VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
SGI
>
Propack
> 2.4
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2004-08-06
CVE-2004-0418
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.
network
low complexity
cvs
openpkg
sgi
gentoo
openbsd
critical
10.0
10
2004-08-06
CVE-2004-0417
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.
network
low complexity
cvs
openpkg
sgi
gentoo
openbsd
5.0
5.0
2004-08-06
CVE-2004-0416
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
network
low complexity
cvs
openpkg
sgi
gentoo
openbsd
CWE-119
critical
10.0
10
2004-08-06
CVE-2004-0414
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
network
low complexity
cvs
openpkg
sgi
gentoo
openbsd
critical
10.0
10
2004-04-15
CVE-2004-0148
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
local
low complexity
sgi
washington-university
7.2
7.2
2004-04-15
CVE-2004-0111
Bitmap Handling Denial Of Service vulnerability in GdkPixbuf
gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
network
low complexity
gnome
redhat
sgi
5.0
5.0
2004-04-15
CVE-2004-0108
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.
local
low complexity
redhat
sgi
sysstat
4.6
4.6
2004-04-15
CVE-2004-0107
The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108.
local
low complexity
redhat
sgi
sysstat
4.6
4.6
2004-03-15
CVE-2004-0110
Remote URI Parsing Buffer Overrun vulnerability in libxml2
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
network
low complexity
sgi
xmlsoft
7.5
7.5
2004-03-03
CVE-2004-0105
Buffer Overflow/Format String Handling vulnerability in Metamail
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
network
low complexity
metamail-corporation
sgi
redhat
7.5
7.5
«
Previous
1
2
(current)
3
»
Next