Filtered by vendor Redhat Subscriptions
Filtered by product Enterprise Linux Subscriptions
Total 14092 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2003-0124 2 Andries Brouwer, Redhat 3 Man, Enterprise Linux, Linux 2024-11-20 N/A
man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man.
CVE-2003-0108 2 Lbl, Redhat 3 Tcpdump, Enterprise Linux, Linux 2024-11-20 N/A
isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.
CVE-2003-0107 2 Redhat, Zlib 3 Enterprise Linux, Linux, Zlib 2024-11-20 N/A
Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.
CVE-2003-0102 3 File, Netbsd, Redhat 4 File, Netbsd, Enterprise Linux and 1 more 2024-11-20 N/A
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
CVE-2003-0093 2 Lbl, Redhat 3 Tcpdump, Enterprise Linux, Linux 2024-11-20 N/A
The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.
CVE-2003-0086 2 Redhat, Samba 3 Enterprise Linux, Linux, Samba 2024-11-20 N/A
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.
CVE-2003-0085 3 Hp, Redhat, Samba 4 Cifs-9000 Server, Enterprise Linux, Linux and 1 more 2024-11-20 N/A
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.
CVE-2003-0084 2 Mod Auth Any, Redhat 3 Mod Auth Any, Enterprise Linux, Linux 2024-11-20 N/A
mod_auth_any package in Red Hat Enterprise Linux 2.1 and other operating systems does not properly escape arguments when calling other programs, which allows attackers to execute arbitrary commands via shell metacharacters.
CVE-2003-0082 2 Mit, Redhat 4 Kerberos, Kerberos 5, Enterprise Linux and 1 more 2024-11-20 N/A
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun").
CVE-2003-0081 2 Ethereal Group, Redhat 3 Ethereal, Enterprise Linux, Linux 2024-11-20 N/A
Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers.
CVE-2003-0079 2 Hanterm, Redhat 3 Hanterm-xf, Enterprise Linux, Linux 2024-11-20 N/A
The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.
CVE-2003-0078 4 Freebsd, Openbsd, Openssl and 1 more 6 Freebsd, Openbsd, Openssl and 3 more 2024-11-20 N/A
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack."
CVE-2003-0077 2 Hanterm, Redhat 3 Hanterm-xf, Enterprise Linux, Linux 2024-11-20 N/A
The hanterm (hanterm-xf) terminal emulator 2.0.5 and earlier, and possibly later versions, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
CVE-2003-0073 2 Oracle, Redhat 3 Mysql, Enterprise Linux, Linux 2024-11-20 N/A
Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.
CVE-2003-0072 2 Mit, Redhat 4 Kerberos, Kerberos 5, Enterprise Linux and 1 more 2024-11-20 N/A
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun").
CVE-2003-0071 2 Redhat, Xfree86 Project 3 Enterprise Linux, Linux, X11r6 2024-11-20 N/A
The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.
CVE-2003-0066 2 Redhat, Rxvt 3 Enterprise Linux, Linux, Rxvt 2024-11-20 N/A
The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
CVE-2003-0063 3 Redhat, Xfree86, Xfree86 Project 4 Enterprise Linux, Linux, Xfree86 and 1 more 2024-11-20 7.3 High
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
CVE-2003-0059 2 Mit, Redhat 3 Kerberos 5, Enterprise Linux, Linux 2024-11-20 N/A
Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.
CVE-2003-0058 3 Mit, Redhat, Sun 6 Kerberos 5, Enterprise Linux, Linux and 3 more 2024-11-20 N/A
MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.