Vulnerabilities > Ubuntu > Ubuntu Linux

DATE CVE VULNERABILITY TITLE RISK
2005-01-10 CVE-2004-1013 The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption. 10.0
2005-01-10 CVE-2004-1012 The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. 10.0
2005-01-10 CVE-2004-1011 Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015. 10.0
2005-01-10 CVE-2004-0956 MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
network
low complexity
oracle suse ubuntu
5.0
2005-01-10 CVE-2004-0949 Remote vulnerability in Linux Kernel SMBFS
The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.
network
low complexity
linux redhat suse trustix ubuntu
6.4
2005-01-10 CVE-2004-0883 Remote vulnerability in Linux Kernel SMBFS
Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.
network
low complexity
linux redhat suse trustix ubuntu
6.4
2004-12-31 CVE-2004-0817 BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
7.5
2004-12-31 CVE-2004-0802 BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
5.1
2004-12-23 CVE-2004-1337 The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.
local
low complexity
gnu conectiva ubuntu
7.2
2004-12-23 CVE-2004-0814 Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch.
local
high complexity
linux ubuntu
1.2