Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
14092 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2003-0721 | 2 Redhat, Washington | 3 Enterprise Linux, Linux, Pine | 2024-11-20 | N/A |
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number. | ||||
CVE-2003-0720 | 2 Redhat, University Of Washington | 3 Enterprise Linux, Linux, Pine | 2024-11-20 | N/A |
Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type. | ||||
CVE-2003-0700 | 1 Redhat | 3 Enterprise Linux, Kernel, Linux | 2024-11-20 | N/A |
The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699. | ||||
CVE-2003-0699 | 1 Redhat | 3 Enterprise Linux, Linux, Linux Advanced Workstation | 2024-11-20 | N/A |
The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700. | ||||
CVE-2003-0695 | 2 Openbsd, Redhat | 3 Openssh, Enterprise Linux, Linux | 2024-11-20 | N/A |
Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693. | ||||
CVE-2003-0694 | 12 Apple, Compaq, Freebsd and 9 more | 20 Mac Os X, Mac Os X Server, Tru64 and 17 more | 2024-11-20 | N/A |
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | ||||
CVE-2003-0693 | 2 Openbsd, Redhat | 3 Openssh, Enterprise Linux, Linux | 2024-11-20 | N/A |
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695. | ||||
CVE-2003-0692 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2024-11-20 | N/A |
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session. | ||||
CVE-2003-0690 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2024-11-20 | N/A |
KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module. | ||||
CVE-2003-0689 | 1 Redhat | 2 Enterprise Linux, Linux | 2024-11-20 | N/A |
The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow. | ||||
CVE-2003-0686 | 2 Dave Airlie, Redhat | 4 Pam Smb, Enterprise Linux, Linux and 1 more | 2024-11-20 | N/A |
Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code. | ||||
CVE-2003-0682 | 2 Openbsd, Redhat | 3 Openssh, Enterprise Linux, Linux | 2024-11-20 | N/A |
"Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695. | ||||
CVE-2003-0644 | 2 Johannes Sixt, Redhat | 2 Kdbg, Enterprise Linux | 2024-11-20 | N/A |
Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands. | ||||
CVE-2003-0619 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-20 | N/A |
Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call. | ||||
CVE-2003-0618 | 3 Debian, Perl, Redhat | 3 Debian Linux, Suidperl, Enterprise Linux | 2024-11-20 | N/A |
Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions. | ||||
CVE-2003-0615 | 4 Cgi.pm, Debian, Openpkg and 1 more | 5 Cgi.pm, Debian Linux, Openpkg and 2 more | 2024-11-20 | N/A |
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. | ||||
CVE-2003-0594 | 2 Mozilla, Redhat | 3 Mozilla, Enterprise Linux, Linux | 2024-11-20 | N/A |
Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
CVE-2003-0592 | 2 Kde, Redhat | 4 Konqueror, Konqueror Embedded, Enterprise Linux and 1 more | 2024-11-20 | N/A |
Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
CVE-2003-0564 | 2 Hitachi, Redhat | 4 Groupmax Mail - Security Option, Pki Runtime Library, Enterprise Linux and 1 more | 2024-11-20 | N/A |
Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. | ||||
CVE-2003-0552 | 1 Redhat | 2 Enterprise Linux, Linux | 2024-11-20 | N/A |
Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target. |