Vulnerabilities > Redhat > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-03-03 | CVE-2004-0077 | Local Privilege Escalation vulnerability in Linux Kernel do_mremap Function VMA Limit The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985. | 7.2 |
| 2004-02-17 | CVE-2003-0989 | Denial Of Service vulnerability in Redhat Linux and Tcpdump tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057. | 7.5 |
| 2004-02-17 | CVE-2003-0700 | Remote Security vulnerability in Kernel 2.4.208/2.4.21 The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699. | 7.5 |
| 2003-12-15 | CVE-2003-0962 | Remote Heap Overflow vulnerability in RSync Daemon Mode Undisclosed Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. | 7.5 |
| 2003-10-20 | CVE-2003-0689 | Unspecified vulnerability in Redhat Enterprise Linux 2.1 The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow. | 7.5 |
| 2003-10-20 | CVE-2003-0686 | Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code. | 7.5 |
| 2003-08-27 | CVE-2003-0699 | Remote Security vulnerability in Linux Advanced Work Station The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700. | 7.5 |
| 2003-08-27 | CVE-2003-0546 | Unspecified vulnerability in Redhat Up2Date 3.0.71/3.1.231 up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised. | 7.5 |
| 2003-07-24 | CVE-2003-0434 | Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | 7.5 |
| 2003-06-16 | CVE-2003-0370 | Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. | 7.5 |