Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
14092 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2003-0124 | 2 Andries Brouwer, Redhat | 3 Man, Enterprise Linux, Linux | 2024-11-20 | N/A |
man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man. | ||||
CVE-2003-0108 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2024-11-20 | N/A |
isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop. | ||||
CVE-2003-0107 | 2 Redhat, Zlib | 3 Enterprise Linux, Linux, Zlib | 2024-11-20 | N/A |
Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code. | ||||
CVE-2003-0102 | 3 File, Netbsd, Redhat | 4 File, Netbsd, Enterprise Linux and 1 more | 2024-11-20 | N/A |
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize). | ||||
CVE-2003-0093 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2024-11-20 | N/A |
The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop. | ||||
CVE-2003-0086 | 2 Redhat, Samba | 3 Enterprise Linux, Linux, Samba | 2024-11-20 | N/A |
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. | ||||
CVE-2003-0085 | 3 Hp, Redhat, Samba | 4 Cifs-9000 Server, Enterprise Linux, Linux and 1 more | 2024-11-20 | N/A |
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code. | ||||
CVE-2003-0084 | 2 Mod Auth Any, Redhat | 3 Mod Auth Any, Enterprise Linux, Linux | 2024-11-20 | N/A |
mod_auth_any package in Red Hat Enterprise Linux 2.1 and other operating systems does not properly escape arguments when calling other programs, which allows attackers to execute arbitrary commands via shell metacharacters. | ||||
CVE-2003-0082 | 2 Mit, Redhat | 4 Kerberos, Kerberos 5, Enterprise Linux and 1 more | 2024-11-20 | N/A |
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun"). | ||||
CVE-2003-0081 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2024-11-20 | N/A |
Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers. | ||||
CVE-2003-0079 | 2 Hanterm, Redhat | 3 Hanterm-xf, Enterprise Linux, Linux | 2024-11-20 | N/A |
The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | ||||
CVE-2003-0078 | 4 Freebsd, Openbsd, Openssl and 1 more | 6 Freebsd, Openbsd, Openssl and 3 more | 2024-11-20 | N/A |
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack." | ||||
CVE-2003-0077 | 2 Hanterm, Redhat | 3 Hanterm-xf, Enterprise Linux, Linux | 2024-11-20 | N/A |
The hanterm (hanterm-xf) terminal emulator 2.0.5 and earlier, and possibly later versions, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
CVE-2003-0073 | 2 Oracle, Redhat | 3 Mysql, Enterprise Linux, Linux | 2024-11-20 | N/A |
Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user. | ||||
CVE-2003-0072 | 2 Mit, Redhat | 4 Kerberos, Kerberos 5, Enterprise Linux and 1 more | 2024-11-20 | N/A |
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun"). | ||||
CVE-2003-0071 | 2 Redhat, Xfree86 Project | 3 Enterprise Linux, Linux, X11r6 | 2024-11-20 | N/A |
The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | ||||
CVE-2003-0066 | 2 Redhat, Rxvt | 3 Enterprise Linux, Linux, Rxvt | 2024-11-20 | N/A |
The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
CVE-2003-0063 | 3 Redhat, Xfree86, Xfree86 Project | 4 Enterprise Linux, Linux, Xfree86 and 1 more | 2024-11-20 | 7.3 High |
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
CVE-2003-0059 | 2 Mit, Redhat | 3 Kerberos 5, Enterprise Linux, Linux | 2024-11-20 | N/A |
Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys. | ||||
CVE-2003-0058 | 3 Mit, Redhat, Sun | 6 Kerberos 5, Enterprise Linux, Linux and 3 more | 2024-11-20 | N/A |
MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. |