Vulnerabilities > Trustix > Secure Linux

DATE CVE VULNERABILITY TITLE RISK
2005-01-27 CVE-2004-0886 Buffer Overflow vulnerability in LibTIFF
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
5.0
2005-01-10 CVE-2004-1304 Buffer Overflow vulnerability in File ELF Header
Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file.
network
low complexity
file gentoo trustix
critical
10.0
2005-01-10 CVE-2004-1154 Remote Integer Overflow vulnerability in Samba Directory Access Control List
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.
network
low complexity
samba redhat suse trustix
critical
10.0
2005-01-10 CVE-2004-1074 Local Denial Of Service And Memory Disclosure vulnerability in Linux Kernel
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
local
low complexity
linux redhat suse trustix turbolinux
2.1
2005-01-10 CVE-2004-1073 Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
local
low complexity
linux redhat suse trustix turbolinux
2.1
2005-01-10 CVE-2004-1072 Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.
local
low complexity
linux redhat suse trustix turbolinux
7.2
2005-01-10 CVE-2004-1071 Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
local
low complexity
linux redhat suse trustix turbolinux
7.2
2005-01-10 CVE-2004-1070 Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader
The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.
local
low complexity
linux redhat suse trustix turbolinux
7.2
2005-01-10 CVE-2004-1065 Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
network
low complexity
openpkg php trustix ubuntu
critical
10.0
2005-01-10 CVE-2004-1019 Improper Input Validation vulnerability in multiple products
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.
network
low complexity
openpkg php trustix ubuntu CWE-20
critical
10.0