Weekly Vulnerabilities Reports > November 7 to 13, 2005
3 new vulnerabilities reported during this period, including 1 critical vulnerabilities and 1 high severity vulnerabilities. This weekly summary report vulnerabilities in 3 products from 3 vendors including Linux, Gpsdrive, and Linux Ftpd SSL. Vulnerabilities are notably categorized as .
- 2 reported vulnerabilities are remotely exploitables.
- 3 reported vulnerabilities are exploitable by an anonymous user.
- Linux has the most reported vulnerabilities, with 1 reported vulnerabilities.
- Linux Ftpd SSL has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
The following table list reported vulnerabilities for the period covered by this report:
1 Critical Vulnerabilities
|2005-11-07||CVE-2005-3524||Linux Ftpd SSL|| Remote Buffer Overflow vulnerability in Linux-Ftpd-Ssl 0.17 |
Buffer overflow in the SSL-ready version of linux-ftpd (linux-ftpd-ssl) 0.17 allows remote attackers to execute arbitrary code by creating a long directory name, then executing the XPWD command.
1 High Vulnerabilities
|2005-11-07||CVE-2005-3523||Gpsdrive|| Remote Format String vulnerability in GpsDrive Friendsd |
Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary code via the dir (direction) field.
1 Medium Vulnerabilities
|2005-11-09||CVE-2005-3527||Linux|| Denial of Service vulnerability in Linux Kernel 2.6.0 |
Race condition in do_coredump in signal.c in Linux kernel 2.6 allows local users to cause a denial of service by triggering a core dump in one thread while another thread has a pending SIGSTOP.
0 Low Vulnerabilities