Vulnerabilities > Redhat > Enterprise Linux > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-06-14 | CVE-2007-3099 | Local Denial Of Service vulnerability in Redhat Enterprise Linux 5.0 usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss). | 2.1 |
| 2007-06-14 | CVE-2007-3100 | Local Denial Of Service vulnerability in Redhat Open Iscsi 2.0864 usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore. | 2.1 |
| 2007-04-06 | CVE-2007-1352 | Local Integer Overflow vulnerability in X.Org LibXFont Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. | 3.8 |
| 2007-03-27 | CVE-2007-1716 | Unspecified vulnerability in Redhat Enterprise Linux 4.4 pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges. | 3.4 |
| 2006-08-11 | CVE-2006-3813 | Unspecified vulnerability in Redhat Enterprise Linux 4.0 A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows local users to overwrite arbitrary files with debugging information. | 2.1 |
| 2005-12-31 | CVE-2005-1918 | Path Traversal vulnerability in multiple products The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/". | 2.6 |
| 2005-10-25 | CVE-2005-2100 | Denial-Of-Service vulnerability in Enterprise Linux ES The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows local users to cause a denial of service (crash). | 2.1 |
| 2005-09-14 | CVE-2005-2492 | Permissions, Privileges, and Access Controls vulnerability in multiple products The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input. | 3.6 |
| 2005-05-18 | CVE-2005-0757 | Denial Of Service vulnerability in Linux Kernel 64 Bit EXT3 Filesystem Extended Attribute The xattr file system code, as backported in Red Hat Enterprise Linux 3 on 64-bit systems, does not properly handle certain offsets, which allows local users to cause a denial of service (system crash) via certain actions on an ext3 file system with extended attributes enabled. | 2.1 |
| 2005-05-02 | CVE-2005-0077 | Insecure Temporary File Creation vulnerability in Libdbi-perl The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. | 2.1 |