Vulnerabilities > Gentoo > Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-10 | CVE-2004-1161 | Remote Arbitrary Command Execution vulnerability in RSSH rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S. | 7.5 |
| 2005-01-10 | CVE-2004-1117 | Local Security vulnerability in Linux The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. | 7.2 |
| 2005-01-10 | CVE-2004-1116 | Local Security vulnerability in Linux The init scripts in Great Internet Mersenne Prime Search (GIMPS) 23.9 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. | 7.2 |
| 2005-01-10 | CVE-2004-1115 | Local Security vulnerability in Linux The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. | 7.2 |
| 2005-01-10 | CVE-2004-1096 | Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. network low complexity broadcom ca eset-software kaspersky-lab mcafee rav-antivirus sophos gentoo mandrakesoft suse | 7.5 |
| 2004-12-31 | CVE-2004-1471 | Multiple vulnerability in CVS Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. | 7.1 |
| 2004-12-31 | CVE-2004-1452 | Unspecified vulnerability in Gentoo Linux Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts. | 7.2 |
| 2004-12-21 | CVE-2004-1307 | Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. | 7.5 |
| 2004-12-06 | CVE-2004-0496 | Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. | 7.2 |
| 2004-12-06 | CVE-2004-0456 | Remote Stack-Based Buffer Overrun vulnerability in Pavuk Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header. | 7.6 |