RSS   Vulnerabilities for 'Secure linux'   RSS

2004-08-06
 
CVE-2004-0535

 

 
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

 
2003-12-15
 
CVE-2003-0962

CWE-Other
 

 
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.

 
2002-03-15
 
CVE-2002-0083

 

 
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

 
2002-01-31
 
CVE-2002-0002

 

 
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.

 
2001-07-11
 
CVE-2001-1240

 

 
The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access.

 
2001-10-18
 
CVE-2001-0739

 

 
Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges.

 
 
CVE-2001-0736

CWE-Other
 

 
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.

 

 >>> Vendor: Engardelinux 3 Products
Secure linux
Guardian digital webtool
Secure community


Copyright 2024, cxsecurity.com

 

Back to Top