Filtered by vendor Redhat
Subscriptions
Total
21499 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2003-1437 | 6 Bea, Hp, Ibm and 3 more | 8 Weblogic Server, Hp-ux, Aix and 5 more | 2024-11-20 | N/A |
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. | ||||
CVE-2003-1332 | 3 Linux, Redhat, Samba | 3 Linux Kernel, Enterprise Linux, Samba | 2024-11-20 | N/A |
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. | ||||
CVE-2003-1329 | 2 Redhat, Washington University | 2 Enterprise Linux, Wu-ftpd | 2024-11-20 | N/A |
ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service. | ||||
CVE-2003-1303 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2024-11-20 | N/A |
Buffer overflow in the imap_fetch_overview function in the IMAP functionality (php_imap.c) in PHP before 4.3.3 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long e-mail address in a (1) To or (2) From header. | ||||
CVE-2003-1302 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2024-11-20 | N/A |
The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a (1) To or (2) From header with an address that contains a large number of "\" (backslash) characters. | ||||
CVE-2003-1295 | 2 Redhat, Suse | 2 Enterprise Linux, Suse Linux | 2024-11-20 | N/A |
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." | ||||
CVE-2003-1294 | 2 Redhat, Xscreensaver | 2 Enterprise Linux, Xscreensaver | 2024-11-20 | N/A |
Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
CVE-2003-1138 | 1 Redhat | 1 Interchange | 2024-11-20 | N/A |
The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//). | ||||
CVE-2003-1040 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2024-11-20 | N/A |
kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to cause a denial of service (crash) by sending certain signals to kmod. | ||||
CVE-2003-1023 | 2 Midnight Commander, Redhat | 3 Midnight Commander, Enterprise Linux, Linux | 2024-11-20 | N/A |
Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion. | ||||
CVE-2003-1013 | 2 Ethereal, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2024-11-20 | 7.5 High |
The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. | ||||
CVE-2003-1012 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2024-11-20 | N/A |
The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets. | ||||
CVE-2003-0992 | 2 Gnu, Redhat | 2 Mailman, Linux | 2024-11-20 | N/A |
Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users. | ||||
CVE-2003-0991 | 3 Gnu, Redhat, Sgi | 3 Mailman, Enterprise Linux, Propack | 2024-11-20 | N/A |
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands. | ||||
CVE-2003-0989 | 1 Redhat | 3 Enterprise Linux, Linux, Tcpdump | 2024-11-20 | N/A |
tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057. | ||||
CVE-2003-0988 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2024-11-20 | N/A |
Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file. | ||||
CVE-2003-0987 | 2 Apache, Redhat | 4 Http Server, Enterprise Linux, Rhel Stronghold and 1 more | 2024-11-20 | N/A |
mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret. | ||||
CVE-2003-0986 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-20 | N/A |
Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service. | ||||
CVE-2003-0985 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2024-11-20 | N/A |
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077. | ||||
CVE-2003-0984 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2024-11-20 | N/A |
Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space. |