Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-09-18 | CVE-2007-0004 | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Linux 3.0 The NFS client implementation in the kernel in Red Hat Enterprise Linux (RHEL) 3, when a filesystem is mounted with the noacl option, checks permissions for the open system call via vfs_permission (mode bits) data rather than an NFS ACCESS call to the server, which allows local client processes to obtain a false success status from open calls that the server would deny, and possibly obtain sensitive information about file permissions on the server, as demonstrated in a root_squash environment. | 1.9 |
| 2007-09-17 | CVE-2007-3379 | Denial-Of-Service vulnerability in Enterprise Linux for SAP Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command. | 2.1 |
| 2007-09-14 | CVE-2007-3739 | Buffer Errors vulnerability in Redhat Enterprise Linux 5.0 mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors. | 4.7 |
| 2007-09-05 | CVE-2007-3849 | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Linux 5.0 Red Hat Enterprise Linux (RHEL) 5 ships the rpm for the Advanced Intrusion Detection Environment (AIDE) before 0.13.1 with a database that lacks checksum information, which allows context-dependent attackers to bypass file integrity checks and modify certain files. | 1.9 |
| 2007-08-30 | CVE-2007-4134 | Path Traversal vulnerability in Redhat Fedora 7 Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. | 6.8 |
| 2007-08-30 | CVE-2007-4132 | Remote Code Execution vulnerability in Redhat Network Satelite Server 5.0.0 Unspecified vulnerability in Red Hat Network Satellite Server 5.0.0 allows remote authenticated users to execute arbitrary code via unknown vectors in a "back-end XMLRPC handler." | 6.5 |
| 2007-08-27 | CVE-2007-2797 | Unspecified vulnerability in Xterm 1927.El4/2083.1 xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wrong group ownership of tty devices, which allows local users to write data to other users' terminals. | 2.1 |
| 2007-08-25 | CVE-2007-4131 | Remote Directory Traversal vulnerability in GNU Tar Dot_Dot Function Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. | 6.8 |
| 2007-07-27 | CVE-2007-2874 | Remote Security vulnerability in Fedora Core Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package before 0.6.5-3.fc7 allows user-assisted remote attackers to execute arbitrary code via malformed frames on a WPA2 network. network redhat | 5.8 |
| 2007-07-15 | CVE-2007-3103 | Link Following vulnerability in multiple products The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file. | 6.2 |