Gentoo : Security Vulnerabilities, CVEs, Published In May 2005
The fn_show_postinst function in Gentoo webapp-config before 1.10-r14 allows local users to overwrite arbitrary files via a symlink attack on the postinst.txt temporary file.
Max CVSS
4.6
EPSS Score
0.04%
Published
2005-05-24
Updated
2011-03-08
Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.
Max CVSS
5.0
EPSS Score
0.25%
Published
2005-05-02
Updated
2017-07-11
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
Max CVSS
3.7
EPSS Score
0.13%
Published
2005-05-02
Updated
2017-10-11
The ebuild of Webmin before 1.170-r3 on Gentoo Linux includes the encrypted root password in the miniserv.users file when building a tbz2 of the webmin package, which allows remote attackers to obtain and possibly crack the encrypted password.
Max CVSS
5.0
EPSS Score
0.41%
Published
2005-05-02
Updated
2017-07-11
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
Max CVSS
2.1
EPSS Score
0.04%
Published
2005-05-02
Updated
2018-10-19
Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.
Max CVSS
7.5
EPSS Score
10.83%
Published
2005-05-02
Updated
2017-10-11
poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users.
Max CVSS
10.0
EPSS Score
1.01%
Published
2005-05-02
Updated
2008-09-10
7 vulnerabilities found