| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2005-2700 |
|
|
Bypass |
2005-09-06 |
2010-08-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions. |
|
2 |
CVE-2005-1918 |
|
|
Dir. Trav. |
2005-12-31 |
2010-08-21 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/". |
|
3 |
CVE-2005-1194 |
|
|
Exec Code Overflow |
2005-05-04 |
2010-08-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287. |
|
4 |
CVE-2005-0757 |
|
|
DoS |
2005-05-18 |
2010-08-21 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The xattr file system code, as backported in Red Hat Enterprise Linux 3 on 64-bit systems, does not properly handle certain offsets, which allows local users to cause a denial of service (system crash) via certain actions on an ext3 file system with extended attributes enabled. |
|
5 |
CVE-2005-0403 |
|
|
DoS |
2005-09-01 |
2010-08-21 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that trigger an access of a pointer to a freed structure. |
|
6 |
CVE-2005-0398 |
|
|
DoS |
2005-03-14 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets. |
|
7 |
CVE-2005-0206 |
|
|
Overflow |
2005-04-27 |
2010-08-21 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. |
|
8 |
CVE-2005-0086 |
|
|
DoS Exec Code Overflow |
2005-05-02 |
2010-08-21 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file, as demonstrated using the UTF-8 locale. |
|
9 |
CVE-2005-0078 |
|
|
|
2005-05-02 |
2010-08-21 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session. |
|
10 |
CVE-2005-0003 |
|
|
DoS Exec Code |
2005-04-14 |
2010-08-21 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file. |
|
11 |
CVE-2004-1237 |
|
|
DoS |
2005-04-14 |
2010-08-21 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors. |
|
12 |
CVE-2004-1235 |
|
|
Exec Code |
2005-04-14 |
2010-08-21 |
6.2 |
Admin |
Local |
High |
Not required |
Complete |
Complete |
Complete |
|
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. |
|
13 |
CVE-2004-1057 |
|
|
DoS |
2005-01-21 |
2010-08-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages. |
|
14 |
CVE-2004-0949 |
|
|
|
2005-01-10 |
2010-08-21 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times. |
|
15 |
CVE-2004-0812 |
|
|
DoS Exec Code |
2005-04-14 |
2010-08-21 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service (crash) and possibly execute arbitrary code. |
