VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Trustix
> Critical
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2005-01-10
CVE-2004-1012
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption.
network
low complexity
carnegie-mellon-university
openpkg
conectiva
redhat
trustix
ubuntu
critical
10.0
10
2005-01-10
CVE-2004-1011
Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015.
network
low complexity
carnegie-mellon-university
openpkg
conectiva
redhat
trustix
ubuntu
critical
10.0
10
2004-07-27
CVE-2004-0600
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.
network
low complexity
samba
trustix
critical
10.0
10
2002-03-15
CVE-2002-0083
Off-by-one Error vulnerability in multiple products
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
network
low complexity
conectiva
immunix
openpkg
mandrakesoft
openbsd
trustix
suse
redhat
engardelinux
CWE-193
critical
9.8
9.8
2000-12-19
CVE-2000-0917
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
network
low complexity
caldera
redhat
trustix
critical
10.0
10
2000-11-14
CVE-2000-0844
Permissions, Privileges, and Access Controls vulnerability in multiple products
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
network
low complexity
caldera
immunix
conectiva
sgi
debian
ibm
mandrakesoft
redhat
slackware
sun
suse
trustix
turbolinux
CWE-264
critical
10.0
10
2000-07-16
CVE-2000-0666
Remote Format String vulnerability in Multiple Linux Vendor rpc.statd
rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.
network
low complexity
conectiva
debian
redhat
suse
trustix
critical
10.0
10
«
Previous
1
2
(current)
»