Filtered by vendor Gnu
Subscribe
Total
989 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1701 | 1 Gnu | 1 Cfengine | 2017-07-10 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication. | |||||
| CVE-2004-2461 | 1 Gnu | 1 Gnubiff | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code. | |||||
| CVE-2004-2531 | 1 Gnu | 1 Gnutls | 2017-07-10 | 7.8 HIGH | N/A |
| X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys. | |||||
| CVE-2004-1702 | 1 Gnu | 1 Cfengine | 2017-07-10 | 5.0 MEDIUM | N/A |
| The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash). | |||||
| CVE-2004-1485 | 2 Gnu, Tftp | 2 Inetutils, Tftp | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function. | |||||
| CVE-2004-0581 | 2 Gnu, Mandrakesoft | 3 Ksymoops, Mandrake Linux, Mandrake Linux Corporate Server | 2017-07-10 | 4.6 MEDIUM | N/A |
| ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp. | |||||
| CVE-2004-0603 | 1 Gnu | 1 Gzip | 2017-07-10 | 10.0 HIGH | N/A |
| gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332. | |||||
| CVE-2004-0623 | 1 Gnu | 1 Gnats | 2017-07-10 | 10.0 HIGH | N/A |
| Format string vulnerability in misc.c in GNU GNATS 4.00 may allow remote attackers to execute arbitrary code via format string specifiers in a string that gets logged by syslog. | |||||
| CVE-2004-1143 | 1 Gnu | 1 Mailman | 2017-07-10 | 7.5 HIGH | N/A |
| The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack. | |||||
| CVE-2004-1296 | 1 Gnu | 1 Groff | 2017-07-10 | 2.1 LOW | N/A |
| The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2004-1337 | 3 Conectiva, Gnu, Ubuntu | 3 Linux, Realtime Linux Security Module, Ubuntu Linux | 2017-07-10 | 7.2 HIGH | N/A |
| The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges. | |||||
| CVE-2004-0354 | 1 Gnu | 1 Anubis | 2017-07-10 | 10.0 HIGH | N/A |
| Multiple format string vulnerabilities in GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to execute arbitrary code via format string specifiers in strings passed to (1) the info function in log.c, (2) the anubis_error function in errs.c, or (3) the ssl_error function in ssl.c. | |||||
| CVE-2004-0422 | 1 Gnu | 1 Flim | 2017-07-10 | 2.1 LOW | N/A |
| flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack. | |||||
| CVE-2004-1377 | 2 Gnu, Turbolinux | 4 A2ps, Turbolinux Home, Turbolinux Server and 1 more | 2017-07-10 | 2.1 LOW | N/A |
| The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2004-0849 | 1 Gnu | 1 Radius | 2017-07-10 | 5.0 MEDIUM | N/A |
| Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests. | |||||
| CVE-2004-0412 | 1 Gnu | 1 Mailman | 2017-07-10 | 5.0 MEDIUM | N/A |
| Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. | |||||
| CVE-2004-0966 | 2 Gnu, Ubuntu | 2 Gettext, Ubuntu Linux | 2017-07-10 | 2.1 LOW | N/A |
| The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | |||||
| CVE-2004-0969 | 3 Gentoo, Gnu, Ubuntu | 3 Linux, Groff, Ubuntu Linux | 2017-07-10 | 2.1 LOW | N/A |
| The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. | |||||
| CVE-2004-0970 | 1 Gnu | 1 Gzip | 2017-07-10 | 2.1 LOW | N/A |
| The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367. | |||||
| CVE-2004-0353 | 1 Gnu | 1 Anubis | 2017-07-10 | 10.0 HIGH | N/A |
| Multiple buffer overflows in auth_ident() function in auth.c for GNU Anubis 3.6.0 through 3.6.2, 3.9.92 and 3.9.93 allow remote attackers to gain privileges via a long string. | |||||