CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat » Enterprise Linux : Security Vulnerabilities Published In 2007

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-6285 16 2007-12-20 2017-09-28
6.2
Admin Local High Not required Complete Complete Complete
The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by operating a remote NFS server and creating special device files on that server, as demonstrated by the /dev/mem device.
2 CVE-2007-6283 200 DoS +Info 2007-12-17 2017-09-28
4.9
None Local Low Not required None None Complete
Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.
3 CVE-2007-5964 16 +Priv 2007-12-13 2017-09-28
6.9
Admin Local Medium Not required Complete Complete Complete
The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 5, omits the nosuid option for the hosts (/net filesystem) map, which allows local users to gain privileges via a setuid program on a remote NFS server.
4 CVE-2007-5494 399 DoS 2007-11-29 2017-09-28
4.9
None Local Low Not required None None Complete
Memory leak in the Red Hat Content Accelerator kernel patch in Red Hat Enterprise Linux (RHEL) 4 and 5 allows local users to cause a denial of service (memory consumption) via a large number of open requests involving O_ATOMICLOOKUP.
5 CVE-2007-5365 119 DoS Exec Code Overflow 2007-10-11 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
6 CVE-2007-5116 119 Exec Code Overflow 2007-11-07 2017-09-28
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
7 CVE-2007-4574 DoS 2007-10-23 2017-09-28
4.7
None Local Medium Not required None None Complete
Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, when running on AMD64 and Intel 64, allows local users to cause a denial of service via unknown vectors.
8 CVE-2007-3849 264 Bypass 2007-09-04 2017-09-28
1.9
None Local Medium Not required None Partial None
Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intrusion Detection Environment (AIDE) before 0.13.1 with a database that lacks checksum information, which allows context-dependent attackers to bypass file integrity checks and modify certain files.
9 CVE-2007-3739 119 DoS Overflow 2007-09-13 2017-09-28
4.7
None Local Medium Not required None None Complete
mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors.
10 CVE-2007-3379 DoS 2007-09-17 2017-10-10
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command.
11 CVE-2007-3103 59 2007-07-15 2017-10-10
6.2
Admin Local High Not required Complete Complete Complete
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
12 CVE-2007-3099 DoS 2007-06-14 2017-10-10
2.1
None Local Low Not required None None Partial
usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss).
13 CVE-2007-2834 189 Exec Code Overflow 2007-09-18 2017-10-10
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.
14 CVE-2007-2030 2007-04-16 2017-07-28
4.9
None Local Low Not required Complete None None
lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked.
15 CVE-2007-1865 189 +Info 2007-09-18 2008-11-13
1.9
None Local Medium Not required Partial None None
** DISPUTED ** The ipv6_getsockopt_sticky function in the kernel in Red Hat Enterprise Linux (RHEL) Beta 5.1.0 allows local users to obtain sensitive information (kernel memory contents) via a negative value of the len parameter. NOTE: this issue has been disputed in a bug comment, stating that "len is ignored when copying header info to the user's buffer."
16 CVE-2007-1716 +Priv 2007-03-27 2017-10-10
3.4
User Local High Multiple systems Partial Partial Partial
pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges.
17 CVE-2007-1352 Exec Code Overflow 2007-04-05 2017-10-10
3.8
None Local Network Medium Single system None Partial Partial
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
18 CVE-2007-1351 189 Exec Code Overflow 2007-04-05 2017-10-10
8.5
Admin Remote Medium Single system Complete Complete Complete
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
19 CVE-2007-1007 DoS Exec Code 2007-02-20 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.
20 CVE-2007-0773 DoS 2007-06-26 2017-10-10
4.6
None Local Low Single system None None Complete
The Linux kernel before 2.6.9-42.0.8 in Red Hat 4.4 allows local users to cause a denial of service (kernel OOPS from null dereference) via fput in a 32-bit ioctl on 64-bit x86 systems, an incomplete fix of CVE-2005-3044.1.
21 CVE-2007-0771 DoS 2007-05-02 2017-10-10
4.9
None Local Low Not required None None Complete
The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c.
22 CVE-2007-0004 264 +Info 2007-09-18 2008-09-05
1.9
None Local Medium Not required Partial None None
The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem is mounted with the noacl option, checks permissions for the open system call via vfs_permission (mode bits) data rather than an NFS ACCESS call to the server, which allows local client processes to obtain a false success status from open calls that the server would deny, and possibly obtain sensitive information about file permissions on the server, as demonstrated in a root_squash environment. NOTE: it is uncertain whether any scenarios involving this issue cross privilege boundaries.
23 CVE-2007-0001 DoS 2007-03-02 2017-10-10
4.7
None Local Medium Not required None None Complete
The file watch implementation in the audit subsystem (auditctl -w) in the Red Hat Enterprise Linux (RHEL) 4 kernel 2.6.9 allows local users to cause a denial of service (kernel panic) by replacing a watched file, which does not cause the watch on the old inode to be dropped.
24 CVE-2006-7226 DoS 2007-12-03 2017-10-10
4.3
None Remote Medium Not required None None Partial
Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a named recursion or subroutine reference," which allows context-dependent attackers to cause a denial of service (error or crash).
25 CVE-2006-5753 DoS +Priv 2007-01-30 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.
Total number of vulnerabilities : 25   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.