Vulnerabilities > Trustix > Secure Linux > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-10 | CVE-2004-1154 | Remote Integer Overflow vulnerability in Samba Directory Access Control List Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow. | 10.0 |
| 2005-01-10 | CVE-2004-1304 | Buffer Overflow vulnerability in File ELF Header Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to execute arbitrary code via a crafted ELF file. | 10.0 |
| 2004-07-27 | CVE-2004-0600 | Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication. | 10.0 |
| 2002-03-15 | CVE-2002-0083 | Off-by-one Error vulnerability in multiple products Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. network low complexity conectiva immunix openpkg mandrakesoft openbsd trustix suse redhat engardelinux CWE-193 critical | 9.8 |
| 2000-12-19 | CVE-2000-0917 | Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands. | 10.0 |
| 2000-11-14 | CVE-2000-0844 | Permissions, Privileges, and Access Controls vulnerability in multiple products Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. | 10.0 |
| 2000-07-16 | CVE-2000-0666 | Remote Format String vulnerability in Multiple Linux Vendor rpc.statd rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. | 10.0 |