CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat » Linux » 6.2 I386 : Security Vulnerabilities

Cpe Name:cpe:/o:redhat:linux:6.2::i386
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2003-0041 Exec Code 2003-02-19 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.
2 CVE-2002-2185 DoS 2002-12-31 2010-08-21
4.9
None Local Low Not required None None Complete
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
3 CVE-2002-1814 Exec Code Overflow 2002-12-31 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
4 CVE-2002-1232 DoS 2002-11-04 2008-09-05
5.0
None Remote Low Not required None None Partial
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
5 CVE-2002-0836 Exec Code 2002-10-28 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
6 CVE-2002-0506 DoS Exec Code Overflow 2002-08-12 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt.
7 CVE-2002-0080 2002-03-15 2008-09-05
2.1
None Local Low Not required Partial None None
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.
8 CVE-2002-0069 DoS 2002-03-08 2008-09-05
2.6
None Remote High Not required None None Partial
Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service.
9 CVE-2002-0068 DoS Exec Code 2002-03-08 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
10 CVE-2002-0067 Bypass 2002-03-08 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.
11 CVE-2002-0004 Exec Code Mem. Corr. 2002-02-27 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
12 CVE-2001-0169 2001-03-26 2008-09-05
2.1
None Local Low Not required None Partial None
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
13 CVE-2000-1214 Overflow +Priv 2000-10-18 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.
14 CVE-2000-1213 2000-10-18 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges.
15 CVE-2000-1189 Overflow +Priv 2001-01-09 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges.
16 CVE-2000-0963 Exec Code Overflow 2000-12-19 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.
17 CVE-2000-0816 Exec Code 2000-10-06 2008-09-10
2.1
None Local Low Not required None Partial None
Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters.
18 CVE-2000-0668 2000-07-27 2008-09-10
5.0
None Remote Low Not required None None Partial
pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.
19 CVE-2000-0666 +Priv 2000-07-16 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
20 CVE-2000-0633 2000-07-18 2008-09-05
2.1
None Local Low Not required None None Partial
Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.
21 CVE-2000-0566 2000-07-03 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
makewhatis in Linux man package allows local users to overwrite files via a symlink attack.
22 CVE-2000-0392 Overflow +Priv 2000-05-16 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.
23 CVE-2000-0391 Overflow +Priv 2000-05-16 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.
24 CVE-2000-0390 Overflow +Priv 2000-05-16 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.
25 CVE-2000-0389 Overflow +Priv 2000-05-16 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges.
26 CVE-2000-0336 2000-04-21 2008-09-10
2.1
None Local Low Not required None Partial None
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.
27 CVE-2000-0322 2000-04-24 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execure arbitrary commands via shell metacharacters.
28 CVE-2000-0289 2000-03-27 2008-09-10
5.0
None Remote Low Not required Partial None None
IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
29 CVE-2000-0286 DoS 2000-04-16 2008-09-10
2.1
None Local Low Not required None None Partial
X fontserver xfs allows local users to cause a denial of service via malformed input to the server.
30 CVE-2000-0263 DoS 2000-04-16 2008-09-10
2.1
None Local Low Not required None None Partial
The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request.
31 CVE-2000-0248 Exec Code 2000-04-24 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.
32 CVE-2000-0229 +Priv 2000-03-22 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.
33 CVE-2000-0186 Overflow +Priv 2000-02-28 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
34 CVE-2000-0184 2000-03-09 2008-09-10
2.1
None Local Low Not required Partial None None
Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords.
Total number of vulnerabilities : 34   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.