Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-01-17 | CVE-2006-6939 | Unspecified vulnerability in GNU ED 0.2 GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function. | 4.6 |
| 2006-12-23 | CVE-2006-6719 | Remote Denial of Service vulnerability in GNU Wget FTP_Syst Function The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) GNU wget 1.10.2 allows remote attackers to cause a denial of service (application crash) via a malicious FTP server with a large number of blank 220 responses to the SYST command. | 5.0 |
| 2006-12-07 | CVE-2006-6235 | A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory. | 10.0 |
| 2006-11-28 | CVE-2006-4181 | Remote Format String vulnerability in GNU Radius SQLLog Format string vulnerability in the sqllog function in the SQL accounting code for radiusd in GNU Radius 1.2 and 1.3 allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
| 2006-11-24 | CVE-2006-6097 | Remote Directory Traversal vulnerability in GNU TAR 1.15.1/1.16 GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216. | 4.0 |
| 2006-11-11 | CVE-2006-5864 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GNU GV Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1) DocumentMedia, (2) DocumentPaperSizes, and possibly (3) PageMedia and (4) PaperSize headers. | 5.1 |
| 2006-11-08 | CVE-2006-4810 | Buffer Overflow vulnerability in GNU Texinfo 4.8 Buffer overflow in the readline function in util/texindex.c, as used by the (1) texi2dvi and (2) texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file. | 4.6 |
| 2006-10-24 | CVE-2006-4573 | Denial of Service vulnerability in GNU Screen Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences. | 2.6 |
| 2006-09-14 | CVE-2006-4790 | Unspecified vulnerability in GNU Gnutls verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents GnuTLS from correctly verifying X.509 and other certificates that use PKCS, a variant of CVE-2006-4339. | 5.0 |
| 2006-09-07 | CVE-2006-4624 | Code Injection vulnerability in GNU Mailman CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI. | 2.6 |