Vulnerabilities > Redhat

DATE CVE VULNERABILITY TITLE RISK
2003-08-27 CVE-2003-0550 Remote Security vulnerability in Redhat Linux 2.4.2
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.
network
low complexity
redhat
5.0
2003-08-27 CVE-2003-0549 Denial-Of-Service vulnerability in Kdebase
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name.
network
low complexity
gnome redhat
5.0
2003-08-27 CVE-2003-0548 Denial-Of-Service vulnerability in Kdebase
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549.
network
low complexity
gnome redhat
5.0
2003-08-27 CVE-2003-0547 GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file.
local
low complexity
gnome redhat
2.1
2003-08-27 CVE-2003-0546 Unspecified vulnerability in Redhat Up2Date 3.0.71/3.1.231
up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.
network
low complexity
redhat
7.5
2003-08-27 CVE-2003-0466 Off-by-one Error vulnerability in multiple products
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
network
low complexity
wuftpd redhat apple sun freebsd netbsd openbsd CWE-193
critical
9.8
2003-08-27 CVE-2003-0464 Local Security vulnerability in Linux
The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd.
local
low complexity
redhat
4.6
2003-08-27 CVE-2003-0461 Unspecified vulnerability in Redhat Linux
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
local
low complexity
redhat
2.1
2003-08-27 CVE-2003-0459 KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
network
low complexity
kde redhat
5.0
2003-08-18 CVE-2003-0539 skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based on skk, creates temporary files insecurely, which allows local users to overwrite arbitrary files.
local
low complexity
ddskk redhat skk
4.6