Vulnerabilities > Suse > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-10 | CVE-2004-1170 | a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. | 10.0 |
| 2005-01-10 | CVE-2004-1154 | Remote Integer Overflow vulnerability in Samba Directory Access Control List Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow. | 10.0 |
| 2005-01-10 | CVE-2004-0914 | Multiple Unspecified vulnerability in LibXPM Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. | 10.0 |
| 2004-08-06 | CVE-2004-0461 | Buffer Overflow vulnerability in ISC DHCPD VSPRINTF The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. | 10.0 |
| 2004-08-06 | CVE-2004-0460 | Buffer Overflow vulnerability in ISC DHCPD Hostname Options Logging Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. | 10.0 |
| 2004-05-06 | CVE-2004-2004 | Unspecified vulnerability in Suse Linux 9.1 The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allows remote attackers to gain privileges via SSH. | 10.0 |
| 2002-03-15 | CVE-2002-0083 | Off-by-one Error vulnerability in multiple products Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. network low complexity conectiva immunix openpkg mandrakesoft openbsd trustix suse redhat engardelinux CWE-193 critical | 9.8 |
| 2001-06-27 | CVE-2001-0388 | time server daemon timed allows remote attackers to cause a denial of service via malformed packets. | 10.0 |
| 2000-12-11 | CVE-2000-1044 | Unspecified vulnerability in Suse Linux Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges. | 10.0 |
| 2000-12-11 | CVE-2000-1040 | Unspecified vulnerability in Suse Linux Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service. | 10.0 |