Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2005-01-27	CVE-2004-0918	Resource Management Errors vulnerability in multiple products The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. network low complexity openpkg squid gentoo redhat trustix ubuntu CWE-399	5.0
2005-01-27	CVE-2004-0891	Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer. network low complexity rob-flynn gentoo slackware ubuntu critical	10.0
2005-01-27	CVE-2004-0889	Integer Overflow vulnerability in Xpdf PDFTOPS Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. network low complexity easy-software-products gnome kde pdftohtml tetex xpdf debian gentoo redhat suse ubuntu critical	10.0
2005-01-27	CVE-2004-0888	Integer Overflow vulnerability in Xpdf PDFTOPS Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. network low complexity easy-software-products gnome kde pdftohtml tetex xpdf debian gentoo redhat suse ubuntu critical	10.0
2005-01-27	CVE-2004-0881	getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir. local low complexity getmail gentoo slackware	2.1
2005-01-27	CVE-2004-0880	getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file. local high complexity getmail gentoo slackware	1.2
2005-01-10	CVE-2004-1304	Buffer Overflow vulnerability in File ELF Header Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file. network low complexity file gentoo trustix critical	10.0
2005-01-10	CVE-2004-1162	Remote Arbitrary Command Execution vulnerability in SCPOnly The unison command in scponly before 4.0 does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via the (1) -rshcmd or (2) -sshcmd flags. network low complexity scponly gentoo	7.5
2005-01-10	CVE-2004-1161	Remote Arbitrary Command Execution vulnerability in RSSH rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S. network low complexity rssh gentoo	7.5
2005-01-10	CVE-2004-1117	Local Security vulnerability in Linux The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. local low complexity gentoo	7.2