Vulnerabilities > Redhat > Enterprise Linux Desktop > 3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-27 | CVE-2004-0882 | Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. | 10.0 |
| 2005-01-10 | CVE-2004-1074 | Local Denial Of Service And Memory Disclosure vulnerability in Linux Kernel The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary. | 2.1 |
| 2005-01-10 | CVE-2004-1073 | Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality. | 2.1 |
| 2005-01-10 | CVE-2004-1072 | Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code. | 7.2 |
| 2005-01-10 | CVE-2004-1071 | Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. | 7.2 |
| 2005-01-10 | CVE-2004-1070 | Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code. | 7.2 |
| 2005-01-10 | CVE-2004-1068 | A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition. | 6.2 |
| 2005-01-10 | CVE-2004-1014 | Remote Denial Of Service vulnerability in Linux NFS RPC.STATD statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated. | 5.0 |
| 2005-01-10 | CVE-2004-0949 | Remote vulnerability in Linux Kernel SMBFS The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times. | 6.4 |
| 2005-01-10 | CVE-2004-0946 | Remote Buffer Overflow vulnerability in Linux NFS 64-Bit Architecture rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conversion, which leads to a stack-based buffer overflow and allows remote attackers to execute arbitrary code via a crafted NFS request. | 10.0 |