Vulnerabilities > Trustix > High

DATE CVE VULNERABILITY TITLE RISK
2007-02-13 CVE-2007-0909 Multiple vulnerability in PHP 5.2.0 and Prior Versions
Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.
network
low complexity
php trustix
7.5
2007-02-13 CVE-2007-0906 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) str_replace, (7) mail, (8) ibase_delete_user, (9) ibase_add_user, and (10) ibase_modify_user functions.
network
low complexity
php trustix CWE-119
7.5
2007-02-13 CVE-2007-0905 Multiple vulnerability in PHP 5.2.0 and Prior Versions
PHP before 5.2.1 allows attackers to bypass safe_mode and open_basedir restrictions via unspecified vectors in the session extension.
network
low complexity
php trustix
7.5
2005-03-01 CVE-2004-1051 sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. 7.2
2005-02-09 CVE-2004-0940 Incorrect Calculation of Buffer Size vulnerability in multiple products
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
local
low complexity
openpkg apache slackware hp suse trustix CWE-131
7.8
2005-01-10 CVE-2004-1072 Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.
local
low complexity
linux redhat suse trustix turbolinux
7.2
2005-01-10 CVE-2004-1071 Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
local
low complexity
linux redhat suse trustix turbolinux
7.2
2005-01-10 CVE-2004-1070 Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader
The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.
local
low complexity
linux redhat suse trustix turbolinux
7.2
2004-12-23 CVE-2004-0803 Buffer Overflow vulnerability in LibTIFF
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
7.5
2004-09-16 CVE-2004-0801 Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.
network
low complexity
linuxprinting-org sun conectiva trustix
7.5