Vulnerabilities > Trustix > Secure Linux

DATE CVE VULNERABILITY TITLE RISK
2004-11-23 CVE-2004-0415 Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.
local
low complexity
linux redhat trustix
2.1
2004-09-16 CVE-2004-0801 Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.
network
low complexity
linuxprinting-org sun conectiva trustix
7.5
2004-08-18 CVE-2004-0432 ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.
network
low complexity
proftpd-project gentoo trustix
7.5
2004-07-27 CVE-2004-0686 Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.
network
low complexity
samba trustix
5.0
2004-07-27 CVE-2004-0600 Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.
network
low complexity
samba trustix
critical
10.0
2004-07-27 CVE-2004-0595 The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities. 6.8
2004-06-01 CVE-2004-2044 PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string. 7.5
2004-03-03 CVE-2004-0077 Local Privilege Escalation vulnerability in Linux Kernel do_mremap Function VMA Limit
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.
local
low complexity
redhat linux netwosix trustix
7.2
2002-12-11 CVE-2002-1319 Denial Of Service vulnerability in Linux Kernel 2.4 System Call TF Flag
The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs.
local
low complexity
linux trustix
2.1
2002-03-15 CVE-2002-0083 Off-by-one Error vulnerability in multiple products
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
9.8