Vulnerabilities > Redhat
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-06-26 | CVE-2007-3104 | Resource Management Errors vulnerability in Linux Kernel 2.6.0 The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat Enterprise Linux (RHEL) 4.5 and other distributions, allows users to cause a denial of service (kernel OOPS) by dereferencing a null pointer to an inode in a dentry. | 4.9 |
2007-06-26 | CVE-2007-0773 | Unspecified vulnerability in Redhat Enterprise Linux and Enterprise Linux Desktop The Linux kernel before 2.6.9-42.0.8 in Red Hat 4.4 allows local users to cause a denial of service (kernel OOPS from null dereference) via fput in a 32-bit ioctl on 64-bit x86 systems, an incomplete fix of CVE-2005-3044.1. | 4.6 |
2007-06-25 | CVE-2007-3374 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Redhat Cluster Suite Buffer overflow in cluster/cman/daemon/daemon.c in cman (redhat-cluster-suite) before 20070622 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via long client messages. | 4.6 |
2007-06-25 | CVE-2007-3373 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Redhat Cluster Suite daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear a buffer for reading requests, which might allow local users to obtain sensitive information from previous requests. | 5.0 |
2007-06-14 | CVE-2007-3100 | Local Denial Of Service vulnerability in Redhat Open Iscsi 2.0864 usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore. | 2.1 |
2007-06-14 | CVE-2007-3099 | Local Denial Of Service vulnerability in Redhat Enterprise Linux 5.0 usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss). | 2.1 |
2007-05-09 | CVE-2007-1864 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors. | 7.5 |
2007-05-02 | CVE-2007-0771 | Local Denial of Service vulnerability in Linux Kernel UTrace The utrace support in Linux kernel 2.6.18, and other versions, allows local users to cause a denial of service (system hang) related to "MT exec + utrace_attach spin failure mode," as demonstrated by ptrace-thrash.c. | 4.9 |
2007-05-02 | CVE-2007-1859 | Improper Authentication vulnerability in Xscreensaver 4.10 XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authentication. | 4.6 |
2007-04-16 | CVE-2007-2030 | Unspecified vulnerability in Redhat Enterprise Linux and Fedora Core lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked. | 4.9 |