Vulnerabilities > Canonical

DATE CVE VULNERABILITY TITLE RISK
2008-05-29 CVE-2008-1105 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
network
low complexity
samba canonical debian CWE-119
7.5
2008-05-16 CVE-2008-2136 Resource Management Errors vulnerability in multiple products
Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT) tunnel interface, related to the pskb_may_pull and kfree_skb functions, and management of an skb reference count.
network
low complexity
linux debian canonical CWE-399
7.8
2008-05-16 CVE-2008-2009 Denial-Of-Service vulnerability in Libvorbis
Xiph.org libvorbis before 1.0 does not properly check for underpopulated Huffman trees, which allows remote attackers to cause a denial of service (crash) via a crafted OGG file that triggers memory corruption during execution of the _make_decode_tree function.
4.3
2008-05-13 CVE-2008-0166 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products
OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.
network
low complexity
openssl canonical debian CWE-338
7.5
2008-05-07 CVE-2008-2108 Insufficient Entropy vulnerability in multiple products
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against protection mechanisms that use the rand and mt_rand functions.
network
low complexity
php fedoraproject canonical debian CWE-331
critical
9.8
2008-05-05 CVE-2008-0599 Incorrect Calculation of Buffer Size vulnerability in multiple products
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
network
low complexity
php fedoraproject canonical apple CWE-131
critical
9.8
2008-05-05 CVE-2008-2079 Permissions, Privileges, and Access Controls vulnerability in multiple products
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
network
high complexity
mysql oracle debian canonical CWE-264
4.6
2008-05-02 CVE-2008-1375 Race Condition vulnerability in multiple products
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.
6.9
2008-04-18 CVE-2008-1887 Classic Buffer Overflow vulnerability in multiple products
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow.
network
python canonical debian CWE-120
critical
9.3
2008-04-10 CVE-2008-1721 Incorrect Conversion between Numeric Types vulnerability in multiple products
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
network
low complexity
python debian canonical CWE-681
7.5