| Max CVSS | 5.1 | Min CVSS | 1.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1058 | 2.1 |
BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables.
|
09-02-2024 - 03:05 | 04-04-2006 - 10:04 | |
| CVE-2006-1174 | 3.7 |
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and poss
|
11-08-2020 - 17:09 | 28-05-2006 - 23:02 | |
| CVE-2005-4667 | 3.7 |
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses
|
19-10-2018 - 15:41 | 31-12-2005 - 05:00 | |
| CVE-2006-4600 | 2.3 |
slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List (ACL) privileges to modify arbitrary Distinguished Names (DN).
|
17-10-2018 - 21:38 | 07-09-2006 - 00:04 | |
| CVE-2005-4268 | 3.7 |
Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits.
|
03-10-2018 - 21:34 | 15-12-2005 - 18:11 | |
| CVE-2005-3183 | 4.3 |
The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read.
|
03-10-2018 - 21:31 | 12-10-2005 - 22:02 | |
| CVE-2006-7108 | 4.1 |
login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_m
|
11-10-2017 - 01:31 | 04-03-2007 - 22:19 | |
| CVE-2006-7176 | 4.3 |
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages.
|
11-10-2017 - 01:31 | 27-03-2007 - 23:19 | |
| CVE-2006-4146 | 5.1 |
Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_blo
|
11-10-2017 - 01:31 | 31-08-2006 - 22:04 | |
| CVE-2006-3619 | 2.6 |
Directory traversal vulnerability in FastJar 0.93, as used in Gnu GCC 4.1.1 and earlier, and 3.4.6 and earlier, allows user-assisted attackers to overwrite arbitrary files via a .jar file containing filenames with "../" sequences.
|
11-10-2017 - 01:31 | 25-07-2006 - 19:17 | |
| CVE-2005-2475 | 1.2 |
Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.
|
11-10-2017 - 01:30 | 05-08-2005 - 04:00 | |
| CVE-2005-2666 | 1.2 |
SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate
|
11-10-2017 - 01:30 | 23-08-2005 - 04:00 |