Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13572 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-2154 | 3 Apple, Canonical, Redhat | 3 Cups, Ubuntu Linux, Enterprise Linux | 2024-08-08 | 9.8 Critical |
CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive. | ||||
CVE-2004-2069 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2024-08-08 | N/A |
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption). | ||||
CVE-2004-2014 | 2 Gnu, Redhat | 2 Wget, Enterprise Linux | 2024-08-08 | N/A |
Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded. | ||||
CVE-2004-1834 | 2 Apache, Redhat | 2 Http Server, Enterprise Linux | 2024-08-08 | N/A |
mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive information. | ||||
CVE-2004-1761 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2024-08-08 | N/A |
Unknown vulnerability in Ethereal 0.8.13 to 0.10.2 allows attackers to cause a denial of service (segmentation fault) via a malformed color filter file. | ||||
CVE-2004-1773 | 2 Gnu, Redhat | 2 Sharutils, Enterprise Linux | 2024-08-08 | N/A |
Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar. | ||||
CVE-2004-1772 | 2 Gnu, Redhat | 2 Sharutils, Enterprise Linux | 2024-08-08 | N/A |
Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument. | ||||
CVE-2004-1613 | 3 Mozilla, Redhat, Sgi | 7 Mozilla, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2024-08-08 | N/A |
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme. | ||||
CVE-2004-1487 | 2 Gnu, Redhat | 2 Wget, Enterprise Linux | 2024-08-08 | N/A |
wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences. | ||||
CVE-2004-1488 | 2 Gnu, Redhat | 2 Wget, Enterprise Linux | 2024-08-08 | N/A |
wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code. | ||||
CVE-2004-1453 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2024-08-08 | N/A |
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program. | ||||
CVE-2004-1392 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2024-08-08 | N/A |
PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function. | ||||
CVE-2004-1382 | 2 Gnu, Redhat | 2 Glibc, Enterprise Linux | 2024-08-08 | N/A |
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968. | ||||
CVE-2004-1380 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2024-08-08 | N/A |
Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability." | ||||
CVE-2004-1308 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2024-08-08 | N/A |
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow. | ||||
CVE-2004-1316 | 2 Mozilla, Redhat | 2 Mozilla, Enterprise Linux | 2024-08-08 | N/A |
Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated. | ||||
CVE-2004-1269 | 2 Easy Software Products, Redhat | 3 Cups, Enterprise Linux, Fedora Core | 2024-08-08 | N/A |
lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail. | ||||
CVE-2004-1335 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Fedora Core and 1 more | 2024-08-08 | N/A |
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function. | ||||
CVE-2004-1237 | 3 Linux, Redhat, Suse | 4 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2024-08-08 | N/A |
Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors. | ||||
CVE-2004-1287 | 2 Nasm, Redhat | 2 Netwide Assembler, Enterprise Linux | 2024-08-08 | N/A |
Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194. |