Vulnerabilities > Slackware > Slackware Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-21 | CVE-2013-7172 | Improper Input Validation vulnerability in Slackware Linux Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges. | 7.2 |
| 2013-07-29 | CVE-2013-4854 | Remote Denial of Service vulnerability in ISC BIND 9 DNS RDATA Handling The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013. | 7.8 |
| 2005-02-09 | CVE-2004-0940 | Incorrect Calculation of Buffer Size vulnerability in multiple products Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. | 7.8 |
| 2004-08-06 | CVE-2004-0530 | The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path. | 7.2 |
| 2004-07-07 | CVE-2004-0424 | Integer Overflow vulnerability in Linux Kernel Setsockopt MCAST_MSFILTER Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | 7.2 |
| 2004-01-05 | CVE-2003-0977 | CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests. | 7.5 |
| 2003-12-15 | CVE-2003-0962 | Remote Heap Overflow vulnerability in RSync Daemon Mode Undisclosed Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. | 7.5 |
| 2003-05-22 | CVE-2003-0335 | Remote Security vulnerability in Slackware Linux 9.0 rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec. | 7.5 |
| 2002-02-27 | CVE-2002-0004 | Heap Overflow vulnerability in AT Maliciously Formatted Time Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | 7.2 |
| 2001-08-31 | CVE-2001-1036 | GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory. | 7.2 |