Filtered by vendor Conectiva
Subscriptions
Filtered by product Linux
Subscriptions
Total
66 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-0495 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2024-11-21 | N/A |
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. | ||||
CVE-2003-0780 | 4 Conectiva, Mysql, Oracle and 1 more | 5 Linux, Mysql, Mysql and 2 more | 2024-11-21 | N/A |
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field. | ||||
CVE-2003-0540 | 3 Conectiva, Redhat, Wietse Venema | 3 Linux, Linux, Postfix | 2024-11-21 | N/A |
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up. | ||||
CVE-2003-0468 | 3 Conectiva, Redhat, Wietse Venema | 3 Linux, Linux, Postfix | 2024-11-21 | N/A |
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port. | ||||
CVE-2002-0083 | 9 Conectiva, Engardelinux, Immunix and 6 more | 11 Linux, Secure Linux, Immunix and 8 more | 2024-11-21 | 9.8 Critical |
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. | ||||
CVE-2001-1375 | 2 Conectiva, Redhat | 2 Linux, Linux | 2024-11-21 | N/A |
tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory. | ||||
CVE-2001-1374 | 3 Conectiva, Don Libes, Redhat | 3 Linux, Expect, Linux | 2024-11-21 | N/A |
expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd. | ||||
CVE-2001-0834 | 5 Conectiva, Debian, Htdig and 2 more | 5 Linux, Debian Linux, Htdig and 2 more | 2024-11-21 | N/A |
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file. | ||||
CVE-2001-0690 | 4 Conectiva, Debian, Redhat and 1 more | 5 Linux, Debian Linux, Linux and 2 more | 2024-11-21 | N/A |
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers. | ||||
CVE-2001-0473 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2024-11-21 | N/A |
Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands. | ||||
CVE-2001-0440 | 4 Conectiva, Licq, Mandrakesoft and 1 more | 5 Linux, Licq, Mandrake Linux and 2 more | 2024-11-21 | N/A |
Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands. | ||||
CVE-2001-0439 | 5 Conectiva, Freebsd, Licq and 2 more | 7 Linux, Freebsd, Licq and 4 more | 2024-11-21 | N/A |
licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | ||||
CVE-2001-0178 | 4 Caldera, Conectiva, Mandrakesoft and 1 more | 5 Openlinux Edesktop, Linux, Mandrake Linux and 2 more | 2024-11-21 | N/A |
kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. | ||||
CVE-2001-0170 | 4 Conectiva, Debian, Immunix and 1 more | 4 Linux, Debian Linux, Immunix and 1 more | 2024-11-21 | N/A |
glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. | ||||
CVE-2001-0136 | 4 Conectiva, Debian, Mandrakesoft and 1 more | 4 Linux, Debian Linux, Mandrake Linux and 1 more | 2024-11-21 | N/A |
Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed. | ||||
CVE-2001-0128 | 6 Conectiva, Debian, Freebsd and 3 more | 8 Linux, Debian Linux, Freebsd and 5 more | 2024-11-21 | N/A |
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. | ||||
CVE-2000-1134 | 7 Caldera, Conectiva, Hp and 4 more | 9 Openlinux, Openlinux Edesktop, Openlinux Eserver and 6 more | 2024-11-21 | N/A |
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack. | ||||
CVE-2000-1095 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2024-11-21 | N/A |
modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters. | ||||
CVE-2000-0844 | 13 Caldera, Conectiva, Debian and 10 more | 16 Openlinux, Openlinux Ebuilder, Openlinux Eserver and 13 more | 2024-11-21 | N/A |
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | ||||
CVE-2000-0747 | 1 Conectiva | 1 Linux | 2024-11-21 | N/A |
The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it. |