Vulnerabilities > Canonical > Ubuntu Linux

DATE CVE VULNERABILITY TITLE RISK
2005-12-31 CVE-2005-4807 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code.
network
low complexity
gnu canonical CWE-119
7.5
2005-09-30 CVE-2005-3106 Improper Locking vulnerability in multiple products
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec.
local
high complexity
linux debian canonical CWE-667
4.7
2005-09-16 CVE-2005-2946 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.
network
low complexity
openssl canonical CWE-327
7.5
2005-09-14 CVE-2005-2492 Permissions, Privileges, and Access Controls vulnerability in multiple products
The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.
local
low complexity
canonical redhat linux CWE-264
3.6
2005-05-19 CVE-2005-1260 Resource Exhaustion vulnerability in multiple products
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
network
low complexity
bzip canonical debian apple CWE-400
5.0
2005-05-13 CVE-2005-0758 zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
local
low complexity
gnu canonical
4.6
2005-05-11 CVE-2005-1513 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.
network
low complexity
qmail-project canonical debian CWE-190
critical
9.8
2005-05-02 CVE-2005-1111 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
local
high complexity
gnu debian canonical CWE-367
4.7
2005-03-01 CVE-2004-1002 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location.
network
low complexity
samba canonical CWE-191
7.5
2005-01-10 CVE-2004-1064 The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode.
network
low complexity
php canonical
critical
10.0