Vulnerabilities > Redhat
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-08-27 | CVE-2003-0550 | Remote Security vulnerability in Redhat Linux 2.4.2 The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology. | 5.0 |
2003-08-27 | CVE-2003-0549 | Denial-Of-Service vulnerability in Kdebase The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name. | 5.0 |
2003-08-27 | CVE-2003-0548 | Denial-Of-Service vulnerability in Kdebase The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549. | 5.0 |
2003-08-27 | CVE-2003-0547 | GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file. | 2.1 |
2003-08-27 | CVE-2003-0546 | Unspecified vulnerability in Redhat Up2Date 3.0.71/3.1.231 up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised. | 7.5 |
2003-08-27 | CVE-2003-0466 | Off-by-one Error vulnerability in multiple products Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. | 9.8 |
2003-08-27 | CVE-2003-0464 | Local Security vulnerability in Linux The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd. | 4.6 |
2003-08-27 | CVE-2003-0461 | Unspecified vulnerability in Redhat Linux /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords. | 2.1 |
2003-08-27 | CVE-2003-0459 | KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites. | 5.0 |
2003-08-18 | CVE-2003-0539 | skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based on skk, creates temporary files insecurely, which allows local users to overwrite arbitrary files. | 4.6 |