Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13569 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2003-0926 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2024-08-08 | N/A |
Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to cause a denial of service (crash) via certain malformed (1) ISAKMP or (2) MEGACO packets. | ||||
CVE-2003-0924 | 2 Netpbm, Redhat | 3 Netpbm, Enterprise Linux, Linux | 2024-08-08 | N/A |
netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. | ||||
CVE-2003-0857 | 1 Redhat | 1 Enterprise Linux | 2024-08-08 | N/A |
The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | ||||
CVE-2003-0901 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2024-08-08 | N/A |
Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code. | ||||
CVE-2003-0853 | 3 Gnu, Redhat, Washington University | 4 Fileutils, Enterprise Linux, Linux and 1 more | 2024-08-08 | N/A |
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. | ||||
CVE-2003-0692 | 2 Kde, Redhat | 3 Kde, Enterprise Linux, Linux | 2024-08-08 | N/A |
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session. | ||||
CVE-2003-0858 | 3 Gnu, Quagga, Redhat | 4 Zebra, Quagga Routing Software Suite, Enterprise Linux and 1 more | 2024-08-08 | N/A |
Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | ||||
CVE-2003-0848 | 2 Redhat, Slocate | 3 Enterprise Linux, Linux, Slocate | 2024-08-08 | N/A |
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used. | ||||
CVE-2003-0778 | 2 Redhat, Sane | 4 Enterprise Linux, Linux, Sane and 1 more | 2024-08-08 | N/A |
saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption). | ||||
CVE-2003-0856 | 2 Redhat, Stephen Hemminger | 3 Enterprise Linux, Linux, Iproute | 2024-08-08 | N/A |
iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface. | ||||
CVE-2003-0845 | 2 Jboss, Redhat | 2 Jboss, Enterprise Linux | 2024-08-08 | N/A |
Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8. | ||||
CVE-2003-0721 | 2 Redhat, Washington | 3 Enterprise Linux, Linux, Pine | 2024-08-08 | N/A |
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number. | ||||
CVE-2003-0851 | 3 Cisco, Openssl, Redhat | 7 Css11000 Content Services Switch, Ios, Pix Firewall and 4 more | 2024-08-08 | N/A |
OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences. | ||||
CVE-2003-0795 | 4 Gnu, Quagga, Redhat and 1 more | 5 Zebra, Quagga, Enterprise Linux and 2 more | 2024-08-08 | N/A |
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference. | ||||
CVE-2003-0859 | 5 Gnu, Intel, Quagga and 2 more | 8 Glibc, Zebra, Ia64 and 5 more | 2024-08-08 | N/A |
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | ||||
CVE-2003-0730 | 3 Netbsd, Redhat, Xfree86 Project | 4 Netbsd, Enterprise Linux, Linux and 1 more | 2024-08-08 | N/A |
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks. | ||||
CVE-2003-0854 | 3 Gnu, Redhat, Washington University | 4 Fileutils, Enterprise Linux, Linux and 1 more | 2024-08-08 | N/A |
ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. | ||||
CVE-2003-0780 | 4 Conectiva, Mysql, Oracle and 1 more | 5 Linux, Mysql, Mysql and 2 more | 2024-08-08 | N/A |
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field. | ||||
CVE-2003-0773 | 2 Redhat, Sane | 4 Enterprise Linux, Linux, Sane and 1 more | 2024-08-08 | N/A |
saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf. | ||||
CVE-2003-0855 | 2 Charles Kerr, Redhat | 3 Pan, Enterprise Linux, Linux | 2024-08-08 | N/A |
Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address. |