gain-privileges(16310)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16310"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0530",
"datePublished": "2004-06-08T04:00:00",
"dateReserved": "2004-06-04T00:00:00",
"dateUpdated": "2024-08-08T00:24:25.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-6235
Vulnerability from cvelistv5
Published
2006-12-07 11:00
Modified
2024-08-07 20:19
Severity ?
EPSS score ?
Summary
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:19:35.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017349",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017349"
},
{
"name": "23269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23269"
},
{
"name": "23303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23303"
},
{
"name": "20061206 rPSA-2006-0227-1 gnupg",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453723/100/0/threaded"
},
{
"name": "23255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23255"
},
{
"name": "USN-393-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-393-1"
},
{
"name": "23513",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23513"
},
{
"name": "23284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23284"
},
{
"name": "USN-393-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-393-2"
},
{
"name": "23245",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23245"
},
{
"name": "[gnupg-announce] GnuPG: remotely controllable function pointer [CVE-2006-6235]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html"
},
{
"name": "VU#427009",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/427009"
},
{
"name": "SUSE-SR:2006:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
},
{
"name": "RHSA-2006:0754",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0754.html"
},
{
"name": "DSA-1231",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1231"
},
{
"name": "20061206 GnuPG: remotely controllable function pointer [CVE-2006-6235]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453664/100/0/threaded"
},
{
"name": "23335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23335"
},
{
"name": "23299",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23299"
},
{
"name": "21462",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21462"
},
{
"name": "2006-0070",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0070"
},
{
"name": "23329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23329"
},
{
"name": "GLSA-200612-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200612-03.xml"
},
{
"name": "23259",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23259"
},
{
"name": "MDKSA-2006:228",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:228"
},
{
"name": "23290",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23290"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-835"
},
{
"name": "SUSE-SA:2006:075",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm"
},
{
"name": "ADV-2006-4881",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4881"
},
{
"name": "oval:org.mitre.oval:def:11245",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245"
},
{
"name": "23250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23250"
},
{
"name": "20061201-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc"
},
{
"name": "gnupg-openpgp-code-execution(30711)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30711"
},
{
"name": "OpenPKG-SA-2006.037",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html"
},
{
"name": "24047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24047"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A \"stack overwrite\" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017349",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017349"
},
{
"name": "23269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23269"
},
{
"name": "23303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23303"
},
{
"name": "20061206 rPSA-2006-0227-1 gnupg",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453723/100/0/threaded"
},
{
"name": "23255",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23255"
},
{
"name": "USN-393-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-393-1"
},
{
"name": "23513",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23513"
},
{
"name": "23284",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23284"
},
{
"name": "USN-393-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-393-2"
},
{
"name": "23245",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23245"
},
{
"name": "[gnupg-announce] GnuPG: remotely controllable function pointer [CVE-2006-6235]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html"
},
{
"name": "VU#427009",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/427009"
},
{
"name": "SUSE-SR:2006:028",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
},
{
"name": "RHSA-2006:0754",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0754.html"
},
{
"name": "DSA-1231",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1231"
},
{
"name": "20061206 GnuPG: remotely controllable function pointer [CVE-2006-6235]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453664/100/0/threaded"
},
{
"name": "23335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23335"
},
{
"name": "23299",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23299"
},
{
"name": "21462",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21462"
},
{
"name": "2006-0070",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0070"
},
{
"name": "23329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23329"
},
{
"name": "GLSA-200612-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200612-03.xml"
},
{
"name": "23259",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23259"
},
{
"name": "MDKSA-2006:228",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:228"
},
{
"name": "23290",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23290"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-835"
},
{
"name": "SUSE-SA:2006:075",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm"
},
{
"name": "ADV-2006-4881",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4881"
},
{
"name": "oval:org.mitre.oval:def:11245",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245"
},
{
"name": "23250",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23250"
},
{
"name": "20061201-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc"
},
{
"name": "gnupg-openpgp-code-execution(30711)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30711"
},
{
"name": "OpenPKG-SA-2006.037",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html"
},
{
"name": "24047",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24047"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A \"stack overwrite\" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017349",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017349"
},
{
"name": "23269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23269"
},
{
"name": "23303",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23303"
},
{
"name": "20061206 rPSA-2006-0227-1 gnupg",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453723/100/0/threaded"
},
{
"name": "23255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23255"
},
{
"name": "USN-393-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-393-1"
},
{
"name": "23513",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23513"
},
{
"name": "23284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23284"
},
{
"name": "USN-393-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-393-2"
},
{
"name": "23245",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23245"
},
{
"name": "[gnupg-announce] GnuPG: remotely controllable function pointer [CVE-2006-6235]",
"refsource": "MLIST",
"url": "http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html"
},
{
"name": "VU#427009",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/427009"
},
{
"name": "SUSE-SR:2006:028",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_28_sr.html"
},
{
"name": "RHSA-2006:0754",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0754.html"
},
{
"name": "DSA-1231",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1231"
},
{
"name": "20061206 GnuPG: remotely controllable function pointer [CVE-2006-6235]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453664/100/0/threaded"
},
{
"name": "23335",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23335"
},
{
"name": "23299",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23299"
},
{
"name": "21462",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21462"
},
{
"name": "2006-0070",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0070"
},
{
"name": "23329",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23329"
},
{
"name": "GLSA-200612-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200612-03.xml"
},
{
"name": "23259",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23259"
},
{
"name": "MDKSA-2006:228",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:228"
},
{
"name": "23290",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23290"
},
{
"name": "https://issues.rpath.com/browse/RPL-835",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-835"
},
{
"name": "SUSE-SA:2006:075",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-047.htm"
},
{
"name": "ADV-2006-4881",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4881"
},
{
"name": "oval:org.mitre.oval:def:11245",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11245"
},
{
"name": "23250",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23250"
},
{
"name": "20061201-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc"
},
{
"name": "gnupg-openpgp-code-execution(30711)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30711"
},
{
"name": "OpenPKG-SA-2006.037",
"refsource": "OPENPKG",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.037.html"
},
{
"name": "24047",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24047"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6235",
"datePublished": "2006-12-07T11:00:00",
"dateReserved": "2006-12-02T00:00:00",
"dateUpdated": "2024-08-07T20:19:35.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0438
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:21
Severity ?
EPSS score ?
Summary
Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/1239 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:30.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1239",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1239"
},
{
"name": "20000522 fdmount buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in fdmount on Linux systems allows local users in the \"floppy\" group to execute arbitrary commands via a long mountpoint parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1239",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1239"
},
{
"name": "20000522 fdmount buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0438",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in fdmount on Linux systems allows local users in the \"floppy\" group to execute arbitrary commands via a long mountpoint parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1239",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1239"
},
{
"name": "20000522 fdmount buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0438",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-06-14T00:00:00",
"dateUpdated": "2024-08-08T05:21:30.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0891
Vulnerability from cvelistv5
Published
2004-10-21 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17787 | vdb-entry, x_refsource_XF | |
| https://bugzilla.fedora.us/show_bug.cgi?id=2188 | vendor-advisory, x_refsource_FEDORA | |
| http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml | vendor-advisory, x_refsource_GENTOO | |
| http://gaim.sourceforge.net/security/?id=9 | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790 | vdb-entry, signature, x_refsource_OVAL | |
| https://www.ubuntu.com/usn/usn-8-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17790 | vdb-entry, x_refsource_XF | |
| http://www.redhat.com/support/errata/RHSA-2004-604.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17786 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "gaim-msn-slp-dos(17787)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17787"
},
{
"name": "FLSA:2188",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2188"
},
{
"name": "GLSA-200410-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://gaim.sourceforge.net/security/?id=9"
},
{
"name": "oval:org.mitre.oval:def:11790",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790"
},
{
"name": "USN-8-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://www.ubuntu.com/usn/usn-8-1/"
},
{
"name": "gaim-file-transfer-dos(17790)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17790"
},
{
"name": "RHSA-2004:604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-604.html"
},
{
"name": "gaim-msn-slp-bo(17786)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17786"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an \"unexpected sequence of MSNSLP messages\" that results in an unbounded copy operation that writes to the wrong buffer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "gaim-msn-slp-dos(17787)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17787"
},
{
"name": "FLSA:2188",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2188"
},
{
"name": "GLSA-200410-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://gaim.sourceforge.net/security/?id=9"
},
{
"name": "oval:org.mitre.oval:def:11790",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790"
},
{
"name": "USN-8-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://www.ubuntu.com/usn/usn-8-1/"
},
{
"name": "gaim-file-transfer-dos(17790)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17790"
},
{
"name": "RHSA-2004:604",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-604.html"
},
{
"name": "gaim-msn-slp-bo(17786)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17786"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0891",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an \"unexpected sequence of MSNSLP messages\" that results in an unbounded copy operation that writes to the wrong buffer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "gaim-msn-slp-dos(17787)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17787"
},
{
"name": "FLSA:2188",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=2188"
},
{
"name": "GLSA-200410-23",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml"
},
{
"name": "http://gaim.sourceforge.net/security/?id=9",
"refsource": "CONFIRM",
"url": "http://gaim.sourceforge.net/security/?id=9"
},
{
"name": "oval:org.mitre.oval:def:11790",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790"
},
{
"name": "USN-8-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/usn-8-1/"
},
{
"name": "gaim-file-transfer-dos(17790)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17790"
},
{
"name": "RHSA-2004:604",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-604.html"
},
{
"name": "gaim-msn-slp-bo(17786)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17786"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0891",
"datePublished": "2004-10-21T04:00:00",
"dateReserved": "2004-09-22T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1489
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:18
Severity ?
EPSS score ?
Summary
Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/364 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/6384 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:18:07.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "364",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/364"
},
{
"name": "19970304 Linux SuperProbe exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/6384"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1997-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "364",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/364"
},
{
"name": "19970304 Linux SuperProbe exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/6384"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "364",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/364"
},
{
"name": "19970304 Linux SuperProbe exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/6384"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1489",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:18:07.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0233
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.818Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2004:031",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:031"
},
{
"name": "1000752",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1"
},
{
"name": "utemper-symlink(15904)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15904"
},
{
"name": "RHSA-2004:174",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-174.html"
},
{
"name": "SSA:2004-110",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404389"
},
{
"name": "GLSA-200405-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-05.xml"
},
{
"name": "oval:org.mitre.oval:def:10115",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10115"
},
{
"name": "10178",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10178"
},
{
"name": "oval:org.mitre.oval:def:979",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979"
},
{
"name": "RHSA-2004:175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-175.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2004:031",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:031"
},
{
"name": "1000752",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1"
},
{
"name": "utemper-symlink(15904)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15904"
},
{
"name": "RHSA-2004:174",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-174.html"
},
{
"name": "SSA:2004-110",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404389"
},
{
"name": "GLSA-200405-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-05.xml"
},
{
"name": "oval:org.mitre.oval:def:10115",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10115"
},
{
"name": "10178",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10178"
},
{
"name": "oval:org.mitre.oval:def:979",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979"
},
{
"name": "RHSA-2004:175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-175.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0233",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2004:031",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:031"
},
{
"name": "1000752",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1"
},
{
"name": "utemper-symlink(15904)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15904"
},
{
"name": "RHSA-2004:174",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-174.html"
},
{
"name": "SSA:2004-110",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404389"
},
{
"name": "GLSA-200405-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200405-05.xml"
},
{
"name": "oval:org.mitre.oval:def:10115",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10115"
},
{
"name": "10178",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10178"
},
{
"name": "oval:org.mitre.oval:def:979",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979"
},
{
"name": "RHSA-2004:175",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-175.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0233",
"datePublished": "2004-05-05T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0867
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
EPSS score ?
Summary
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/5259 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/5824 | vdb-entry, x_refsource_OSVDB | |
| http://marc.info/?l=bugtraq&m=97726239017741&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html | vendor-advisory, x_refsource_TURBO | |
| http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050 | vendor-advisory, x_refsource_MANDRAKE | |
| http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.redhat.com/support/errata/RHSA-2000-061.html | vendor-advisory, x_refsource_REDHAT | |
| ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt | vendor-advisory, x_refsource_CALDERA | |
| http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:31.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "klogd-format-string(5259)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5259"
},
{
"name": "5824",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5824"
},
{
"name": "20000918 Conectiva Linux Security Announcement - sysklogd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97726239017741\u0026w=2"
},
{
"name": "TLSA2000022-2",
"tags": [
"vendor-advisory",
"x_refsource_TURBO",
"x_transferred"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html"
},
{
"name": "MDKSA-2000:050",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050"
},
{
"name": "20000917 klogd format bug",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html"
},
{
"name": "RHSA-2000:061",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-061.html"
},
{
"name": "CSSA-2000-032.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt"
},
{
"name": "20000920 syslogd + klogd format string parsing error",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-07-12T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "klogd-format-string(5259)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5259"
},
{
"name": "5824",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5824"
},
{
"name": "20000918 Conectiva Linux Security Announcement - sysklogd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97726239017741\u0026w=2"
},
{
"name": "TLSA2000022-2",
"tags": [
"vendor-advisory",
"x_refsource_TURBO"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html"
},
{
"name": "MDKSA-2000:050",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050"
},
{
"name": "20000917 klogd format bug",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html"
},
{
"name": "RHSA-2000:061",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-061.html"
},
{
"name": "CSSA-2000-032.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt"
},
{
"name": "20000920 syslogd + klogd format string parsing error",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0867",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "klogd-format-string(5259)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5259"
},
{
"name": "5824",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5824"
},
{
"name": "20000918 Conectiva Linux Security Announcement - sysklogd",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=97726239017741\u0026w=2"
},
{
"name": "TLSA2000022-2",
"refsource": "TURBO",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000023.html"
},
{
"name": "MDKSA-2000:050",
"refsource": "MANDRAKE",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:050"
},
{
"name": "20000917 klogd format bug",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0193.html"
},
{
"name": "RHSA-2000:061",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-061.html"
},
{
"name": "CSSA-2000-032.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2000-032.0.txt"
},
{
"name": "20000920 syslogd + klogd format string parsing error",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/adv9_draht_syslogd_txt.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0867",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-10-18T00:00:00",
"dateUpdated": "2024-08-08T05:37:31.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1445
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
EPSS score ?
Summary
Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=88637951600184&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:03.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19980202 imapd/ipop3d coredump in slackware 3.4",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=88637951600184\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1998-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19980202 imapd/ipop3d coredump in slackware 3.4",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=88637951600184\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1445",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19980202 imapd/ipop3d coredump in slackware 3.4",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=88637951600184\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1445",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:03.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0232
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.novell.com/linux/security/advisories/2004_12_mc.html | vendor-advisory, x_refsource_SUSE | |
| http://security.gentoo.org/glsa/glsa-200405-21.xml | vendor-advisory, x_refsource_GENTOO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16021 | vdb-entry, x_refsource_XF | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:039 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.debian.org/security/2004/dsa-497 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.redhat.com/support/errata/RHSA-2004-172.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SuSE-SA:2004:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"name": "GLSA-200405-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"name": "midnight-commander-format-string(16021)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021"
},
{
"name": "MDKSA-2004:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"name": "DSA-497",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"name": "RHSA-2004:172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SuSE-SA:2004:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"name": "GLSA-200405-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"name": "midnight-commander-format-string(16021)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021"
},
{
"name": "MDKSA-2004:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"name": "DSA-497",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"name": "RHSA-2004:172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SuSE-SA:2004:012",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"name": "GLSA-200405-21",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"name": "midnight-commander-format-string(16021)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021"
},
{
"name": "MDKSA-2004:039",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"name": "DSA-497",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"name": "RHSA-2004:172",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0232",
"datePublished": "2004-05-05T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3624
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18908"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "xpdf-ccitt-faxstream-bo(24022)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "oval:org.mitre.oval:def:9437",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18385"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18908"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "xpdf-ccitt-faxstream-bo(24022)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "oval:org.mitre.oval:def:9437",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18385"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-3624",
"datePublished": "2006-01-06T22:00:00",
"dateReserved": "2005-11-16T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1498
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:18
Severity ?
EPSS score ?
Summary
Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/82 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:18:07.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "82",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/82"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1998-04-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-05-08T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "82",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/82"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1498",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "82",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/82"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1498",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:18:07.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1095
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:02
Severity ?
EPSS score ?
Summary
sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=87619953510834&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://marc.info/?l=bugtraq&m=88886870129518&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://marc.info/?l=bugtraq&m=88890116304676&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19971006 KSR[T] Advisory #3: updatedb / crontabs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87619953510834\u0026w=2"
},
{
"name": "19980302 overwrite any file with updatedb",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=88886870129518\u0026w=2"
},
{
"name": "19980303 updatedb stuff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=88890116304676\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1997-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19971006 KSR[T] Advisory #3: updatedb / crontabs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87619953510834\u0026w=2"
},
{
"name": "19980302 overwrite any file with updatedb",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=88886870129518\u0026w=2"
},
{
"name": "19980303 updatedb stuff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=88890116304676\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19971006 KSR[T] Advisory #3: updatedb / crontabs",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=87619953510834\u0026w=2"
},
{
"name": "19980302 overwrite any file with updatedb",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=88886870129518\u0026w=2"
},
{
"name": "19980303 updatedb stuff",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=88890116304676\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1095",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:02:53.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0340
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:34
Severity ?
EPSS score ?
Summary
Buffer overflow in Linux Slackware crond program allows local users to gain root access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0340 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:51.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0340"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Linux Slackware crond program allows local users to gain root access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:19:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0340"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0340",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Linux Slackware crond program allows local users to gain root access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0340",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0340"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0340",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:51.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1422
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
EPSS score ?
Summary
The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=91540043023167&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/211 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:03.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990102 PATH variable in zip-slackware 2.0.35",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91540043023167\u0026w=2"
},
{
"name": "211",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/211"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-01-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990102 PATH variable in zip-slackware 2.0.35",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91540043023167\u0026w=2"
},
{
"name": "211",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/211"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan horse programs that are inadvertently executed by other users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990102 PATH variable in zip-slackware 2.0.35",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=91540043023167\u0026w=2"
},
{
"name": "211",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/211"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1422",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:03.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1299
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
EPSS score ?
Summary
rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=87602167420509&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:01.725Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19970203 Linux rcp bug",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87602167420509\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1997-02-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "rcp on various Linux systems including Red Hat 4.0 allows a \"nobody\" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19970203 Linux rcp bug",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87602167420509\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1299",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rcp on various Linux systems including Red Hat 4.0 allows a \"nobody\" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19970203 Linux rcp bug",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=87602167420509\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1299",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:01.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0314
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=91893782027835&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/7574 | vdb-entry, x_refsource_OSVDB | |
| ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc | vendor-advisory, x_refsource_NETBSD |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990213 traceroute as a flooder",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"name": "7574",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7574"
},
{
"name": "NetBSD-SA1999-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990213 traceroute as a flooder",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"name": "7574",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7574"
},
{
"name": "NetBSD-SA1999-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990213 traceroute as a flooder",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"name": "7574",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7574"
},
{
"name": "NetBSD-SA1999-004",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0314",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2000-05-11T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-4854
Vulnerability from cvelistv5
Published
2013-07-26 23:00
Modified
2024-08-06 16:59
Severity ?
EPSS score ?
Summary
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:39.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2013-13863",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html"
},
{
"name": "HPSBUX02926",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/article/AA-01015"
},
{
"name": "APPLE-SA-2014-10-16-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"name": "54134",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54134"
},
{
"name": "MDVSA-2013:202",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1244"
},
{
"name": "54185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54185"
},
{
"name": "FreeBSD-SA-13:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/article/AA-01016"
},
{
"name": "oval:org.mitre.oval:def:19561",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052"
},
{
"name": "FEDORA-2013-13831",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html"
},
{
"name": "54207",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54207"
},
{
"name": "openSUSE-SU-2013:1354",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT6536"
},
{
"name": "isc-bind-cve20134854-dos(86004)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/"
},
{
"name": "20130806 [slackware-security] bind (SSA:2013-218-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html"
},
{
"name": "RHSA-2013:1114",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html"
},
{
"name": "61479",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61479"
},
{
"name": "54323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54323"
},
{
"name": "SUSE-SU-2013:1310",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html"
},
{
"name": "54211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54211"
},
{
"name": "USN-1910-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1910-1"
},
{
"name": "DSA-2728",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2728"
},
{
"name": "1028838",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028838"
},
{
"name": "RHSA-2013:1115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html"
},
{
"name": "SSRT101281",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"name": "54432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54432"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-28T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2013-13863",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html"
},
{
"name": "HPSBUX02926",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/article/AA-01015"
},
{
"name": "APPLE-SA-2014-10-16-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"name": "54134",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54134"
},
{
"name": "MDVSA-2013:202",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://linux.oracle.com/errata/ELSA-2014-1244"
},
{
"name": "54185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54185"
},
{
"name": "FreeBSD-SA-13:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/article/AA-01016"
},
{
"name": "oval:org.mitre.oval:def:19561",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052"
},
{
"name": "FEDORA-2013-13831",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html"
},
{
"name": "54207",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54207"
},
{
"name": "openSUSE-SU-2013:1354",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT6536"
},
{
"name": "isc-bind-cve20134854-dos(86004)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/"
},
{
"name": "20130806 [slackware-security] bind (SSA:2013-218-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html"
},
{
"name": "RHSA-2013:1114",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html"
},
{
"name": "61479",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61479"
},
{
"name": "54323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54323"
},
{
"name": "SUSE-SU-2013:1310",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html"
},
{
"name": "54211",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54211"
},
{
"name": "USN-1910-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1910-1"
},
{
"name": "DSA-2728",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2728"
},
{
"name": "1028838",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028838"
},
{
"name": "RHSA-2013:1115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html"
},
{
"name": "SSRT101281",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"name": "54432",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54432"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2013-13863",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113108.html"
},
{
"name": "HPSBUX02926",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"name": "https://kb.isc.org/article/AA-01015",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/article/AA-01015"
},
{
"name": "APPLE-SA-2014-10-16-3",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"name": "54134",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54134"
},
{
"name": "MDVSA-2013:202",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:202"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-1244",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-1244"
},
{
"name": "54185",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54185"
},
{
"name": "FreeBSD-SA-13:07",
"refsource": "FREEBSD",
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-13:07.bind.asc"
},
{
"name": "https://kb.isc.org/article/AA-01016",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/article/AA-01016"
},
{
"name": "oval:org.mitre.oval:def:19561",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19561"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052",
"refsource": "MISC",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10052"
},
{
"name": "FEDORA-2013-13831",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113251.html"
},
{
"name": "54207",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54207"
},
{
"name": "openSUSE-SU-2013:1354",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00018.html"
},
{
"name": "https://support.apple.com/kb/HT6536",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6536"
},
{
"name": "isc-bind-cve20134854-dos(86004)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86004"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-13-210/"
},
{
"name": "20130806 [slackware-security] bind (SSA:2013-218-01)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0030.html"
},
{
"name": "RHSA-2013:1114",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1114.html"
},
{
"name": "61479",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61479"
},
{
"name": "54323",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54323"
},
{
"name": "SUSE-SU-2013:1310",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00004.html"
},
{
"name": "54211",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54211"
},
{
"name": "USN-1910-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1910-1"
},
{
"name": "DSA-2728",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2728"
},
{
"name": "1028838",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028838"
},
{
"name": "RHSA-2013:1115",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1115.html"
},
{
"name": "SSRT101281",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03922396"
},
{
"name": "54432",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54432"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4854",
"datePublished": "2013-07-26T23:00:00",
"dateReserved": "2013-07-16T00:00:00",
"dateUpdated": "2024-08-06T16:59:39.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0231
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.novell.com/linux/security/advisories/2004_12_mc.html | vendor-advisory, x_refsource_SUSE | |
| http://security.gentoo.org/glsa/glsa-200405-21.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:039 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.debian.org/security/2004/dsa-497 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.redhat.com/support/errata/RHSA-2004-172.html | vendor-advisory, x_refsource_REDHAT | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16020 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SuSE-SA:2004:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"name": "GLSA-200405-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"name": "MDKSA-2004:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"name": "DSA-497",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"name": "RHSA-2004:172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
},
{
"name": "midnight-commander-insecure-files(16020)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to \"Insecure temporary file and directory creations.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SuSE-SA:2004:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"name": "GLSA-200405-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"name": "MDKSA-2004:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"name": "DSA-497",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"name": "RHSA-2004:172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
},
{
"name": "midnight-commander-insecure-files(16020)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0231",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to \"Insecure temporary file and directory creations.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SuSE-SA:2004:012",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"name": "GLSA-200405-21",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"name": "MDKSA-2004:039",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"name": "DSA-497",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"name": "RHSA-2004:172",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
},
{
"name": "midnight-commander-insecure-files(16020)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0231",
"datePublished": "2004-05-05T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0856
Vulnerability from cvelistv5
Published
2000-06-02 04:00
Modified
2024-08-01 16:55
Severity ?
EPSS score ?
Summary
login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist.
References
| ▼ | URL | Tags |
|---|---|---|
| https://marc.info/?l=bugtraq&m=94416739411280&w=2 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:55:27.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://marc.info/?l=bugtraq\u0026m=94416739411280\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T05:30:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://marc.info/?l=bugtraq\u0026m=94416739411280\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://marc.info/?l=bugtraq\u0026m=94416739411280\u0026w=2",
"refsource": "MISC",
"url": "https://marc.info/?l=bugtraq\u0026m=94416739411280\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0856",
"datePublished": "2000-06-02T04:00:00",
"dateReserved": "1999-12-07T00:00:00",
"dateUpdated": "2024-08-01T16:55:27.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4448
Vulnerability from cvelistv5
Published
2016-06-09 16:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:24.779Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10170"
},
{
"name": "SSA:2016-148-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.404722"
},
{
"name": "RHSA-2016:1292",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1292"
},
{
"name": "[oss-security] 20160525 3 libxml2 issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/25/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "90856",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90856"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9"
},
{
"name": "APPLE-SA-2016-07-18-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"
},
{
"name": "APPLE-SA-2016-07-18-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html"
},
{
"name": "APPLE-SA-2016-07-18-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xmlsoft.org/news.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206901"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "APPLE-SA-2016-07-18-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338700"
},
{
"name": "APPLE-SA-2016-07-18-6",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2016-18"
},
{
"name": "RHSA-2016:2957",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206905"
},
{
"name": "1036348",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036348"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206903"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206902"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206904"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206899"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10170"
},
{
"name": "SSA:2016-148-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.404722"
},
{
"name": "RHSA-2016:1292",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1292"
},
{
"name": "[oss-security] 20160525 3 libxml2 issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/25/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "90856",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90856"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9"
},
{
"name": "APPLE-SA-2016-07-18-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"
},
{
"name": "APPLE-SA-2016-07-18-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html"
},
{
"name": "APPLE-SA-2016-07-18-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xmlsoft.org/news.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206901"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "APPLE-SA-2016-07-18-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338700"
},
{
"name": "APPLE-SA-2016-07-18-6",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2016-18"
},
{
"name": "RHSA-2016:2957",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206905"
},
{
"name": "1036348",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036348"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206903"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206902"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206904"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206899"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4448",
"datePublished": "2016-06-09T16:00:00",
"dateReserved": "2016-05-02T00:00:00",
"dateUpdated": "2024-08-06T00:32:24.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1186
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:02
Severity ?
EPSS score ?
Summary
rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=87602167418966&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19960102 rxvt security hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87602167418966\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1996-01-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19960102 rxvt security hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=87602167418966\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19960102 rxvt security hole",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=87602167418966\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1186",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:02:53.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3626
Vulnerability from cvelistv5
Published
2006-01-06 22:00
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "oval:org.mitre.oval:def:9992",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "xpdf-flatedecode-dos(24026)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18335"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18908"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18385"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "16143",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16143"
},
{
"name": "DSA-932",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-932"
},
{
"name": "18349",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18349"
},
{
"name": "18147",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18147"
},
{
"name": "SCOSA-2006.15",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scary.beasts.org/security/CESA-2005-003.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kde.org/info/security/advisory-20051207-2.txt"
},
{
"name": "18679",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18679"
},
{
"name": "18312",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18312"
},
{
"name": "18644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18644"
},
{
"name": "USN-236-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/236-1/"
},
{
"name": "18425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18425"
},
{
"name": "18373",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18373"
},
{
"name": "oval:org.mitre.oval:def:9992",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992"
},
{
"name": "18303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18303"
},
{
"name": "DSA-931",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-931"
},
{
"name": "18554",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18554"
},
{
"name": "MDKSA-2006:003",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003"
},
{
"name": "19230",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19230"
},
{
"name": "102972",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1"
},
{
"name": "MDKSA-2006:012",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012"
},
{
"name": "DSA-962",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-962"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html"
},
{
"name": "RHSA-2006:0163",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html"
},
{
"name": "DSA-937",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-937"
},
{
"name": "18398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18398"
},
{
"name": "FLSA-2006:176751",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded"
},
{
"name": "2006-0002",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0002/"
},
{
"name": "SUSE-SA:2006:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html"
},
{
"name": "DSA-936",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-936"
},
{
"name": "FEDORA-2005-026",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html"
},
{
"name": "18329",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18329"
},
{
"name": "18463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18463"
},
{
"name": "18642",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18642"
},
{
"name": "18674",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18674"
},
{
"name": "MDKSA-2006:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005"
},
{
"name": "18313",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18313"
},
{
"name": "20051201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U"
},
{
"name": "20060101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U"
},
{
"name": "18448",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18448"
},
{
"name": "18436",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18436"
},
{
"name": "18428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18428"
},
{
"name": "xpdf-flatedecode-dos(24026)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026"
},
{
"name": "18380",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18380"
},
{
"name": "18423",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18423"
},
{
"name": "18416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18416"
},
{
"name": "RHSA-2006:0177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html"
},
{
"name": "ADV-2007-2280",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2280"
},
{
"name": "GLSA-200601-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml"
},
{
"name": "18335",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18335"
},
{
"name": "18407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18407"
},
{
"name": "18332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18332"
},
{
"name": "18517",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18517"
},
{
"name": "18582",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18582"
},
{
"name": "18534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18534"
},
{
"name": "SSA:2006-045-09",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683"
},
{
"name": "18908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18908"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html"
},
{
"name": "25729",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25729"
},
{
"name": "18414",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18414"
},
{
"name": "MDKSA-2006:006",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006"
},
{
"name": "18338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18338"
},
{
"name": "MDKSA-2006:008",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008"
},
{
"name": "20060201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U"
},
{
"name": "RHSA-2006:0160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html"
},
{
"name": "MDKSA-2006:010",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010"
},
{
"name": "DSA-940",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-940"
},
{
"name": "MDKSA-2006:004",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004"
},
{
"name": "ADV-2006-0047",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0047"
},
{
"name": "GLSA-200601-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml"
},
{
"name": "18389",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18389"
},
{
"name": "SSA:2006-045-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747"
},
{
"name": "19377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19377"
},
{
"name": "FEDORA-2005-025",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html"
},
{
"name": "FLSA:175404",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded"
},
{
"name": "DSA-961",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-961"
},
{
"name": "18675",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18675"
},
{
"name": "18913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18913"
},
{
"name": "DSA-938",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-938"
},
{
"name": "18334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18334"
},
{
"name": "18375",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18375"
},
{
"name": "DSA-950",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-950"
},
{
"name": "18387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18387"
},
{
"name": "MDKSA-2006:011",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011"
},
{
"name": "18385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18385"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2005-3626",
"datePublished": "2006-01-06T22:00:00",
"dateReserved": "2005-11-16T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0823
Vulnerability from cvelistv5
Published
2007-02-07 20:00
Modified
2024-08-07 12:34
Severity ?
EPSS score ?
Summary
xterm on Slackware Linux 10.2 stores information that had been displayed for a different user account using the same xterm process, which might allow local users to bypass file permissions and read other users' files, or obtain other sensitive information, by reading the xterm process memory. NOTE: it could be argued that this is an expected consequence of multiple users sharing the same interactive process, in which case this is not a vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0012.html | mailing-list, x_refsource_FULLDISC | |
| http://osvdb.org/33651 | vdb-entry, x_refsource_OSVDB | |
| http://gotfault.wordpress.com/2007/02/01/a-funny-case/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070201 umount crash and xterm (kind of) information leak!",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0012.html"
},
{
"name": "33651",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33651"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://gotfault.wordpress.com/2007/02/01/a-funny-case/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "xterm on Slackware Linux 10.2 stores information that had been displayed for a different user account using the same xterm process, which might allow local users to bypass file permissions and read other users\u0027 files, or obtain other sensitive information, by reading the xterm process memory. NOTE: it could be argued that this is an expected consequence of multiple users sharing the same interactive process, in which case this is not a vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070201 umount crash and xterm (kind of) information leak!",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0012.html"
},
{
"name": "33651",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33651"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://gotfault.wordpress.com/2007/02/01/a-funny-case/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "xterm on Slackware Linux 10.2 stores information that had been displayed for a different user account using the same xterm process, which might allow local users to bypass file permissions and read other users\u0027 files, or obtain other sensitive information, by reading the xterm process memory. NOTE: it could be argued that this is an expected consequence of multiple users sharing the same interactive process, in which case this is not a vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070201 umount crash and xterm (kind of) information leak!",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0012.html"
},
{
"name": "33651",
"refsource": "OSVDB",
"url": "http://osvdb.org/33651"
},
{
"name": "http://gotfault.wordpress.com/2007/02/01/a-funny-case/",
"refsource": "MISC",
"url": "http://gotfault.wordpress.com/2007/02/01/a-funny-case/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0823",
"datePublished": "2007-02-07T20:00:00",
"dateReserved": "2007-02-07T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0844
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:37
Severity ?
EPSS score ?
Summary
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:30.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2000:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"name": "20000906 glibc locale security problem",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"name": "20000902 Conectiva Linux Security Announcement - glibc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"name": "SSRT0689U",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"name": "TLSA2000020-1",
"tags": [
"vendor-advisory",
"x_refsource_TURBO",
"x_transferred"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"name": "20000902 glibc: local root exploit",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2000/20000902"
},
{
"name": "20000904 UNIX locale format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"name": "IY13753",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"name": "1634",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1634"
},
{
"name": "CSSA-2000-030.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"name": "unix-locale-format-string(5176)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
},
{
"name": "20000901-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-09-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2000:057",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"name": "20000906 glibc locale security problem",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"name": "20000902 Conectiva Linux Security Announcement - glibc",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"name": "SSRT0689U",
"tags": [
"vendor-advisory",
"x_refsource_COMPAQ"
],
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"name": "TLSA2000020-1",
"tags": [
"vendor-advisory",
"x_refsource_TURBO"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"name": "20000902 glibc: local root exploit",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2000/20000902"
},
{
"name": "20000904 UNIX locale format string vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"name": "IY13753",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"name": "1634",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1634"
},
{
"name": "CSSA-2000-030.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"name": "unix-locale-format-string(5176)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
},
{
"name": "20000901-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0844",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2000:057",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-057.html"
},
{
"name": "20000906 glibc locale security problem",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/adv5_draht_glibc_txt.html"
},
{
"name": "20000902 Conectiva Linux Security Announcement - glibc",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0436.html"
},
{
"name": "SSRT0689U",
"refsource": "COMPAQ",
"url": "http://archives.neohapsis.com/archives/tru64/2000-q4/0000.html"
},
{
"name": "TLSA2000020-1",
"refsource": "TURBO",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-September/000020.html"
},
{
"name": "20000902 glibc: local root exploit",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2000/20000902"
},
{
"name": "20000904 UNIX locale format string vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0457.html"
},
{
"name": "IY13753",
"refsource": "AIXAPAR",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0427.html"
},
{
"name": "1634",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1634"
},
{
"name": "CSSA-2000-030.0",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-030.0.txt"
},
{
"name": "unix-locale-format-string(5176)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5176"
},
{
"name": "20000901-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20000901-01-P"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0844",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-10-18T00:00:00",
"dateUpdated": "2024-08-08T05:37:30.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0746
Vulnerability from cvelistv5
Published
2000-03-22 05:00
Modified
2024-08-01 16:48
Severity ?
EPSS score ?
Summary
A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/587 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:38.014Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "587",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/587"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "587",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/587"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0746",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "587",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/587"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0746",
"datePublished": "2000-03-22T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:38.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0315
Vulnerability from cvelistv5
Published
2001-05-07 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/7575 | vdb-entry, x_refsource_OSVDB | |
| http://marc.info/?l=bugtraq&m=91893782027835&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc | vendor-advisory, x_refsource_NETBSD |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7575",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7575"
},
{
"name": "19990213 traceroute as a flooder",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"name": "NetBSD-SA1999-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7575",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7575"
},
{
"name": "19990213 traceroute as a flooder",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"name": "NetBSD-SA1999-004",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7575",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7575"
},
{
"name": "19990213 traceroute as a flooder",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=91893782027835\u0026w=2"
},
{
"name": "NetBSD-SA1999-004",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA1999-004.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0315",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2000-05-11T00:00:00",
"dateUpdated": "2024-08-08T05:14:20.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1434
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
EPSS score ?
Summary
login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/155 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=90221104525951&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:03.255Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "155",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/155"
},
{
"name": "19980713 Slackware Shadow Insecurity",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525951\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1998-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "155",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/155"
},
{
"name": "19980713 Slackware Shadow Insecurity",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525951\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "155",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/155"
},
{
"name": "19980713 Slackware Shadow Insecurity",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=90221104525951\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1434",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:03.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0192
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:54:44",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0192"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0192",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-7171
Vulnerability from cvelistv5
Published
2019-11-21 13:46
Modified
2024-08-06 18:01
Severity ?
EPSS score ?
Summary
Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-tracker.debian.org/tracker/CVE-2013-7171 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7171 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2013/12/20/1 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/89915 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:01:20.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7171"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7171"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/20/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89915"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-21T13:46:30",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7171"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7171"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2013/12/20/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89915"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7171",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2013-7171",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2013-7171"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7171",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7171"
},
{
"name": "http://www.openwall.com/lists/oss-security/2013/12/20/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/12/20/1"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89915",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89915"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-7171",
"datePublished": "2019-11-21T13:46:30",
"dateReserved": "2013-12-19T00:00:00",
"dateUpdated": "2024-08-06T18:01:20.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0226
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.novell.com/linux/security/advisories/2004_12_mc.html | vendor-advisory, x_refsource_SUSE | |
| http://security.gentoo.org/glsa/glsa-200405-21.xml | vendor-advisory, x_refsource_GENTOO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16016 | vdb-entry, x_refsource_XF | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:039 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.debian.org/security/2004/dsa-497 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.redhat.com/support/errata/RHSA-2004-172.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SuSE-SA:2004:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"name": "GLSA-200405-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"name": "midnight-commander-local-privileges(16016)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016"
},
{
"name": "MDKSA-2004:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"name": "DSA-497",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"name": "RHSA-2004:172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SuSE-SA:2004:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"name": "GLSA-200405-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"name": "midnight-commander-local-privileges(16016)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016"
},
{
"name": "MDKSA-2004:039",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"name": "DSA-497",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"name": "RHSA-2004:172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SuSE-SA:2004:012",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html"
},
{
"name": "GLSA-200405-21",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200405-21.xml"
},
{
"name": "midnight-commander-local-privileges(16016)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016"
},
{
"name": "MDKSA-2004:039",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039"
},
{
"name": "DSA-497",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-497"
},
{
"name": "RHSA-2004:172",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-172.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0226",
"datePublished": "2004-05-05T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-0977
Vulnerability from cvelistv5
Published
2003-12-10 05:00
Modified
2024-08-08 02:12
Severity ?
EPSS score ?
Summary
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:855",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A855"
},
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20040129 [FLSA-2004:1207] Updated cvs resolves security vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107540163908129\u0026w=2"
},
{
"name": "MDKSA-2003:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:112"
},
{
"name": "oval:org.mitre.oval:def:866",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A866"
},
{
"name": "DSA-422",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-422"
},
{
"name": "RHSA-2004:003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-003.html"
},
{
"name": "10601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10601"
},
{
"name": "oval:org.mitre.oval:def:11528",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11528"
},
{
"name": "20031217 [OpenPKG-SA-2003.052] OpenPKG Security Advisory (cvs)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107168035515554\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84\u0026JServSessionIdservlets=8u3x1myav1"
},
{
"name": "20040103-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc"
},
{
"name": "CLA-2004:808",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000808"
},
{
"name": "RHSA-2004:004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-004.html"
},
{
"name": "cvs-module-file-manipulation(13929)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13929"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-12-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:855",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A855"
},
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20040129 [FLSA-2004:1207] Updated cvs resolves security vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107540163908129\u0026w=2"
},
{
"name": "MDKSA-2003:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:112"
},
{
"name": "oval:org.mitre.oval:def:866",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A866"
},
{
"name": "DSA-422",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-422"
},
{
"name": "RHSA-2004:003",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-003.html"
},
{
"name": "10601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10601"
},
{
"name": "oval:org.mitre.oval:def:11528",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11528"
},
{
"name": "20031217 [OpenPKG-SA-2003.052] OpenPKG Security Advisory (cvs)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107168035515554\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84\u0026JServSessionIdservlets=8u3x1myav1"
},
{
"name": "20040103-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc"
},
{
"name": "CLA-2004:808",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000808"
},
{
"name": "RHSA-2004:004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-004.html"
},
{
"name": "cvs-module-file-manipulation(13929)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13929"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0977",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:855",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A855"
},
{
"name": "20040202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20040129 [FLSA-2004:1207] Updated cvs resolves security vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107540163908129\u0026w=2"
},
{
"name": "MDKSA-2003:112",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:112"
},
{
"name": "oval:org.mitre.oval:def:866",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A866"
},
{
"name": "DSA-422",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-422"
},
{
"name": "RHSA-2004:003",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-003.html"
},
{
"name": "10601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10601"
},
{
"name": "oval:org.mitre.oval:def:11528",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11528"
},
{
"name": "20031217 [OpenPKG-SA-2003.052] OpenPKG Security Advisory (cvs)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107168035515554\u0026w=2"
},
{
"name": "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84\u0026JServSessionIdservlets=8u3x1myav1",
"refsource": "CONFIRM",
"url": "http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84\u0026JServSessionIdservlets=8u3x1myav1"
},
{
"name": "20040103-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040103-01-U.asc"
},
{
"name": "CLA-2004:808",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000808"
},
{
"name": "RHSA-2004:004",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-004.html"
},
{
"name": "cvs-module-file-manipulation(13929)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13929"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0977",
"datePublished": "2003-12-10T05:00:00",
"dateReserved": "2003-12-09T00:00:00",
"dateUpdated": "2024-08-08T02:12:35.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-0335
Vulnerability from cvelistv5
Published
2003-05-23 04:00
Modified
2024-08-08 01:50
Severity ?
EPSS score ?
Summary
rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=105361968110719&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:50:47.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030522 [slackware-security] quotacheck security fix in rc.M (SSA:2003-141-06)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105361968110719\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030522 [slackware-security] quotacheck security fix in rc.M (SSA:2003-141-06)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105361968110719\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030522 [slackware-security] quotacheck security fix in rc.M (SSA:2003-141-06)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105361968110719\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0335",
"datePublished": "2003-05-23T04:00:00",
"dateReserved": "2003-05-22T00:00:00",
"dateUpdated": "2024-08-08T01:50:47.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0298
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:34
Severity ?
EPSS score ?
Summary
ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp | vendor-advisory, x_refsource_NAI |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:51.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19970205 Vulnerabilities in Ypbind when run with -ypset/-ypsetme",
"tags": [
"vendor-advisory",
"x_refsource_NAI",
"x_transferred"
],
"url": "http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19970205 Vulnerabilities in Ypbind when run with -ypset/-ypsetme",
"tags": [
"vendor-advisory",
"x_refsource_NAI"
],
"url": "http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19970205 Vulnerabilities in Ypbind when run with -ypset/-ypsetme",
"refsource": "NAI",
"url": "http://www.nai.com/nai_labs/asp_set/advisory/06_ypbindsetme_adv.asp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0298",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:51.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0123
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Race condition in Linux mailx command allows local users to read user files.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0123 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0123"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Race condition in Linux mailx command allows local users to read user files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:42:40",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0123"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0123",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in Linux mailx command allows local users to read user files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0123",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0123"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0123",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-0962
Vulnerability from cvelistv5
Published
2003-12-10 05:00
Modified
2024-08-08 02:12
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20031204 rsync security advisory (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107055681311602\u0026w=2"
},
{
"name": "2003-0048",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107055684711629\u0026w=2"
},
{
"name": "10362",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10362"
},
{
"name": "10364",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10364"
},
{
"name": "10354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10354"
},
{
"name": "linux-rsync-heap-overflow(13899)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"
},
{
"name": "10363",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10363"
},
{
"name": "10353",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10353"
},
{
"name": "10357",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10357"
},
{
"name": "10355",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10355"
},
{
"name": "VU#325603",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/325603"
},
{
"name": "10358",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10358"
},
{
"name": "20031204 GLSA: exploitable heap overflow in rsync (200312-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107056923528423\u0026w=2"
},
{
"name": "10360",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10360"
},
{
"name": "10361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10361"
},
{
"name": "CLA-2003:794",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000794"
},
{
"name": "20031204 [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107055702911867\u0026w=2"
},
{
"name": "10474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10474"
},
{
"name": "20031202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"
},
{
"name": "oval:org.mitre.oval:def:9415",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"
},
{
"name": "RHSA-2003:398",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-398.html"
},
{
"name": "10356",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10356"
},
{
"name": "2898",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/2898"
},
{
"name": "MDKSA-2003:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"
},
{
"name": "9153",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9153"
},
{
"name": "10359",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10359"
},
{
"name": "10378",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10378"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-12-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20031204 rsync security advisory (fwd)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107055681311602\u0026w=2"
},
{
"name": "2003-0048",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107055684711629\u0026w=2"
},
{
"name": "10362",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10362"
},
{
"name": "10364",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10364"
},
{
"name": "10354",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10354"
},
{
"name": "linux-rsync-heap-overflow(13899)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"
},
{
"name": "10363",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10363"
},
{
"name": "10353",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10353"
},
{
"name": "10357",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10357"
},
{
"name": "10355",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10355"
},
{
"name": "VU#325603",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/325603"
},
{
"name": "10358",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10358"
},
{
"name": "20031204 GLSA: exploitable heap overflow in rsync (200312-03)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107056923528423\u0026w=2"
},
{
"name": "10360",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10360"
},
{
"name": "10361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10361"
},
{
"name": "CLA-2003:794",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000794"
},
{
"name": "20031204 [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107055702911867\u0026w=2"
},
{
"name": "10474",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10474"
},
{
"name": "20031202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"
},
{
"name": "oval:org.mitre.oval:def:9415",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"
},
{
"name": "RHSA-2003:398",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-398.html"
},
{
"name": "10356",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10356"
},
{
"name": "2898",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/2898"
},
{
"name": "MDKSA-2003:111",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"
},
{
"name": "9153",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9153"
},
{
"name": "10359",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10359"
},
{
"name": "10378",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10378"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0962",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20031204 rsync security advisory (fwd)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107055681311602\u0026w=2"
},
{
"name": "2003-0048",
"refsource": "TRUSTIX",
"url": "http://marc.info/?l=bugtraq\u0026m=107055684711629\u0026w=2"
},
{
"name": "10362",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10362"
},
{
"name": "10364",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10364"
},
{
"name": "10354",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10354"
},
{
"name": "linux-rsync-heap-overflow(13899)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13899"
},
{
"name": "10363",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10363"
},
{
"name": "10353",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10353"
},
{
"name": "10357",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10357"
},
{
"name": "10355",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10355"
},
{
"name": "VU#325603",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/325603"
},
{
"name": "10358",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10358"
},
{
"name": "20031204 GLSA: exploitable heap overflow in rsync (200312-03)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107056923528423\u0026w=2"
},
{
"name": "10360",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10360"
},
{
"name": "10361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10361"
},
{
"name": "CLA-2003:794",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000794"
},
{
"name": "20031204 [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107055702911867\u0026w=2"
},
{
"name": "10474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10474"
},
{
"name": "20031202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U"
},
{
"name": "oval:org.mitre.oval:def:9415",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9415"
},
{
"name": "RHSA-2003:398",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-398.html"
},
{
"name": "10356",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10356"
},
{
"name": "2898",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/2898"
},
{
"name": "MDKSA-2003:111",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:111"
},
{
"name": "9153",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9153"
},
{
"name": "10359",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10359"
},
{
"name": "10378",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10378"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0962",
"datePublished": "2003-12-10T05:00:00",
"dateReserved": "2003-11-26T00:00:00",
"dateUpdated": "2024-08-08T02:12:35.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0424
Vulnerability from cvelistv5
Published
2004-04-30 04:00
Modified
2024-08-08 00:17
Severity ?
EPSS score ?
Summary
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSA:2004-119",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.659586"
},
{
"name": "SuSE-SA:2004:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
},
{
"name": "oval:org.mitre.oval:def:939",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A939"
},
{
"name": "oval:org.mitre.oval:def:11214",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11214"
},
{
"name": "RHSA-2004:183",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-183.html"
},
{
"name": "MDKSA-2004:037",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:037"
},
{
"name": "linux-ipsetsockopt-integer-bo(15907)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15907"
},
{
"name": "20040504-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc"
},
{
"name": "10179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10179"
},
{
"name": "ESA-20040428-004",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt"
},
{
"name": "CLA-2004:852",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852"
},
{
"name": "20040420 Linux kernel setsockopt MCAST_MSFILTER integer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108253171301153\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SSA:2004-119",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.659586"
},
{
"name": "SuSE-SA:2004:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
},
{
"name": "oval:org.mitre.oval:def:939",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A939"
},
{
"name": "oval:org.mitre.oval:def:11214",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11214"
},
{
"name": "RHSA-2004:183",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-183.html"
},
{
"name": "MDKSA-2004:037",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:037"
},
{
"name": "linux-ipsetsockopt-integer-bo(15907)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15907"
},
{
"name": "20040504-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc"
},
{
"name": "10179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10179"
},
{
"name": "ESA-20040428-004",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt"
},
{
"name": "CLA-2004:852",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852"
},
{
"name": "20040420 Linux kernel setsockopt MCAST_MSFILTER integer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108253171301153\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSA:2004-119",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.659586"
},
{
"name": "SuSE-SA:2004:010",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html"
},
{
"name": "oval:org.mitre.oval:def:939",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A939"
},
{
"name": "oval:org.mitre.oval:def:11214",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11214"
},
{
"name": "RHSA-2004:183",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-183.html"
},
{
"name": "MDKSA-2004:037",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:037"
},
{
"name": "linux-ipsetsockopt-integer-bo(15907)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15907"
},
{
"name": "20040504-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc"
},
{
"name": "10179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10179"
},
{
"name": "ESA-20040428-004",
"refsource": "ENGARDE",
"url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html"
},
{
"name": "http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt",
"refsource": "MISC",
"url": "http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt"
},
{
"name": "CLA-2004:852",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852"
},
{
"name": "20040420 Linux kernel setsockopt MCAST_MSFILTER integer overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108253171301153\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0424",
"datePublished": "2004-04-30T04:00:00",
"dateReserved": "2004-04-21T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-9336
Vulnerability from cvelistv5
Published
2018-05-01 18:00
Modified
2024-08-05 07:17
Severity ?
EPSS score ?
Summary
openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6 | x_refsource_CONFIRM | |
| http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.568761 | vendor-advisory, x_refsource_SLACKWARE | |
| https://www.tenable.com/security/research/tra-2018-09 | x_refsource_MISC | |
| https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b | x_refsource_CONFIRM | |
| https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:52.100Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6"
},
{
"name": "SSA:2018-116-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2018\u0026m=slackware-security.568761"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2018-09"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-05T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6"
},
{
"name": "SSA:2018-116-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2018\u0026m=slackware-security.568761"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2018-09"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9336",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6",
"refsource": "CONFIRM",
"url": "https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6"
},
{
"name": "SSA:2018-116-01",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2018\u0026m=slackware-security.568761"
},
{
"name": "https://www.tenable.com/security/research/tra-2018-09",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2018-09"
},
{
"name": "https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b",
"refsource": "CONFIRM",
"url": "https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b"
},
{
"name": "https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24",
"refsource": "CONFIRM",
"url": "https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9336",
"datePublished": "2018-05-01T18:00:00",
"dateReserved": "2018-04-05T00:00:00",
"dateUpdated": "2024-08-05T07:17:52.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0421
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:41
Severity ?
EPSS score ?
Summary
During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/981 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/338 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:44.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "981",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/981"
},
{
"name": "338",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "981",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/981"
},
{
"name": "338",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "981",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/981"
},
{
"name": "338",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0421",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:44.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-7184
Vulnerability from cvelistv5
Published
2018-03-06 20:00
Modified
2024-08-05 06:24
Severity ?
EPSS score ?
Summary
ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html | x_refsource_MISC | |
| http://www.securityfocus.com/bid/103192 | vdb-entry, x_refsource_BID | |
| https://security.gentoo.org/glsa/201805-12 | vendor-advisory, x_refsource_GENTOO | |
| https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc | vendor-advisory, x_refsource_FREEBSD | |
| https://security.netapp.com/advisory/ntap-20180626-0001/ | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/541824/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://support.ntp.org/bin/view/Main/NtpBug3453 | x_refsource_CONFIRM | |
| https://usn.ubuntu.com/3707-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://www.synology.com/support/security/Synology_SA_18_13 | x_refsource_CONFIRM | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:24:11.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"name": "103192",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103192"
},
{
"name": "GLSA-201805-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201805-12"
},
{
"name": "FreeBSD-SA-18:02",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180626-0001/"
},
{
"name": "20180301 [Newsletter/Marketing] [slackware-security] ntp (SSA:2018-060-02)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541824/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug3453"
},
{
"name": "USN-3707-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3707-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_13"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the \"received\" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-31T18:06:24",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"name": "103192",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103192"
},
{
"name": "GLSA-201805-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201805-12"
},
{
"name": "FreeBSD-SA-18:02",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180626-0001/"
},
{
"name": "20180301 [Newsletter/Marketing] [slackware-security] ntp (SSA:2018-060-02)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541824/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.ntp.org/bin/view/Main/NtpBug3453"
},
{
"name": "USN-3707-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3707-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/support/security/Synology_SA_18_13"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-7184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the \"received\" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html"
},
{
"name": "103192",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103192"
},
{
"name": "GLSA-201805-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201805-12"
},
{
"name": "FreeBSD-SA-18:02",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180626-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180626-0001/"
},
{
"name": "20180301 [Newsletter/Marketing] [slackware-security] ntp (SSA:2018-060-02)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541824/100/0/threaded"
},
{
"name": "http://support.ntp.org/bin/view/Main/NtpBug3453",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/NtpBug3453"
},
{
"name": "USN-3707-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3707-1/"
},
{
"name": "https://www.synology.com/support/security/Synology_SA_18_13",
"refsource": "CONFIRM",
"url": "https://www.synology.com/support/security/Synology_SA_18_13"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-7184",
"datePublished": "2018-03-06T20:00:00",
"dateReserved": "2018-02-16T00:00:00",
"dateUpdated": "2024-08-05T06:24:11.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}